期刊名称:International Journal of Security and Its Applications
印刷版ISSN:1738-9976
出版年度:2016
卷号:10
期号:10
页码:237-248
出版社:SERSC
摘要:We are accustomed to using various multimedia services through authorization as a legitimate user, by entering ID and password. However, while technology using ID and password in that case, is inexpensive for constructing system, and convenient for general public to use, user ID and password can be easily exposed to attackers by various attacking techniques, such as password guessing attack, reply attack, and others[1]. In order to resolve such problems, users can be authenticated by adding other authentication methods, such as security card, OTP, certification, finger print recognition, and others, to user authentication using ID and Password [2-5]. In this thesis, we suggest user authentication method that uses authentication data stored in USB memory after generating authentication data by combining USB memory info and user password in multimedia environment. In such system, even if attacker takes over user authentication data stored in USB memory, USB memory device info is still unknown, and thus, seized information cannot be used. In addition, it is convenient to use due to inexpensive construction cost and regular USB memory. Therefore, in the future, it is expected to provide easy construction and operation environment to the companies required to use ID and password based authentication
关键词:User Authentication; ID/PW based; USB Device information; USB ;Container ID
