• Journal of KIISE:Information Networking
• /
• v.29 no.4
• /
• pp.368-374
• /
• 2002

In the third generation mobile telecommunication systems such as UMTS, one of the important problems for value-added services is to check the recoverability of costs used by a mobile user. Previous authentication and payment schemes for value-added services by a mobile user across multiple service domains, rely on the concept of the on-line TTP, which serves as the users certification authority. In the third generation systems with many service providers, a wide range of services, and a diverse user population, authentication mechanisms with the on-line TTP provide a far from ideal solution. In this paper we present an efficient public-key protocol for mutual authentication and key exchange designed for value-added services in the third generation mobile telecommunications systems. The proposed ticket based authentication and payment protocol provides an efficient way for VASP to check the recoverability of costs without communication with the on-line TTP Furthermore, the proposed ticket based protocol can provide anonymous service usage for a mobile user.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.7 no.1
• /
• pp.53-59
• /
• 2012

Recently, LEE et al. proposed an attribute-based authenticated key agreement protocol over home network, which aimed to support authentication and key agreement between user and home server. However, if the home server is attacked in the protocol, the effects are influenced to the overall home network components severly. Thereby, this paper proposes a new ticket-based authentication protocol using user attributes between user and home devices to solve the problem. The proposed protocol supports the various levels of security to user by diversifying the network accessibility depending on user attribute. Thereby, the protocol could support more secure home network services.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.53-64
• /
• 2005

In this paper, proposes Kerberos certification mechanism that improve certification service of PKINIT base that announce in IETF CAT Working Croup. Also proposed Authentication Mechanism for reusability of Ticket that after Ticket's Lifetime is ended, message exchange that Local Client receives Remote Server's service. Since my suggestion to regional services are not described in Kerberos, authentication between regions can be performed via PKINIT(Public Key Cryptography for Initial Authentication) presented by IETF(Internet Engineering Task Force) CAT working group. The new protocol is better than the authentication mechanism proposed by IETF CAT Working group in terms of communication complexity and mechanism according to simplified Ticket issue processing.

• The Journal of the Korea Contents Association
• /
• v.4 no.1
• /
• pp.67-75
• /
• 2004

In this paper, we design an authentication model based mobile PKI (Public Key Infrastructure). The authentication mood consists of Root-CA Home-network agent and Foreign-network agent. CA will going to gave the delegation ticket to Home-Agent or Foreign-Agent when they request. The authentication mode information security is various characteristic more then high speed, mobile network and low cost more then previous structure of assure information security.

• The KIPS Transactions:PartC
• /
• v.14C no.2
• /
• pp.129-138
• /
• 2007

AAA(Aluthentieation, Authorization, Accounting) protocol is an information securitv technology that offer secure and reliable user Authentication, Authorization, Accounting function systematically in various services. protocol and wireless network work as well as win network. Currently IETF(Internet Engineering Task Force) AAA Working Group deal with about AAA protocol and studying with activity, But, recently it exposing much problems side to user's anonymity and privacv violation. Therefore, in this paper, AAAH(Home Authentication Server) authenticaters Mobile device, after that, use ticket that is issued from AAAH even if move to outside network and can be serviced offering authentication in outside network without approaching by AAAH, Also, we study mechanism that can offer user's privacy and anonymousness to when use service. Our mechanism is using Time Synchronization OTP and focusing authentication and authorization. Therefore, our mechanism is secure from third party attack and offer secure and effective authentication scheme. Also only right user can offer services by using ticket. can reduce signal and reduce delay of message exchanged, can offer persistent service and beighten security and efficiency.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.7
• /
• pp.1516-1523
• /
• 2004

In the paper, an algorithm fitted to P2P system was proposed by improving Kerberos which is an algorithm for mutual authentication. To keep the role of Kerberos and minimize load to server, the proposed algorithm imposed the server role of ticket recognition to the opposite peer. Using this method, the number of sewers as ticket recognition server was averted and function of server for authentication was minimized so that server load was mininized. The proposed algorithm enables the server to play the minimum of the role and to perform strong mutual authentication, while imposeing on the peers the role of authentication. To make suitable to P2P system, trial number oriented authentication limit was given, not time-oriented authentication expiration time. In the paper, a new P2P system was designed using this algorithm.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.1
• /
• pp.1-5
• /
• 2016

The all-in-one service, for example, mobile wallet enables users to have credit card, membership card, and coupon in one place. It has been one of important o2o services with offline payment. In order to take advantage of mobile commerce, it is necessary to authenticate clients automatically without entering their passwords. This paper proposes an automatic client authentication method in all-in-one service. At registration, clients receives and stores an authentication ticket from a company, which contains an user's identifier and password encrypted by company's symmetric key. Client can be authenticated by transferring authentication tickets to companies at service requests.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.11
• /
• pp.2204-2220
• /
• 2011

Without providing a proper security measure to the handover procedure in Mobile WiMAX, several security attacks can be mounted. Even though security schemes have been previously proposed for this purpose, they are still vulnerable to several security attacks due to fatal design flaws. A newly proposed security scheme in this paper is based on the framework of authentication domain and concept of handover ticket. A method of establishing security associations within the authentication domain is proposed, and a lightweight security measure to protect the management messages associated with the handover is also proposed. Especially, using the handover ticket, the new security scheme can defend against a Redirection Attack arising from a compromised base station. The new security scheme is comparatively analyzed with the previous security schemes in terms of Replay, Session Hijacking, Man-In-The-Middle, and Redirection attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.93-103
• /
• 2009

Recently, there is an increase in demand of real-time multimedia service in the WLAN environment, with a commercialization of IEEE 802.11n standard. However, the 802.1x authentication protocol is too slow to provide seamless real-time multimedia service, which defined in an IEEE 802.11i security standard. In this paper, a Ticket-based authentication mechanism in the CAPWAP(Control And Provisioning Wireless Access Point) architecture is introduced to support for the fast handoff.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.87-98
• /
• 2007

AAA protocol is an information protection technology which systematically provides authentication, authorization and accounting function not only in the existing wire network but also in the rapidly developing wireless network, various services and protocol. Nowadays, standardization of the various application services is in progress with the purpose of AAA standardization fer the mobile user in the wireless network. And various researches are being conducted fur using AAA in the roaming service and mobile IPv6 network between heterogeneous networks. In this paper uses OTP and ID-based ticket for user authentication in the mobile device under the ubiquitous environment, and service is seamlessly provided even though the mobile device moves from the home network to the foreign network. In addition, with the ticket renewed from the foreign network, the overhead of the home authentication server can be reduced, and provides anonymity of service through the anonymity ID.