The IEEE 1687 test standard provides an effective way to access on-chip instruments by an Internal Joint Test Action Group (IJTAG) network. However, it also leads to severe security problems because anyone can easily access these instruments through IJTAG networks. This paper proposes an authentication-based secure IJTAG network to defend the potential threats. The main idea is to ensure that instruments can be accessed only when users enter legal patterns. The secure structure generates different keys for different patterns to overcome the single key's weakness. If attackers shift in illegal patterns, they cannot manipulate target instruments. An obfuscator to generate fake output data is also developed to confuse attackers. The proposed method can defend against memory attacks, brute-force attacks, and reverse engineering attacks. Experimental results show that the proposed method requires only a small area overhead.