• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.373-381
• /
• 2017

Currently, various types of user authentication methods based on public certificates are used in domestic financial transactions. Such an authorized certificate method has a problem that a different security module must be installed every time a user connects an individual financial company to a web server. Also, the financial company relying on this authentication method has a problem that a new security module should be additionally installed for each financial institution whenever a next generation authentication method such as biometric authentication is newly introduced. In order to solve these problems, we propose an integrated authentication system that handles user authentication on behalf of each financial institution in financial transactions, and proposes an integrated authentication protocol that handles secure user authentication between user and financial company web server. The new authentication protocol is a modified version of OAuth2.0 that increases security and efficiency. It is characterized by performing a challenge-response protocol with a pre-shared secret key between the authentication server and the financial company web server. This gives users a convenient and secure Single Sign-On (SSO) effect.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.201-212
• /
• 2017

As services using mobile devices increase, exposure of personal information, and secure threats increase. In this paper, we propose a location-based user authentication system used in mobile device for tightening security. Our authentication system is performed to authenticate two steps. The first authentication is location authentication to ensure that the user accesses an application in trustable space. This authentication method uses an Access Point's information. The second authentication is trustable space authentication to confirm the normal user. This method is carried out the authentication by using biometric information from the user.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.1
• /
• pp.139-147
• /
• 2010

A remote user authentication scheme is a two-party protocol whereby an authentication server in a distributed system confirms the identity of a remote individual logging on to the server over an untrusted, open network. In 2005, Liao et al. proposed a remote user authentication scheme using a smart card, in which users can be authenticated anonymously. Recently, Yoon et al. have discovered some security flaws in Liao et al.'s authentication scheme and proposed an improved version of this scheme to fix the security flaws. In this article, we review the improved authentication scheme by Yoon et al. and provide a security analysis on the scheme. Our analysis shows that Yoon et al.'s scheme does not guarantee not only any kind of authentication, either server-to-user authentication or user-to-server authentication but also password security. The contribution of the current work is to demonstrate these by mounting two attacks, a server impersonation attack and a user impersonation attack, and an off-line dictionary attack on Yoon et al.'s scheme. In addition, we propose the enhanced authentication scheme that eliminates the security vulnerabilities of Yoon et al.'s scheme.

• Journal of Internet of Things and Convergence
• /
• v.7 no.3
• /
• pp.69-74
• /
• 2021

With the recent development of biometric authentication technology, the user authentication techniques using biometric authentication are increasing. Various problems arised in certification techniques that use various existing methods such as ID/PW. Therefore, recently, a method of improving security by introducing biometric authentication as secondary authentication has been used. In this thesis, proposal of the user authentication system that can detect user identification and anomalies using ECGs that are extremely difficult to falsify through the electrical biometric signals from the heart among various biometric authentication devices is studied. The system detects user anomalies by comparing ECG data received from a wrist-mounted wearable device-type ECG measurement tool with identification and ECG data stored in blockchain form on the database and identifying the user's location through a beacon system.

• Journal of KIISE:Computing Practices and Letters
• /
• v.16 no.2
• /
• pp.242-246
• /
• 2010

In this paper, we propose a quality assessment method of biometrics for estimating an authentication result in an user authentication system. The proposed quality assessment method is designed to compute a quality score called CIMR (Confidence Interval Matching Ratio) as a result by small-sample analysis like T-test. We use the C/MR-based quality assessment method for testing how to well draw a distinction between various biometrics in a multimodal biometric system. We also test a predictability for authentication results of obtained biometrics using the mean $\bar{X}$ and the variance $s^2$ in T-test-based CIMR. As a result, we achieved the maximum 88% accuracy for estimation of user authentication results.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.7
• /
• pp.1501-1505
• /
• 2004

The authentication system of high-speed internet in IP-infra is not warm enough to administration of systematic authentication information for user's legalization, connection right and resources allocation in order to both methods of authentication-unauthentication connection system according to transmission method . Also unauthentication connection raises a difficulty condition to user's needs satisfaction in order to a load weighting of system and network and a drop of transmission speed. Accordingly, this study brings forth authentication system construction in a high-speed IP infrastructure using spam sever able to construct the suitable network condition according to unifying authentication-unauthentication system for single authentication system.

• Journal of the Korea Convergence Society
• /
• v.10 no.7
• /
• pp.7-14
• /
• 2019

Users who use smartphone can using knowledge-based authentication, possession-based authentication, biometric-based authentication, and token-based authentication in order to access rights to systems requiring authentication. However, desktop computer users use method only ID and password, which are knowledge-based authentication factors, due to limitations of authentication devices, despite various authentication methods. In this paper, we designed and implemented a raspberry pi based authentication system that provides multiple authentication method of a user's desired type. The implementation system uses knowledge-based authentication, possessive-based authentication, biometric-based authentication, and token-based authentication. The proposed system can provide a security function that can be used by SMEs, which is difficult to hire a security officer due to the economic burden. The implemented system can be used not only for personal use but also for enterprise, and it can be applied to various fields such as finance and game.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.3
• /
• pp.19-26
• /
• 2007

In recent rears. web portal system has received much attention as a user interface for the grid environment. Grid system uses symmetric key for authenticating user identity while the traditional portal system does a password-based authentication. Regarding this, many researches are progressing to integrate portal accounts with symmetric key. Specially. researches such as GAMA and PURSE are active and those focus on easy usability for users who familiar with password-based authentication. However the protection of data and resources is a critical issue in Grid environment, because those are shared through a wide-area network. In this paper, we suggest a new authentication mechanism which unify authentication mechanisms between portal system and grid service by using symmetric key. It will improve a security level in UI layer as much as in grid service.

• Proceedings of the IEEK Conference
• /
• 2002.07a
• /
• pp.156-159
• /
• 2002

For the effective use of information in the information society, information should be protected and outflow of information by illegal users should be prevented. This study sets up user authentication policy, user authentication regulations and procedures for information protection and builds information protection key distribution center and encryption user Authentication system which can protect information from illegal users.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.4B
• /
• pp.713-720
• /
• 2010

Lately, IPTV is in the limelight using a broadband information service to provide video content and broadcast services. Current IPTV system is combining CAS and DRM system for VOD contents to protect transmitting contents and authentication, but it has drawbacks such as system's complexity and high construction costs. Multicast DRM system emerged as a method to improve them, but, in the multicast DRM system, if the key is intercepted by a malicious user, it can be viewed by an unauthorized user of illegal broadcasting which can be a problem. In this paper, we suggest to protect content from a malicious user by applying the techniques using user authentication in the multicast DRM system.