• Journal of information and communication convergence engineering
• /
• v.8 no.4
• /
• pp.427-432
• /
• 2010

The fast-emerging of cloud computing technology today has sufficiently benefited its wide range of users from individuals to large organizations. It carries an attractive characteristic by renting myriad virtual storages, computing resources and platform for users to manipulate their data or utilize the processing resources conveniently over Internet without the need to know the exact underlying infrastructure which is resided remotely at cloud servers. However due to the loss of direct control over the systems/applications, users are concerned about the risks of cloud services if it is truly secured. In the literature, there are cases where attackers masquerade as cloud users, illegally access to their accounts, by stealing the static login password or breaking the poor authentication gate. In this paper, we propose a two-factor authentication framework to enforce cloud services' authentication process, which are Public Key Infrastructure (PKI) authentication and mobile out-of-band (OOB) authentication. We discuss the framework's security analysis in later session and conclude that it is robust to phishing and replay attacks, prohibiting fraud users from accessing to the cloud services.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.10
• /
• pp.2199-2206
• /
• 2012

Identity authentication sharing technology which allows many service providers to share the result of identity authentication of an identity provider provides several important advantages including high usability achieved by avoiding repeated registration of identity information to service providers and single sign-on, cost effectiveness of service providers achieved by outsourcing identity authentication services from identity providers, and privacy protection achieved by exposing identity information only to a limited number of controlled identity providers. However, in order for the identity authentication sharing technologies to be widely deployed in global Internet scale, the trustworthiness issue among the participating identity providers, service providers, and users should be resolved in advance. This paper firstly analyzes existing trust frameworks for identity authentication sharing. And then, based on the result of analysis, this paper proposes a dynamic and open trust framework for identity authentication sharing.

• Journal of Digital Convergence
• /
• v.10 no.2
• /
• pp.217-223
• /
• 2012

By using the network, the robot can provide the anytime and anywhere various services. There is the advantage that it can provide the real time service by using the network description but the network robot has the network security vulnerability. Therefore, in the network robot environment, the authentication framework which can be satisfied the security function has to be established. In this paper, the security vulnerability which it can be generated in the network robot environment is analyze and the plan for reaction is prepared. And the authentication framework controlling the network robot safely was proposed.

• Journal of the Korea Society of Computer and Information
• /
• v.20 no.6
• /
• pp.13-20
• /
• 2015

A genuine product authentication framework and genuine distinction algorithm based on design QR code is proposed in this paper. The proposed framework consists of design QR code, a smart phone application for authentication, and a server system. Design QR code is a shape-modification of conventional QR code according to manufacturer's and/or product's need. In the design QR code, information about manufacturer and product is written. The written information can be read with general QR code reader, however, the content is transformed with authentication code, used in the first step authentication, and the meaning cannot be inferred. The application conducts the first step authentication and sends the resulting information to the server system for the second step authentication. The server system decides the genuinity using look-up history. The proposed framework can improve the authentication effect while minimizing the additional costs by managing the history through the server system. The proposed framework has proven to be effective in actual use, such as that used for the management of garbage bags in Ansan city.

• Journal of Internet Computing and Services
• /
• v.10 no.3
• /
• pp.51-60
• /
• 2009

This paper proposes a reliable 2-mode authentication framework for probabilistic key pre-distribution in Wireless Sensor Network (WSN) that guarantees the safe defense against different kinds of attacks: Hello flood attacks, Wormhole attacks, Sinkhole attack, location deployment attacks, and Man in the middle attack. The mechanism storing the trust neighbor IDs reduces the dependence on the cluster head and as the result; it saves the power energy for the authentication process as well as provides peer-to-peer communication.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.1
• /
• pp.136-141
• /
• 2006

The IEEE 802.1x can be using various user authentication mechanisms: One-Time Password, Certificate-Based TLS, Challenge/Response and Keberos through EAP(Extended Authentication Protocol). But, IEEE 802.1x also has vulnerabilities about the DoS, the session hijacking and the Man in the Middle attack due to the absence of AP authentication. In this paper, we propose a WLAN secure system which can offer a safety secure communication and a user authentications by intensified the vulnerability of spoofing and DoS attacks. The suppose system offers a safe secure communication because it offers sending message of integrity service and also it prevents DoS attack at authentication initial phase.

• ETRI Journal
• /
• v.35 no.3
• /
• pp.501-511
• /
• 2013

Protecting privacy is an important goal in designing location-based services. Service providers want to verify legitimate users and allow permitted users to enjoy their services. Users, however, want to preserve their privacy and prevent tracking. In this paper, a new framework providing users with more privacy and anonymity in both the authentication process and the querying process is proposed. Unlike the designs proposed in previous works, our framework benefits from a combination of three important techniques: k-anonymity, timed fuzzy logic, and a one-way hash function. Modifying and adapting these existing schemes provides us with a simpler, less complex, yet more mature solution. During authentication, the one-way hash function provides users with more privacy by using fingerprints of users' identities. To provide anonymous authentication, the concept of confidence level is adopted with timed fuzzy logic. Regarding location privacy, spatial k-anonymity prevents the users' locations from being tracked. The experiment results and analysis show that our framework can strengthen the protection of anonymity and privacy of users by incurring a minimal implementation cost and can improve functionality.

• International Journal of Computer Science & Network Security
• /
• v.23 no.4
• /
• pp.111-115
• /
• 2023

Knowledge Based Authentication is the most well-known technique for user authentication in a computer security framework. Most frameworks utilize a straightforward PIN (Personal Identification Number) or psssword as an data authenticator. Since password based authenticators typically will be software based, they are inclined to different attacks and weaknesses, from both human and software.Some of the attacks are talked about in this paper.

• Journal of KIISE:Information Networking
• /
• v.32 no.5
• /
• pp.561-573
• /
• 2005

As the demand on ubiquitous communication increases, global roaming and vertical handover will be prevailing in the near future. Since this environment is accompanied by the frequent handovers at remote sites, a scalable and fast authentication becomes prerequisite for ubiquitous communication. In this paper, we suggest a framework for scalable and fast authentication, using hierarchical caching based on general trust relationship among domains. At the end, we show that the proposed scheme achieves reduced authentication delay and network overhead through an analytic method with fluid flow model.

• Journal of Information Technology Services
• /
• v.12 no.1
• /
• pp.259-270
• /
• 2013

Identity authentication sharing technologies which allow many service providers to share the result of identity authentication of an identity provider receive high attention as alternatives for current problematic identity authentications in the next-generation Internet environment, since they can provide crucial advantages including high usability, cost effectiveness of service providers, and privacy protection. However, in order for the identity authentication sharing technologies to be widely deployed in global Internet scale, the interoperability problem among different identity authentication sharing protocols and the trustworthiness issue among the participating identity providers, service providers, and users should be resolved in advance. This paper firstly analyzes current status of the protocol interoperability issue and existing trust frameworks for identity authentication sharing. And then, based on the result of analysis, this paper proposes a next generation identity authentication sharing architecture for global Internet.