A Study on Passwordless Authentication Technology, “PASSCON” and Its Effects
Yoon-Jae Park 1*, Yong-hoon Lim 2, Myung-Sin Chae 3
1Affiliation of the first author
2Affiliation of the second author
3Affiliation of the third author
*Corresponding author E-mail:tmvlem@gmail.com
Abstract
Today we are always connected, trying new connections every day with information communications technology (ICT) and Internet of Things (IOT) environment. Most people connect with people they know, but it is not awkward to have more exchange and direct interactions with someone they never knew. As such, the innovative connection that internet and mobile network brought to mankind continues to provide vast amount of information and opportunities. Furthermore, the desire and competition for faster data flow and more convenient user experiences have reached a stage where relations and connections between people and people, people and things, things and things are quickly realized. The ultimate paradigm of such connections will eventually lead to the connection between human and software. So long as there are actions to execute after connecting with these different connection performers, in terms of problems with processing performance, software investments are made for each performer to meet the level of demand. In addition, while software and data may now exist on central servers, we are entering an era where they are spreading across various types of IOT. Thus, IT system that operates software and data could be a beginning of a disaster for mankind if focused on only performance and convenience. It is because security is more important than performance. However, it seems that IT security traditionally has continued battles of spears and shields with great deal of expense involved, due to its extensive domain. The reason is that attackers attempt to destroy or avoid security devices regardless of the penetration routes, if cost effectiveness is considered reasonable.
In particular, at time of hyper-connectivity, “authentication security” is a way that can achieve the greatest effect at the lowest cost for the protection of users’ accounts in access control area to vulnerable websites, applications, and others. However, most of services these days rely solely on "password authentication" that made little technological advancement over past decades, as a way to protect user accounts and block attackers who attempt to steal IDs or identities. As everyone knows, "password" authentication is exposed directly to security vulnerabilities in IOT environment, leading to constant increase in security incidents. Accordingly, in order to obtain trust and pursue ultra-connection simultaneously, it first requires a revolutionary and innovative idea to replace "password" authentication. We aim to analyze an innovative authentication technique called "PASSCON" as the technology that provides values for everyone to feel comfortable and secure, and to verify its effectiveness.
Keywords: Passcon, Digital Signature, Verification Technology, Passwordless, Information Security.