• Smart Media Journal
• /
• v.7 no.1
• /
• pp.24-30
• /
• 2018

Acquisition of the FIDO authentication technology in pursuit of improved security function of the NFC-based 2 factor electronic payment system enabled GenoTech Ch., Ltd. to develop its new service, Gallery-Auction, demoed at Daegu Exhibition. The demonstration was followed by the improvement requests in banner creation & installation, changes in UI, changes in order of operation, etc, which were taken into account for the succeeding update. During the second demonstration held at 'Art: Gwangju: 17,' it analyzed and visualized the number of visitors per hour there.

• Proceedings of the KIEE Conference
• /
• 2003.11b
• /
• pp.143-146
• /
• 2003

In mobile Internet banking service through wireless local area network, security is a most important factor to consider. We describe the development of mobile banking service using Personal Digatal Assistant (PDA). In order to increase the strength of encryption, we adopted hybrid approach where both of the public key algorithm and the secret key algorithm are used during the transaction among PDA, banking server and authentication server.

• Review of KIISC
• /
• v.17 no.3
• /
• pp.26-31
• /
• 2007

공개된 네트워크 시스템 상에서의 개인 정보를 보호하기 위해 사용자 인증은 시스템 보안에 있어서 중요한 요소이다. 패스워드 기반의 인증 메커니즘은 비용과 효율성의 측면에서 널리 사용되고 있으며 최근 이중요소인증(Two-Factor Authentication)의 한 수단으로 일회용 패스워드(One-Time Password, OTP)를 도입하고 있다. 본고에서는 일회용 패스워드에 대한 인증 기술과 OTP 통합 인증 센터로 구성되는 OTP 통합 인증 시스템에 대해 검토하며 취약성에 대해 살펴보고 이에 대한 대응 방안으로 서비스 제공자의 식별자를 포함한 일회용 패스워드 생성 매체를 이용하는 사용자 인증 시스템을 구성한다. 또한 USB 토큰 형태의 일회용 패스워드 매체를 이용하여 다수의 서비스 제공자의 일회용 패스워드를 지원하는 인증 시스템을 제안한다.

• Review of KIISC
• /
• v.26 no.6
• /
• pp.51-57
• /
• 2016

IT 기술의 발달로 다양한 인터넷 서비스를 사용하게 되면서 개인정보의 유출 등 위협이 증가하고 있다. 이에 개인정보의 중요도가 높아지면서 정보보안에 대한 관심도 높아지고 있다. 현재까지 많이 사용되고 있는 인증기술들은 단일 요소 인증으로 다중 인증(multi-factor authentication) 기술에 비하면 취약하다. 본 논문에서는 행위기반 바이오 인증 기술들 중 다중 인증을 하는데 이용 가능한 기술들에 대해 분석하고, 특성을 제시한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.6
• /
• pp.25-35
• /
• 2006

Radio Frequency identification (RFID) will become an important technology in remotely object identification systems. However, the use of RFID tags may create new threats to the sniな and Privacy of individuals holding RFID tags. These threats bring several problems which are information leakage of a tag, location trace of individuals and impersonation of a tag. Low-cost RFID systems have much restrictions such as the limited computing power, passive power mechanism and low storage space. Therefore, the cost of tag's computation should be considered as an important factor in low-cost RFID systems. We propose an authentication protocol, OHLCAP which requires only one one-way hash function operation and hence is very efficient. Furthermore, our protocol is suitable to distribution database environment. Hence our scheme can be applied to ubiquitous computing environment.

• Journal of Korea Multimedia Society
• /
• v.7 no.12
• /
• pp.1719-1728
• /
• 2004

The fusion of Internet technology and applications with wireless communication provides a new business model and promises to extend the possibilities of commerce to what is popularly called mobile commerce, or m-commerce. In mobile Internet banking service through wireless local area network, security is a most important factor to consider. We describe the development of security service for mobile Internet banking on Personal Digital Assistants (PDAs). Banking Server and Authentication Server were developed to simulate banking business and to support certificate management of authorized clients, respectively. To increase security, we took hybrid approach in implementation: symmetric block encryption and public-key encryption. Hash function and random number generation were exploited to generate a secret key. The data regarding banking service were encrypted with symmetric block encryption, RC4, and the random number sequence was done with public-key encryption. PDAs communicate through IEEE 802.IIb wireless LAN (Local Area Network) to access banking service. Several banking services and graphic user interfaces, which emulatedthe services of real bank, were developed to verity the working of each security service in PDA, the Banking Server, and the Authentication Server.

• Current Optics and Photonics
• /
• v.1 no.2
• /
• pp.90-94
• /
• 2017

Visible light identification (VLID) is a user identification system for a door lock application using smartphone that adopts visible light communication (VLC) technology with the objective of high security, small form factor, and cost effectiveness. The user is verified by the identification application program of a smartphone via fingerprint recognition or password entry. If the authentication succeeds, the corresponding encoded visible light signals are transmitted by a light emitting diode (LED) camera flash. Then, only a small size and low cost photodiode as an outdoor interface converts the light signal to the digital data along with a comparator, and runs the authentication process, and releases the lock. VLID can utilize powerful state-of-the-art hardware and software of smartphones. Furthermore, the door lock system is allowed to be easily upgraded with advanced technologies without its modification and replacement. It can be upgraded by just update the software of smartphone application or replacing the smartphone with the latest one. Additionally, wireless connection between a smartphone and a smart home hub is established automatically via Bluetooth for updating the password and controlling the home devices. In this paper, we demonstrate a prototype VLID door lock system that is built up with LEGO blocks, a photodiode, a comparator circuit, Bluetooth module, and FPGA board.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.7
• /
• pp.3386-3411
• /
• 2019

Secured and reliable routing is a crucial factor for improving the performance of Wireless Mesh Networks (WMN) since these networks are susceptible to many types of attacks. The existing assumption about the internal nodes in wireless mesh networks is that they cooperate well during the forwarding of packets all the time. However, it is not always true due to the presence of malicious and mistrustful nodes. Hence, it is essential to establish a secure, reliable and stable route between a source node and a destination node in WMN. In this paper, a trust based secure routing algorithm is proposed for enhancing security and reliability of WMN, which contains cross layer and subject logic based reliable reputation scheme with security tag model for providing effective secured routing. This model uses only the trusted nodes with the forwarding reliability of data transmission and it isolates the malicious nodes from the providing path. Moreover, every node in this model is assigned with a security tag that is used for efficient authentication. Thus, by combining authentication, trust and subject logic, the proposed approach is capable of choosing the trusted nodes effectively to participate in forwarding the packets of trustful peer nodes successfully. The simulation results obtained from this work show that the proposed routing protocol provides optimal network performance in terms of security and packet delivery ratio.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.05a
• /
• pp.1075-1078
• /
• 2005

The Global IT revolution is growing rapidly. Government and business have to be ready to meet the increased demand for effective and secure online services. With the E-Government practicing, day-by-day the public demand is also increasing simultaneously. Now this present moment, one of important research part is secure E-Voting for E-Government service, but for this important factor or Government Issue, it needs information privacy for secure information transaction of citizen’s opinions and secure authentication. This paper has analyzed several approaches E-voting protocols, those are implemented with many digital signature mechanism and maintained many types of cryptographic rules, which are main factor for information privacy. In this paper we have discussed them with a view to voter anonymity and protection from manipulations. The paper then developed an algorithm designed to guarantee anonymity of the voter and to avoid the risk of manipulation of votes. In this paper the proposed algorithm is based upon the strict separation of voter’s registration and submission of votes, which means that certain information has to be stored on a secure storage media.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.676-679
• /
• 2013

최근 피싱과 파밍으로 인한 사용자들의 피해가 속출하고 있다. 또, OTP(One Time Password)의 MITM 공격에 대한 취약성이 밝혀지면서 기존의 인증기법을 개선할 필요가 있다. 그러므로 피싱과 파밍 공격을 방지하고 OTP의 취약점을 개선한 인증기법을 제안하는 것은 매우 중요한 문제이다. 본 논문에서는 메신저를 이용한 피싱/파밍 방지기능을 제안한다. 또한 제안하는 기법은 1차로 기존과 같은 ID / PWD 방식 인증과 2차로 모바일 메신저 상에서의 인증시작버튼, 3차로 물리적인 QR코드 인식 후 인증을 하는 3단계 인증을 통해 개선한다. 제안하는 인증기법은 일상생활 속에서 많이 사용하는 메신저와 카메라 기능을 통해 진행되므로 사용자는 추가적인 기능을 배울 필요가 없으며, 친숙하게 사용할 수 있다. 피싱/파밍 공격은 물론 MITM공격에 대한 취약점을 메신저의 특징과 2차, 3차 인증단계를 이용해 막아낼 수 있을 것으로 기대된다.