A Study on Passwordless Authentication Technology, “PASSCON” and Its Effects Yoon-Jae Park 1*, Yong-hoon Lim 2, Myung-Sin Chae 3 1Affiliation of the first author 2Affiliation of the second author 3Affiliation of the third author *Corresponding author E-mail:tmvlem@gmail.com Abstract Today we are always connected, trying new connections every day with information communications technology (ICT) and Internet of Things (IOT) environment. Most people connect with people they know, but it is not awkward to have more exchange and direct interactions with someone they never knew. As such, the innovative connection that internet and mobile network brought to mankind continues to provide vast amount of information and opportunities. Furthermore, the desire and competition for faster data flow and more convenient user experiences have reached a stage where relations and connections between people and people, people and things, things and things are quickly realized. The ultimate paradigm of such connections will eventually lead to the connection between human and software. So long as there are actions to execute after connecting with these different connection performers, in terms of problems with processing performance, software investments are made for each performer to meet the level of demand. In addition, while software and data may now exist on central servers, we are entering an era where they are spreading across various types of IOT. Thus, IT system that operates software and data could be a beginning of a disaster for mankind if focused on only performance and convenience. It is because security is more important than performance. However, it seems that IT security traditionally has continued battles of spears and shields with great deal of expense involved, due to its extensive domain. The reason is that attackers attempt to destroy or avoid security devices regardless of the penetration routes, if cost effectiveness is considered reasonable. In particular, at time of hyper-connectivity, “authentication security” is a way that can achieve the greatest effect at the lowest cost for the protection of users’ accounts in access control area to vulnerable websites, applications, and others. However, most of services these days rely solely on "password authentication" that made little technological advancement over past decades, as a way to protect user accounts and block attackers who attempt to steal IDs or identities. As everyone knows, "password" authentication is exposed directly to security vulnerabilities in IOT environment, leading to constant increase in security incidents. Accordingly, in order to obtain trust and pursue ultra-connection simultaneously, it first requires a revolutionary and innovative idea to replace "password" authentication. We aim to analyze an innovative authentication technique called "PASSCON" as the technology that provides values for everyone to feel comfortable and secure, and to verify its effectiveness. Keywords : Passcon, Digital Signature, Verification Technology, Passwordless, Information Security.

국가 보안목표시설 해외사례 분석 및 국내적용방안연구 Case Study of Foreign Country 's Critical Infrastructure and a study of applying for domestic Critical Infrastructure 김정수,권국희,정명탁,김우진,고문성,이정훈,이종욱,윤완기 Jung-Soo Kim*, Kwon, Kook Heui, Myung Tak Jung, Woo Jin Kim, KOH, Moonsung, Jounghoon Lee, Jong Uk Lee, Wan Ki Yoon *한국원자력통제기술원(Korea Nuclear Nonproliferation and Control), 대전시 유성구 유성대로 1534 305-348, 042-860-9781, 042-860-9849 요약 : 본 논문은 국가 보안목표시설에 대한 해외사례를 분석하여, 향후 우리나라의 발전방향을 제시한다. 국가보안목표시설이란 국가차원의 산업, 전력, 교통등 국가중요분야의 핵심시설을 국가가 효율적으로 관리하기 위해 지정한다. 일반적으로 국가보안목표시설은 각 국가 마다 정해진 기준에 따라 관리되고 있으며, 우리나라는 국가보안목표시설 관리지침에 따라 관리하고 있다. 그러므로 대부분의 국가가 국가보안 목표시설의 분류 및 지침을 대외비로 지정하여 관리하고 있다. 하지만 선진국의 공개된 자료를 분석하여, 우리나라의 국가 보안목표시설의 발전방향을 제시하고자 하는 것이 이 논문의 목적이다. 이러한 발전방향은 향후 국가 보안 목표시설의 효율적 관리 및 급변하는 테러변화등에 능동적으로 대처함으로써 국가 방호를 좀 더 튼튼히 할 수 있을 것으로 예상된다. Keywords : 국가 보안목표시설, 테러리즘, 위협대응설계기준, 취약성분석, 위험관리, 위협분석