Browse > Article
http://dx.doi.org/10.9708/jksci.2015.20.12.061

A Security Assessment on the Designated PC service  

Lee, Kyungroul (Soonchunhyang University)
Yim, Kangbin (Dept. of Information Security Engineering, Soonchunhyang University)
Abstract
In this paper, we draw a security assessment by analyzing possible vulnerabilities of the designated PC service which is supposed for strengthening security of current online identification methods that provide various areas such as the online banking and a game and so on. There is a difference between the designated PC service and online identification methods. Online identification methods authenticate an user by the user's private information or the user's knowledge-based information, though the designated PC service authenticates a hardware-based unique information of the user's PC. For this reason, high task significance services employ with online identification methods and the designated PC service for improving security multiply. Nevertheless, the security assessment of the designated PC service has been absent and possible vulnerabilities of the designated PC service are counterfeiter and falsification when the hardware-based unique-information is extracted on the user's PC and sent an authentication server. Therefore, in this paper, we analyze possible vulnerabilities of the designated PC service and draw the security assessment.
Keywords
the designated PC service; security assessment; device authentication; user authentication;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Su-Mi Lee, Jarmo Seung, "Domestic Electronic Financial Status and Classification of Security Threats", Review of Korea Institute of Information Security and Cryptology(KIISC), 21(7), pp. 53-61, Nov. 2011
2 Kong Hoi Kim, Ji Min Ahn, Min Jae, Kim, and Yong Sik Joo, "Security threats and countermeasures of certificate password attack by performing SEED algorithm in GPU", Review of Korea Institute of Information Security and Cryptology(KIISC), 20(6), pp.43-50, Dec. 2010
3 Yunyoung Lee, Soonhaeng Hur, Sangjoo Park, Donghwi Shin, Dongho Won, and Seungjoo Kim, "CipherSuite Setting Problem of SSL Protocol and It's Solutions", The KIPS Transactions: Part C, 15-C(5), pp.359-366, Oct. 2008
4 Chasung Lim, Wookey Lee, and Tae-Chang Jo, "An Effective Protection Mechanism for SSL Man-in-the-Middle Proxy Attacks", Journal of the Korean Institute of Information Scientists and Engineers(KIISE), (16)6, pp.693-697, Jun, 2010
5 Woo Hyun Ahn and Hyungsu Kim, "Attacking OpenSSL Shared Library Using Code Injection", Journal of the Korean Institute of Information Scientists and Engineers(KIISE), 37(4), pp.226-238, Aug. 2010
6 Byung-Tak Kang and Huy Kang Kim, "A study on the vulnerability of OTP implementation by using MITM attack and reverse engineering", Journal of the Korea Institute of Information Security and Cryptology(KIISC), 21(6), pp.83-99, Dec. 2011
7 Woochan Hong, Kwangwoo Lee, Seungjoo Kim, and Dongho Won, "Vulnerabilities Analysis of the OTP Implemented on a PC", The KIPS Transactions: Part C, 17-C(4), pp.361-370, Aug. 2010
8 Telecommunications Technology Association(TTA), "Security Requirement for Virtual Keybord", TTAK.KO-12.0180, Dec. 2011
9 Kyungroul Lee, Hyeungjun Yeuk, Youngtae Choi, Sitha Pho, and Kangbin Yim, "Security Vulnerability Analysis of Touchpad on Image-Based Login Method", Proceedings of the Winter Conference on Korean Society for Internet Information(KSII), pp.171-175, Dec. 2010
10 Wan-soo Kim, Kyung-roul Lee, Pho Sitha, and Kangbin Yim, "Analysis on Ivasion of Privacy using Display Device Vulnerability", Proceedings of the Winter Conference on Korean Society for Internet Information(KSII), 11(2), pp.81-82, Oct. 2010
11 Neowiz games corporaion, "Internet connection blocking method through a fixed PC service using an IP address and hardware information", G06F 21/20, Nov. 2011
12 Kangwon Lee, Kyungroul Lee, Jaecheon Byun, Sunghoon Lee, Hyobeom Ahn, and Kangbin Yim, "Extraction of Platform-unique Information as an Identifie", Journal of Wireless Mobile Networks, Ubiquitous Computing and Dependable Application(JoWUA), 3(4), pp.85-99, Dec. 2012
13 Hyeungjun Yeuk, Kyungroul Lee, Habin Yim, and Kangbin Yim, "An Analysis of the Vulnerability of the Designated PC solution", Proceedings of the Spring Conference on Korean Institute of Smart Media(KISM), Apr. 2015
14 Kyungroul Lee, Hyeungjun Yeuk, Habin Yim, and Kangbin Yim, "Security Assessment of the Designated PC Solution", Proceedings of the Spring Conference on Korean Institute of Smart Media(KISM), Apr. 2015
15 Jonghoi Kim, Jinyoung Lee, and Seong-Je Cho, "A New Malware Propagation Technique based on the Send Function Hooking and Its Countermeasure", Journal of Korean Institute of Information Scientists and Engineers(KIISE): System and theory, 38(4), pp. 178-185, Aug. 2011
16 Kangwon Lee, Kyungroul Lee, Jaecheon Byun, Sunghoon Lee, Hyobeom Ahn, and Kangbin Yim, "Extraction of Platform-unique Information as an Identifie", Journal of Wireless Mobile Networks, Ubiquitous Computing and Dependable Application(JoWUA), 3(4), pp.85-99, Dec. 2012