• Electronics and Telecommunications Trends
• /
• v.36 no.4
• /
• pp.135-144
• /
• 2021

The field of user authentication in Korea has experienced new dimensions since December 2020. Accredited certificate, which had been in use for 21 years since 1999, has been abolished. Accredited certificates have provided a trust foundation for various ICT-based industrial developments; however, new changes in the authentication sector are also required due to changes in the service and policy environment. Changes in the service environment occur rapidly because of the emergence of new technologies such as AI, IoT, Bio, Blockchain, and the daily use of non-face-to-face environments caused by COVID-19. Even with changes in the service environment, user authentication remains an essential foundation for providing services. This paper summarizes the current status of user authentication techniques, analyzes major changes in the service environment (such as Metaverse) associated with user authentication, and presents the direction of authentication techniques (Decentralized, Invisible, Privacy-preserving) through the derived implications.

• The Journal of the Korea Contents Association
• /
• v.12 no.2
• /
• pp.69-77
• /
• 2012

In the case of the password-based PKI technology, because it protects by using the password which is easy that user memorizes the private key, he has the problem about the password exposure. In addition, in the system of electronic bidding, the illegal use using the authentic certificate of the others increases. Recently, in order to solve this problem, the research about the PKI technology using the biometrics is actively progressed. If the bio information which the user inputs for the bio authentication is converted to the template, the digest access authentication in which the security is strengthened than the existing authentication technology can be built. Therefore, in this paper, we had designed and developed the system of electronic bidding which it uses the most widely used fingerprint information in the biometrics, it stores the user fingerprint information and certificate in the fingerprint security token and can authenticate the user. In case of using the system of electronic bidding of the public key infrastructure using the fingerprint information proposed in this paper the agent bid problem that it uses the certificate of the others in not only user authentication intensification but also system of electronic bidding can be concluded.

• Journal of Korea Multimedia Society
• /
• v.20 no.3
• /
• pp.465-473
• /
• 2017

Electrocardiogram(ECG) signal is one of the unique bio-signals of individuals and is used for personal authentication. The existing studies on personal authentication method using ECG signals show a high detection rate for a small group of candidates, but a low detection rate and increased execution time for a large group of candidates. In this paper, we propose a hierarchical algorithm that extracts fiducial points based on curvature of ECG signals as feature values for grouping candidates ​and identifies candidates using waveform-based comparisons. As a result of experiments on 74 ECG signal records of QT-DB provided by Physionet, the detection rate was about 97% at 3-heartbeat input and about 99% at 5-heartbeat input. The average execution time was 22.4 milliseconds. In conclusion, the proposed method improves the detection rate by the hierarchical personal authentication process, and also shows reduced amount of computation which is plausible in real-time personal authentication usage in the future.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.1
• /
• pp.13-21
• /
• 2006

Though authentication using biometric techniques has conveniences for people, security problems like the leakage of personal bio-information would be serious. Even if cancelable biometric is a good solution for the problems, only a few biometric authentication scheme with cancelable feature has been published. In this paper, we suggest a face authentication scheme with two security factors: password and face image. Using matching algorithm in the permuted domain, our scheme is designed to be cancelable in the sense that templates that is composed of permutation and weight vector can be changed freely.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.10
• /
• pp.1-6
• /
• 2019

As mobile technologies such as Internet of Things (IoT)-based smart homes and financial technologies (FinTech) are developed, authentication by smart devices is used everywhere. As a result, presence-based biometric authentication using smart devices has become a new mainstream in knowledge-based authentication methods like the existing passwords. The electrocardiogram (ECG) is less prone to forgery, and high-level personal identification is its unique feature from among various biometric authentication methods, such as the pulse, fingerprints, the face, and the iris. Biometric authentication using an ECG is receiving a great deal of attention due to its uses in healthcare and FinTech. In this study, we implemented an ECG authentication system that allows users to easily measure and authenticate their ECG waveforms using a miniaturized wearable device, rather than a large and expensive measurement device. The implemented ECG authentication system identifies ECG features through P-Q-R-S-T feature point identification, and was user-certified under the proposed authentication protocols. Finally, assessment of measurements in a majority of adult males showed a relatively low false acceptance rate of 1.73%, and a low false rejection rate of 4.14%, in a stable normal state. In a high-activity state, the false acceptance rate was 13.72%, and the false rejection rate was 21.68%. In a high-heart rate state, the false acceptance rate was 10.48%, and the false rejection rate was 11.21%.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2001.10b
• /
• pp.1037-1040
• /
• 2001

생체인식 기술이 차세대 보안 기술로서 주목을 받고 있으나 대부분의 생체 시스템이 독립적으로 존재하고 있어, 표준화 노력의 일환으로 세계적인 생체인식협회인 BioAPI Consortium에서 표준 BioAPI version 1.1이 제정되었다. 본 논문에서는 BioAPI에서 제안한 명세서를 토대로 하여 클라이언트-서버구조로서 웹기반 사용자 인증시스템을 설계한다. 클라이언트는 입력 장치 및 BSP에 따른 Hybrid기법을 적용함으로서 신뢰성을 부여하여 웹 상에서 사용자의 취득 가능한 여러 생체 정보를 검증 자료로 사용하고, 실 시간성을 부여하기 위하여 ActiveX를 사용하여 객체의 크기를 작게 한다. 서버는 생체검증의 기본기능인 등록, 인증, 검증을 할 수 있도록 BioAPI 인터페이스를 사용하여 BSP에 따른 기 입력된 사용자의 생체 정보를 검증하게 되며, 본 논문에서는 구조적 접근 방법을 사용한 서명과 ID 및 password 의 조합을 검증기로서 사용하게 된다. 개방형 네트워크인 웹 상에서 생체 정보를 이용한 사용자 검증시스템은 전자 상거래 등의 신원확인이 필요한 분야에 신뢰성을 제공한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.383-395
• /
• 2017

Brainwave-based user authentication technology has advantages such as changeability, shoulder-surfing resistance, and etc. comparing with conventional biometric authentications, fingerprint recognition for instance which are widely used for smart phone and finance user authentication. Despite these advantages, brainwave-based authentication technology has not been used in practice because of the price for EEG (electroencephalography) collecting devices and inconvenience to use those devices. However, according to the development of simple and convenient EEG collecting devices which are portable and communicative by the recent advances in hardware technology, relevant researches have been actively performed. However, according to the experiment based on EEG samples collected by using a single-channel EEG measurement device which is the most simplified one, the authentication accuracy decreases as the number of channels to measure and collect EEG decreases. Therefore, in this paper, we analyze technical problems that need to be solved for practical use of brainwave-based use authentication and propose an incremental elimination method of collected EEG samples for each user to consist a set of EEG samples which are effective to authentication users.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.11
• /
• pp.469-478
• /
• 2019

Car-sharing services have been settled on as a new type of public transportation owing to their enhanced convenience, expanded awareness of practical consumption patterns, the inspiration for environmental conscientiousness, and the diffusion of smart phones following the economic crisis. With development of the market, many people have started using such services. However, security is still an issue. Damage is expected since IDs and passwords are required for log-in when renting and controlling the vehicles. The protocol suggested in this study uses bio-information, providing an optimized service, and convenient (but strong) authentication with various service-provider clouds registering car big data about users through brokers. If using the techniques suggested here, it is feasible to reduce the exposure of the bio-information, and to receive service from multiple service-provider clouds through one particular broker. In addition, the proposed protocol reduces public key operations and session key storage by 20% on mobile devices, compared to existing car-sharing platforms, and because it provides convenient, but strong, authentication (and therefore constitutes a secure channel), it is possible to proceed with secure communications. It is anticipated that the techniques suggested in this study will enhance secure communications and user convenience in the future car-sharing-service cloud environment.

• Journal of Intelligence and Information Systems
• /
• v.9 no.3
• /
• pp.193-205
• /
• 2003

In this paper, we suggest user authentication and authorization system for internet banking by face recognition. The system is one of Biometrics technology to verify and authorize personnel identification and is more unobtrusive than the other technologies, because they use physiological characteristics such as fingerprint, hand geometry, iris to their system that people have to touch it. Also, the face recognition system requires only a few devices such as a camera and keypad, so it is easy to apply it to the real world. The face recognition algorithms open to the public are separated by their analysis method differ from what characteristic of the human face use. There are PCA (principal Component Analysis), ICA (Independent Component Analysis), FDA (Fisher Discriminant Analysis). Among these, physiological data of encrypted form is translated utilizing PCA which is the most fundamental algorithm that analyze face feature, and we suggests design method of user authentication system that can do send-receive fast and exactly.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.1059-1068
• /
• 2017

Even though BioHashing scheme can effectively extract binary string key from analog biometrics templates, it shows lower performance in stolen-token scenario due to dependency of the token. In this paper, to overcome this limitation, we suggest a new method of generating security key from face image and user intervention. Using BioHashing and GPT schemes, our scheme can adjust dependency of PIN for user authentication and generate robust key with sufficient length. We perform various experiments to show performance of the proposed scheme.