분석단계 보안에서 식별 및 인증의 보안 요건 정의에 대한 연구

Abstract

TIn analysis as the first step of S/W development, security requirements of identification and authentication, ID and password management, authentication process, authentication method, ete. should be defined. Identification is to uniquely identify certain users and applications running on a certain system. Authentication means the function to determine true or false users and applications in some cases. This paper is to suggest the security requirements for identification and authentication in analysis step. Firstly, individual ID should be uniquely identified. The second element is to apply the length limitations, combination and periodic changes of passwords. The third should require the more reinforced authentication methods besides ID and passwords and ∙제1저자 : 신성윤 ∙투고일 : 2014. 6. 26, 심사일 : 2014. 7. 3, 게재확정일 : 2014. 7. 30. * 군산대학교 컴퓨터정보공학과(Dept. of Computer Information Engineering, Kunsan National University) 88 Journal of The Korea Society of Computer and Information July 2014 그림 1. 단계별주요보안 Activity Fig. 1. Step-Wide Security Activity satisfy the defined security elements on authentication process. In this paper, the security requirements for the step of identification and authentication have been explained through several practical implementation methods. ▸