• The Journal of Society for e-Business Studies
• /
• v.13 no.1
• /
• pp.33-43
• /
• 2008

As the applications within Internet becoming more extensive, the security issues of those applications are appearing to be the most important concern. We have to be sure if all elements of the system are robust and perform well. Even if some small part of the system is vulnerable, it might cause the total system crash-down. Therefore, every part of the system should be thoroughly designed and mutually coordinated in order to support overall security of the system. In this paper, we propose new technique which uses the fingerprint features in order to generate one time passwords(OTPs). Fingerprint is considered to be one of the powerful personal authentication factors and it can be used for generating variable passwords for one time use. Also we performed a simulation for proposed password generation method.

• Journal of Information Technology Applications and Management
• /
• v.11 no.2
• /
• pp.179-190
• /
• 2004

This paper describes the design of hacking prevention systems using a smart card. It consists of two parts, i.e., PC authentication and Keyboard-buffer hacking prevention. PC authentication function is a procedure to handle the access control to the target PC. The card's serial number is used for PIN(Personal Identification Number) and is converted into hash-code by SHA-1 hash-function to verify the valid users. The Keyboard-buffer hacking prevention function converts the scan codes into the encoded forms using RSA algorithm on the Java Card, and puts them into the keyboard-buffer to protect from illegal hacking. The encoded information in the buffer is again decoded by the RSA algorithm and displayed on the screen. in this paper, we use RSA_PKCS#1 algorithm for encoding and decoding. The reason using RSA technique instead of DES or Triple-DES is for the expansion to multi-functions in the future on PKI. Moreover, in the ubiquitous computing environment, this smart card security system can be used to protect the private information from the illegal attack in any computing device anywhere. Therefore, our security system can protect PC user's information more efficiently and guarantee a legal PC access authority against any illegal attack in a very convenient way.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.7 no.4
• /
• pp.811-819
• /
• 2012

In this paper, we design searchable image encryption system to provide the privacy and authentication on streaming media based on cloud computing. The searchable encryption system is the matrix of searchable image encryption system by extending the streaming search from text search, the search of the streaming service is available, and supports personal privacy and authentication using encryption/decryption and CBIR technique. In simple simulation of post-cut and image keyword creation, we can verify the possibilities of the searchable image encryption system based on streaming service.

• Knowledge Management Research
• /
• v.16 no.4
• /
• pp.35-45
• /
• 2015

Fintech, which means the convergence of finance and information technology, becomes a hot topic in the financial sector. Through innovative activities on financial services, ICT(Information and Communication Technology) is integrated into the overall financial industry, and a new form of financial services could be expected to improve the existing financial system. On the other hand, fintech services are relatively vulnerable to security issues. Due to the process simplication and the channel fusion, the leakage of personal and financial informations, authentication bypass, phishing, and pharming are getting more concerned. In this study we investigated the security risk of fintech services in the viewpoints of service provider, technology adoption, and security policy. The possible countermeasures to reduce those risks are suggested because security is an important criterion for selecting financial services. This study basically offers quantification of the potential security risks and step-by-step control measures about business processes in the fintech services. The suggested security model includes user authentication, terminal security, payment information protection, API(Application Programming Interface) security, and abnormal transaction monitoring. This study might contribute to an understanding of the security risks and some possible measures for mitigating those risks on the practical perspective.

• Journal of the Korea Computer Industry Society
• /
• v.3 no.9
• /
• pp.1269-1278
• /
• 2002

The more high growth of knowledge, the more need personal identity technique. Fingerprint or iris of the eye identity techniques are already commercialized and used various field. Using human face recognition or authentication are not high performance yet. But application for an organism or face recognition are expected getting important. We propose a user recognition system by verifying similarity comparison of eye and lip component images which are splitted, calculated characteristic rate of each facial components and added weight to special formula. Through test proposed methods and analysis the result, we got a high recognition rate.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.48 no.4
• /
• pp.100-106
• /
• 2011

u-TSN is a promising technology facilitating road safety and traffic management for drivers and passengers. To deploy this technology in a real environment, personal information and communicated data should be protected against malicious adversaries. Even though such adversaries would appear relatively infrequently, in such cases, the benefits of u-TSN could be disrupted and disabled. Therefore, one of the ultimate goals in the design of secure u-TSN is to protect against attacks of malicious adversaries. In this paper, we present secure communication scenario for u-TSN and implement security protocols and algorithms that are the components of the scenario on an IXP425 board. The security systems, implemented as a security module, supports secure and efficient communication for the u-TSN.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.1
• /
• pp.51-58
• /
• 2013

This paper describes the design and implementation of the PKI-based EAI system which is used for delivery of sensitive personal information between business systems. For this purpose, we propose a key exchange protocol with some key process : Diffie-Hellman Schema is used to provide forward secrecy, public key-based digital signature is used for EAI Server authentication, data integrity. In addition, in order to minimize the performance impact on the overall EAI systems. The EAI server was designed simply to be used only as a gateway. This paper shows the implementation of Korea public key authentication algorithm standard and a symmetric encryption algorithm for data encryption.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.3
• /
• pp.266-270
• /
• 2008

Bluetooth technology provides a way to connect and exchange information between personal devices over a secure and short-range radio frequency without any authentication infrastructures. For this infrastructure-less feature, Bluetooth has several problems which could not occur in other network, and among them location tracking attacks is essential problem which should be solved. In this paper, we introduce the location tracking attack and propose an anonymous connection protocol against it. We also perform security analysis based on possible scenarios of this attack, and estimate both execution time and memory spaces of our scheme and existing methods.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.1021-1030
• /
• 2018

Nowadays, the ubiquitous environment that can utilize the computer everywhere is being formed. As the environment changes, services develop and manage systems and databases that can manage customer information to provide better services to customers through Information Technology. The system that most services maintain is a way of putting and managing customer information on the server. In this paper, we first find the problem in terms of security and convenience. After that, we propose a solution that improves the problem through blockchain technology and biometric authentication.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.349-350
• /
• 2022

As research on IT convergence continues, the scope of IoT (Internet of Things) services continues to expand. The IoT service uses a device suitable for the purpose. These IoT devices require an authentication function. In addition, in IoT services that handle important information such as personal information, security of transmission data is required. In this study, we implement a crypto key-based IoT network security system that can authenticate devices for IoT services and securely transmit data between devices. Through this study, IoT service can authenticate the device itself and maintain the confidentiality of transmitted data. However, since it is an IoT service, additional research on the application efficiency of the encryption algorithm is required.