• Journal of Internet of Things and Convergence
• /
• v.4 no.2
• /
• pp.13-20
• /
• 2018

In this paper, we propose an authentication system that combines 'Single-Sign-On' and 'Token-based authentication' based on 'Block Chain' technology. We provide 'access control' function and 'integrity' by combining block-chain technology with single-sign-on authentication method and provided stateless self-contained authentication function using Token based authentication method. It was able to enhance the security by performing the encryption based Token issuance and authentication process and provided convenience of authentication to Web Server. As a result, we can provide token-based SSO authentication service efficiently by providing a convenient way to improve the cumbersome authentication process.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.8
• /
• pp.2061-2080
• /
• 2013

Roaming authentication protocol is widely used in wireless network which can enable a seamless service for the mobile users. However, the classical approach requires the home server's participation during the authentication between the mobile user and the foreign server. So the more the roaming requests are performed the heavier burden will be on the home server. In this paper, we propose a new roaming authentication framework for wireless communication without the home server's participation. The new roaming authentication protocol in the new framework takes advantage of the ID-based cryptography and provides user anonymity. It has good performance compared with the roaming authentication protocols whose authentication do not need the home server's participation in terms of security and computation costs. Moreover, a new User-to-User authentication protocol in the new framework is also present. All the authentications proposed in this paper can be regarded as a common construction and can be applied to various kinds of wireless networks such as Cellular Networks, Wireless Mesh Networks and Vehicle Networks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.8
• /
• pp.2772-2786
• /
• 2022

We had researched an automatic authentication-supported medical information platform[6]. The proposed automatic authentication consists of user authentication and mobile terminal authentication, and the authentications are performed simultaneously in patients' emergency conditions. In this paper, we studied on finding emergency conditions for the automatic authentication by applying big data processing and AI mechanism on the extended medical information platform with an added edge computing system. We used big data processing, SVM, and 1-Dimension CNN of AI mechanism to find emergency conditions as authentication means considering patients' underlying diseases such as hypertension, diabetes mellitus, and arrhythmia. To quickly determine a patient's emergency conditions, we placed edge computing at the end of the platform. The medical information server derives patients' emergency conditions decision values using big data processing and AI mechanism and transmits the values to an edge node. If the edge node determines the patient emergency conditions, the edge node notifies the emergency conditions to the medical information server. The medical server transmits an emergency message to the patient's charge medical staff. The medical staff performs the automatic authentication using a mobile terminal. After the automatic authentication is completed, the medical staff can access the patient's upper medical information that was not seen in the normal condition.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.9
• /
• pp.3615-3638
• /
• 2020

Node identity authentication is an essential means to ensure the security of the Internet of Things. Existing blockchain-based IoT node authentication schemes have many problems. A heterogeneous IoT node authentication scheme based on an improved hybrid blockchain is proposed. Firstly, the hybrid blockchain model is designed to make the blockchain and IoT environment more compatible. Then the proxy node selection mechanism is intended to establish a bridge between the ordinary IoT node and the blockchain, building by calculating the trust value between nodes. Finally, based on the improved hybrid blockchain, the node authentication scheme of the model and proxy node selection mechanism establishes a secure connection for communication between nodes. Safety and performance analysis shows proper safety and performance.

• Journal of KIISE:Computing Practices and Letters
• /
• v.9 no.5
• /
• pp.567-577
• /
• 2003

We usually applied PPP CHAP (Point-to-Point Protocol Challenge Handshake Authentication Protocol) when the visited ISP subscriber accesses to authentication server in own home ISP network and IP Assignment for remote Internet service. But PPP CHAP doesn't support in case of visited ISP subscriber in GPRS network accesses to authentication server in own home ISP network for wireless Internet service. We suggest solution this problem with PPP CHAP improvement. For this we propose the modified PPP CHAP message format, PCO Message format at MT, and interworking message and format between GGSN and RADIUS in home ISP network for wireless internet service of mobile ISP subscriber at GPRS network in this paper. We also show authentication results when visited mobile ISP subscriber via PPP CHAP at GPRS network accesses the RADIUS server in home ISP network.

• Journal of Internet Computing and Services
• /
• v.7 no.3
• /
• pp.83-91
• /
• 2006

In this paper, we improved a cryptography system model based on the secure initial authentication public key with PKINIT of authentication and key recovery protocol. It is applied to all fields of cryptography system using certificate. This study presents two mechanisms to authenticate between member users. The first mechanism is initial authentication and distribution of session key by public key cryptography based on certificate between entity and server, and the second mechanism is a key recovery support protocol considering loss of session key in the secure communication between application servers.

• International Journal of Internet, Broadcasting and Communication
• /
• v.8 no.3
• /
• pp.50-57
• /
• 2016

In 2013, Li et al. proposed an improved smart card-based remote user password authentication scheme, and claimed that their scheme not only overcomes security weaknesses of the Chen et al.'s scheme but also is a more user friendly scheme compared with other schemes. In this paper, we analyze the security of Li et al.'s authentication scheme and we show that Li et al.'s authentication scheme is still insecure against the various attacks, such as the off-line password guessing attack, the forgery attack, and the session key generation attack etc. Also, we propose an improved scheme that can resist these security drawbacks of Li et al.'s authentication, even if the secret information stored in the smart card is revealed. As a result of security analysis, the improved scheme is relatively more secure against several attacks than other related schemes in terms of the security.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.3
• /
• pp.1289-1310
• /
• 2016

Dynamic ID-based authentication solves the ID-theft problem by changing the ID in each session instead of using a fixed ID while performing authenticated key exchanges between communicating parties. User anonymity is expected to be maintained and the exchanged key kept secret even if one of the long-term keys is compromised in the future. However, in the conventional dynamic ID-based authentication scheme, if the server's long-term key is compromised, user anonymity can be broken or the identities of the users can be traced. In addition, these schemes are vulnerable to replay attacks, in which any adversary who captures the authentication message can retransmit it, and eventually cause the legitimate user to be denied service. This paper proposes a novel dynamic ID-based authentication scheme that preserves forward anonymity as well as forward secrecy and obviates replay attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.12
• /
• pp.6175-6189
• /
• 2019

To slove the security and efficiency problem of anonymous authentication in vehicular ad-hoc network (VANET), we adopt the bilinear pairing theory to propose an identity-based batch anonymous authentication scheme for VANET. The tamper-proof device in the on-board unit and the trusted authority jointly realize the anonymity of vehicle identity and the signature of messages, which further enhances the security of this scheme, as well as reduces the overhead of trusted authority. Batch authentication can improve the efficiency of anonymous authentication for VANET. Security and efficiency analyses demonstrate that this scheme not only satisfies such security properties as anonymity, non-forgeability and non-repudiation, but also has advantage in time and space complexity. Simulation results show that this scheme can achieve good performance in real-time VANET communication.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.6
• /
• pp.2005-2021
• /
• 2014

This paper proposes a novel image authentication scheme, aiming at tampering detection for block truncation coding (BTC) compressed image. The authentication code is generated by using the random number generator with a seed, and the size of the authentication code is based on the user's requirement, with each BTC-compressed image block being used to carry the authentication code using the data hiding method. In the proposed scheme, to obtain a high-quality embedded image, a reference table is used when the authentication code is embedded. The experimental results demonstrate that the proposed scheme achieves high-quality embedded images and guarantees the capability of tamper detection.