• Smart Media Journal
• /
• v.2 no.3
• /
• pp.23-33
• /
• 2013

In this paper, we find out about the effort and status of GwangJu metropolitan city to reinvigorate traditional market. And we propose the micro payment model based on Android NFC and tokenization technique to support the small trader's micro payment in aspect of information technology more than the physical infrastructure and environmental improvement projects to reinvigorate the traditional market. The micropayment model supports facilities of payment using smart phone based on NFC, and the encryption and tokenization support the indirection authentication and privacy of users.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.879-888
• /
• 2018

Along with the recent worldwide development of fintech, FIDO (Fast IDentity Online) using biometric technology is rapidly growing in the mobile payment market, replacing the existing password system. This FIDO authentication must be processed in a reliable environment that requires high level of security, as sensitive biometrics is being processed. However, this environment is currently dependent on the manufacturer as it is supported by certain hardware on the smartphone. Therefore, this thesis proposes a server-based authentication model using distributed management of compliance based biometric information that can be used universally safely without the need for specific hardware in mobile environments.

• Annual Conference of KIPS
• /
• 2010.11a
• /
• pp.1221-1224
• /
• 2010

스마트폰 사용자의 폭발적 증가와 함께 모바일 애플리케이션 시장에 대한 관심도 크게 증가하고 있다. 더불어 애플리케이션의 보안 위협 역시 증가하고 있는데 각 모바일 애플리케이션 마켓에서는 이에 대한 대처방안 중 하나로 코드사이닝 기법을 활용하고 있다. 코드사이닝 기법을 이용하여 애플리케이션 및 개발자에 대해 인증을 받는 방식에는 각 모바일 마켓별로 다른 점이 존재한다. 그 종류로는 개발자가 생성한 공개키와 해당 애플리케이션을 애플에 전송하고 애플이 이에 대한 검증을 하여 마지막 서명을 부여하는 방식의 애플 앱스토어, 개발자가 키와 증명서를 이용해 스스로 애플리케이션에 대해 증명서를 발급하는 방식의 구글 안드로이드 마켓, RIM에 등록되어 있는 코드사이닝 키를 이용하여 애플리케이션을 제출하면 자동적으로 서명을 받을 수 있는 블랙베리 앱월드, 사전에 개발자가 자기 증명을 통해 아이디를 발급받고 애플리케이션을 테스트 하우스에 등록하여 검증 및 서명을 받는 노키아오비스토어 등이 있다. 이와 같이 개발자 및 애플리케이션을 인증 받는 방식이 각 마켓별로 차이가 있는데 이에 대한 자세한 분석과 그에 따른 보안 위협에 대한 안정성에 대해 분석해 보겠다.

• Journal of Digital Convergence
• /
• v.14 no.11
• /
• pp.313-318
• /
• 2016

Recently, the smart farm development using a PC and smart phone to manag the farm for improving competitiveness is in progress. In the smart farm, by using the various ICT technology including RFID, Wi-Fi, ZigBee, Wireless LAN, and etc., the growing environment of the crop and animals can be managed with the remote. By using the network including not only the TCP/IP based wired network but also ZigBee, Wireless LAN, and etc., each of the devices installed in the smart farm transmits the growing environment data to the server. So, smart farms have information and network security vulnerability. Therefore, we propose the method that analyzes the security vulnerability which can begenerated in the smart farm and user authentication method.

• Journal of the Korea Convergence Society
• /
• v.8 no.2
• /
• pp.9-14
• /
• 2017

A fingerprint is unique to each person and can be represented as a digital form. As the fingerprint is the part of human body, fingerprint recognition is much more easy to use and secure rather than using password or resident card for user authentication. In addition, as the newly released smart phones have built-in camera and fingerprint sensors, the demand for biometric authentication is increasing rapidly. But, the drawback is that the fingerprint can be counterfeited easily and if it's exposed to the hacker, it cannot be reused. Thus, the original fingerprint template should be transformed for registration and authentication purposes. Existing transformation functions use passcode to transform the original template to the cancelable form. Additional module is needed to input the passcode, so it requires more cost and lowers the usability. In this paper, we propose biometric authentication scheme that is economic and easy to use. The proposed scheme is consisted of cancelable biometric template creation, registration and user authentication protocols, and can control several security levels by configuring the number of fingerprints and scan times. We also analyzed that our scheme is secure against the brute-force attack and the active attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.3
• /
• pp.579-590
• /
• 2018

In May 2014, AppCard(Which is a smartphone application designed to register and use a credit card in a mobile phone by credit card company.) was attacked by smshing and a vulnerability which could not obtainable phone number. After that, credit card companies have supplemented and operated by introducing additional authentication methods to supplement the vulnerability. However, The analysis of the authentication environments, purposes and methods is not enough to lower the level of vulnerability and risk from existing accidents. This study analyzes the authentication process of the AppCard in the electronic financial service by applying the NIST's authentication guidelines, identifies the problems and suggests improvement directions. The method analyzed in this study can be applied to the analysis of the authentication method in addition to the application card, so that it will be highly utilized.

• Journal of Internet Computing and Services
• /
• v.20 no.6
• /
• pp.129-135
• /
• 2019

Recently, studies have been conducted to improve the m-commerce process in the NFC-based mobile environment and the increase of the number of smart phones built in NFC. Since authentication is important in mobile electronic payment, FIDO(Fast IDentity Online) and 2 Factor electronic payment system are applied. In addition, block-chains using distributed raw materials have emerged as a representative technology of the fourth industry. In this study, for the mobile gallery auction of the traders using NFC embedded terminal (smartphone) in a small gallery auction in which an unspecified minority participates, password-based authentication and biometric authentication technology (fingerprint) were applied to record transaction details and ownership transfer of the auction participants in electronic payment. And, for the cost reduction and data integrity related to gallery auction, the private distributed director block chain was constructed and used. In addition, domestic and foreign cases applying block chain in the auction field were investigated and compared. In the future, the study will also study the implementation of block chain networks and smart contract and the integration of block chain and artificial intelligence to apply the proposed method.

• Annual Conference of KIPS
• /
• 2012.11a
• /
• pp.888-891
• /
• 2012

NFC(Near Field Communication) 기술은 스마트 폰과 같은 모바일 기기에 적용되어 정보의 송수신을 위한 매체로 활용될 뿐만 아니라 결제, 개인인증 등 다양한 분야에서 활용되고 있다. 따라서 이러한 NFC 기술을 이용해 개인정보를 활용한 다양한 맞춤형 서비스들이 등장하고 있으며 이에 따른 개인 정보위협의 부작용도 발생되고 있는 실정이다. 그러나 현재 NFC 서비스에서 발생할 보안 위협 요소에 대한 분석과 해결책에 대한 연구는 매우 미비하다. 본 논문에서는 NFC 서비스에 대한 보안 취약점과 NFC 기반 시스템에서 발생할 수 있는 공격들에 대해 분석하고, 이를 해결하기 위해 NFC 기반 시스템의 인증 메커니즘을 제안한다.

• Journal of the Korea Convergence Society
• /
• v.5 no.4
• /
• pp.101-106
• /
• 2014

Most peoples are used to prefer to view the video contents rather than the other contents since the video contents are more easy to understand with both their eyes and ears. As the wide spread use of smartphones, the demands for the contents services are increasing rapidly. To promote the contents business, it's important to provide security of subscriber authentication and corresponding communication channels through which the contents are delivered. Generally, symmetric key encryption scheme is used to protect the contents in the channel, and the session key should be upadated periodically for the security reasons. In addition, to protect viewing paid contents by illegal users, the proxy authentication should not be allowed. In this paper, we propose biometric based user authentication and one time key generation models. The proposed model is consist of biometric template registration, session key generation and chanel encryption steps. We analyze the difference and benefits of our model with existing CAS models which are made for CATV contents protection, and also provides applications of our model in electronic commerce area.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.4
• /
• pp.700-707
• /
• 2018

Vehicles are used in daily life as convenient transport, it is important to authenticate driver because vehicles are controlled by driver. Especially, in these days, there is a discussion on introduction of Driving Under the Influence car-starting locking device installation for preventing accidents caused by Driving Under the Influence of alcohol, these car-starting locking device installation requires a lot of money and time. Suitable user authentication for solving user's inconvenience during the disabled and men of national merit to receive discount benefits is needed. In this paper, For solving these problems, we propose the efficient vehicle control and user authentication system for preventing driving under the influence and providing the disabled and men of national merit benefit based on driver authentication by using user's smartphone NFC communication and user's biometric information.