Hyotaek Lim

A Strong User Authentication Framework for Cloud Computing

Cloud computing is combination of various computing entities, globally separated, but electronically connected. As the geography of computation is moving towards corporate server rooms, it bring more issues including security, such as virtualization security, distributed computing, application security, identity management, access control and authentication. However, strong user authentication is the paramount requirement for cloud computing that restrict illegal access of cloud server. In this regard, this paper proposes a strong user authentication framework for cloud computing, where user legitimacy is strongly verified before enter into the cloud. The proposed framework provides identity management, mutual authentication, session key establishment between the users and the cloud server. A user can change his/her password, whenever demanded. Furthermore, security analysis realizes the feasibility of the proposed framework for cloud computing and achieves efficiency.

Hand tracking and gesture recognition system for human-computer interaction using low-cost hardware

Human-Computer Interaction (HCI) exists ubiquitously in our daily lives. It is usually achieved by using a physical controller such as a mouse, keyboard or touch screen. It hinders Natural User Interface (NUI) as there is a strong barrier between the user and computer. There are various hand tracking systems available on the market, but they are complex and expensive. In this paper, we present the design and development of a robust marker-less hand/finger tracking and gesture recognition system using low-cost hardware. We propose a simple but efficient method that allows robust and fast hand tracking despite complex background and motion blur. Our system is able to translate the detected hands or gestures into different functional inputs and interfaces with other applications via several methods. It enables intuitive HCI and interactive motion gaming. We also developed sample applications that can utilize the inputs from the hand tracking system. Our results show that an intuitive HCI and motion gaming system can be achieved with minimum hardware requirements.

Online banking authentication system using mobile-OTP with QR-code

As a high-speed internet infrastructure is being developed and people are informationized, the financial tasks are also engaged in internet field. However, the existing internet banking system was exposed to the danger of hacking. Recently, the personal information has been leaked by a high-degree method such as Phishing or Pharming beyond snatching a users ID and Password. Seeing that most of examples which happened in the domestic financial agencies were caused by the appropriation of ID or Password belonging to others, a safe user confirmation system gets much more essential. In this paper, we propose a new Online Banking Authentication system. This authentication system used Mobile OTP with the combination of QR-code which is a variant of the 2D barcode.

Leveraging client-side storage techniques for enhanced use of multiple consumer cloud storage services on resource-constrained mobile devices

Despite high adoption rate among consumers, cloud storage services still suffer from many functional limitations and security issues. Recent studies propose utilization of RAID-like techniques in addition to multiple cloud storage services as an effective solution, but to the best of our knowledge, there is no research work done on applying this approach to resource-constrained mobile devices. In this paper, we propose a solution for mobile devices that unifies storage from multiple cloud providers into a centralized storage pool that is better in terms of availability, capacity, performance, reliability and security. First, we explore the feasibility of applying various storage technologies to address the aforementioned issues. Then, we validate our solution in comparisons with single cloud storage by implementation of a working prototype on mobile device. Our results show that it can improve the usage of consumer cloud storage at zero monetary cost, while the minimal overheads incurred are actually compensated by the performance gained.

Two Factor Authentication for Cloud Computing

The fast-emerging of cloud computing technology today has sufficiently benefited its wide range of users from individuals to large organizations. It carries an attractive characteristic by renting myriad virtual storages, computing resources and platform for users to manipulate their data or utilize the processing resources conveniently over Internet without the need to know the exact underlying infrastructure which is resided remotely at cloud servers. However due to the loss of direct control over the systems/applications, users are concerned about the risks of cloud services if it is truly secured. In the literature, there are cases where attackers masquerade as cloud users, illegally access to their accounts, by stealing the static login password or breaking the poor authentication gate. In this paper, we propose a two-factor authentication framework to enforce cloud services’ authentication process, which are Public Key Infrastructure (PKI) authentication and mobile out-of-band (OOB) authentication. We discuss the framework’s security analysis in later session and conclude that it is robust to phishing and replay attacks, prohibiting fraud users from accessing to the cloud services.

e2Home: A Lightweight Smart Home Management System

Most of the latest system for controlling home appliance remotely have used web server as the interface between users and home network. Although the system that adopts web server offers many advantages, this approach requires a fix IP (Internet Protocol) address and remote users require high-speed connection in order to access the web interface due to the heavy loaded Graphical User Interface (GUI) and interactive components of the web interface. To alleviate the above problem, we have developed e2Home which enable remote user to manage smart home appliances in connection scarce environment. e2Home uses email as the communication medium between users and home network. In this paper, we describe the concept and design of e2Home. We also demonstrate the feasibility experiment by implementing e2Home with cost-effective home appliance controller and mobile robot. The result of our implementation shows that e2Home is feasible to be applied in smart home environment.

One-Time Knocking framework using SPA and IPsec

This paper presents an improved scheme over the existing Port-Knocking and Single Packet Authorization by employing One-Time Password to generate the authorization tokens for the server to verify the authenticity of client before allowing the deployment of dynamic firewall rules. This One-Time Knocking framework utilizes mobile networks such as GSM or CDMA network as an out-out-band channel to create a 2-factor authentication. Our improved scheme protects against off-line and on-line dictionary and brute-force password attack. It also provides a strong association between Port-Knocking or Single Packet Authorization and the post-authentication connectivity between the client and server thus stopping adversaries from hijacking the session by Man-In-The-Middle attacks.

Design and Implementation of iATA on Windows CE Platform: An ATA-Based Virtual Storage System

The storage limitation in mobile appliance has become a significant problem due to the rapid growth of datacentric application. To alleviate the above problem, we developed a new block-level storage network protocol, iATA (Internet Advanced Technology Attachment) as a transport for carrying ATA block-level access protocol over the ubiquitous TCP/IP network. With iATA, mobile user is able to access their valuable data natively through the network from anywhere and at anytime as if the storage device is attached locally. In this paper, we describe concepts, design, and operations of iATA protocol. We also demonstrate the feasibility experiment by implementing iATA protocol on Windows based mobile operating platform. The result of our implementation shows that the iATA protocol is feasible to be applied on Windows CE platform device.

Homomorphic encryption in mobile multi cloud computing

Multi cloud computing has become a new trend for complementing existing cloud computing today. Multi cloud computing is considered safer and more efficient in maintaining data regulation of user(s). The paper discusses the security of mobile multi cloud computing (MMC) and the advantages for mobile user(s), beside that for the data security itself cover with homomorphic encryption which predictable by many researchers as the optimum method for cloud computing environment. The implementation and evaluation of homomorphic encryption in mobile cloud computing are discussed in this paper.

An efficient online signature verification scheme using dynamic programming of string matching

The necessity to authenticate individuals is rapidly increasing day by day with the explosive growth of E-commerce, E-finance, PDA, etc. Handwritten signature is the most widely used and easiest way to verify a person. Online signature verification is a very active and hot topic in the field of biometric research. It is a potential candidate to replace traditional password-based security system as the password can be forgotten, stolen or guessed. Online signature verification deals with both spatial and temporal features of signature. Therefore, it is difficult to forge. This paper proposes a novel online signature verification technique using dynamic programming of string matching. The performance of the proposed approach is evaluated for both genuine signatures and skilled forgeries on SVC2004 database. The proposed approach produces a False Acceptance Rate (FAR) of 4.13% and False Rejection Rate (FRR) of 5.5% with an Equal Error Rate (ERR) of 5%.