• Title/Summary/Keyword: Authentication & Accounting

Search Result 65, Processing Time 0.026 seconds

IP Management Method Using RADIUS Authentication and Accounting Servers (RADIUS 인증 및 과금 서버를 이용한 IP 관리 방법)

  • Park Jeong-Hyun
    • The KIPS Transactions:PartD
    • /
    • v.12D no.1 s.97
    • /
    • pp.121-128
    • /
    • 2005
  • This paper describes the requested IP assignment and authentication problem for wireless internet service of visited ISP subscriber on GPRS network, and proposes to use RADIUS authentication and accounting server for these problems. In this paper, we also define signals between GGSN and RADIUS, and between RADIUS authentication server and accounting sever for IP management and wireless internet service.

Authentication & Accounting Mechanism on IEEE802.1x with Mobile Phone

  • Lee, Hyung-Woo;Cho, Kwang-Moon
    • International Journal of Contents
    • /
    • v.2 no.4
    • /
    • pp.12-18
    • /
    • 2006
  • The number of wireless public network user is increasing rapidly. Security problem for user authentication has been increased on existing wireless network such as IEEE802.11 based Wireless LAN. As a solution, IEEE802.1x (EAP-MD5, EAP-TLS, EAP-TTLS), X.509, protocol or security system was suggested as a new disposal plan on this problem. In this study, we overview main problem on existing EAP-MD5 authentication mechanism on Wireless LAN and propose a SMS(Short Message Service) based secure authentication and accounting mechanism for providing security enhanced wireless network transactions.

  • PDF

A Study on PIN-based Authentication and ID Registration by Transfer in AAA System (AAA시스템에서의 이동에 따른 PIN 기반의 인증 및 ID 등록에 관한 연구)

  • Kang Seo-Il;Lee Im-Yeong
    • The KIPS Transactions:PartC
    • /
    • v.13C no.3 s.106
    • /
    • pp.359-368
    • /
    • 2006
  • AAA(Authentication, Authorization, Accounting) is the service that offers authentication, authorization, and accounting method, and every terminal that accesses the network requires this AAA service. The authentication process of a mobile terminal is as follows: a mobile phone accesses an authentication server in a home network via the authentication service in an external network, which receives the authentication result. And, for the home authentication server to offer secure service, a unique key is distributed for the secure communication between the external agent and the user, the external agent and the home authentication server, and the user and the home authentication server. This paper discusses and proposes the key distribution for secure communication among external authentication servers when a mobile terminal travels to an external network. As the proposed method does not require the home authentication server to reissue another authentication when a user travels to other external networks, it reduces the overload in the home authentication server. It can also distribute a PIN-driven key.

The design of AAA server for Wireless LAN with 802.1x

  • Ham, Young-Hwan;Chung, Byung-Ho
    • Proceedings of the IEEK Conference
    • /
    • 2002.07c
    • /
    • pp.1944-1947
    • /
    • 2002
  • The importance of security in WLAN(Wireless LAN) service is very critical, so IEEE organization has made the IEEE 802.1x standard. The IEEE 802.1x standard uses the EAP as authentication protocol which requires AAA(Authentication, authorization, and Accounting) server for authentication & accounting. for the reliable and scalable AAA service, the Diameter protocol has more advanced characteristics than existing radius protocol. So the Diameter protocol can be used for WLAN service provider who has large scale WLAN system and a large number of subscriber. This paper proposes the design of Diameter AAA server for the authentication and accounting of WLAN system which is adopting IEEE 802.1x standard.

  • PDF

A Study on Device Authentication Technology in AAA Mechanism of Mobile Environment (모바일 환경의 AAA 메커니즘에서 디바이스 인증 기술에 관한 연구)

  • Park, Jong-Hyuk
    • Journal of Advanced Navigation Technology
    • /
    • v.12 no.5
    • /
    • pp.444-450
    • /
    • 2008
  • With the advancement of the mobile device and arrival of the integrated wired/wireless environments, the damand for services accessible by mobile devices is rapidly increasing. However, unlike existing wired networks, communication in wireless networks has many weaknesses. Therefore, research and development into an appropriate security technology has reached a critical stage, as combined wired/wireless environments emerge. Therefor, in this paper, we propose that device authentication technology in AAA (Authentication, Authorization, Accounting) mechanism of Mobile environment for secure service offer.

  • PDF

A Verification Case Study about the Authentication of a Network using AAA (AAA가 적용된 네트워크의 인증에 대한 검증 사례연구)

  • Park, Sung-Bae;Kim, No-Whan
    • The Journal of the Korea institute of electronic communication sciences
    • /
    • v.12 no.2
    • /
    • pp.295-300
    • /
    • 2017
  • AAA, an information-protective protocol authorizes the degree of service and rights to the user through a safe and reliable authentication. The protocol also systematically manages the accounting functions including billing, monitoring, and reporting using the user information. After a topology was created to design a network based on a router and server using RADIUS and TACACS+, a common virtual network was made using a packet tracker. This paper presents cases showing valid authentication through simulations.

A Study on Ticket-Based AAA Mechanism Including Time Synchronization OTP in Global Roaming Environment (글로벌 로밍 환경에서 시간 동기화 OTP를 포함한 티켓 기반 AAA 메커니즘에 관한 연구)

  • Moon, Jong-Sik;Lee, Im-Yeong
    • The KIPS Transactions:PartC
    • /
    • v.14C no.2
    • /
    • pp.129-138
    • /
    • 2007
  • AAA(Aluthentieation, Authorization, Accounting) protocol is an information securitv technology that offer secure and reliable user Authentication, Authorization, Accounting function systematically in various services. protocol and wireless network work as well as win network. Currently IETF(Internet Engineering Task Force) AAA Working Group deal with about AAA protocol and studying with activity, But, recently it exposing much problems side to user's anonymity and privacv violation. Therefore, in this paper, AAAH(Home Authentication Server) authenticaters Mobile device, after that, use ticket that is issued from AAAH even if move to outside network and can be serviced offering authentication in outside network without approaching by AAAH, Also, we study mechanism that can offer user's privacy and anonymousness to when use service. Our mechanism is using Time Synchronization OTP and focusing authentication and authorization. Therefore, our mechanism is secure from third party attack and offer secure and effective authentication scheme. Also only right user can offer services by using ticket. can reduce signal and reduce delay of message exchanged, can offer persistent service and beighten security and efficiency.

Efficient mutual authentication and key distribution protocol for cdma2000 packet data service (cdma2000 패킷 데이터 서비스를 위한 효율적인 상호 인증과 키 분배 프로토콜)

  • 신상욱;류희수
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.13 no.2
    • /
    • pp.107-114
    • /
    • 2003
  • In this paper, we propose an efficient mutual authentication and key distribution protocol for cdma2000 packet data service which uses Mobile U access method with DIAMETER AAA(Authentication, Authorization and Accounting) infrastructure. The proposed scheme provides an efficient mutual authentication between MN(Mobile Node) and AAAH(home AAA server), and a secure session-key distribution among Mobile If entities. The proposed protocol improves the efficiency of DIAMETER AAA and satisfies the security requirements for authentication and key distribution protocol. Also, the key distributed by the proposed scheme can be used to generate keys for packet data security over 1xEV-DO wireless interface, in order to avoid a session hijacking attack for 1xEV-DO packet data service.

Performance Analysis of Proxy-AAA Authentication Scheme in PMIPv6 Networks with Forwarding Mode Supporting (Proxy Mobile IPv6 네트워크에서 포워딩 모드를 지원하는 인증기법의 성능분석)

  • Lee, Seung-Hyun;Shin, Dong-Ryeol;Jeong, Jong-Pil
    • Journal of Internet Computing and Services
    • /
    • v.13 no.1
    • /
    • pp.15-25
    • /
    • 2012
  • Mobile IPv6 (MIPv6) is a host-based protocol supporting global mobility while Proxy Mobile IPv6 (PMIPv6) is a network-based protocol supporting localized mobility. This paper makes its focus on how to reduce the longer delay and extra cost arising from the combination of authentication, authorization and accounting (AAA) and PMIPv6 further. Firstly, a novel authentication scheme (Proxy-AAA) is proposed, which supports fast handover mode and forwarding mode between different local mobility anchors (LMAs). Secondly, a cost analysis model is established based on Proxy-AAA. From the theoretical analysis, it could be noted that the cost is affected by average arrival rate and residence time.

Efficient security mechanism in 3GPP-WLAN interworking (3GPP-WLAN interworking에서의 효율적인 보안 메커니즘)

  • 신상욱
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.14 no.3
    • /
    • pp.137-144
    • /
    • 2004
  • 3GPP(3rd Generation Project Partnership)-WLAN(Wireless Local Area Network) interworking refers to the utilization of resources and access to services within the 3GPP system by the WLAN UE(User Equipment) and user respectively. The intent of 3GPP-WLAN Interworking is to extend 3GPP services and functionality to the WALN access environment. We propose an efficient mechanism for the setup of UE-initiated tunnels in 3GPP-WLAN interworking. The proposed mechanism is based on a secret key which is pre-distributed in the process of authentication and key agreement between UE and 3GPP AAA(Authentication, Authorization Accounting) server. Therefore it can avoid modular exponentiation and public key signature which need a large amount of computation in UE. Also the proposed scheme provides mutual authentication and session key establishment between UE and PDGW(Packet Data Gateway).