• Title/Summary/Keyword: AAA Server

Search Result 38, Processing Time 0.028 seconds

A Study on Network Service Using Authorization Ticket in AAA system (AAA시스템의 인가 티켓을 이용한 네트워크 서비스에 관한 연구)

  • Kang, Seo-Il;Lee, Im-Yeong
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.17 no.4
    • /
    • pp.11-19
    • /
    • 2007
  • A ubiquitous network environment is a system where the user can avail of the network's services anytime, anywhere. To establish such an environment, studies continue being conducted on wireless communication technology and mobile terminals. The company that provides such services should have an established system for authentication, authorization and charging for users. This service is referred to as Authentication, Authorization, Accounting(AAA), and its aspects have been consistently studied. On the other hand, existing studies have been promoted with regard to the authentication and efficiency of the mobile terminal. One of the method is that the mobile terminal contacts to the home authentication server through the external authentication server every time it is required and; another one is to use a medium server to provide authentication in the middle between them. Thus, this study aims to determine the best method to use ticketing, where tickets are provided through a mobile terminal, complete with authentication and authorization features. Also, as it uses ticket, it can efficiently provide mobile verification processing.

A Verification Case Study about the Authentication of a Network using AAA (AAA가 적용된 네트워크의 인증에 대한 검증 사례연구)

  • Park, Sung-Bae;Kim, No-Whan
    • The Journal of the Korea institute of electronic communication sciences
    • /
    • v.12 no.2
    • /
    • pp.295-300
    • /
    • 2017
  • AAA, an information-protective protocol authorizes the degree of service and rights to the user through a safe and reliable authentication. The protocol also systematically manages the accounting functions including billing, monitoring, and reporting using the user information. After a topology was created to design a network based on a router and server using RADIUS and TACACS+, a common virtual network was made using a packet tracker. This paper presents cases showing valid authentication through simulations.

Design of a Secure Session Key Exchange Method for tow Latency Handoffs (Low Latency Handoffs를 위한 안전한 세션 키 교환 기법 설계)

  • Kim Hyun-Gon;Park Chee-Hang
    • Journal of Internet Computing and Services
    • /
    • v.5 no.3
    • /
    • pp.25-33
    • /
    • 2004
  • Mobile IP Low Latency Handoffs(l) allow greater support for real-time services on a Mobile IP network by minimizing the period of time when a mobile node is unable to send or receive IP packets due to the delay in the Mobile IP Registration process. However, on Mobile IP network with AAA servers that are capable of performing Authentication, Authorization, and Accounting(AAA) services, every Registration has to be traversed to the home network to achieve new session keys, that are distributed by home AAA server, for a new Mobile IP session. This communication delay is the time taken to re-authentication the mobile node and to traverse between foreign and home network even if the mobile node has been previously authorized to old foreign agent. In order to reduce these extra time overheads, we present a method that performs Low Latency Handoffs without requiring further involvement by home AAA server. The method re-uses the previously assigned session keys. To provide confidentiality and integrity of session keys in the phase of key exchange between agents, it uses a key sharing method by gateway foreign agent that performs a trusted thirty party. The proposed method allows the mobile node to perform Low Latency Handoffs with fast as well as secure operation.

  • PDF

A Study on Ticket-Based AAA Mechanism Including Time Synchronization OTP in Global Roaming Environment (글로벌 로밍 환경에서 시간 동기화 OTP를 포함한 티켓 기반 AAA 메커니즘에 관한 연구)

  • Moon, Jong-Sik;Lee, Im-Yeong
    • The KIPS Transactions:PartC
    • /
    • v.14C no.2
    • /
    • pp.129-138
    • /
    • 2007
  • AAA(Aluthentieation, Authorization, Accounting) protocol is an information securitv technology that offer secure and reliable user Authentication, Authorization, Accounting function systematically in various services. protocol and wireless network work as well as win network. Currently IETF(Internet Engineering Task Force) AAA Working Group deal with about AAA protocol and studying with activity, But, recently it exposing much problems side to user's anonymity and privacv violation. Therefore, in this paper, AAAH(Home Authentication Server) authenticaters Mobile device, after that, use ticket that is issued from AAAH even if move to outside network and can be serviced offering authentication in outside network without approaching by AAAH, Also, we study mechanism that can offer user's privacy and anonymousness to when use service. Our mechanism is using Time Synchronization OTP and focusing authentication and authorization. Therefore, our mechanism is secure from third party attack and offer secure and effective authentication scheme. Also only right user can offer services by using ticket. can reduce signal and reduce delay of message exchanged, can offer persistent service and beighten security and efficiency.

IDENTITY-BASED AAA AUTHENTICATION PROTOCOL

  • Kim Dong-myung;Cho Young-bok;Lee Dong-heui;Lee Sang-ho
    • Proceedings of the KSRS Conference
    • /
    • 2005.10a
    • /
    • pp.678-682
    • /
    • 2005
  • IETF suggested AAA for safe and reliable user authentication on various network and protocol caused by development in internet and increase in users. Diameter standard authentication system does not provide mutual authentication and non-repudiation. AAA authentication system using public key was suggested to supplement such Diameter authentication but application in mobile service control nodes is difficult due to overhead of communication and arithmetic. ID based AAA authentication system was suggested to overcome such weak point but it still has the weak point against collusion attack or forgery attack. In this thesis, new ID based AAA authentication system is suggested which is safe against collusion attack and forgery attack and reduces arithmetic quantity of mobile nodes with insufficient arithmetic and power performance. In this thesis, cryptological safety and arithmetical efficiency is tested to test the suggested system through comparison and assessment of current systems. Suggested system uses two random numbers to provide stability at authentication of mobile nodes. Also, in terms of power, it provides the advantage of seamless service by reducing authentication executing time by the performance of server through improving efficiency with reduced arithmetic at nodes.

  • PDF

Mobile RFID Service QoS, Security Model (모바일 RFID 서비스를 위한 QoS 및 보안 모델)

  • Kim Mar-Ie;Lee Yong-Jun
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.31 no.5C
    • /
    • pp.562-567
    • /
    • 2006
  • This paper extends Diameter AAA Protocol to provide secure communication channels between Mobile RFID Service Components and distinct service based on user's QoS level authorization. This paper supposes 900MHz, which is the target RF for Mobile RFID Forum and supposes RFID phone, which equitted with RFID reader. By using extended Diameter AAA server, user is authenticated, authorized and provided dynamic security associations between Mobile RFID Service components. The types of security associations are as followings:between RFID tag and RFID reader, between RFID reader(phone) and MobileRFID Service Agent, between phone and OIS, between phone and OTS and between phone and Accounting/Financial server.

A Fast Authentication Algorithm For Smooth Handoff (Smoothe Handoff 지원을 위한 빠른 인증 알고리즘)

  • Kim, In-Su;Kim, Gi-Cheon;Kim, Hyeon-Gon
    • The KIPS Transactions:PartC
    • /
    • v.9C no.1
    • /
    • pp.17-20
    • /
    • 2002
  • IMT-2000 technologies are divided 3G packet data system that using mobile IP and GPRS that based on the GSM networks. These technologies Push introduce mobile IP to support seamless roaming. In mobile If environments, use AAA server such as RADIUS or DIAMETER to provide authentication service for dial-up computers. This factor is important for mobile nodes. Mobile If require strong authentication between mobile nodes and home agents. We propose application of AAA protocols for smooth handoff mechanism in IMT-2000 environments.

An AAA Mechanism using ID-based Ticket offer Anonymity (익명성을 지원하는 ID기반 티켓을 이용한 AAA 메커니즘)

  • Moon, Jong-Sik;Paek, Chang-Hyun;Lee, Im-Yeong
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.17 no.5
    • /
    • pp.87-98
    • /
    • 2007
  • AAA protocol is an information protection technology which systematically provides authentication, authorization and accounting function not only in the existing wire network but also in the rapidly developing wireless network, various services and protocol. Nowadays, standardization of the various application services is in progress with the purpose of AAA standardization fer the mobile user in the wireless network. And various researches are being conducted fur using AAA in the roaming service and mobile IPv6 network between heterogeneous networks. In this paper uses OTP and ID-based ticket for user authentication in the mobile device under the ubiquitous environment, and service is seamlessly provided even though the mobile device moves from the home network to the foreign network. In addition, with the ticket renewed from the foreign network, the overhead of the home authentication server can be reduced, and provides anonymity of service through the anonymity ID.

Secure Handoff Based on Dual Session Keys in Mobile IP with AAA (Mobile IP 및 AAA 프로토콜 기반으로 신속성과 안전성을 고려한 듀얼세션키 핸드오프 방식연구c)

  • Choi Yumi;Lee Hyung-Min;Choo Hyunseung
    • Journal of Internet Computing and Services
    • /
    • v.6 no.3
    • /
    • pp.107-119
    • /
    • 2005
  • The Mobile IP has evolved from providing mobility support for portable computers to support wireless handheld devices with high mobility patterns. The Mobile IP secures mobility, but does not guarantee security, In this paper, the Mobile IP has been adapted to allow AM protocol that supports authentication, authorization and accounting for authentication and collection of accounting information of network usage by mobile nodes, For this goal, we propose a new security handoff mechanism to intensify the Mobile IP security and to achieve fast handoff. In the proposed mechanism, we provide enough handoff achievement time to maintain the security of mobile nodes, According to the analysis of modeling result, the proposed mechanism composed the basic Mobile IP along with AM protocol is up to about $60\%$ better in terms of normalized surcharge for the handoff failure rate that considers handoff time.

  • PDF

A Study on UICC(Universal IC Card)-based Authentication Mechanism using OTP (OTP를 활용한 UICC(Universal IC Card) 기반의 인증 메커니즘에 관한 연구)

  • Kang, Soo-Young;Lee, Im-Yeong
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.2
    • /
    • pp.21-31
    • /
    • 2008
  • Ubiquitous environment is constructed by development of an IT technology, offer environment of many service changed to mobile environment. Also, existed service offered at fixed position like home or company, but according to development of mobile device. user require service as moving. Wibro can offer as user moving using mobile device. As requirement should be included authentication, in case of authentication between UICC and AAA authentication server is offered in Wibro, service is available. However, when UICC requires initial authentication to AAA authentication server, identification information of UICC expose as plaintext, so privacy infringement of mobile device occurs. Therefore, identification information of terminal generate randomly using OTP(One-Time Password) that generated in mobile terminal, and we proposed mechanism of privacy protection. Also, we proposed mechanism that offer secure service to user as offer authentication from OTP framework, and offer OTP combination authentication detailedly.