• 제목/요약/키워드: e-Authentication

Search Result 333, Processing Time 0.021 seconds

A Study on the Development Process of User Authentication Software (사용자 인증 소프트웨어 개발 프로세스에 관한 연구)

  • 이상준;배석찬
    • The Journal of Society for e-Business Studies
    • /
    • v.9 no.1
    • /
    • pp.255-268
    • /
    • 2004
  • User authentication is indispensable in computer login and internet banking. Usability as well as security is needed in user authentication software. To develop the software systematically, development process must be defined, and it can result in the improvement of software maturity. In this paper, a process needed to develop user authentication software systematically is proposed from experience of developing visual password input software. This process is composed of 6 phases and 15 activities. It is able to improve usability with its requirement analysis, planning, integration testing, and acceptance testing activity.

  • PDF

Framework for Secure User Authentication of Internet of Things Devices (사물인터넷 기기의 안전한 사용자 인증 방안에 관한 프레임워크)

  • Song, Yongtaek;Lee, Jaewoo
    • The Journal of Society for e-Business Studies
    • /
    • v.24 no.2
    • /
    • pp.217-228
    • /
    • 2019
  • In the 4th Industrial Revolution, the Internet of Things emerged and various services and convenience improved. As the frequency of use increases, security threats such as leakage of personal information coexist and the importance of security are increasing. In this paper, we analyze the security threats of the Internet of things and propose a model for enhancing security through user authentication using Fast IDentity Online (FIDO). As a result, we propose to implement strong user authentication by introducing second authentication through FIDO.

A User Authentication Technique for the E-commerce (전자상거래를 위한 사용자 인증 기술)

  • Lee, Dae-Sik;Yun, Dong-Sic;Ahn, Heui-Hak
    • Convergence Security Journal
    • /
    • v.5 no.2
    • /
    • pp.29-36
    • /
    • 2005
  • The industrial structure of the Internet is changing from off-line to on-line. E-commerce on the Internet will be formed a big market by developing of network. E-commerce on the Internet is natural. And it will be increase in interest of many people. By the way, it must support to institutional and technical problem. First of all, we need user authentication technique. In this paper, we described about safe Electronic shopping mall construction and operation by three main categories. First is security solution method of E-commerce, Second is analyzing about various threats and vulnerability when is user authentication in Electronic shopping mall. Third is to propose countermeasures of that.

  • PDF

Design of E-Mail Group Authentication API using Blockchain and Rotten Tomato Method (블록체인과 Rotten Tomato 방식을 활용한 이메일 집단 인증 API 설계)

  • Kim, Semin;Hong, Sunghyuk
    • Journal of Digital Convergence
    • /
    • v.18 no.11
    • /
    • pp.227-232
    • /
    • 2020
  • The one of the biggest challenges in using e-mail is that it is difficult to filter out unconfirmed senders. Therefore, in this study, an email group authentication API was designed using blockchain technology, which has been widely used as an authentication method. As the proposed model, the node-node weighting index was obtained through the relationship association network, and after designing the email reliability model, the reliability calculation model of the Rotten Tomato method was obtained. Based on this, the system structure was designed, chain code methods were defined, and API was developed. Through this study, it is expected that it will be used in various fields requiring authentication as well as email user authentication, and it is expected that the relationship of group authentication can be proved by allowing a large number of users to use the API in the future.

A Method of Risk Assessment for Multi-Factor Authentication

  • Kim, Jae-Jung;Hong, Seng-Phil
    • Journal of Information Processing Systems
    • /
    • v.7 no.1
    • /
    • pp.187-198
    • /
    • 2011
  • User authentication refers to user identification based on something a user knows, something a user has, something a user is or something the user does; it can also take place based on a combination of two or more of such factors. With the increasingly diverse risks in online environments, user authentication methods are also becoming more diversified. This research analyzes user authentication methods being used in various online environments, such as web portals, electronic transactions, financial services and e-government, to identify the characteristics and issues of such authentication methods in order to present a user authentication level system model suitable for different online services. The results of our method are confirmed through a risk assessment and we verify its safety using the testing method presented in OWASP and NIST SP800-63.

Design of the Copyright Protection for ePub e-Book System using Certification Information (인증 정보를 이용한 전자책 ePub의 저작권 보호 시스템 설계)

  • Jang, Seung-Ju
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.19 no.9
    • /
    • pp.2197-2204
    • /
    • 2015
  • In recent times, the high-tech society has become the most important issue by IT technology and publication network. Today such flows have also been the case in the e-book field. Today's electronic publication is changing day by day. But there are some problems according to the prevalence of e-book. E-book is similar to p-book(paper-book). There is a limit to have perfect feeling of a texture of p-book. In order to purchase an e-book, people use online. People having malicious intent could copy and distribute it illegally. It leads to cyber abuses. This paper aims at the copyright protection of e-book ePub writers. The proposed e-book copyright protection system is designed using e-book production Sigil environment and C program environment. This system uses client-server communication through e-book ePub as authentication information. It discerns whether to permit or not for a client to read the e-book using authentication information. Authentication information includes ID, password, IP address, limited time of authentication information, GUID(Globally Unique Identifier). If authentication information about e-book meets requirements, people can use it. But if not, it blocks people's approach by quitting program.

Molecular Authentication of Acanthopanacis Cortex by Multiplex-PCR Analysis Tools

  • Kim, Min-Kyeoung;Jang, Gyu-Hwan;Yang, Deok-Chun;Lee, Sanghun;Lee, Hee-Nyeong;Jin, Chi-Gyu
    • Korean Journal of Plant Resources
    • /
    • v.27 no.6
    • /
    • pp.680-686
    • /
    • 2014
  • Acanthopanacis Cortex has been used for oriental medicinal purposes in Asian countries especially in Korea and China. In the Korean Pharmacopeia, the cortexes of the dried roots, stems and branches of all species in Eleutherococcus and Eleutherococcus sessiliflorus are known as 'Ogapi'. Mostly the cortexes of E. gracilistylus roots and E.senticosus roots were used as 'Ogapi' in China and Japan, respectively. Therefore, the purpose of this study was to determine and compare the molecular authentication of Korean 'Ogapi' by using the ribosomal internal transcribed spacer (ITS) region. The ITS region has the highest possibility of effective and successful identification for the widest variety of molecular authentication. The ITS region was targeted for molecular analysis with Single nucleotide polymorphisms (SNPs) specific for morphologically similar to E. gracilistylus, E. senticosus, E. sessiliflorus from their adulterant, moreover, E. sieboldianus were detected within sequence data. Thus, based on these SNP sites, specific primers were designed and multiplex PCR analysis were conducted for molecular authentication of four plants (E. gracilistylus, E. senticosus, E. sessiliflorus, and E. sieboldianus). The findings of results indicated that ITS region might be established multiplex-PCR analysis systems and hence were proved to be an effective tools for molecular evaluation and comparison of 'Ogapi' with other plants.

Design and Verification of Applied Public Information Based Authentication Protocol in the Message Security System (공개정보를 이용한 메시지 보안 시스템의 인증 프로토콜 설계 및 검증)

  • 김영수;신승중;최흥식
    • Journal of Korea Society of Industrial Information Systems
    • /
    • v.8 no.1
    • /
    • pp.43-54
    • /
    • 2003
  • E-Commerce, characterized by the exchange of message, occurs between individuals, organizations, or both. A critical promotion factor of e-Commerce is message authentication, the procedure that allows communicating parties to verify the received messages are authentic. It consists of message unforgery, message non-repudiation, message unalteration, and origin authentication. It is possible to perform message authentication by the use of public key encryption. PGP(Pretty Good Privacy) based on X.400 MHS(Message Handling System) and PKC(Public Key Cryptosystem) makes extensive use of message exchange. In this paper we propose, design and implement NMAP(New Message Authentication Protocol), an applied public information based encryption system to solve the message authentication problem inherent in public key encryption such as X.400 protocol and PGP protocol and were to cope with the verification of NMAP using fuzzy integral. This system is expected to be use in the promotion of the e-Commerce and can perform a non-interactive authentication service.

  • PDF

An efficient and security/enhanced Re-authentication and Key exchange protocol for IEEE 802.11 Wireless LANs using Re-authentication Period (재인증주기를 통한 IEEE 802.11 무선랜 환경에서의 안전하고 효율적인 재인증과 키교환 프로토콜)

  • 김세진;안재영;박세현
    • Proceedings of the IEEK Conference
    • /
    • 2000.06a
    • /
    • pp.221-224
    • /
    • 2000
  • In this paper, we introduce an efficient and security-enhanced re-authentication and key exchange protocol for IEEE 802.11 Wireless LANs using Re-authentication Period. We introduce a low computational complexity re-authentication and key exchange procedure that provides robustness in face of cryptographic attacks. This procedure accounts for the wireless media limitations, e.g. limited bandwidth and noise. We introduce the Re-authentication Period that reflects the frequency that the re-authentication procedure should be executed. We provide the user with suitable guidelines that will help in the determination of the re-authentication period.

  • PDF

The Extended Authentication Protocol using E-mail Authentication in OAuth 2.0 Protocol for Secure Granting of User Access (OAuth 2.0 프로토콜에서 E-mail을 이용한 사용자 권한 인증)

  • Chae, Cheol-Joo;Choi, Kwang-Nam;Choi, Kiseok;Yae, Yong-Hee;Shin, YounJu
    • Journal of Internet Computing and Services
    • /
    • v.16 no.1
    • /
    • pp.21-28
    • /
    • 2015
  • Currently there are wide variety of web services and applications available for users. Such services restrict access to only authorized users, and therefore its users often need to go through the inconvenience of getting an authentication from each service every time. To resolve of such inconvenience, a third party application with OAuth(Open Authorization) protocol that can provide restricted access to different web services has appeared. OAuth protocol provides applicable and flexible services to its users, but is exposed to reply attack, phishing attack, impersonation attack. Therefore we propose method that after authentication Access Token can be issued by using the E-mail authentication. In proposed method, regular user authentication success rate is high when value is 5 minutes. However, in the case of the attacker, the probability which can be gotten certificated is not more than the user contrast 0.3% within 5 minutes.