• Title/Summary/Keyword: Enhanced Security

Search Result 595, Processing Time 0.022 seconds

Smart Card Based Password Authentication Scheme using Fuzzy Extraction Technology (퍼지추출 기술을 활용한 스마트 카드 기반 패스워드 인증 스킴)

  • Choi, Younsung
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.14 no.4
    • /
    • pp.125-134
    • /
    • 2018
  • Lamport firstly suggested password base authentication scheme and then, similar authentication schemes have been studied. Due to the development of Internet network technology, remote user authentication using smart card has been studied. Li et al. analyzed authentication scheme of Chen et al. and then, Li et al. found out the security weakness of Chen et al.'s scheme such forward secrecy and the wrong password login problem, and proposed an a new smart card based user password authentication scheme. But Liu et al. found out that Li et al.'s scheme still had security problems such an insider attack and man-in-the-middle attack and then Liu et al. proposed an efficient and secure smart card based password authentication scheme. This paper analyzed Liu et al.'s authentication and found out that Liu et al.'s authentication has security weakness such as no perfect forward secrecy, off-line password guessing attack, smart-card loss attack, and no anonymity. And then, this paper proposed security enhanced efficient smart card based password authentication scheme using fuzzy extraction technology.

Enhancing Mobile Platform Security with Virtualization Technologies (가상화를 이용한 모바일 플랫폼 보안성 향상 기술)

  • Kim, Jung-Han;Kim, Jee-Hong;Shin, Eun-Hwan;Eom, Young-Ik
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.21 no.1
    • /
    • pp.201-212
    • /
    • 2011
  • Smartphone devices are widely used because of recent improvements in hardware device, network infrastructure, and emergences in open mobile platforms. These changes provide various advantages and cause security problems. One of the solutions to prevent these problems is that applying of the virtualization technology to mobile environment ha., attracted attention. In this paper, we proposed the virtualization technology which is based on security-enhanced mobile platform scheme, for secure mobile environment based on the secure execution and process concealing technology.

Design of Security Module using Key Exchange Protocol in Digital Contents (키 교환 프로토콜을 이용한 디지털콘텐츠 보호 모듈 설계)

  • 권도윤;이경원;김정호
    • The Journal of the Korea Contents Association
    • /
    • v.3 no.3
    • /
    • pp.40-46
    • /
    • 2003
  • In the paper, designed digital contents security module to check unlawfulness reproduction and distribution of digital contents. This paper applied Diffie-Hellman algorithm that use discrete logarithm and random number as primary for public key application to create encryption key that agree each other through communication channel between DCPS and HOST, and applied Triple DES repeat DES 3 times through 2 different encryption key that is selecting ANSI X9.17 that is key management standard, ISO 8732 and PEM(Privacy-Enhanced Mail) etc. by secondary protection for safe transmission of digital contents in transmission line. Designed security module consist of key exchange module, key derivation module and copy protection processing module. Digital contents security module that design in this thesis checks reproduction and distribution of digital contents by unauthenticated user through user certification function and digital contents encryption function, and protect digital contents transmission line.

  • PDF

"Q-Bone", a 3rd Generation Blockchain Platform with Enhanced Security and Flexibility (보안성 및 범용성이 강화된 3세대 블록체인 플랫폼 "큐본")

  • Im, Noh-Gan;Lee, Yo-Han;Cho, Ji-Yeon;Lee, Seongsoo
    • Journal of IKEEE
    • /
    • v.24 no.3
    • /
    • pp.791-796
    • /
    • 2020
  • In this paper, "Q-Bone", a 3rd generation blockchain platform with enhanced security and flexibility, was developed. As a 3rd generation blockchain platform, it exploits BP (block producer) to increase processing speed. It has many advantages as follows. It improves both security and speed by mixing RSA (Rivest-Shamir-Adleman) and AES (advanced encryption standard). It improves flexibility by exploiting gateway to convert between apps and blockchain with different programming language. It increases processing speed by combining whole transactions into one block and distribute it when too many transactions occur. It improves search speed by inserting sequence hash into transaction data. It was implemented and applied to pet communication service and academy-instructor-student matching service, and it was verified to work correctly and effectively. Its processing speed is 3,357 transactions/second, which shows excellent performance.

The Mutual Authentication and Operation Methodology for an Enhanced Security and Operation of the IDL (국제통용운전면허증의 보안성과 운용성 강화를 위한 상호인증 및 운용 기법에 관한연구)

  • Jeon, Sang-Hoon;Jun, Moon-Suk
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.34 no.2B
    • /
    • pp.188-202
    • /
    • 2009
  • In the modern world, where the number of people moving from country to country is sharply increasing, domestic and international driver's licenses are easily fabricated or forged, and distinguishing if a driver's license is legitimate or not is often a difficult task. Furthermore, this would require different countries to mutually share and administer the driving records of individuals, making it a much more complex task (Added to it is the complicated matter of countries having to mutually share and administer the driving records of individuals.) However, the authenticity and security of a driver's license has become the first priority since driver's licenses are also used as identification cards in most countries, thus requiring measures to prevent inappropriate uses arising from theft and embezzlement. In this paper, we propose the mutual authentication mechanism which, can provide enhanced security and efficient operation that is administration of personal information contained within ISO Compliant Driving licence(IDL).

An Fingerprint Authentication Model of ERM System using Private Key Escrow Management Server (개인키 위탁관리 서버를 이용한 전자의무기록 지문인증 모델)

  • Lee, Yong-Joon;Jeon, Taeyeol
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.20 no.6
    • /
    • pp.1-8
    • /
    • 2019
  • Medical information is an important personal information for patients, and it must be protected. In particular, when medical personnel approach electronic medical records, authentication for enhanced security is essential. However, the existing public certificate-based certification model did not reflect the security characteristics of the electronic medical record(EMR) due to problems such as personal key management and authority delegation. In this study, we propose a fingerprint recognition-based authentication model with enhanced security to solve problems in the approach of the existing electronic medical record system. The proposed authentication model is an EMR system based on fingerprint recognition using PEMS (Private-key Escrow Management Server), which is applied with the private key commission protocol and the private key withdrawal protocol, enabling the problem of personal key management and authority delegation to be resolved at source. The performance experiment of the proposed certification model confirmed that the performance time was improved compared to the existing public certificate-based authentication, and the user's convenience was increased by recognizing fingerprints by replacing the electronic signature password.

A Design of Risk-Based Security Threat Assessment Process for Fighter-Aircraft Airworthiness Security Certification (전투기 감항 보안 인증을 위한 위험기반 보안위협 평가 프로세스 설계)

  • Kim, Hyunju;Kang, Dongsu
    • KIPS Transactions on Software and Data Engineering
    • /
    • v.8 no.6
    • /
    • pp.223-234
    • /
    • 2019
  • Cyber attacks are an important factor that determines the victory and defeat of Network-centric wars in which advanced weapon systems are highly interlinked. In addition the increasing dependability on software as its develop as the latest fighter is demanding enhanced security measures for fighter software to Cyber attacks. In this paper, we apply the DO-326A, which is an airworthiness security certification standard, to design a risk-based security threat assessment process by reflecting characteristics and operational environment of fighter aircraft. To do this, we add the following steps in security threat assessment stage of DO-326A's airworthiness security certification process. First, we derive security threats of fighter. And then, we scored the security threat in terms of possibility and impact on the fighter. Finally, we determine the security risk severity.

Factor analysis of VoIP Security Checklists using AHP (AHP를 이용한 VoIP 정보보호 점검항목의 중요도 분석)

  • Yoon, Seokung;Park, Haeryong;Yoo, Hyeong Seon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.5
    • /
    • pp.1115-1122
    • /
    • 2012
  • VoIP service is steadily growing due to the spread of smartphones, enhanced network, and various VoIP applications. But, VoIP has many security vulnerabilities because it is based on IP network. This paper analyzes the important weight of VoIP security checklists for incident prevention and response using AHP. The results of AHP analysis showed that network security, incident response, and access control were the most important in technical, administrative, physical standpoint. This study proposes factor analysis of VoIP security checklist at first time. By doing this, it will be used helpfully when VoIP service providers establish their own security policies and inspect their VoIP environment according to their security policies.

Security-Enhanced Local Process Execution Scheme in Cloud Computing Environments (클라우드 컴퓨팅 환경에서 보안성 향상을 위한 로컬 프로세스 실행 기술)

  • Kim, Tae-Hyoung;Kim, In-Hyuk;Kim, Jung-Han;Min, Chang-Woo;Kim, Jee-Hong;Eom, Young-Ik
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.5
    • /
    • pp.69-79
    • /
    • 2010
  • In the current cloud environments, the applications are executed on the remote cloud server, and they also utilize computing resources of the remote cloud server such as physical memory and CPU. Therefore, if remote server is exposed to security threat, every applications in remote server can be victim by several security-attacks. Especially, despite many advantages, both individuals and businesses often have trouble to start the cloud services according to the malicious administrator of the cloud server. We propose a security-enhanced local process executing scheme resolving vulnerability of current cloud computing environments. Since secret data is stored in the local, we can protect secret data from security threats of the cloud server. By utilizing computing resource of local computer instead of remote server, high-secure processes can be set free from vulnerability of remote server.

A Study on Cloud Network and Security System Analysis for Enhanced Security of Legislative Authority (입법기관의 보안강화를 위한 Cloud 네트워크 분석 및 보안 시스템 연구)

  • Nam, Won-Hee;Park, Dea-Woo
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.15 no.6
    • /
    • pp.1320-1326
    • /
    • 2011
  • National institutions on the importance of information security is being recognized, information security laws are being discussed in Congress 3.4 DDoS incident and Nonghyup hacking, etc. However, National Assembly Secretariat when the results of the Information Security Consulting has been assessed very low 61.2 points, evaluation of hardware and software in secure areas were vulnerable. This paper, the legislative support agencies National Assembly and National Assembly Secretariat on the network and computer systems, and managerial, technical and physical security elements are analyzed for the status. And network should have the legislative support agencies and system for the physical network separation, DDoS attack response, Virus attack response, hacking attacks response, and Cyber Emergency Response Team/Coordination Center for Cyber infringing design and research through the confidentiality, integrity, availability, access control, authentication and security analysis is based on the evaluation criteria. Through this study, the legislative support agencies to strengthen the security of data and security laws enacted to provide the basis for.