• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.3 no.4
• /
• pp.313-318
• /
• 2002

The Integration of agent technology and security technology is needed to many application areas like electronic commerce. This paper suggests a model of extended multi-agent engine which supports privacy, integrity, authentication and non-repudiation on agent communication. Each agent which is developed with the agent engine is composed of agent engine layer and agent application layer. We describe and use the concepts self-to-self messages, secure communication channel, and distinction of KQML messages in agent application layer and messages in agent engine layer. The suggested agent engine provides an agent communication language which is extended to enable secure communication between agents without any modifications or restrictions to content layer and message layer of KQML. Also, in the model of our multi-agent engine, secure communication is expressed and processed transparently on the agent communication language.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37C no.10
• /
• pp.949-964
• /
• 2012

Our PC have been under constant threat of malicious codes and viruses today. As many new ways of cyber attacks are being developed, such as zero-day-attack, nobody's PC is guaranteed to be safe from the attacks. In case where a user uses the existing verification protocol on a unsecured PC, the user's verification information may well be threatened by sniffing or man-in-the-middle attack. Especially, deadly attacks like memory hacking would give hard time for users to even recognize any symptom of virus infection. Therefore, this paper designs secured QR-Login user verification protocol for smart devices that are ready to communicate with QR-Code and proposes a way to keep critical data safe when using the internet. This way, user would be able to safeguard his/her critical data even when under attack by unknown attacks and safely carry out extremely sensitive task, like financial trading, on the device.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.9
• /
• pp.2044-2055
• /
• 2015

Financial information systems play such a pivotal role in the financial institution services that are provided for a large customers on the basis of various information including the personal information. As for the personal information collected during the transactions in the financial information systems, huge efforts and investment have been made to protect previously them from being inappropriately misused or illegally used if they could be released. Unfortunately, the frequent accidents on the leakage of sensitive personal information have occurred recently not only by external service users but even by internal system users. Therefore, the aim of this study is to suggest a model of advanced two-channel authentication for internal users in order to increase the stability of financial information systems with enhanced security.

• Journal of the Korea Society of Computer and Information
• /
• v.6 no.2
• /
• pp.1-7
• /
• 2001

The database development is in need or transaction management composed of operations about data, efficiency database management and security of information data in necessity of as well as the new thinking about data security. When users approach data, transaction concurrency is controlled by the users security authentication and security level of data. So, existing secure algorithm occurred the problems which don't satisfy serializability of high level transaction which is delayed high level transaction repeatedly by the low level transaction, because existing secure algorithm is focused on the part which removes the security channel. Therefore this proposed algorithm which prevents waste of resource from the high level transaction reexecution and delay by stopping serializability offense problem by the increase of efficiency of concurrency control.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.44 no.4 s.316
• /
• pp.36-44
• /
• 2007

In this paper, we implement the speech & face recognition system to support various ubiquitous sensor network application services such as switch control, authentication, etc. using wireless audio and image interface. The proposed system is consist of the H/W with audio and image sensor and S/W such as speech recognition algorithm using psychoacoustic model, face recognition algorithm using PCA (Principal Components Analysis) and LDPC (Low Density Parity Check). The proposed speech and face recognition systems are inserted in a HOST PC to use the sensor energy effectively. And improve the accuracy of speech and face recognition, we implement a FEC (Forward Error Correction) system Also, we optimized the simulation coefficient and test environment to effectively remove the wireless channel noises and correcting wireless channel errors. As a result, when the distance that between audio sensor and the source of voice is less then 1.5m FAR and FRR are 0.126% and 7.5% respectively. The face recognition algorithm step is limited 2 times, GAR and FAR are 98.5% and 0.036%.

• Journal of KIISE
• /
• v.42 no.11
• /
• pp.1459-1466
• /
• 2015

Lockscreen is one of the most frequently encountered interfaces by smartphone users. Although users perform unlocking actions every day, there are no benefits in using lockscreens apart from security and authentication purposes. In this paper, we replace the traditional lockscreen with an application that analyzes facial expressions in order to collect facial expression data and provide real-time feedback to users. To evaluate this concept, we have implemented Quantified Lockscreen application, supporting the following contributions of this paper: 1) an unobtrusive interface for collecting facial expression data and evaluating emotional patterns, 2) an improvement in accuracy of facial expression detection through a personalized machine learning process, and 3) an enhancement of the validity of emotion data through bidirectional, multi-channel and multi-input methodology.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.2
• /
• pp.49-58
• /
• 2018

A certificate is a means to certify users by conducting the identification of the users, the prevention of forgery and alteration, and non-repudiation. Most people use an accredited certificate when they perform a task using online banking, and it is often used for the purpose of proving one's identity in issuing various certificates and making electronic payments in addition to online banking. At this time, the issued certificate exists in a file form on the disk, and it is possible to use the certificate issued in an existing device in a new device only if one copies it from the existing device. However, most certificate duplication methods are a method of duplication, entering an 8-16 digit verification code. This is inconvenient because one should enter the verification code and has a weakness that it is vulnerable to security issues. To solve this weakness, this study proposes a method for enhancing security certificate duplication in a multi-channel using TCP and BLE. The proposed method: 1) shares data can be mutually authenticated, using BLE Advertising data; and 2) encrypts the certificate with a symmetric key algorithm and delivers it after the certification of the device through an ECC-based electronic signature algorithm. As a result of the implementation of the proposed method in a mobile environment, it could defend against sniffing attacks, the area of security vulnerabilities in the existing methods and it was proven that it could increase security strength about $10^{41}$ times in an attempt of decoding through the method of substitution of brute force attack existing method.