• Journal of Information Technology Services
• /
• v.8 no.2
• /
• pp.117-136
• /
• 2009

Over the years a password has been used as a popular authentication method between a client and a server because of its easy-to-memorize property. But, most password-based authentication services have focused on a same password authentication scheme which provides an authentication and key exchange between a client and a server with the same password. With rapid change of communication environments in the fields such as mobile networks, home networking, etc., the end-to-end security allowing users to hold different password is considered as one of main concerns. In this paper, we consider a new authentication service of how each client with different own password is able to authenticate each other, which is a quite new service paradigm among the existing services. This new service can be used in the current or next generation network environment where a mobile user in cell A wants to establish a secure end-to-end channel with users in ceil B, C, and D using only their memorable passwords. This end-to-end security service minimizes the interferences from the operator controlled by network components. To achieve this end-to-end security, we propose an authentication and key exchange service for group users in different realm, and analyze its security in a formal way. We also discuss a generic construction with the existing authentication schemes.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.1
• /
• pp.31-39
• /
• 2011

VoIP service uses packet network of ip-based because that has eavesdropping, interception, illegal user as vulnerable elements. In addition, PSTN of existing telephone network is subordinate line but VoIP service using the ip packet provide mobility. so The user authentication and VoIP user's account service using VoIP has emerged as a problem. To solve the vulnerability of SIP, when you use VoIP services with SIP, this paper has made it possible to authenticate user's terminal by using proxy server and proxy server by using authentication server. In conclusion, sender and receiver are mutually authenticated. In the mutual authentication process, the new session key is distributed after exchanging for the key between sender and receiver. It is proposed to minimize of service delay while the additional authentication. The new session key is able to authenticate about abnormal messages on the phone. This paper has made it possible to solve the vulnerability of existing SIP authentication by using mutual authentication between user and proxy server and suggest efficient VoIP service which simplify authentication procedures through key distribution after authentication.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.8
• /
• pp.2061-2080
• /
• 2013

Roaming authentication protocol is widely used in wireless network which can enable a seamless service for the mobile users. However, the classical approach requires the home server's participation during the authentication between the mobile user and the foreign server. So the more the roaming requests are performed the heavier burden will be on the home server. In this paper, we propose a new roaming authentication framework for wireless communication without the home server's participation. The new roaming authentication protocol in the new framework takes advantage of the ID-based cryptography and provides user anonymity. It has good performance compared with the roaming authentication protocols whose authentication do not need the home server's participation in terms of security and computation costs. Moreover, a new User-to-User authentication protocol in the new framework is also present. All the authentications proposed in this paper can be regarded as a common construction and can be applied to various kinds of wireless networks such as Cellular Networks, Wireless Mesh Networks and Vehicle Networks.

• The KIPS Transactions:PartA
• /
• v.11A no.6
• /
• pp.451-458
• /
• 2004

The previous studies focussed on the security problem and the fast re-authentication mechanism during handoffs in a single wireless LAN system. When the multiple wireless LAN systems share their network infrastructure one another, we propose an authentication mechanism allowing the subscriber to Perform the authentication procedure with the authentication server of its own wireless LAN system even in areas of other wireless LAN systems as well as in areas of its own wireless LAN system. In the proposed mechanism, the access point or the authentication server of other wireless LAN systems plays a role of the authentication agent between the subscriber and the authentication server of the subscriber's wireless LAN system. The proposed authentication mechanism is designed on the basis of the 802.1X and EAP-MD5 protocols.

• Journal of Korean Institute of Industrial Engineers
• /
• v.42 no.4
• /
• pp.280-289
• /
• 2016

User authentication is an important issue on computer network systems. Most of the current computer network systems use the ID-password string match as the primary user authentication method. However, in password-based authentication, whoever acquires the password of a valid user can access the system without any restrictions. In this paper, we present a keystroke dynamics-based user authentication to resolve limitations of the password-based authentication. Since most previous studies employed a fixed-length text as an input data, we aims at enhancing the authentication performance by combining four different variable creation methods from a variable-length free text as an input data. As authentication algorithms, four one-class classifiers are employed. We verify the proposed approach through an experiment based on actual keystroke data collected from 100 participants who provided more than 17,000 keystrokes for both Korean and English. The experimental results show that our proposed method significantly improve the authentication performance compared to the existing approaches.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2004.05b
• /
• pp.713-716
• /
• 2004

In this paper we challenge the user Authentication using Kerberos V5 authentication protocol in Ad-hoc network environment. Ad-hoc network is a collection of wireless mobile nodes without the support of a stationary infrastructure. and DSR routing protocol, which is one of famous mobile ad-hoc routing protocols, has the following network path problem. this paper is the security structure that defined in a mobile network and security and watches all kinds of password related technology related to the existing authentication system. It looks up weakness point on security with a problem on the design that uses Ad-hoc based structure and transmission hierarchical security back of a mobile network, and a server-client holds for user authentication of an application level all and all, and it provides one counterproposal.

• Journal of Internet of Things and Convergence
• /
• v.1 no.1
• /
• pp.39-44
• /
• 2015

Organization is increasing the authorizing process to use public certificate and bio information. Certificate, has evolved to be able to parallel distributes the bio authentication and portable bio-authentication device. Authentication using an individual's PC and smart devices continue to generalize, while convenience for authentication is increased by comparison Study on cooperation with the security at the network level's a weak situation. If ask authentication method through the cooperation of the public certificate and bio information work with current network access control, there is a possibility to develop a more powerful security policy. by cooperation weaknesses against vulnerable personal authentication techniques on security token in a reliable and secure personal authentication techniques, such as bio-recognition, Bio Information for identification and to prevent exposing a methodology suggest to validate whether or not to carry out in this paper. In addition, organize the scenario that can work with the 802.1x network authentication method, and presented a proposal aimed at realization.

• The KIPS Transactions:PartC
• /
• v.14C no.1 s.111
• /
• pp.7-16
• /
• 2007

3G telecommunication and wireless LAN provide various wireless communication services with their own native advantages and disadvantages. Currently WiBro service was developed to make up for the disadvantages of those services, and 3G-WLAN-WiBro underworking system which enables a user who uses triple-mode terminals to use those three networks was proposed. Even though each network adopts mutual authentication process between users and networks to provide security and accounting, they use different authentication protocols. In this paper, integrated authentication and key management protocol is proposed which makes use of previously used authentication information and supports safe roaming when a user moves from one network to another one under a same service provider on the 3G-WLAN-WiBro interworking network.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.2
• /
• pp.73-82
• /
• 1999

In an open network computing environment a host cannot to identity its users correctly to network services. In order to prevent this thing we present the design of a authentication scheme 솟 using the notion of rth -residuosity problem and discrete logarithm problem which is proposed by S. J. Park et al. The proposed scheme described here is efficient method for mutual authentication without leakage of users identity in mobile communication system that ensure user anonymity and untraceability.

• Journal of Korea Multimedia Society
• /
• v.9 no.10
• /
• pp.1314-1321
• /
• 2006

GSM(Global System for Mobile Communications) is a Pan-European digital cellular mobile system supporting widespread roaming and personal communication services in a worldwide wireless communication network. In suite of providing security capability, however, there are some problems like user authentication in GSM. In this paper, we propose the enhanced authentication mechanism to verify strongly each network entity to so]ye user authentication problem and support anonymity for user privacy.