• 대한임베디드공학회논문지
• /
• 제1권2호
• /
• pp.56-63
• /
• 2006

In this paper, we propose the integrated security management framework supporting the trust for the ubiquitous environments. The proposed framework provides the gathering and analysis of the security related information including the location of mobile device and then dynamically configures the security policy and adopts them. More specially, it supports the authentication and delegation service to support the trusted security management for the ubiquitous networks. This system also provides the visible management tools to give the convenient view for network administrator.

• 한국정보통신학회논문지
• /
• 제19권10호
• /
• pp.2429-2440
• /
• 2015

본 논문에서는 국내 연구ㆍ교육기관들의 협업 생태계 구축 및 협업 활성화를 위한 통합협업 인프라를 소개한다. 통합협업 인프라는 국내 연구ㆍ교육기관, 관련 상용 서비스 업체들이 참여하고 이들의 협력 증진을 위한 다양한 협업 지원 시스템과 서비스를 포함한다. 특히 제안한 통합협업 인프라는 ID 페더레이션 기술을 기반으로, 협업 참여 기관들의 연구자원 공유를 위한 사용자 인증 프레임워크를 제시함으로써 협업의 효율성을 제고한다. 본 논문은 국가과학기술연구망에 구축한 통합협업 인프라에 대해 기술하고 제안된 프레임워크의 동작 방식을 검증한다.

• International journal of advanced smart convergence
• /
• 제8권2호
• /
• pp.204-210
• /
• 2019

Mobile Crowd Computing is one of the most efficient and effective way to collect the Electronic health records and they are very intelligent in processing them. Mobile Crowd Computing can handle, analyze and process the huge volumes of Electronic Health Records (EHR) from the high-performance Cloud Environment. Electronic Health Records are very sensitive, so they need to be secured, authenticated and processed efficiently. However, security, privacy and authentication of Electronic health records(EHR) and Patient health records(PHR) in the Mobile Crowd Computing Environment have become a critical issue that restricts many healthcare services from using Crowd Computing services .Our proposed Efficient Multi-layer Encryption Framework(MLEF) applies a set of multiple security Algorithms to provide access control over integrity, confidentiality, privacy and authentication with cost efficient to the Electronic health records(HER)and Patient health records(PHR). Our system provides the efficient way to create an environment that is capable of capturing, storing, searching, sharing, analyzing and authenticating electronic healthcare records efficiently to provide right intervention to the right patient at the right time in the Mobile Crowd Computing Environment.

• Journal of Information Processing Systems
• /
• 제15권4호
• /
• pp.904-919
• /
• 2019

Many security systems rely solely on solutions based on Artificial Intelligence, which are weak in nature. These security solutions can be easily manipulated by malicious users who can gain unlawful access. Some security systems suggest using fingerprint-based solutions, but they can be easily deceived by copying fingerprints with clay. Image-based security is undoubtedly easy to manipulate, but it is also a solution that does not require any special training on the part of the user. In this paper, we propose a multi-factor security framework that operates in a three-step process to authenticate the user. The motivation of the research lies in utilizing commonly available and inexpensive devices such as onsite CCTV cameras and smartphone camera and providing fully secure user authentication. We have used technologies such as Argon2 for hashing image features and physically unclonable identification for secure device-server communication. We also discuss the methodological workflow of the proposed multi-factor authentication framework. In addition, we present the service scenario of the proposed model. Finally, we analyze qualitatively the proposed model and compare it with state-of-the-art methods to evaluate the usability of the model in real-world applications.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제17권9호
• /
• pp.2529-2549
• /
• 2023

For effectively lowering down the risk of cyber threating, the zero-trust architecture (ZTA) has been gradually deployed to the fields of smart city, Internet of Things, and cloud computing. The main concept of ZTA is to maintain a distrustful attitude towards all devices, identities, and communication requests, which only offering the minimum access and validity. Unfortunately, adopting the most secure and complex multifactor authentication has brought enterprise and employee a troublesome and unfriendly burden. Thus, authors aim to incorporate machine learning technology to build an employee behavior analysis ZTA. The new framework is characterized by the ability of adjusting the difficulty of identity verification through the user behavioral patterns and the risk degree of the resource. In particular, three key factors, including one-time password, face feature, and authorization code, have been applied to design the adaptive multifactor continuous authentication system. Simulations have demonstrated that the new work can eliminate the necessity of maintaining a heavy authentication and ensure an employee-friendly experience.

• 디지털산업정보학회논문지
• /
• 제13권1호
• /
• pp.87-101
• /
• 2017

As people increasingly rely on mobile networks in modern society, mobile communication security is becoming more and more important. In the Long Term Evolution/System Architecture Evolution (LTE/SAE) architecture, the 3rd Generation Partnership (3GPP) team has also developed the improved Evolved Packet System Authentication and Key Agreement (EPS AKA) protocol based on the 3rd Generation Authentication and Key Agreement (3G AKA) protocol in order to provide mutual authentication and secure communication between the user and the network. Unfortunately, the EPS AKA also has several vulnerabilities such as sending the International Mobile Subscriber Identity (IMSI) in plain text (which leads to disclosure of user identity and further causes location and tracing of the user, Mobility Management Entity (MME) attack), man-in-middle attack, etc. Hence, in this paper, we analyze the EPS AKA protocol and point out its deficiencies and then propose an Efficient and Security Enhanced Authentication and Key agreement (ESE-EPS AKA) protocol based on hybrid of Dynamic Pseudonym Mechanism (DPM) and Public Key Infrastructure (PKI) retaining the original framework and the infrastructure of the LTE network. Then, our evaluation proves that the proposed new ESE-EPS AKA protocol is relatively more efficient, secure and satisfies some of the security requirements such as confidentiality, integrity and authentication.

• International Journal of Computer Science & Network Security
• /
• 제22권9호
• /
• pp.15-22
• /
• 2022

The Tactile Internet technology is considered as the evolution of the internet of things. It will enable real time applications in all fields like remote surgery. It requires extra low latency which must not exceed 1ms, high availability, reliability and strong security system. Since it appearance in 2014, tremendous efforts have been made to ensure authentication between sensors, actuators and servers to secure many applications such as remote surgery. This human to machine relationship is very critical due to its dependence of the human live, the communication between the surgeon who performs the remote surgery and the robot arms, as a tactile internet actor, should be fully and end to end protected during the surgery. Thus, a secure mutual user authentication framework has to be implemented in order to ensure security without influencing latency. The existing methods of authentication require server to stock and exchange data between the tactile internet entities, which does not only make the proposed systems vulnerables to the SPOF (Single Point of Failure), but also impact negatively on the latency time. To address these issues, we propose a lightweight authentication protocol for remote surgery in a Tactile Internet environment, which is composed of a decentralized blockchain and physically unclonable functions. Finally, performances evaluation illustrate that our proposed solution ensures security, latency and reliability.

• 인터넷정보학회논문지
• /
• 제7권6호
• /
• pp.157-174
• /
• 2006

Ajax의 상호작용 모델은 웹 어플리케이션 상황을 HTTP에서 상태 기반형이 되도록 바꾸어 주며, Ajax 응용프로그램은 브라우저상에서 오래 지속된다. XHR(XML HTTP Request)는 데이터 교환을 촉진하는데 사용된다. 이러한 상호작용 조건에서 HTTPS를 사용하는 것은 데이터 교환의 빈도 때문에 실용적이지 못하다. 더욱이 민감한 정보의 경우 HTTP에서 HTTPS 로 프로토콜을 전환하는 것은 원본서버 유지정책으로 인해 허용되지 않는다. Ajax 어플리케이션의 장기 지속성, 구속성, 비동기성과 같은 특징들은 재 인증을 촉발하는 각기 다른 인증 및 세션 처리 메카니즘을 필요하게 되는데, 이 논문은 Ajax를 사용하는 인증 및 세션 관리의 설계를 제시한다. 본 설계는 OTP(One Time Password)와 유사한 자동 발생 패스워드가 있는 요약 인증을 사용하는 환경에서 기간 단위 및 이벤트 기반의 재인증을 촉발하도록 고안되었다. 이 인증 및 세션 관리는 인증 및 세션 관리가 손상되지 않도록 커플링의 AWAsec(Ajax Web Application Security) 이라고 불리는 체제 안에 포함된다.

• 정보처리학회논문지C
• /
• 제16C권3호
• /
• pp.299-306
• /
• 2009

인터넷의 사용이 증가하면서 다양한 네트워크 접근 기술이 개발 되었다. Extensible Authentication Protocol (EAP)은 네트워크 접근 시 요구되는 인증 과정을 지원하는 프로토콜이다. EAP는 다양한 인증 기법을 지원할 수 있는 확장성과 유연성 때문에 대부분의 네트워크 환경에서 사용되고 있다. 그러나 EAP의 가장 핵심적인 특성인 "lock-step" 흐름 제어는 에러 복구, 재전송 메커니즘에 영향을 주어 EAP는 물론 전체 인증과정의 성능을 크게 저하 시킨다. 본 논문은 EAP의 성능 저하 효과를 분석하고 새로운 흐름 제어 방식을 제안한다. NS-2를 사용한 시뮬레이션 결과에 따르면 제안한 흐름 제어 방식을 적용한 EAP는 최대 53% 성능 향상을 기대할 수 있다.

• 한국소프트웨어감정평가학회 논문지
• /
• 제16권2호
• /
• pp.63-68
• /
• 2020

본 논문에서는 딥러닝 프레임워크 기반의 얼굴인증 시스템에 대하여 제안한다. 제안 시스템은 딥러닝 알고리즘을 활용하여 얼굴영역 검출과 얼굴 특징 추출을 수행하고, 결합베이시안 학습 모델을 이용하여 얼굴인증을 수행한다. 제안 얼굴인증 알고리즘에 대한 성능 평가는 다양한 얼굴 사진들로 구성된 데이터베이스를 이용하여 수행하였으며, 한 명에 대한 얼굴 영상은 2장으로 구성하였다. 또한 얼굴인증 실험은 딥 뉴럴 네트워크를 통한 2048차원의 특징과 그 유사성을 측정하기 위해 결합베이시안 알고리즘을 적용하였으며, 얼굴인증에 실패한 동일오율을 계산함으로써 성능평가를 수행하였다. 실험 결과, 딥러닝 특징과 결합베이시안 알고리즘을 사용한 제안 방법은 1.2%의 동일오율을 보였다.