• Title/Summary/Keyword: Cloud authentication

Search Result 153, Processing Time 0.031 seconds

Mutual Authentication and Key Establishment Mechanism for Secure Data Sharing in M2M Environment (M2M 환경에서 안전한 데이터 공유를 위한 상호인증 및 키 교환 기법)

  • Park, JungOh;Kim, Sangkun
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.15 no.4
    • /
    • pp.33-41
    • /
    • 2015
  • With rapid rise of virtualization technology from diverse types of cloud computing service, security problems such as data safety and reliability are the issues at stake. Since damage in virtualization layer of cloud service can cause damage on all host (user) tasks, Hypervisor that provides an environment for multiple virtual operating systems can be a target of attackers. This paper propose a security structure for protecting Hypervisor from hacking and malware infection.

Implementation of Remote Physical Security Systems Using Smart Phone (스마트폰을 이용한 원격 물리적 보안 시스템의 구현)

  • Lee, Moon-Goo
    • Journal of the Korea Society of Computer and Information
    • /
    • v.16 no.2
    • /
    • pp.217-224
    • /
    • 2011
  • Existing wire based physical security system solutions show limitations in time and space. In order to solve these deficiencies, a remote physical security system has been implemented using smart phone based on mobile cloud computing technique. The security functions of mobile cloud computing technique include mobile device user authentication, confidentiality of communication, integrity of information, availability of system, and target system access control, authority management and secure hand off etc. Proposed system has been constructed as remote building management system using smart phone, and also has been efficient to reduce energy cost (5~30%), result of system average access and response time 7.082 second. This systems are evaluated to have high efficiency compared to performance.

Implementation of Dynamic Situation Authentication System for Accessing Medical Information (의료정보 접근을 위한 동적상황인증시스템의 구현)

  • Ham, Gyu-Sung;Seo, Own-jeong;Jung, Hoill;Joo, Su-Chong
    • Journal of Internet Computing and Services
    • /
    • v.19 no.6
    • /
    • pp.31-40
    • /
    • 2018
  • With the development of IT technology recently, medical information systems are being constructed in an integrated u-health environment through cloud services, IoT technologies, and mobile applications. These kinds of medical information systems should provide the medical staff with authorities to access patients' medical information for emergency status treatments or therapeutic purposes. Therefore, in the medical information systems, the reliable and prompt authentication processes are necessary to access the biometric information and the medical information of the patients in charge of the medical staff. However, medical information systems are accessing with simple and static user authentication mechanism using only medical ID / PWD in the present system environment. For this reason, in this paper, we suggest a dynamic situation authentication mechanism that provides transparency of medical information access including various authentication factors considering patient's emergency status condition and dynamic situation authentication system supporting it. Our dynamic Situation Authentication is a combination of user authentication and mobile device authentication, which includes various authentication factor attributes such as emergency status, role of medical staff, their working hours, and their working positions and so forth. We designed and implemented a dynamic situation authentication system including emergency status decision, dynamic situation authentication, and authentication support DB construction. Finally, in order to verify the serviceability of the suggested dynamic situation authentication system, the medical staffs download the mobile application from the medical information server to the medical staff's own mobile device together with the dynamic situation authentication process and the permission to access medical information to the patient and showed access to medical information.

Design of Secure Scheme based on Bio-information Optimized for Car-sharing Cloud (카 쉐어링 클라우드 환경에서 최적화된 바이오 정보 기반 보안 기법 설계)

  • Lee, Kwang-Hyoung;Park, Sang-Hyeon
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.20 no.11
    • /
    • pp.469-478
    • /
    • 2019
  • Car-sharing services have been settled on as a new type of public transportation owing to their enhanced convenience, expanded awareness of practical consumption patterns, the inspiration for environmental conscientiousness, and the diffusion of smart phones following the economic crisis. With development of the market, many people have started using such services. However, security is still an issue. Damage is expected since IDs and passwords are required for log-in when renting and controlling the vehicles. The protocol suggested in this study uses bio-information, providing an optimized service, and convenient (but strong) authentication with various service-provider clouds registering car big data about users through brokers. If using the techniques suggested here, it is feasible to reduce the exposure of the bio-information, and to receive service from multiple service-provider clouds through one particular broker. In addition, the proposed protocol reduces public key operations and session key storage by 20% on mobile devices, compared to existing car-sharing platforms, and because it provides convenient, but strong, authentication (and therefore constitutes a secure channel), it is possible to proceed with secure communications. It is anticipated that the techniques suggested in this study will enhance secure communications and user convenience in the future car-sharing-service cloud environment.

Improved Single Packet Authentication and Network Access Control Security Management in Software Defined Perimeter (소프트웨어 정의 경계의 단일 패킷 인증 및 네트워크 접근통제 보안관리 개선)

  • Jung, Jin-kyo;Lee, Sang-ku;Kim, Young-Min
    • The Journal of the Korea Contents Association
    • /
    • v.19 no.12
    • /
    • pp.407-415
    • /
    • 2019
  • As the IT environment changes with cloud computing and smart work, the existing perimeter security model is showing its limitations and Software Defined Perimeter is being discussed as an alternative. However, SDP Spec 1.0 does not specify the device registration procedure, policy distribution process and authentication key generation and sharing process.In this paper, we propose a method to solve the problem of SDP access control by improving the operation procedure of Single Packet Authentication. This paper suggests that the proposed method can implement a consistent and automated integrated access control policy compared to the existing access control methods.

Draft Design of 2-Factor Authentication Technique for NFC-based Security-enriched Electronic Payment System (보안 강화를 위한 NFC 기반 전자결제 시스템의 2 팩터 인증 기술의 초안 설계)

  • Cha, ByungRae;Choi, MyeongSoo;Park, Sun;Kim, JongWon
    • Smart Media Journal
    • /
    • v.5 no.2
    • /
    • pp.77-83
    • /
    • 2016
  • Today, the great revolution in all financial industrial such as bank have been progressing through the utilization of IT technology actively, it is called the fintech. In this paper, we draw the draft design of NFC-based electronic payment and coupon system using FIDO framework to apply the 2 factor authentication technique for strength security. In detailed, we will study that the terminal device in front-end will be applied the 2 factor authentication and electric signature, and cloud-based payment gateway in back-end will be applied malicious code detection technique of distributed avoidance type.

OTP-Based Dynamic Authentication Framework for Virtual Machine Migration (가상머신 마이그레이션을 위한 OTP 기반 동적인증 프레임워크)

  • Lee, Eun-Ji;Park, Choon-Sik;Kwak, Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.2
    • /
    • pp.315-327
    • /
    • 2017
  • Security threats such as unauthorized access and data tampering can occur during the virtual machine migration process. In particular, since virtual machine migration requires users to transfer important data and infrastructure information, it is relatively risky to other cloud services in case of security threats. For this reason, there is a need for dynamic authentication for virtual machine migration. Therefore, this paper proposes an OTP-based dynamic authentication framework to improve the vulnerabilities of the existing authentication mechanism for virtual machine migration. It consists of a virtual machine migration request module and an operation module. The request module includes an OTP-based user authentication process and a migration request process to a data center when a user requests a migration. The operation module includes a secure key exchange process between the data centers using SPEKE and a TOTP-based mutual authentication process between the data center and the physical server.

Influence Factors of Innovation Resistance of Cloud Computing Service: Focus on Small and Medium Enterprises (클라우드 컴퓨팅 서비스의 혁신저항 영향요인: 중소기업을 대상으로)

  • Lee, Sanghoon;Choi, Jeong Min
    • Journal of Digital Convergence
    • /
    • v.18 no.12
    • /
    • pp.105-115
    • /
    • 2020
  • The purpose of this study is to investigate the factors influencing the innovation resistance of cloud computing services and to suggest policy alternatives to increase the use of domestic cloud computing services. For this, a survey was conducted on 178 SMEs that introduced cloud computing services with government support. As a result, technostress, CEO informatization leadership and organizational structure concentration had a significant influence on innovation resistance. Therefore, in the future, first, it is necessary to provide user-centered cloud computing services in the direction of reducing technostress. Second, it is necessary to apply cloud computing services through a deeper understanding of the organizational characteristics of each small and medium enterprise. Third, there is a need for advanced security authentication and a compensation system. In order to promote the use of cloud computing services, an environment in which users can safely use should be prepared first.

A Password-Based Searchable Encryption using Smart Cards (스마트 카드를 이용한 패스워드 기반의 검색 가능한 암호화 기술)

  • Lee, Dong-Kun;Rhee, Hyun-Sook;Lim, Jong-In
    • Journal of the Institute of Electronics Engineers of Korea CI
    • /
    • v.49 no.3
    • /
    • pp.56-61
    • /
    • 2012
  • User authentication is a necessity to set up secure system which only an authorized user can use various resource on the Internet. Encryption is to provide data privacy. Also, searchable encryption is to provide both data privacy and efficient management of data by searching with a keyword. The public key based searchable encryption requires in advance the authentication of user's public key as well as the secure management of a publlic/private key of a user, respectively. In cloud, it is purpose to use cloud various resources by using various devices, meanwhile, it is not sufficient resource that some devices manage public/private keys and certificates and it is not easy to implement these clients. To solve this problem, we propose a password-based saerchable encryption using smart cards which are temper-resistant devices.

Internal Network Partition Security Model Based Authentication using BlockChain Management Server in Cloud Environment (클라우드 환경에서 블록체인관리서버를 이용한 인증기반 내부망 분리 보안 모델)

  • Kim, Young Soo;Lee, Byoung Yup
    • The Journal of the Korea Contents Association
    • /
    • v.18 no.6
    • /
    • pp.434-442
    • /
    • 2018
  • Recently, the threat to the security and damage of important data leaked by devices of intranet infected by malicious code through the Internet have been increasing. Therefore, the partitioned intranet model that blocks access to the server for business use by implementing authentication of devices connected to the intranet is required. For this, logical net partition with the VDI(Virtual Desktop Infrastructure) method is no information exchange between physical devices connected to the intranet and the virtual device so that it could prevent data leakage and improve security but it is vulnerable to the attack to expose internal data, which has access to the server for business connecting a nonregistered device into the intranet. In order to protect the server for business, we suggest a blockchain based network partition model applying blockchain technology to VDI. It contributes to decrease in threat to expose internal data by improving not only capability to verify forgery of devices, which is the vulnerability of the VDI based logical net partition, but also the integrity of the devices.