• ETRI Journal
• /
• v.31 no.4
• /
• pp.460-462
• /
• 2009

The emerging wireless networks require the design of new authentication protocols due to their dynamic nature and vulnerable-to-attack structure. Recently, Wu and others proposed a wireless authentication protocol which is claimed to be an improvement of the authentication protocol proposed by Lee and others which provides user anonymity. In this letter, we show that these protocols have a common flaw and that these protocols fail to provide user anonymity. We also propose a modification method to solve this problem.

• The KIPS Transactions:PartD
• /
• v.12D no.1 s.97
• /
• pp.121-128
• /
• 2005

This paper describes the requested IP assignment and authentication problem for wireless internet service of visited ISP subscriber on GPRS network, and proposes to use RADIUS authentication and accounting server for these problems. In this paper, we also define signals between GGSN and RADIUS, and between RADIUS authentication server and accounting sever for IP management and wireless internet service.

• Journal of the Korea Society of Computer and Information
• /
• v.4 no.4
• /
• pp.9-14
• /
• 1999

The authentication technique, which uses public key cryptographic algorithms, proves itself by generating authentication value through secret keys and gives verification by means of public keys .This paper is believed to 1) solve the problem of distribution and management of secret keys, which still remain the problem of authentication used in symmetric cryptographic algorithm. 2) provide the method to receive a certificate of handling the problems of public key lists through the authentication authority. and finally 3) suggest an algorithm which will enable us to run the public keys more effectively.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.7C
• /
• pp.997-1006
• /
• 2004

The rapid expansion of the Internet has provided users with a diverse range of services. Most Internet users create many different IDs and passwords to subscribe to various Internet services. Thus, the SSO system has been proposed to supplement vulnerable security that may arise from inefficient management system where administrators and users manage a number of ms. The SSO system can provide heightened efficiency and security to users and administrators. Recently commercialized SSO systems integrate a single agent with the broker authentication model. However, this hybrid authentication system cannot resolve problems such as those involving user pre-registration and anonymous users. It likewise cannot provide non-repudiation service between joining objects. Consequently, the hybrid system causes considerable security vulnerability. Since it cannot provide security service for the agent itself, the user's private information and SSO system may have significant security vulnerability. This paper proposed an authentication model that integrates a broker authentication model, out of various authentication models of the SSO system, with a multi-agent system. The proposed method adopts a secure multi-agent system that supplements the security vulnerability of an agent applied to the existing hybrid authentication system. The method proposes an SSO authentication model that satisfies various security requirements not provided by existing broker authentication models and hybrid authentication systems.

• The Journal of the Korea Contents Association
• /
• v.17 no.7
• /
• pp.276-282
• /
• 2017

Password-based authentication is vulnerable because of its low cost and convenience, but it is still widely used. In order to increase the security of the password-based user authentication method, the password is changed frequently, and it is recommended to use a combination of numbers, alphabets and special characters when generating the password. However, it is difficult for users to remember passwords that are difficult to create and it is not easy to change passwords periodically. Therefore, in this paper, we implemented a user authentication system that does not require a password by using the USB memory that is commonly used. Authentication data used for authentication is protected by USB data stored in USB memory using USB device information to improve security. Also, the authentication data is one-time and reusable.Based on this, it is possible to have the same security as the password authentication system and the security level such as certificate or fingerprint recognition.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.7
• /
• pp.87-93
• /
• 2014

TIn analysis as the first step of S/W development, security requirements of identification and authentication, ID and password management, authentication process, authentication method, ete. should be defined. Identification is to uniquely identify certain users and applications running on a certain system. Authentication means the function to determine true or false users and applications in some cases. This paper is to suggest the security requirements for identification and authentication in analysis step. Firstly, individual ID should be uniquely identified. The second element is to apply the length limitations, combination and periodic changes of passwords. The third should require the more reinforced authentication methods besides ID and passwords and satisfy the defined security elements on authentication process. In this paper, the security requirements for the step of identification and authentication have been explained through several practical implementation methods.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.8
• /
• pp.311-317
• /
• 2016

Many services have been developed that are based on smart devices, and security between devices is emphasized. A beacon on the current IoT(Internet of Things) services has been utilized in the commercial field and is being applied to the services of the home IoT. On the other hand, the beacon is weak to security using Bluetooth-based services. Therefore, it is important to strengthen the security of the beacon. This paper proposes a dual security technique that can enhance the security of beacon-based services. The dual security architecture and security process is proposed based on beacon and authentication service. In addition, mobile application was developed and validated based on the beacon for proving the suitability of the proposed technique. The experimental method for verification are the authentication failure case, such as 1st authentication fail, and authentication success case, such as 1st authentication success and 2nd authentication success. The components of the verification experiments consists of two beacons (matched with Beacon ID, mismatched with Beacon ID), one mobile device and authentication application. This was tested to verify the compatibility of the dual security architecture and 1st/2nd authentication process.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.2
• /
• pp.313-319
• /
• 2009

Recently the RFID system, which can recognize multiple tags simultaneously through wireless communication, is emerging as a new technology that can replace the barcode system. Furthermore, related industries are carrying out active research on tags and authentication protocols with guaranteed security that are widely applicable to logistics, distribution, etc. The present study proposes a protocol with enhanced security by introducing the concept of RBAC to the authentication protocol, and a method with lower security for effective mass authentication. The proposed method is advantageous in that it guarantees security against spoofing attack, traffic analysis, replay attack, etc. based on hash function.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.3
• /
• pp.63-74
• /
• 2011

Credit cards are more convenient than cash of heavy. Therefore, credit cards are used widely in on_line (internet) and off_line in nowadays. To use credit cards on internet is commonly secure because client identification based security card and authentication certificate. However, to use in off_line as like shop, store, department, restaurant is unsecure because of irregular accident. As client identification is not used in off_line use of credit cards, the irregular use of counterfeit, stolen and lost card have been increasing in number recently. Therefore, client identification is urgently necessary for secure card using in off_line. And the method of client identification must be simple, don't take long time, convenient for client, card affiliate and card company. In this paper, we study a reform measure of the structure and transaction process for the safety improvement of a credit cards. And we propose several authentication method of short-and long-term for client identification. In the proposal, the client authentication method by OTP application of smart-phone is efficient nowadays.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.22 no.12
• /
• pp.2860-2866
• /
• 1997

Kerberos is the most used example of authentication technology in distributed environment. In this paper, based on this method, a new authentication mechanism associated with X.509 protocol that authenticates services between regions is presented. Since any suggestions to regional services are not described in Kerberos, the authentication between regiona is performed via the connected chain obtained from x.509. These two protocols have distinguished key management systems -X.509 is designed using an asymmetric method, while Kerberos using a symmetric method. In order to provide regional services, X.509 is employed on connection part and Kerberos on actual authetication part.