• Journal of Korea Society of Digital Industry and Information Management
• /
• v.14 no.2
• /
• pp.27-33
• /
• 2018

User authentication scheme is a method for controlling unauthorized users' access to securely share the services and resources provided by the server and for verifying users with access rights. Initial user authentication scheme was based on passwords. Nowadays, various authentication schemes such as ID based, smart-card based, and attribute based are being researched. The study of Lee et al. suggested a user authentication scheme that provides forward secrecy and protects anonymity of users. However, it is vulnerable to attacks by outsiders and attackers who have acquired smart-cards. In this paper, we propose a modified smart-card authentication scheme to complement the weakness of the previous studies. The proposed user authentication scheme provides the security for the ID guessing attack and the password guessing attacks of the attacker who obtained the login request message and the user's smart-card.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.2
• /
• pp.83-89
• /
• 2014

An increasing number of children are now using the Internet. They are starting at a younger age, using a variety of devices and spending more time online. It becomes an important problem to protect the children in online environment. The Internet can be a major channel for their education, creativity and self-expression. However, it also carries a spectrum of risks to which children are more vulnerable than adults. In order to solve these problems, we suggested a binding model of user attributes for enhanced user authentication. We also studied the requirements and prerequisites of a binding model of user attributes. In this paper we described the architecture of binding model of user attributes and showed the effectiveness of the suggested model using simulation. This model can be utilized to enhanced user authentication and service authorization.

• Journal of Korea Society of Industrial Information Systems
• /
• v.29 no.1
• /
• pp.1-13
• /
• 2024

This study aims to provide a customized dynamic kiosk screen that considers user characteristics to cope with changes caused by increased use of kiosks. In order to optimize the screen composition according to the characteristics of the digital vulnerable group such as the visually impaired, the elderly, children, and wheelchair users, etc., users are classified into nine categories based on real-time analysis of user characteristics (wheelchair use, visual impairment, age, etc.). The kiosk screen is dynamically adjusted according to the characteristics of the user to provide efficient services. This study shows that the system communication and operation were performed in the embedded environment, and the used object detection, gait recognition, and speech recognition technologies showed accuracy of 74%, 98.9%, and 96%, respectively. The proposed technology was verified for its effectiveness by implementing a prototype, and through this, this study showed the possibility of reducing the digital gap and providing user-friendly "barrier-free kiosk" services.

• Journal of Korean Academy of Fundamentals of Nursing
• /
• v.24 no.3
• /
• pp.230-242
• /
• 2017

Purpose: The purpose of this study was to develop a self triage application for rescue requests by disaster vulnerable populations. Literature was reviewed in order to define application trends and needs. Methods: Development of the self triage application was conducted in six stages as a hybrid model (analysis, design, development, implementation, evaluation, modification) of the ADDIE (Analysis, Design, Development, Implementation, Evaluation) model and Driscoll & Alexander model. Application system function and contents were tried with 6 experts and 4 people with hearing impairments. Results: Expert assessment of the application for self triage showed that reliability at 5 points was the highest, followed by utility at 4.8 points. Scores for quickness and expressiveness were low at 4.6 and 4.2 points respectively. User acceptability assessment of the application was measured at 66.73 points. Conclusion: The results show that the application for self triage is helpful to disaster vulnerable populations by providing relief in disaster situations. It is expected that use of this application as a self rescue ability can be made available for disaster situations. However, it will be necessary to establish policies for communication strategies with rescuers and public relations to improve the access rate of disaster app service.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.154-156
• /
• 2012

This paper presents a user authentication scheme for healthcare application using wireless medical sensor networks, where wireless medical sensors are used for patients monitoring. These medical sensors' sense the patient body data and transmit it to the professionals (e.g., doctors, nurses, and surgeons). Since, the data of an individual are highly vulnerable; it must ensures that patients medical vital signs are secure, and are not exposed to an unauthorized person. In this regards, we have proposed a user1 authentication scheme for healthcare application using medical sensor networks. The proposed scheme includes: a novel two-factor professionals authentication (user authentication), where the healthcare professionals are authenticated before access the patient's body data; a secure session key is establish between the patient sensor node and the professional at the end of user authentication. Furthermore, the analysis shows that the proposed scheme is safeguard to various practical attacks and achieves efficiency at low computation cost.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.1
• /
• pp.119-131
• /
• 2013

With the explosive growth of computer networks, many remote service providing servers and multi-server network architecture are provided and it is extremely inconvenient for users to remember numerous different identities and passwords. Therefore, it is important to provide a mechanism for a remote user to use single identity and password to access multi-server network architecture without repetitive registration and various multi-server authentication schemes have been proposed in recent years. Recently, Tsaur et al. proposed an efficient and secure smart card based user authentication and key agreement scheme for multi-server environments. They claimed that their scheme satisfies all of the requirements needed for achieving secure password authentication in multi-server environments and gives the formal proof on the execution of the proposed authenticated key agreement scheme. However, we find that Tsaur et al.'s scheme is still vulnerable to impersonation attack and many logged-in users' attack. We propose an extended scheme that not only removes the aforementioned weaknesses on their scheme but also achieves user anonymity for hiding login user's real identity. Compared with other previous related schemes, our proposed scheme keeps the efficiency and security and is more suitable for the practical applications.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.9
• /
• pp.65-71
• /
• 2017

This paper proposes a smart phone authentication method based on user's behavior and habit that is an authentication method against shoulder surfing attack and brute force attack. As smart phones evolve not only storage of personal data but also a key means of financial services, the importance of personal information security in smart phones is growing. When user authentication of smart phone, pattern authentication method is simple to use and memorize, but it is prone to leak and vulnerable to attack. Using the features of the smart phone pattern method of the user, the pressure applied when touching the touch pad with the finger, the size of the area touching the finger, and the time of completing the pattern are used as feature vectors and applied to user authentication security. First, a smart phone user models and stores three parameter values as prototypes for each section of the pattern. Then, when a new authentication request is made, the feature vector of the input pattern is obtained and compared with the stored model to decide whether to approve the access to the smart phone. The experimental results confirm that the proposed technique shows a robust authentication security using subjective data of smart phone user based on habits and behaviors.

• The Journal of the Korea Contents Association
• /
• v.17 no.7
• /
• pp.571-578
• /
• 2017

In order to approach information system through smart device and pc, user has to authenticate him or herself via user authentication. At that time when user tries reaching the system, well-used user authentication technologies are ID/PW base, OTP, certificate, security card, fingerprint, etc. The ID/PWbased method is familiar to users, however, it is vulnerable to brute force cracking, keylogging, dictionary attack. so as to protect these attacks, user has to change the passwords periodically as per password combination instructions. In this paper, we designed and implemented a user authentication system using smartphone's USIM without using password while enhancing security than existing ID / PW based authentication technology.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.65 no.12
• /
• pp.2167-2176
• /
• 2016

In the multi-server environment, remote user authentication has a very critical issue because it provides the authorization that enables users to access their resource or services. For this reason, numerous remote user authentication schemes have been proposed over recent years. Recently, Lin et al. have shown that the weaknesses of Baruah et al.'s three factors user authentication scheme for multi-server environment, and proposed an enhanced biometric-based remote user authentication scheme. They claimed that their scheme has many security features and can resist various well-known attacks; however, we found that Lin et al.'s scheme is still insecure. In this paper, we demonstrate that Lin et al.'s scheme is vulnerable against the outsider attack and user impersonation attack, and propose a new biometric-based scheme for authentication and key agreement that can be used in the multi-server environment. Lastly, we show that the proposed scheme is more secure and can support the security properties.

• Journal of the Korean Association of Geographic Information Studies
• /
• v.18 no.2
• /
• pp.161-173
• /
• 2015

The guarantee of transportation for elderly and handicapped people is increasingly necessary owing to their growing social and economic activity. In March of 2013, a partial amendment to the law for transportation of the vulnerable was made by the government, to make more convenient transport a legal requirement. The amendment describes standards for the installation of transport facilities, and its support available. However, the adjustment of low-floor bus routes is not included. Therefore, low-floor buses are operating without consideration for the handicapped. This study evaluates the current low-floor bus system user experience by considering the residential distribution of vulnerable customers and analyzing their reasons for using public transport. As a result of this work, adjustments to current bus routes are proposed. The residential distribution of vulnerable people has been assessed using the supporting materials of the urban renewal project in Busan City, and their reasons for using public transport have been collected by a survey of the target user groups. The results show that group A, which has good accessibility, was in high demand, but provided the most limited service. Whereas group C, which also has good accessibility but was in low demand, provided its service most frequently. The data show the supply and demand inconsistencies of low-floor buses, and the inefficiency of bus route allocation. Therefore, this study proposes improvements to current methods for the effective operation of low-floor buses.