Browse > Article
http://dx.doi.org/10.13089/JKIISC.2012.22.6.1271

Location-Based Authentication Mechanism for Server Access Control  

Choi, Jung Min (Graduate School for Information Security, Korea University)
Cho, Kwantae (Graduate School for Information Security, Korea University)
Lee, Dong Hoon (Graduate School for Information Security, Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.22, no.6, 2012 , pp. 1271-1282 More about this Journal
Abstract
Recently, security incidents occur continuously, resulting in the leakages of a large amount of the company's confidential and private information. For these reasons, the security technologies such as the authentication and the access control in order to prevent the information leakage are attracting attention. In particular, location-based authentication that utilizes the user's current location information which is used an authentication factor. And it provides more powerful authentication by controlling the users who attempt to access and blocks internal information leakage path. However, location information must be handled safely since it is the personal information. The location based authentication scheme proposed in this paper enhances the stability of the process location information compared with existing relevant location-based authentication protocol. Also it strengthens the end-user authentication by using one-time password. In addition, the proposed scheme provides authentication to prevent information leakage and employs the concept of the user's physical access control. Resultingly, the proposed scheme can provide higher security than the previous studies, while guarantee to low communication cost.
Keywords
Access Control; Location-Based Authentication;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 etnews.com, "내부 정보 유출 막아라, 기업들의 해결책은?," http://www.etnews.com/news/etc/2510410_1624.html, 2011년 9월.
2 DATANET, 보안담당자, "개인정보.내부정보 유출 걱정," http://www.datanet.co.kr/news /articleView.html?idxno=60710, 2012년 5월.
3 Andre van Cleeff, Wolter Pieters, Roel Wieringa, "Benefits of Location-Based Access Control : A Literature Study," 2010 IEEE/ACM Int'l Conference on Green Computing and Communications & Int'l Conference on Cyber, Physical and Social Computing, pp. 739-746, Dec. 2010.
4 ZDNET Korea, "안랩, 위치정보 활용 사용자 인증기술 특허," http://www.zdnet.co.kr/ news/news_view.asp?artice_id=20120725111954&type=xml, 2012년 7월.
5 Dorothy E. Denning, Peter F. MacDoran, "Location-Based Authentication : Grounding Cyberspace for Better Security," Computer Fraud & Security of Elsevier Science Ltd (C), pp.12-16, Feb. 1996.
6 David Jaros, "New Location-based Authentication Techniques in the Access Managemet," IEEE Computer society, pp. 426-430, Sept. 2010.
7 Elisa Bertino, Barbara Catania, Maria Suisa Damiani, "Geo-RBAC : A spatially Aware RBAC," SACMAT'05 Proceedings of the tenth ACM symposium on Access control models and technologies, pp.29-37, June. 2005.
8 Diana Berbecaru, "LRAP : A Location- Based Remote Client Authentication Protocol for Mobile Environments," 19th International Euromicro on Parallel, Distributed and Network-Based Processing of IEEE computer society, pp. 141-145, Feb. 2011.
9 진희채, 남광우, "위치 측위 방식과 위치기반 서비스 분석," 한국통신학회지(정보와 통신), 25(7), pp.24-33, 2008년 6월.
10 김정태, "무선 측위 기술 조사 및 분석," 대전자공학회논문지, 48(2), pp.72-78, 2011년 2월.
11 임유진, 박재성, 안상현, "실내 위치 측위 시스템을 위한 기하학적 접근 기법," 대한전자공학회논문지, 45(12), pp.97-104, 2008년 12월
12 김기현, "접근통제 기술 개요," 한국정보보호센터, 2001년 6월.
13 박세현, "위치기반 서비스에 적합한 전자서명 인증 기술 연구," 한국인터넷진흥원, 2003년 12월.
14 염흥열, 조효제, 이동희 "전자인증 수단 이용기반 확대를 위한 안전성 기준 연구," 한국인터넷진흥원, 2011년 12월.
15 김재훈, 강석연, "WPS측위 편차폭을 줄이기 위한 확률적 접근," 한국통신학회논문지, 37(7), pp.586-594, 2012년 7월.
16 Nills Ole Tippenhauer, Kasper Bonne Rasmussen, "Attacks on Public WLAN- based Positioning Systems," MobiSys '09 Proceedings of the 7th international conference on Mobile systems, applications, and services, pp.29-44, Jun. 2009.
17 Markus G.Kuhn, "Signal Authentication in Trusted Satellite Navigation Receivers," Towards Hardware-Intrinsic Security : Foundations and Practice, pp.331-348, Nov. 2010.
18 RSA Laboratories, "PKCS#5 v2.1: Password- Based Cryptography Standard," Octorber May, 2006.