• Journal of Korea Multimedia Society
• /
• v.22 no.12
• /
• pp.1347-1355
• /
• 2019

Deep learning approach based on convolution neural network (CNN) has extensively studied in the field of computer vision. However, periocular feature extraction using CNN was not well studied because it is practically impossible to collect large volume of biometric data. This study uses the ResNet model which was trained with the ImageNet dataset. To overcome the problem of insufficient training data, we focused on the training of multi-layer perception (MLP) having simple structure rather than training the CNN having complex structure. It first extracts features using the pretrained ResNet model and reduces the feature dimension by principle component analysis (PCA), then trains a MLP classifier. Experimental results with the public periocular dataset UBIPr show that the proposed method is effective in person authentication using periocular region. Especially it has the advantage which can be directly applied for other biometric traits.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.5
• /
• pp.1904-1919
• /
• 2015

Deniable authentication protocol allows a sender to deny his/her involvement after the protocol run and a receiver can identify the true source of a given message. Meanwhile, the receiver has no ability to convince any third party of the fact that the message was sent by the specific sender. However, most of the proposed protocols didn't achieve confidentiality of the transmitted message. But, in some special application scenarios such as e-mail system, electronic voting and Internet negotiations, not only the property of deniable authentication but also message confidentiality are needed. To settle this problem, in this paper, we present a non-interactive identity-based deniable authenticated encryption (IBDAE) scheme using pairings. We give the security model and formal proof of the presented IBDAE scheme in the random oracle model under bilinear Diffie-Hellman (BDH) assumption.

• Journal of the Korea Convergence Society
• /
• v.5 no.4
• /
• pp.101-106
• /
• 2014

Most peoples are used to prefer to view the video contents rather than the other contents since the video contents are more easy to understand with both their eyes and ears. As the wide spread use of smartphones, the demands for the contents services are increasing rapidly. To promote the contents business, it's important to provide security of subscriber authentication and corresponding communication channels through which the contents are delivered. Generally, symmetric key encryption scheme is used to protect the contents in the channel, and the session key should be upadated periodically for the security reasons. In addition, to protect viewing paid contents by illegal users, the proxy authentication should not be allowed. In this paper, we propose biometric based user authentication and one time key generation models. The proposed model is consist of biometric template registration, session key generation and chanel encryption steps. We analyze the difference and benefits of our model with existing CAS models which are made for CATV contents protection, and also provides applications of our model in electronic commerce area.

• Journal of the Korea Convergence Society
• /
• v.8 no.3
• /
• pp.115-121
• /
• 2017

Hospital medical services are making great efforts to provide prompt medical services to patients or improve the quality of medical services by convergence patient's healthcare information. However, recent research suggests problems about safety and efficiency when trying to transmit patient's healthcare information to hospital server via radio and wireless. In this paper, we propose a color model - based patient authentication key establishment protocol method to securely transmit patient healthcare information. The proposed method extracts randomly three color information used in the color model and vectorizes the extracted arbitrary information to obtain the key information required for user authentication as the sum of orthogonal vectors to improve the efficiency. In addition, the proposed method can securely generate key information used for user authentication without using an additional encryption algorithm. In performance evaluation result, proposed method shows that the server processing time of the sensed information is 8.1% higher than the existing method and 7.7% lower than the existing method.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.48 no.4
• /
• pp.51-60
• /
• 2011

Authentication model in the wireless environment has many security vulnerabilities. However, there is no adapting standard method in this field. Therefore, we propose a fuzzy logic based authentication model to enhance the security level in the authentication environment. We use fuzzy logic based classification to construct our model, and also additionally utilize improved AHP and case-based reasoning for an appropriate decision making. We compute the context information by using the improved AHP method, use the proposed model to compute the security level for the input data, and securely apply the proposed model to the wireless environment which has diverse context information. We look forward to better security model including cloud computing by extending the proposed method in the future.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.919-929
• /
• 2013

Recently, a variety of IT technologies are applied to the vehicle. However, some vehicle-IT technologies without security considerations may cause security problems. Specially, some researches about a smart key system applied to automobiles for authentication show that the system is insecure from replay attacks and modification attacks using a wireless signal of the smart key. Thus, in this paper, we propose an authentication method for the driver by using driving patterns. Nowadays, we can obtain driving patterns using the In-vehicle network data. In our authentication model, we make driving ppatterns of car owner using standard normal distribution and apply these patterns to driver authentication. To validate our model, we perform an k-fold cross validation test using In-vehicle network data and obtain the result(true positive rate 0.7/false positive rate is 0.35). Considering to our result, it turns out that our model is more secure than existing 'what you have' authentication models such as the smart key if the authentication result is sent to the car owner through mobile networks.

• Journal of the Korean Society for Industrial and Applied Mathematics
• /
• v.10 no.1
• /
• pp.61-69
• /
• 2006

SSO (Single Sign On), which allows users to have an access to a various systems through a single authentication, has been receiving much attention from many enterprises due to the user convience through a single authentication and the recent security features based on PKI. An emerging authentication management system called EAM has further enhanced the efficiency and stability of the enterprise IT infrastructrure systems. In this article, the basic concept and characteristics of the existing SSO systems are analyzed and a new SSO model, based on PKI where authentication load is balanced via multiple circulators, is presented.

• The Journal of Society for e-Business Studies
• /
• v.24 no.2
• /
• pp.217-228
• /
• 2019

In the 4th Industrial Revolution, the Internet of Things emerged and various services and convenience improved. As the frequency of use increases, security threats such as leakage of personal information coexist and the importance of security are increasing. In this paper, we analyze the security threats of the Internet of things and propose a model for enhancing security through user authentication using Fast IDentity Online (FIDO). As a result, we propose to implement strong user authentication by introducing second authentication through FIDO.

• Journal of Information Technology Services
• /
• v.17 no.1
• /
• pp.59-77
• /
• 2018

Software process (SP) authentication is a certification system designed in order to improve software process and ensure software reliability of the Korean small and medium enterprises (SMEs). It is composed of 3 grades, 17 evaluation items and 70 detailed evaluation items (software process). In order to certificate grade 2, 42 detailed evaluation items must be satisfied. In order to certificate grade 3, all 70 detailed evaluation items must be satisfied. SMEs are more vulnerable to manpower and material resources than the major company. Therefore, it is difficult for SMEs to invest in the long term to improve the software process. If we can provide the core evaluation items to SMEs, SMEs will be able to improve software quality more efficiently and effectively. It can be used as a short way to acquire SP authentication. The evaluation items of SP are defined as influencing each other. Therefore, the core evaluation items might be established using related techniques. Although we searched for previous researches and related informations, the associated study was insufficient. In this study, ANP (Analytic Network Process) technique was applied, and the core evaluation items of SP authentication were established. SMEs will be able to acquire SP authentication more easily using the core evaluation items. Finally, we expect that this study will be used as a basis material for creating the SP 2.0 version.

• Journal of Internet Computing and Services
• /
• v.9 no.2
• /
• pp.61-68
• /
• 2008

Authentication for inter-NEMO rooming is on important issue for achieving the seamless mobile networking. In this proposal, the technical challenge lies in the fact that a visited network does not initially have the authentication credentials of a roaming mobile router. This paper proposes an efficient approach for providing AAA service in NEMO environment. This approach uses localized authentication based on the roaming agreement between ISPs. A public key certificate structure is proposed, tailored to the business model of wireless internet Service Providers (ISPs). In this approach, the mutual authentication between a visited network and a roaming user can be performed locally without any control with user's home network. In conclusion, our protocol shown that communication delay can be reduced by overuse 45% overhead in communication delay than the previous AAA approach.