• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.1
• /
• pp.59-67
• /
• 2015

A novel authentication mechanism is biometric authentication where users are identified by their measurable human characteristics, such as fingerprint, voiceprint, and iris scan. The technology of biometrics is becoming a popular method for engineers to design a more secure user authentication scheme. In terms of physiological and behavioral human characteristics, biometrics is used as a form of identity access management and access control, and it services to identity individuals in groups that are under surveillance. In this article, we review the biometric-based authentication protocol by Althobati et al. and provide a security analysis on the scheme. Our analysis shows that Althobati et al.'s scheme does not guarantee server-to-user authentication. The contribution of the current work is to demonstrate this by mounting threat of data integrity and bypassing the gateway node on Althobati et al.'s scheme. In addition, we analysis the security vulnerabilities of Althobati et al.'s protocol.

• Journal of the Korea Computer Industry Society
• /
• v.2 no.9
• /
• pp.1233-1238
• /
• 2001

Security is very important at EC(Electronic Commerce) Environments. The reason is that exchanged data(that is user private information(accounts, card-no, password), transaction items, etc) is various and is very sensitive. In this paper, we propose the Secure-XML Messaging System(S-XMS) which is implemented to support Message Level Security, Encryption and Digital Signature. And we implement Message Confidentiality Service, User Authentication & Message Integrity Service and Non-Repudiation Service among the various Security Services.

• Proceedings of the Korea Contents Association Conference
• /
• 2005.11a
• /
• pp.200-204
• /
• 2005

POS system that become that is supply net administration and computerization fetters of customer management that become point in distribution network constructed database and use XML-Encryption that is certificate techniques of PKI and standard of security for security that is XML's shortcoming and design distributed processing POS system using XML for data integration by introduction of Ubiquitous concept. This POS system has four advantages. First, high portability Second, efficiency of data transmission. Third, improvement of data process speed. Fourth, security of data.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2009.01a
• /
• pp.400-403
• /
• 2009

EAP (Extensible Authentication Protocol) is often used as an authentication framework for two-party protocol which supports multiple authentication algorithms known as "EAP method". And PKMv2 in 802.16e networks use EAP as an authentication protocol. However, this framework is not efficient when the EAP peer executing handover. The reason is that the EAP peer and EAP server should re-run EAP method each time so that they authenticate each other for secure handover. This makes some delays, so faster re-authentication method is needed. In this paper, we propose a new design of the PKMv2 framework which provides fast re-authentication. This new framework and usage of the keys which used as a short-term credential bring better performance during handover process.

• Annual Conference of KIPS
• /
• 2000.10a
• /
• pp.15-18
• /
• 2000

분산객체 처리 환경에서 CORBA 를 기반으로 한 응용 객체간에 전달되는 정보에 대하여 보안을 유지하기 위해 요구되는 보안 정보를 관리하는 기법을 제안하고 이들을 관리하기 위한 보안정책 들의 객체들을 효율적으로 관리하기 위하여 Repository 응용 방안을 제시하였다.

• Annual Conference of KIPS
• /
• 2003.11b
• /
• pp.1313-1316
• /
• 2003

최근에 공공장소에서의 보다 안정적이고 고속의 무선 인터넷 접속에 대한 욕구가 커지면서 무선랜에 대한 수요가 많아지고 있고, 유무선 사업자들은 무선랜 시장을 선점하기 위해서 서비스를 서두르고 있다. 이와 같은 무선랜환경에서 안전하게 사용자를 인증하고 서비스를 제공하기 위한 AAA 프로토콜로 Diameter Protocol 표준이 정의되었다. 이와 같은 Diameter base Protocol 표준의 관리를 위한 MIB 구조가 Diameter Base MIB에 정의되어 있다. 본 논문에서는 무선단말 사용자를 인증시켜 주고 무선랜서비스를 허가해주는 Diameter Server 를 관리하기 위한 관리 시스템을 위의 MIB 을 기준으로 해서 설계하고 구현하였다.

• Annual Conference of KIPS
• /
• 2005.11a
• /
• pp.1055-1058
• /
• 2005

최근 웹(World Wide WEb)은 전자상거래, e-commerce의 눈부신 성장과 더불어 그 이용률이 급격히 증가하였고, 이와 더불어 웹 취약점을 이용한 해킹사례도 증가하고 있다. 이 해킹 사례의 대부분은 웹 어플리케이션의 취약점을 이용한 것이다. 기존의 네트워크 침입탐지 시스템에서는 침입을 탐지하기 위해 시그너쳐 방법이 주로 사용되었다. 시그너쳐 방식은 시그너쳐를 기반으로 우수한 탐지율을 보인다. 그러나 웹 어플리케이션 공격은 다양한 원인과, 변형된 특성들을 가지고 있기 때문에 기존의 시그너쳐 기반의 방법으로는 특정한 패턴을 찾아내기가 곤란하다. 본 논문에서는 이를 보완할 수 있는 방법으로 프로파일 기반의 탐지방법을 제시한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2011.06d
• /
• pp.315-318
• /
• 2011

In this work, a VN-based IPTV service delivery network containing a novel VNT was designed, This VN-based IPTV service delivery network utilizes current resources that can be easily obtained by IPTV providers and organizes these resources in a more efficient manner, We also developed a three-stage VN allocation scheme to reduce the complexity of topology design and allocation.

• Proceedings of the KIEE Conference
• /
• 1997.07e
• /
• pp.1887-1889
• /
• 1997

This paper reports the principle, design, configuration, and test results of the fiber optic security system using multimode fiber. In this system, optical fiber works as a sensing element. The length of sensing element may be from several meters to several killometers. Physical principle of this system is the dependence of interferometric pattern on the end of the fiber on mechanical perturbation in the area, where this fiber is situated. Near and far field patterns of the output light for multimode fiber are speckle pattern. A number of speckles on the fiber depends on mode numbers. Light intensity in each point of the fiber end depends on phase difference of modes. Finally we introduced a "Fiber Optic Security System based on Multimode" Fiber which we developed, it may be available in the field of the important area and building.

• Journal of the Korea Safety Management & Science
• /
• v.7 no.4
• /
• pp.193-206
• /
• 2005

In recent years, electronic commerce has provided another access for consumers to purchase products. Shopping on line provides much information and less searching cost for customers, but some researches have pointed out that there are difficulties for companies to do business on web. For lack of trust, many people not prefer purchasing through virtual channels. Based on the literature review, this study aims at empirically testing the impact of website design on individual trust in internet firms. From statistic analysis, we will conclude that security, interaction, and navigation functionality will affect on-line trust. The result of this study may provide some managerial implications, especially for firms which want to enter on-line businesses.