• Journal of Digital Convergence
• /
• v.16 no.1
• /
• pp.159-164
• /
• 2018

Biometric information does not need to be stored separately, and there is no risk of loss and no theft. For this reason, it has been attracting attention as an alternative authentication means for existing authentication means such as passwords and authorized certificates. However, there may be a privacy problem due to leakage of personal information stored in the server. To overcome these weaknesses, FIDO solved the problem of leakage of personal information on the server by using biometric information stored on the user device and authenticating. In this paper, we propose a multiple biometric authentication method that can be used in FIDO environment. In order to utilize multiple biometric information, fingerprints and EEG signals can be generated and used in FIDO system. The proposed method can solve the problem due to limitations of existing 2-factor authentication system by authentication using multiple biometric information.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.729-738
• /
• 2019

In this paper, we propose two-way authentication protocol between unmanned systems in tactical wireless networks in which long distance communications are not guaranteed due to a poor channel conditions. It is assumed that every unmanned systems have same random data set before they put into combat. The proposed protocol generates authentication code(AC) using random data that causes hash collision. The requester for authentication encrypts the materials such as their identifier, time-stamp, authentication code with the secret key. After then the requester transmits the encrypted message to the receiver. The receiver authenticates the requester by verifying the authentication code included in the request message. The performance analysis of the proposed protocol shows that it guarantees the security for various attack scenarios and efficiency in terms of communication overhead and computational cost. Furthermore, we analyzed the effect of the parameter values of the proposed protocol on the performance and suggest appropriate parameter value selection guide according to the level of security requirement.

• The Transactions of the Korean Institute of Electrical Engineers P
• /
• v.66 no.4
• /
• pp.258-262
• /
• 2017

The PCA(Principal Component Analysis) algorithm is widely used as a technique of expressing the eigenvectors of the covariance matrix that best represents the characteristics of the data and reducing the high dimensional vector to a low dimensional vector. In this paper, we have developed a personal authentication method based on ECG using principal component analysis. The proposed method showed excellent recognition performance of 98.2 [%] when it was experimented using electrocardiogram data obtained at weekly intervals. Therefore, it can be seen that it is useful for personal authentication by reducing the dimension without changing the information on the variability and the correlation set variable existing in the electrocardiogram data by using the principal component analysis technique.

• Journal of Korea Multimedia Society
• /
• v.19 no.1
• /
• pp.41-50
• /
• 2016

Moblie device based financial services are vulnerable to social engineering attacks because of the display screen of mobile devices. In other words, in the case of shoulder surfing, attackers can easily look over a user's shoulder and expose his/her password. To resolve this problem, a colour-based secure keyboard solution has been proposed. However, it is inconvenient for genuine users to verify their password using this method. Furthermore, password colours can be exposed because of fixed keyboard colours. Therefore, we propose a secure mobile authentication method to provide advanced functionality and strong privacy. Our authentication method is robust to social engineering attacks, especially keylogger and shoulder surfing attacks. According to the evaluation results, our method offers increased security and improved usability compared with existing methods.

• Journal of Communications and Networks
• /
• v.11 no.6
• /
• pp.607-614
• /
• 2009

Recently, Lu et al. proposed an efficient conditional privacy preservation protocol, named ECPP, based on group signature scheme for generating anonymous certificates from roadside units (RSUs). However, ECPP does not provide unlinkability and traceability when multiple RSUs are compromised. In this paper, we make up for the limitations and propose a robust and efficient anonymous authentication protocol without loss of efficiency as compared with ECPP. Furthermore, in the proposed protocol, RSUs can issue multiple anonymous certificates to an OBU to alleviate system overheads for mutual authentication between OBUs and RSUs. In order to achieve these goals, we consider a universal re-encryption scheme and identity-based key establishment scheme as our building blocks. Several simulations are conducted to verify the efficiency and effectiveness of the proposed protocol by comparing with those of the existing ECPP.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.8
• /
• pp.55-61
• /
• 2017

Cloud computing is cost-effective in terms of system configuration and maintenance and does not require special IT skills for management. Also, cloud computing provides an access control setting where SSO is adopted to secure user convenience and availability. As the SSO user authentication structure of cloud computing is exposed to quite a few external security threats in wire/wireless network integrated service environment, researchers explore technologies drawing on distributed SSO agents. Yet, although the cloud computing access control using the distributed SSO agents enhances security, it impacts on the availability of services. That is, if any single agent responsible for providing the authentication information fails to offer normal services, the cloud computing services become unavailable. To rectify the environment compromising the availability of cloud computing services, and to protect resources, the current paper proposes a security policy that controls the authority to access the resources for cloud computing services by applying the authentication policy of user authentication agents. The proposed system with its policy of the authority to access the resources ensures seamless and secure cloud computing services for users.

• Proceedings of the IEEK Conference
• /
• 2003.11b
• /
• pp.191-194
• /
• 2003

In this paper, we describe the effective way of keyboard-hacking prevention and authentication system using a Smart Card. These days the securing information matters for pc-users are becoming more important as the internet business grows rapidly, and the ubiquitous computing environment is open tot everyone. Therefore, PC authentication is necessary to handle the access control to the target PC. Also, the keyboard-inputting information is necessary to be protected properly against the malicious attack. In this paper, we propose the keyboard-hacking protect systems and authentication system using a Smart Card, and show the conveniency and efficiency in the results.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2009.01a
• /
• pp.628-631
• /
• 2009

In this paper, we proposed a new authentication method using video that was taken during moving a hand-held camera in front of the face. The proposed method extracted individuality from the obtained image sequences using the parametric eigenspace scheme. Changes of facial appearance through authentication trials draw continuous tracks in the low dimensional igenspace. The similarity between their continuous tracks are calculated by DP-matching to verify their identities. Experimental results confirmed that different motions and persons change the shapes of continuous tracks, so the proposed method could identify the person.

• The Journal of the Korea Contents Association
• /
• v.6 no.5
• /
• pp.9-13
• /
• 2006

Due to the miniaturization and the network supporting functions of home appliances, there is growing need for mobile environment home network system which provides flexibility, mobility and convenience to users. In this environment, a interactive authentication between mobile devices is important but the related works have no enough convenience to users. This paper proposes a interactive device authentication mechanism using Home Robot and also shows its design and implementation.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.346-353
• /
• 2021

In this proposal, we aim to enhance the security of systems accounts by improving the authentication techniques. We mainly intend to enhance the accuracy of the one-time passwords via including voice biometric and recognition techniques. The recognition will be performed on the server to avoid redirecting voice signatures by hackers. Further, to enhance the privacy of data and to ensure that the active user is legitimate, we propose to periodically update the activated sessions using a user-selected biometric factor. Finally, we recommend adding a pre-transaction re-authentication which will guarantee enhanced security for sensitive operations. The main novelty of this proposal is the use of the voice factor in the verification of the one-time password and the various levels of authentications for a full-security guarantee. The improvement provided by this proposal is mainly designed for sensitive applications. From conducted simulations, findings prove the efficiency of the proposed scheme in reducing the probability of hacking users' sessions.