• Title/Summary/Keyword: 스마트폰 인증

Search Result 312, Processing Time 0.023 seconds

A Study on the Korean-Stroke based Graphical Password Approach (한국어 획 기반 그래피컬 패스워드 기법에 관한 연구)

  • Ko, Tae-Hyoung;Shon, Tae-Shik;Hong, Man-Pyo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.2
    • /
    • pp.189-200
    • /
    • 2012
  • With increasing the number of smart device such as Tablet PC, smart phone and netbook, information security which based on smart device in mobile environment have become the issue. It is important to enter a password safety. In various types of mobile devices, because of hardware limitation of device, it is difficult that to equip secondary input device such as keyboard and mouse. Also, a loss of accuracy becomes a problem because input information was entered by touch screen. Because of problem mentioned above it can be predicted to change password scheme text based password scheme to graphical password scheme, graphical password scheme is easy to use and is resistant to shoulder surfing attack. So this paper proposes new graphical password scheme based 5 strokes which are made by decomposed the Korean to defend against shoulder surfing attack.

The Dynamic Group Authentication for P2P based Mobile Commerce (P2P 기반의 모바일 상거래를 위한 동적 그룹 인증)

  • Yun, Sunghyun
    • Journal of Digital Convergence
    • /
    • v.12 no.2
    • /
    • pp.335-341
    • /
    • 2014
  • To play the networked video contents in a client's mobile device in real time, the contents should be delivered to it by the contents server with streaming technology. Generally, in a server-client based commerce model, the server is in charge of both the authentication of the paid customer and distribution of the contents. The drawback of it is that if the customers' requests go on growing rapidly, the service quality would be degraded results from the problems of overloaded server or restricted network bandwidth. On the contrary, in P2P based networks, more and more the demand for service increasing, the service quality is upgraded since a customer can act as a server. But, in the P2P based network, there are too many servers to manage, it's possible to distribute illegal contents because the P2P protocol cannot control distributed servers. Thus, it's not suitable for commercial purposes. In this paper, the dymanic group authentication scheme is proposed which is suited to P2P based applications. The proposed scheme consists of group based key generation, key update, signature generation and verification protocols. It can control the seeder's state whether the seeder is joining or leaving the network, and it can be applied to hybrid P2P based commerce model where sales transactions are covered by the index server and the contents are distributed by the P2P protocol.

A study on the vulnerability of integrity verification functions of android-based smartphone banking applications (안드로이드 스마트폰 뱅킹 앱 무결성 검증 기능의 취약점 연구)

  • Kim, Soonil;Kim, Sunghoon;Lee, Dong Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.4
    • /
    • pp.743-755
    • /
    • 2013
  • In recent years, the malicious apps with malicious code in normal apps are increasingly redistributed in Android market, which may incur various problems such as the leakage of authentication information and transaction information and fraudulent transactions when banking apps to process the financial transactions are exposed to such attacks. Thus the financial authorities established the laws and regulations as an countermeasures against those problems and domestic banks provide the integrity verification functions in their banking apps, yet its reliability has not been verified because the studies of the safety of the corresponding functions have seldom been conducted. Thus this study suggests the vulnerabilities of the integrity verification functions of banking apps by using Android reverse engineering analysis techniques. In case the suggested vulnerabilities are exploited, the integrity verification functions of banking apps are likely to be bypassed, which will facilitate malicious code inserting attacks through repackaging and its risk is very high as proved in a test of this study. Furthermore this study suggests the specific solutions to those vulnerabilities, which will contribute to improving the security level of smartphone financial transaction environment against the application forgery attacks.

The Reliability Evaluation of User Account on Facebook (페이스북 사용자 계정의 신뢰도 평가에 대한 연구)

  • Park, Jeongeun;Park, Minsu;Kim, Seungjoo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.6
    • /
    • pp.1087-1101
    • /
    • 2013
  • Most people are connected to Social Network Services (SNS) through smart devices. Social Network Services are tools that transport information fast and easily. It does not care where he or she comes from. A lot of information circulates and is shared on Social Network Services. but Social Network Services faults are magnified and becoming a serious issue. For instance, malicious users generate multiple IDs easily on Facebook and he can use personal information of others on purpose, because most people tend to undoubtedly accept friend requests. In this paper, we have specified research scope to Facebook, which is one of most popular Social Network Services in the world. We propose a way of minimizing the number of malicious actions on Facebook from malignant users and malicious bots by setting criteria and applying reputation system.

A study on the Revitalization of Traditional Market with Smart Platform (스마트 플랫폼을 이용한 전통시장 활성화 방안 연구)

  • Park, Jung Ho;Choi, EunYoung
    • Journal of Service Research and Studies
    • /
    • v.13 no.1
    • /
    • pp.127-143
    • /
    • 2023
  • Currently, the domestic traditional market has not escaped the swamp of stagnation that began in the early 2000s despite various projects promoted by many related players such as the central government and local governments. In order to overcome the crisis faced by the traditional market, various R&Ds have recently been conducted on how to build a smart traditional market that combines information and communication technologies such as big data analysis, artificial intelligence, and the Internet of Things. This study analyzes various previous studies, users of traditional markets, and application cases of ICT technology in foreign traditional markets since 2012 and proposes a model to build a smart traditional market using ICT technology based on the analysis. The model proposed in this study includes building a traditional market metaverse that can interact with visitors, certifying visits to traditional markets through digital signage with NFC technology, improving accuracy of fire detection functions using IoT and AI technology, developing smartphone apps for market launch information and event notification, and an e-commerce system. If a smart traditional market platform is implemented and operated based on the smart traditional market platform model presented in this study, it will not only draw interest in the traditional market to MZ generation and foreigners, but also contribute to revitalizing the traditional market in the future.

Designing Password Input System Resistant on Shoulder Surfing Attack with Statistical Analysis (Shoulder Surfing 공격을 고려한 패스워드 입력 시스템 구현 및 통계적 검증)

  • Lim, Soo Min;Kim, Hyoung Joong;Kim, Seong Kee
    • Journal of the Institute of Electronics and Information Engineers
    • /
    • v.49 no.9
    • /
    • pp.215-224
    • /
    • 2012
  • Using password on system is easy to build and shorten the access time to authorize user, which is high in use for vary system that requires users' authorization. Many input device are able to perform the password system easily, such as PC, smart-phone, tablet PC, etc. Beside the high usability of password, physical attack occurs when user put their password on the device, known as Shoulder Surfing attack. It used to be formed in numbers, characters or mix of different kinds, but new kind of password arose. Exploiting image or making scenarios are those kinds which are able to reflect users' intentions. Not many estimation exists for new password, so there's need to be standard for those new password for highlighting usability and accessability. In this paper, we propose password system with simple image and switching key-board to test statistical method to estimate usability on the password.

Design and Implementation of u-Healthcare System for u-Wellness (u-웰니스를 위한 u-헬스케어 시스템의 설계와 구현)

  • Seo, Hyunsoo;Ryu, Dae-Hyun;Choi, Taewan
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.13 no.11
    • /
    • pp.5506-5511
    • /
    • 2012
  • u-Wellness is widely applicable to individuals and medical service providers such as hospitals and it includes u-fitness and video health counselling services at the side of the provider and stress management, obesity management, and the amount of exercise at the side of the individual. In this paper, we design and implement a smart health care system which uses the authentication device to identify an individual and the user's smart phone. Our system records and manages the amount of exercise on the basis of the prescription of health care professionals through the exercise equipment and Wi-Fi communication. Therefore, our system helps user do optimized amount of exercise through the health care professional's prescription. And our system quantifies the results of the measurement of body fat measuring machines and experts to build the database and automatically schedule.

A Study on the Strategies for Expanding Exports of Indonesia utilizing E-commerce Platform (전자상거래 플랫폼을 활용한 인도네시아 수출확대방안에 관한 연구)

  • Choi, Jang Woo;Park, Jae Han
    • International Commerce and Information Review
    • /
    • v.19 no.1
    • /
    • pp.99-126
    • /
    • 2017
  • The Indonesian e-commerce market has grown significantly due to sustained economic growth, middle class growth, rapid increase in Internet and SNS users, and increase in accessibility of mobile broadband services. In particular, consumers' online shopping through mobile and SNS has been increasing rapidly based on the expansion of the popularity of smart phone devices. This research suggested the strategies for expanding exports of Indonesia through e-commerce platform to the Korean firms, with deep analysis of the current status and features, problems, cases, and implications etc. of Indonesia's e-commerce market. As an export expansion strategy utilizing Indonesia's e-commerce platform, this study showed the Korean firms have to build a local online distribution network, establish a logistics & delivery and payment system, acquire Halal certification for Muslim market, carry out the in-depth market research, actively implement Hanryu marketing strategy, develop a creative product, set up market segmentation strategies, and develop SNS mobile marketing.

  • PDF

A Security Protocol for Swarming Technique in Peer-to-Peer Networks (피어 투 피어 네트워크에서 스워밍 기법을 위한 보안 프로토콜)

  • Lee, Kwan-Seob;Lee, Kwan-Sik;Lee, Jang-Ho;Han, Seung-Chul
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.15 no.9
    • /
    • pp.1955-1964
    • /
    • 2011
  • With fast deployment of high-speed networks and various online services, the demand for massive content distribution is also growing fast. An approach that is increasingly visible in communication research community and in industry domain is peer-to-peer (P2P) networks. The P2P swarming technique enables a content distribution system to achieve higher throughput, avoid server or network overload, and be more resilient to failure and traffic fluctuation. Moreover, as a P2P-based architecture pushed the computing and bandwidth cost toward the network edge, it allows scalability to support a large number of subscribers on a global scale, while imposing little demand for equipment on the content providers. However, the P2P swarming burdens message exchange overheads on the system. In this paper, we propose a new protocol which provides confidentiality, authentication, integrity, and access control to P2P swarming. We implemented a prototype of our protocol on Android smart phone platform. We believe our approach can be straightforwardly adapted to existing commercial P2P content distribution systems with modest modifications to current implementations.

Management Method to Secure Private Key of PKI using One Time Password (OTP를 이용한 PKI 기반의 개인키 파일의 안전한 관리 방안)

  • Kim, Seon-Joo;Joe, In-June
    • The Journal of the Korea Contents Association
    • /
    • v.14 no.12
    • /
    • pp.565-573
    • /
    • 2014
  • We have various e-commerce like on-line banking, stock trading, shopping using a PC or SmartPhone. In e-commerce, two parties use the certificate for identification and non-repudiation but, the attack on the certificate user steadily has been increasing since 2005. The most of hacking is stealing the public certificate and private key files. After hacking, the stolen public certificate and private key file is used on e-commerce to fraud. Generally, the private key file is encrypted and saved only with the user's password, and an encrypted private key file can be used after decrypted with user password. If a password is exposed to hackers, hacker decrypt the encrypted private key file, and uses it. For this reason, the hacker attacks user equipment in a various way like installing Trojan's horse to take over the user's certificate and private key file. In this paper, I propose the management method to secure private key of PKI using One Time Password certification technique. As a result, even if the encrypted private key file is exposed outside, the user's private key is kept safely.