• Proceedings of the Korean Society of Computer Information Conference
• /
• 2015.07a
• /
• pp.167-168
• /
• 2015

본 논문에서는 스마트폰 인증기법 중 연산기반 패스워드 기법을 통하여 사용자의 접근을 제어하고 비인가 접근자에 대해 얼굴을 촬영하여 비인가 접근 시도를 소유자가 확인할 수 있도록 한다. 우선적으로 사용자 접근 제어를 위해 연산기반 패스워드 기법을 이용하고, 비인가 접근이 확인되는 경우 잠금 기능과 함께 비인가자의 얼굴을 촬영하여 소유자가 비인가자를 확인할 수 있는 카메라 액션을 추가한다. 스마트폰 소유자는 사용자의 접근을 제어하고 비인가자의 접근에 대한 확인을 할 수 있으므로 안전성에 대한 향상을 기대할 수 있다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.05a
• /
• pp.381-383
• /
• 2018

이 논문은 스마트 폰에서 터치 스트로크를 이용하여 지속적 인증을 할 수 있는 딥 러닝 네트워크인 스태킹 커널 릿지 리그레션 네트워크 (Stacking Kernel Ridge Regression Network: SKRRN)에 대한 연구이다. SKRRN 은 여러 개의 커널 릿지 리그레션 (Kernel Ridge Regression: KRR) 으로 구성되어있고, 계층적이며 모든 KRR 은 해석적이고 독립적으로 훈련된다. SKRRN 은 다른 딥 러닝 네트워크와는 다르게 비가공 터치 스트로크 데이터로부터 특징을 배우지 않고 Hand-Crafted 피처와 같이 추출된 데이터로부터 재학습을 한다. 이러한 재학습은 기존 데이터 셋을 더 구별 하기 쉽고 풍부하게 만들어준다. SKRRN 은 HMOG 데이터 셋을 사용하여 4.295%의 동일 오류율을 달성하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.11a
• /
• pp.951-954
• /
• 2011

IT 기술의 발전으로 M2M 시장이 급부상하고 있는 가운데 M2M 응용분야 중 텔레매틱스의 개념 및 차량 네트워크 보안의 취약성을 알아보았다. 차량 및 IT 기술의 융합과 이동통신망 기술의 발전은 사용자에게 제공되는 서비스의 질은 향상 시켰지만, 이로 인한 보안 위험성은 더 많아지고 다양해졌다. 이에 본 논문에서는 텔레매틱스의 새로운 비즈니스 모델과 이로 인해 발생 될 수 있는 차량 이동통신망 보안의 취약성을 분석하였다. 이 중 발생할 수 있는 위장공격을 예방하기 위해 M2M 기기와 스마트폰의 상호 인증 기법을 제시하였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.383-395
• /
• 2017

Brainwave-based user authentication technology has advantages such as changeability, shoulder-surfing resistance, and etc. comparing with conventional biometric authentications, fingerprint recognition for instance which are widely used for smart phone and finance user authentication. Despite these advantages, brainwave-based authentication technology has not been used in practice because of the price for EEG (electroencephalography) collecting devices and inconvenience to use those devices. However, according to the development of simple and convenient EEG collecting devices which are portable and communicative by the recent advances in hardware technology, relevant researches have been actively performed. However, according to the experiment based on EEG samples collected by using a single-channel EEG measurement device which is the most simplified one, the authentication accuracy decreases as the number of channels to measure and collect EEG decreases. Therefore, in this paper, we analyze technical problems that need to be solved for practical use of brainwave-based use authentication and propose an incremental elimination method of collected EEG samples for each user to consist a set of EEG samples which are effective to authentication users.

• Journal of Convergence Society for SMB
• /
• v.5 no.2
• /
• pp.21-26
• /
• 2015

Recently, NFC technology of short-range wireless communication using a smart phone to perform personal authentication with the electronic payment has been in the spotlight in various fields. However, the security associated with the personal information and the location information is vulnerable because it is easily fused with the existing mobile services and devices. In this paper, we propose a model for NFC payments help protect personal information and location information of NFC payment systems and services in various fields. Proposed model uses tag-based services in order to protect personal information and position information. The proposed model using the tag-based services is the place to check the various features available information in a simple Tag that can be easily accessed.

• International journal of advanced smart convergence
• /
• v.8 no.4
• /
• pp.188-193
• /
• 2019

This paper is about environment-based low-code and no-code execution platform and execution method that combines hybrid and native apps. In detail, this paper describes the Low-Code/No-Code execution structure that combines the advantages of hybrid and native apps. It supports the iPhone and Android phones simultaneously, supports various templates, and avoids developer-oriented development methods based on the production process of coding-free apps and the produced apps play the role of Java virtual machine (VM). The Low-Code /No-Code (LCNC) development platform is a visual integrated development environment that allows non-technical developers to drag and drop application components to develop mobile or web applications. It provides the functions to manage dependencies that are packaged into small modules such as widgets and dynamically loads when needed, to apply model-view-controller (MVC) pattern, and to handle document object model (DOM). In the Low-Code/No-Code system, the widget calls the AppOS API provided by the UCMS platform to deliver the necessary requests to AppOS. The AppOS API provides authentication/authorization, online to offline (O2O), commerce, messaging, social publishing, and vision. It includes providing the functionality of vision.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.5
• /
• pp.73-79
• /
• 2011

With increasing use of smartphone, users require a new message service to prevent security attack and provide integrated messages. Since smartphone uses data services such as 3G cell network and WiFi, it can provide reliable message transfer through various security policies. In addition, it can transfer various data collected using built-in camera and GPS. This paper proposes a smart message service platform which can provide security services such as authentication, confidentiality and integrity as well as transfer the integrated message including location, picture and text. To verity the functionality of the platform, this paper implements an iPhone app and message transfer server, and then shows the implementation results.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.11a
• /
• pp.1173-1175
• /
• 2017

This paper proposes a system for convenient remote control and management of the lockers with a smart phone. The key features of the proposed system are as follows. First, we connect the lockers to the server and then use the authentication procedure to open and close their lockers. Second, we create instant lockers to increase convenience for users who need to use casual necessities. Unlike traditional analog methods, we finally develop certification procedures. Particularly, log data are better secured than traditional ones. The performance assessment of the proposed system is simulated by producing a dummy model. We will show that the proposed system could effectively support opening and closing the lockers using smart phones.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.12
• /
• pp.525-532
• /
• 2013

Recently smartphones, tablet, etc. Various types of smart terminal is due to the increased security in mobile devices are becoming an issue. How to enter the password in this environment is a very important issue. Difficult to have a secure password input device on various types of mobile devices. In addition you enter on the touch screen the password of character, uncomfortable and it is vulnerable to SSA attack. Therefore, in this paper provide for defense the SSA(Shoulder Surfing Attacks) and useful password input mechanism is proposed with Smartphone GPS uses a value generated via a graphical password techniques.

• The KIPS Transactions:PartD
• /
• v.10D no.6
• /
• pp.1033-1040
• /
• 2003

In order to provode information services on M-Commerce, a payment solution with security function should be required. User's mobile terminals for using M-Commerce services are diversifying to cellular phone, PDA, Smart phone etc. Among them, intergration of PDA's interface and mobile connection overcomes the weak point of existing cullular phone depending on information via the internet. In this paper, the protocol for a credit card transaction on PDA using ECC is presented. Secure Card module on this protocol encrypts user's information such as private information, delivery information and credit card information and store them on PDA in order to free from inputting information whenever it is used. This scheme also offers security services on M-Commerce including authentication, confidentiality, integration, non-repudiation and so on.