• The KIPS Transactions:PartC
• /
• v.9C no.4
• /
• pp.551-562
• /
• 2002

We usually applied PPP CHAP when the visited ISP subscriber accesses to authentication server in own home ISP network and IP Assignment for remote Internet service. But PPP CHAP doesn't support in case of visited ISP subscriber in GPRS network accesses to authentication sorrel in own home ISP network for wireless Internet service. We suggest solution for this problem with PPP CHAP improvement. For this we propose the modified PPP CHAP message format, PCO Message format at MT, and interworking message and format between GGSN and RADIUS in home ISP network for wireless internet service of mobile ISP subscriber at GPRS network in this paper. We also show authentication results when visited mobile ISP subscriber via PPP CHAP at GPRS network accesses the RADIUS server in home ISP network.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1343-1354
• /
• 2018

OAuth 2.0 bearer token and JWT(JSON web token), current standard technologies for authentication and authorization, use the approach of sending fixed token repeatedly to server for authentication that they are subject to eavesdropping attack, thus they should be used in secure communication environment such as HTTPS. In OAuth 2.0 MAC token which was devised as an authentication scheme that can be used in non-secure communication environment, server issues shared secret key to authenticated client and the client uses it to compute MAC to prove the authenticity of request, but in this case server has to store and use the shared secret key to verify user's request. Therefore, it's hard to provide stateless authentication service. In this paper we present a randomized token authentication scheme which can provide stateless MAC token authentication without storing shared secret key in server side. To remove the use of HTTPS, we utilize secure communication using server certificate and simple signature-based login using client certificate together with the proposed randomized token authentication to achieve the fully stateless authentication service and we provide an implementation example.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.8
• /
• pp.2133-2144
• /
• 1999

IMT-2000 system is expected to start its service at the beginning of 2000 on the purpose of providing with the highest qualitative service through one mobile terminal. In this paper, we investigate some of the important issues which need to be addresses in designing an authentication protocol for IMT-2000. Also proposed is an authentication protocol which addresses the above issues, and we design a correct and efficient authentication protocol to establish secure communication channel. Our protocol provides an authentication of the communication entities, location privacy, and secure messaging as well as global roaming service.

• Proceedings of the Korea Contents Association Conference
• /
• 2004.05a
• /
• pp.301-306
• /
• 2004

The Grid VO(Virtual Organization) is temporary VO where gather indivisual, authority, or system resource, differ from previous VO concept that controled by internal principal and policy set. It have many problems in case of indivisuals, authorities, or system resources that became member\ulcorner of some Grid VO at same time and combination followed changing condition of system resource for building Grid VO. This paper propose lightweighted Grid VO authentication system based on XML security to solve the authentication of the problems occuring in building Grid VO. In this paper, Grid VO authentication system is including Grid VO authentication module that is intermediate management system in PH to previous authentication service structure and provide effective authentication service to Grid VO.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.12
• /
• pp.159-167
• /
• 2012

The authentication system of the PKI(public key infrastructure) provides the authenticity and security, accessibility, economic feasibility, and convenience to the service provider and users. Therefore the public and private companies in Korea widely use it as the authentication method of the web service. However, the safety client system is threatened by many vulnerable factors which possibly caused when using PKI-based authentication system. Thus, in this article vulnerable factors caused by using the PKI-based authentication system will be analyzed, which is expected to be the useful data afterwards for the construction of the new authentication system as well as performance improvement.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2004.05b
• /
• pp.739-743
• /
• 2004

The Grid VO(Virtual Organization) is temporary VO where gather indivisual, authority, or system resource, differ from previous VO concept that controled by internal principal and policy set. It have many problems in case of indivisuals, authorities, or system resources that became member of some Grid VO at same time and combination followed changing condition of system resource for building Grid VO. This paper propose lightweighted Grid VO authentication system based on XML security to solve the authentication of the problems occuring in building Grid VO. In this paper, Grid VO authentication system is including Grid VO authentication module that is intermediate management system in PKI to previous authentication service structure and provide effective authentication service to Grid VO.

• IEIE Transactions on Smart Processing and Computing
• /
• v.2 no.3
• /
• pp.176-187
• /
• 2013

Message replay, malicious Access Point (AP) associations and Denial of Service (DoS) attacks are the major threats in Wireless LANs. These threats are possible due to a lack of proper authentication and insecure message communications between wireless devices. Current wireless authentication & key exchange (AKE) schemes and security protocols (WEP, WPA and IEEE 802.11i) are not sufficient against these threats. This paper presents a novel Secure WLAN Authentication Scheme (SWAS). The scheme introduces the delegation concept of mobile authentication in WLANs, and provides mutual authentication to all parties (Wireless Station, Access Point and Authentication Server). The messages involved in the process serve both authentication and key refreshing purposes. The scheme enhances the security by protecting the messages through cryptographic techniques and reduces the DoS impact. The results showed that cryptographic techniques do not result in extra latencies in authentication. The scheme also reduces the communication cost and network overhead.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.7
• /
• pp.325-330
• /
• 2017

Bluetooth 4.0 is a technology suitable for the Internet of things that is used for communication between various devices. This technology is suitable for developing a service by combining with automobiles. In this study, a security authentication system was designed by linking Bluetooth 4.0 technology and a vehicle system as an implementation example of an object internet service. A procedure was designed for security authentication and an authentication method is proposed using a data server. When the security authentication function is provided, various additional services can be developed using the information collection function of the risk notification and user action history. In addition, BLE (Bluetooth Low Energy) technology, which is a wireless communication technology that enables low-power communication and low-power communication in the process of the standardization and development of Bluetooth technology and technology, improves the battery life through the use of RFID or NFC This study expanded the range possible. The security service can be extended by expanding the scope of authentication by the contactless type. Using the proposed system, a customized service can be provided while overcoming the problems of an existing radio frequency (RF)-based system, portability, and battery usage problem.

• Convergence Security Journal
• /
• v.7 no.3
• /
• pp.101-107
• /
• 2007

In recent years, electronic financial services, such as internet banking, come into wide use since the personal computer and network technology have made reasonably good progress. The growth of electronic financial service contributes to promoting the business efficiency of financial institution and promoting the convenience of financial customer, while the security on electronic financial service is getting more important because it is not face-to-face financial service. Therefore, the financial sector had decided to introduce the OTP (One Time Password) in order to authenticate the identification of customer and has built the Integrated OTP Authentication Center for a customer being able to use only one OTP token in electronic financial transaction with several financial institution. In this paper, we introduce the business of Integrated OTP Authentication Center and present the security analysis on integrated OPT authentication service, which is the main function of Integrated OTP Authentication Center.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.7
• /
• pp.1493-1500
• /
• 2004

Today's Commercial security server system which provide secrecy, integrity and availability may still be vulnerable to denial-of-service attacks. Authentication system whith use a public key cryptography and process RSA encryption is relatively slow and the slowness has become a major security threat specifically in service flooding attacks caused by authentication requests. The service flooding attacks render the server incapable of providing its service to legitimitive clients. Therefore the importance of implementing systems that prevent denial of service attacks and provide service to legitimitive users cannot be overemphasized. In this paper, we propose a puzzle protocol which applies to authentication model. our gradually strengthening authentication model improves the availability and continuity of services and prevent denial of service attacks and we implement flooding of service tolerance system to verify the efficiency of our model. This system is expected to be ensure in the promotion of reliability.