• Title/Summary/Keyword: Cross Authentication

Search Result 40, Processing Time 0.026 seconds

XML-based Single Sign-On Scheme for Internet Protocol TV(IPTV)Services (IPTV 서비스 제공을 위한 XML 기반의 단일인증 구조)

  • Lee, Seung-Hun;Shin, Dong-Il;Shin, Dong-Kyoo
    • Journal of Broadcast Engineering
    • /
    • v.14 no.4
    • /
    • pp.463-474
    • /
    • 2009
  • By employing the subscriber concept in broadcasting services, IPTV (Internet Protocol Television) operators provide various grades of services to subscribers based on the billing level of the subscribers. With the income from subscribers for a basis, IPTV operators plan to provide high quality services. Since Web browser-based IPTV provides T-commerce and E-commerce services as well as television services, users may frequently visit other service domains to buy goods or content. To provide the user with charged or private services, these service domains request authentication of user. The existing authentication system is not appropriate for the IPTV service environment because the environment unavoidably forces the user to cross from one authentication-based service domain to another. Single sign-on provides a user with transparent authentication services by enabling an authenticated user to move between authentication-based service domains without any re-authentication. Like this distributed environment, since the IPTV service environment also provides a variety of authentication-based services, transparent authentication service needs to be provided to subscribers who want to access charged or private services. In this paper, we propose a new user authentication scheme for the IPTV environment. This scheme integrates the Security Assertion Markup Language (SAML), which is a standard for XML-based single sign on. We validate this scheme using a simple use case scenario.

Adaptive Cross-Device Gait Recognition Using a Mobile Accelerometer

  • Hoang, Thang;Nguyen, Thuc;Luong, Chuyen;Do, Son;Choi, Deokjai
    • Journal of Information Processing Systems
    • /
    • v.9 no.2
    • /
    • pp.333-348
    • /
    • 2013
  • Mobile authentication/identification has grown into a priority issue nowadays because of its existing outdated mechanisms, such as PINs or passwords. In this paper, we introduce gait recognition by using a mobile accelerometer as not only effective but also as an implicit identification model. Unlike previous works, the gait recognition only performs well with a particular mobile specification (e.g., a fixed sampling rate). Our work focuses on constructing a unique adaptive mechanism that could be independently deployed with the specification of mobile devices. To do this, the impact of the sampling rate on the preprocessing steps, such as noise elimination, data segmentation, and feature extraction, is examined in depth. Moreover, the degrees of agreement between the gait features that were extracted from two different mobiles, including both the Average Error Rate (AER) and Intra-class Correlation Coefficients (ICC), are assessed to evaluate the possibility of constructing a device-independent mechanism. We achieved the classification accuracy approximately $91.33{\pm}0.67%$ for both devices, which showed that it is feasible and reliable to construct adaptive cross-device gait recognition on a mobile phone.

A Study on Multi_Kerberos Authentication Mechanism based on Certificate (인증서기반의 Multi_Kerberos 인증시스템에 관한 연구)

  • Shin, Kwang-Cheul;Cho, Sung-Je
    • Journal of the Korea Society of Computer and Information
    • /
    • v.11 no.3
    • /
    • pp.57-66
    • /
    • 2006
  • In this paper. proposes Multi_Kerberos certification mechanism that improve certification service of based on PKINIT that made public in IETF CAT Working Group. This paper proposed to a certificate other realm because search position of outside realm through DNS and apply X.509 directory certification system, to get public key from DNS server by chain (CertPath) between realms by certification and key exchange way that provide service between realms applying X.509, DS/DNS of based on PKINIT, in order to provide regional services. This paper proposed mechanism that support efficient certification service about cross realm including key management. the path generation and construction of Certificate using Validation Server, and recovery of Session Key. A Design of Multi_Kerberos system that have effects simplify of certification formality that reduce procedures on communication.

  • PDF

The Sub Authentication Method For Driver Using Driving Patterns (운전 패턴을 이용한 운전자 보조 인증방법)

  • Jeong, Jong-Myoung;Kang, Hyung Chul;Jo, Hyo Jin;Yoon, Ji Won;Lee, Dong Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.5
    • /
    • pp.919-929
    • /
    • 2013
  • Recently, a variety of IT technologies are applied to the vehicle. However, some vehicle-IT technologies without security considerations may cause security problems. Specially, some researches about a smart key system applied to automobiles for authentication show that the system is insecure from replay attacks and modification attacks using a wireless signal of the smart key. Thus, in this paper, we propose an authentication method for the driver by using driving patterns. Nowadays, we can obtain driving patterns using the In-vehicle network data. In our authentication model, we make driving ppatterns of car owner using standard normal distribution and apply these patterns to driver authentication. To validate our model, we perform an k-fold cross validation test using In-vehicle network data and obtain the result(true positive rate 0.7/false positive rate is 0.35). Considering to our result, it turns out that our model is more secure than existing 'what you have' authentication models such as the smart key if the authentication result is sent to the car owner through mobile networks.

A Design of Safe AKA Module for Adapted Mobile Payment System on Openness SMART Phone Environment (개방형 스마트 폰 환경에 적합한 모바일 결제 시스템을 위한 안전한 AKA(Authentication Key Agreement) 모듈 설계)

  • Jeong, Eun-Hee;Lee, Byung-Kwan
    • Journal of Korea Multimedia Society
    • /
    • v.13 no.11
    • /
    • pp.1687-1697
    • /
    • 2010
  • The USIM-based AKA authentication process is essential to a mobile payment system on smart phone environment. In this paper a payment protocol and an AKA module are designed for mobile payment system which is suitable for openness smart phone environment. The payment protocol designs the cross authentication among components of the mobile payment system to improve the reliability of the components. The AKA module of mobile payment system based on 3GPP-AKA protocol prevents the exposure of IMSI by creating the SSK(Shared Secure Key) through advance registration and solves the SQN(SeQuence Number) synchronization problem by using timestamp. Also, by using the SSK instead of authentication vector between SN and authentication center, the existing bandwidth $(688{\times}N){\times}R$ bit between them is reduced to $320{\times}R$ bit or $368{\times}R$ bit. It creates CK and IK which are message encryption key by using OT-SSK(One-Time SSK) between MS and SN. In addition, creating the new OT-SSK whenever MS is connected to SN, it prevents the data replay attack.

A New Low-Cost Mutual Authentication Protocol in RFID based on Hash Function (해시함수 기반의 새로운 저비용 RFID 상호인증 프로토콜)

  • Bae, Woo-Sik;Lee, Jong-Yun;Kim, Sang-Choon
    • The Journal of Korean Association of Computer Education
    • /
    • v.14 no.1
    • /
    • pp.175-185
    • /
    • 2011
  • Recently RFID systems have been introduced in place of barcode systems to industries such as logistics, distribution, and manufacturing. Due to security vulnerabilities in wireless communication between the reader and tags, however, the authentication protocols for the communication have also been researched extensively. In order to solve the vulnerability of previously proposed protocols, this paper thus proposes an authentication protocol that satisfies the security requirements in the RFID system and minimizes the quantity of computation such as random number generation, transmitting the micro-time of databases. In addition, it is expected that the proposed cross authentication protocol is safe against replay attack, spoofing attack, traffic analysis, and eavesdropping attack when it is applied to the RFID system. Also, it has advantages such as providing a high level of security at a lower manufacturing cost.

  • PDF

A Study on The Mutually Authentication Mechanism for The Safe Electronic Signature (안전한 전자서명을 위한 상호인증 메커니즘에 관한 연구)

  • Choi, Sang-Wook;Chae, Cheol-Joo;Lee, Jae-Kwang
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2008.10a
    • /
    • pp.772-775
    • /
    • 2008
  • As the wireless communication technology developed, the Electric Commerce using a mobile was activated. WPKI was developed in order to guarantee the stability of the Electric Commerce but it is difficult to be ensured for the safe PKI service which is the same at the wire communication in the technical because of restriction of the mobile terminal. In this paper, we propose the authentication system for the electronic financial service which is safe and is effective in consideration of the restrictive characteristic of the mobile terminal. Moreover, the encryption algorithm for the safe electronic signature is proposed. In WPKI, this makes the cross certification of each certificate authority possible. Moreover, a stability was enhanced through the signature authentication using KCDSA and SEED algorithm.

  • PDF

Robust and Reversible Image Watermarking Scheme Using Combined DCT-DWT-SVD Transforms

  • Bekkouch, Souad;Faraoun, Kamel Mohamed
    • Journal of Information Processing Systems
    • /
    • v.11 no.3
    • /
    • pp.406-420
    • /
    • 2015
  • We present a secure and robust image watermarking scheme that uses combined reversible DWT-DCT-SVD transformations to increase integrity, authentication, and confidentiality. The proposed scheme uses two different kinds of watermarking images: a reversible watermark, $W_1$, which is used for verification (ensuring integrity and authentication aspects); and a second one, $W_2$, which is defined by a logo image that provides confidentiality. Our proposed scheme is shown to be robust, while its performances are evaluated with respect to the peak signal-to-noise ratio (PSNR), signal-to-noise ratio (SNR), normalized cross-correlation (NCC), and running time. The robustness of the scheme is also evaluated against different attacks, including a compression attack and Salt & Pepper attack.

Efficient Compression Schemes for Double Random Phase-encoded Data for Image Authentication

  • Gholami, Samaneh;Jaferzadeh, Keyvan;Shin, Seokjoo;Moon, Inkyu
    • Current Optics and Photonics
    • /
    • v.3 no.5
    • /
    • pp.390-400
    • /
    • 2019
  • Encrypted images obtained through double random phase-encoding (DRPE) occupy considerable storage space. We propose efficient compression schemes to reduce the size of the encrypted data. In the proposed schemes, two state-of-art compression methods of JPEG and JP2K are applied to the quantized encrypted phase images obtained by combining the DRPE algorithm with the virtual photon counting imaging technique. We compute the nonlinear cross-correlation between the registered reference images and the compressed input images to verify the performance of the compression of double random phase-encoded images. We show quantitatively through experiments that considerable compression of the encrypted image data can be achieved while security and authentication factors are completely preserved.

Inter-device Mutual authentication and Formal Verification in M2M Environment (M2M 환경에서 장치간 상호 인증 및 정형검증)

  • Bae, WooSik
    • Journal of Digital Convergence
    • /
    • v.12 no.9
    • /
    • pp.219-223
    • /
    • 2014
  • In line with the advanced wireless communication technology, M2M (Machine-to-Machine) communication has drawn attention in industry. M2M communication features are installed and operated in the fields where human accessibility is highly limited such as disaster, safety, construction, health and welfare, climate, environment, logistics, culture, defense, medical care, agriculture and stockbreeding. In M2M communication, machine replaces people for automatic communication and countermeasures as part of unmanned information management and machine operation. Wireless M2M inter-device communication is likely to be exposed to intruders' attacks, causing security issues, which warrants proper security measures including cross-authentication of whether devices are legitimate. Therefore, research on multiple security protocols has been conducted. The present study applied SessionKey, HashFunction and Nonce to address security issues in M2M communication and proposed a safe protocol with reinforced security properties. Notably, unlike most previous studies arguing for the security of certain protocols based on mathematical theorem proving, the present study used the formal verification with Casper/FDR to prove the safety of the proposed protocol. In short, the proposed protocol was found to be safe and secure.