• Journal of the Korea Society of Computer and Information
• /
• v.17 no.4
• /
• pp.121-127
• /
• 2012

Biometric technology has been proposed as a new means to replace conventional PIN or password because it is hard to be lost and has the low possibility of illegal use. However, unlike a PIN or password, there is no way to modify the exposure if it is exposed and used illegally. To solve the problems, we propose to apply OTP using biometric information to mobile devices for more secure and adaptable authentication. In this paper, we propose a secure framework for delivering biometric information as mobile OTP to the server (TTP) and compared this paper with existed methods about security and performance.

• Journal of Electrical Engineering and Technology
• /
• v.7 no.3
• /
• pp.443-450
• /
• 2012

As power grids are integrated into one big umbrella (i.e., Smart Grid), communication network plays a key role in reliable and stable operation of power grids. For successful operation of smart grid, interoperability and security issues must be resolved. Security means providing network system integrity, authentication, and confidentiality service. For a cyber-attack to a power grid system, which may jeopardize the national security, vulnerability of communication infrastructure has a serious impact on the power grid network. While security aspects of power grid network have been studied much, security mechanisms are rarely adopted in power gird communication network. For security issues, strict timing requirements are defined in IEC 61850 for mission critical messages (i.e., GOOSE). In this paper, we apply security algorithms (i.e., MD-5, SHA-1, and RSA) and measure their processing time and transmission delay of secured mission critical messages. The results show the algorithms satisfying the timing requirements defined in IEC 61850 and we observer the algorithm that is optimal for secure communication of mission critical messages. Numerical analysis shows that SHA-1 is preferable for secure GOOSE message sending.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.40 no.1
• /
• pp.39-49
• /
• 2003

Watermark detection has a crucial role in copyright protection of and authentication for multimedia and has classically been tackled by means of correlation-based algorithms. Nevertheless, when watermark embedding does not obey an additive rule, correlation-based detection is not the optimum choice. So a new detection algorithm is proposed which is optimum for non-additive watermark embedding. By relying on statistical decision theory, the proposed method is derived according to the Bayes decision theory, Neyman-Pearson criterion, and distribution of wavelet coefficients, thus permitting to minimize the missed detection probability subject to a given false detection probability. The superiority of the proposed method has been tested from a robustness perspective. The results confirm the superiority of the proposed technique over classical correlation- based method.

• Journal of the Korea Society of Computer and Information
• /
• v.20 no.1
• /
• pp.143-151
• /
• 2015

Biometric technology has been proposed as a new means to replace conventional PIN or password because it is hard to be lost and has the low possibility of illegal use. However, unlike a PIN, password, and personal information there is no way to modify the exposure if it is exposed and used illegally. Therefore, the existing single modality with single biometrics is critical when it expose. However in this paper, we use a multi-modality and multi-biometrics to authenticate between users and TTP or between users and financial institutions. Thereby, we propose a more reliable method and compared this paper with existed methods about security and performance in this paper.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.254-266
• /
• 2021

The Internet of Medical Things (IoMTs) are to be considered an investment and an improvement to respond effectively and efficiently to patient needs, as it reduces healthcare costs, provides the timely attendance of medical responses, and increases the quality of medical treatment. However, IoMT devices face exposure from several security threats that defer in function and thus can pose a significant risk to how private and safe a patient's data is. This document works as a comprehensive review of modern approaches to achieving security within the Internet of Things. Most of the papers cited here are used been carefully selected based on how recently it has been published. The paper highlights some common attacks on IoMTs. Also, highlighting the process by which secure authentication mechanisms can be achieved on IoMTs, we present several means to detect different attacks in IoMTs

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.15 no.2
• /
• pp.29-42
• /
• 2019

As online services become more and more popular due to the development of IT, non-face-to-face transactions are continuously increasing rather than face-to-face transactions. The personal identity proofing service(PIPS) based on the alternative method of the resident registration number is used for the purpose of confirming the identity of the other party on the Internet. However, in the case of the current PIPS, the personal information of the PIPS user is excessively provided to the online service provider. As a result, privacy problems of online users, shortage of choice of information providing options, and lack of differentiation of authentication methods are becoming problems. Therefore, this paper proposes a method to improve the PIPS based on the current resident registration number alternative method and to provide a method to differentiate the provision of excessive personal information. In the proposed method, we analyze trends and current status of overseas online PIPS in order to provide a method of providing differentiation of personal information and proposes an effective improvement method applicable to domestic.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.7 no.2
• /
• pp.43-54
• /
• 1997

In this paper, we introduce a secure and minimal protocol for authenticated key distribution over the CDMA mobile communication network. The CDMA mobile communication network has been developed the security protocol that provides a means for user authentication and subsequent protection of user traffic. However, this model has no security assumptions for the intermediate, fixed networks. To avoiding these drawbacks, we introduce a minimal authenticated key distribution protocol. This protocol provides the security of the intermediate and fixed network in mobile environment, and maintains the confidentiality of user identification and the minimum size of information flow compared with the existing protocols.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.3
• /
• pp.51-59
• /
• 2008

The biometrics has been researched as a means for authenticating user's identity. Among the biometrics schemes for face recognition, the eigenvector-based schemes, which use eigenvector made from training data for transforming test data to abstracted data, are widely adopted. From those schemes, however, it is hard to expect cancelable feature, which is a general concept for security in the biometrics. In this paper, we point out the security problem that is the recovery of valuable face information from the abstracted face data and consider a possible attack scenario by showing our experiment results.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.6
• /
• pp.29-46
• /
• 2002

We generally use SSL/TLS protocol utilizing X.509 v3 certificates so as to provide a secure means in establishment an confidential communication and the support of the authentication service. SPKI/SDSI was motivated by the perception that X.509 is too complex and incomplete. This thesis focuses on designing a secure server and an implementation of the prototype which has two main modules, one is to support secure communication and RBAC, not being remained in the SPKI/SDSI server which was developed by the existing Geronimo project and the other is to wholly issue name-certificate and authorization-cerificate. And the demonstration embodied for our sewer is outlined hereafter.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.1
• /
• pp.61-71
• /
• 2021

Instant messengers are a means of communication for modern people and can be used with smartphones and PCs respectively or connected with each other. Messengers, which provide various functions such as message, call, and file sharing, contain user behavior information regarded as important evidence in forensic investigation. However, it is difficult to analyze as well as acquire smartphone data because of the security of smartphones or apps. However, messenger data can be extracted through PC when the messenger is used on PC. In this paper, we obtained the credential data of Wire messenger in Windows 10, and showed that it is possible to log-in from another PC without authentication. In addition, we identified and classified major artifacts generated based on user behavior.