• Journal of the Korea Society of Computer and Information
• /
• v.26 no.9
• /
• pp.89-96
• /
• 2021

In this paper, we analyzed that the user authentication scheme for TMIS(Telecare Medicine Information System) proposed by Al-Saggaf et al. In 2019, Al-Saggaf et al. proposed authentication scheme using biometric information, Al-Saggaf et al. claimed that their authentication scheme provides high security against various attacks along with very low computational cost. However in this paper after analyzing Al-Saggaf et al's authentication scheme, the Al-Saggaf et al's one are missing random number s from the DB to calculate the identity of the user from the server, and there is a design error in the authentication scheme due to the lack of delivery method. Al-Saggaf et al also claimed that their authentication scheme were safe against a variety of attacks, but were vulnerable to password guessing attack using login request messages and smart cards, session key exposure and insider attack. An attacker could also use a password to decrypt the stored user's biometric information by encrypting the DB with a password. Exposure of biometric information is a very serious breach of the user's privacy, which could allow an attacker to succeed in the user impersonation. Furthermore, Al-Saggaf et al's authentication schemes are vulnerable to identity guessing attack, which, unlike what they claimed, do not provide significant user anonymity in TMIS.

• The KIPS Transactions:PartC
• /
• v.19C no.1
• /
• pp.29-38
• /
• 2012

Due to rapid spread of smart phones and SNS(Social Network Service), using of Internet applications has increased and taking up bandwidth more than 3G network's capacity recently. This caused reduction of speed and service quality, and occurred strong needs that backbone network company to increasing investment costs. Also a great rise of mobile network users causing identity management problems on mobile service provider through mobile network. This paper proposes advanced IDM3G[1] - to solve user ID management and security problems on mobile internet application services over 3G network and more - authentication management protocol. $I^2DM$ protocol breakup loads which made by existing IDM3G protocol's mutual authentication via mobile operator, via sending some parts to internet application service provider, enhancing mobile and ID management of service provider and network load and process load from information handling and numbers of transmitting packets, to suggest more optimized protocol against further demanding of 3G mobile network.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.53 no.8
• /
• pp.28-36
• /
• 2016

ID federation provides users various benefits such as employing multiple services with only single authentication and mitigating management burden of service providers that individually preserve account information of users. To keep up with this international trend, efforts for making the domestic ID federation is ongoing to provide users in the domestic research and education community seamless network connectivity and to support tetherless extension of research environment. In this paper, we analyze the foreign ID federation policies and compare them as a underlying work for making the domestic ID federation. Besides, we suggest some contents that should be included in the domestic ID federation policy. To activate the coming domestic ID federation, we need to first have a well-made federation policy. Then, we need to aggressively promote the domestic ID federation, develop various and fascinating services, and build a convenient support system for technology and service.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.149-152
• /
• 2002

본 논문에서는 하드웨어의 Serail Number를 사용하여 보다 대중성 있고, 이동성이 있는 인증방법에 대하여 제안하였다. 서론에서는 컴퓨터 내부와 외부에 연결되는 Device ID들과 관련하여 각각의 선택에 대한 장단점을 알아보았고, 다음으로 이동성을 향상시키기 위해 대중화된 Device를 사용하는 것에 대해 말하였고, 대중화된 Device들을 사용하여 어떻게 적용을 시키는지에 대해 알아보았다. 마지막으로 본 논문이후로 연구되어야하는 부분에 대해 알아보았다. Wolfram Research에서 만들어진 Mathematica라는 프로그램에서 사용되는 Machine ID에 대하여 먼저 알아보았고, Machine ID를 사용하여 일반 유지들이 사용하고 있는 인터넷 뱅킹 등에 사용되는 인증서를 보다 안전하고 이동성 있게 사용할 수 있는 방안으로 클라이언트에서 서버로 인증서가 확인이 된 후, 서버에서 다시 클라이언트로 갱신된 인증서를 보내어, 사용자는 갱신된 인증서에서만 다음 번 접속이 가능하도록 하였다.

• Journal of Internet Computing and Services
• /
• v.21 no.4
• /
• pp.25-34
• /
• 2020

In the current medical information system, a system environment is constructed in which Biometric data generated by using IoT or medical equipment connected to a patient can be stored in a medical information server and monitored at the same time. Also, the patient's biometric data, medical information, and personal information after simple authentication using only the ID / PW via the mobile terminal of the medical staff are easily accessible. However, the method of accessing these medical information needs to be improved in the dimension of protecting patient's personal information, and provides a quick authentication system for first aid. In this paper, we implemented an automatic authentication system based on the patient's situation and evaluated its performance. Patient's situation was graded into normal and emergency situation, and the situation of the patient was determined in real time using incoming patient biometric data from the ward. If the patient's situation is an emergency, an emergency message including an emergency code is send to the mobile terminal of the medical staff, and they attempted automatic authentication to access the upper medical information of the patient. Automatic authentication is a combination of user authentication(ID/PW, emergency code) and mobile terminal authentication(medical staff's role, working hours, work location). After user authentication, mobile terminal authentication is proceeded automatically without additional intervention by medical staff. After completing all authentications, medical staffs get authorization according to the role of medical staffs and patient's situations, and can access to the patient's graded medical information and personal information through the mobile terminal. We protected the patient's medical information through limited medical information access by the medical staff according to the patient's situation, and provided an automatic authentication without additional intervention in an emergency situation. We performed performance evaluation to verify the performance of the implemented automatic authentication system.

• Journal of Convergence Society for SMB
• /
• v.6 no.3
• /
• pp.57-64
• /
• 2016

Since the information transmitted in VANET is distributed in an open access environment, the security problem is one of the most critical issue in VANET. For the communicate efficiently in VANET, each RSU(Roadside Unit) or OBU(On-Board Units) need certain features that will help them to gather information, to inform their neighbors and to make decisions by considering all of the collected information. In this paper, we propose a novel authentication scheme guaranteeing secure RSUs to OBUs of VANET in highway used the ID-based authentication scheme. We show a usefulness and effectiveness of proposed authentication scheme after compared with previous works.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.3
• /
• pp.190-198
• /
• 2013

Since the facilities for the remote users tend to be deployed in distributed manner, authentication schemes for multi-server communication settings, which provide various web services, are required for real-world applications. A typical way to authenticate a remote user relies on password authentication mostly. However, this method is vulnerable to attacks and inconvenient as the system requires users to maintain different identities and corresponding passwords. On the other hand, the user can make use of a single password for all servers, but she may be exposed to variants of malicious attacks. In this paper, we propose an efficient and secure authentication scheme based on a brokered authentication along with smart-cards in multi-server environment. Further we show that our scheme is secure against possible attacks and analyze its performance with respect to communication and computational cost.

• The KIPS Transactions:PartC
• /
• v.18C no.6
• /
• pp.397-404
• /
• 2011

Recently the existing one-way electricity system that combines information and communications technology to develop smart grid technology is made active. The core infrastructure of the smart grid, AMI smart meters to AMR system, the amount of power measured at the top to MDMS transmits data store. Smart meters utilizing information and communication technology to transfer data and power because of the existing security threats are expected, including the additional security threats. It exposes the privacy of consumers and industrial systems, such as paralysis is likely to result in the loss. In this paper to respond to these security threats in the environment smart grid. Also, We propose data transfer methods between smartmeter and MDMS and between home device and MDMS.

• Convergence Security Journal
• /
• v.18 no.4
• /
• pp.3-10
• /
• 2018

Each online user should perform a separate registration and manage his ID and password for each online commerce or SNS service. Since a common secret is shared between the user and the SNS server, the server compromise induces the user privacy breach and financial loss. In this paper, it is considered that the user's authentication material is shared between multiple SNS servers for user authentication. A blockchain service architecture based on Hyperledger Fabric is proposed for each user to utilize an identical ID and OTP using the enhanced hash-chain-based OTP.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.5
• /
• pp.73-92
• /
• 2005

Joux's tripartite key agreement protocol is one of the most prominent developments in the area of key agreement. Although certificate-based and ID-based authentication schemes have been proposed to provide authentication for Joux's protocol, no provably secure password-based one round tripartite key agreement protocol has been proposed yet. We propose a secure one round password-based tripartite key agreement protocol that builds on Joux's protocol and adapts PAK-EC scheme for password-based authentication, and present a proof of its security.