• 한국산학기술학회논문지
• /
• 제17권7호
• /
• pp.319-325
• /
• 2016

핀테크의 활성화로 모바일 결제를 위한 다양한 기반 서비스들이 개발되고 있다. 각종 결제 방식이 개발되고, 결제의 신뢰성을 향상시키기 위한 인증 방식이 개발되고 있다. 그러나, 모바일 간편 결제 서비스 시, 전화번호에 의해 인증이 이루어지므로 누출 가능성이 있어 보안이 취약하다. 따라서, 본 논문에서는 전화번호 기반의 인증과정을 개선하기 위해 모바일 디바이스의 고유한 식별자인 디바이스 ID를 활용하여 인증 과정의 신뢰성을 높이기 위한 방안을 제안한다. 핵심 연구 내용은 모바일 디바이스 ID를 기반으로 모바일 결제 인증을 위한 아키텍쳐와 인증 프로세스이다. 모바일 결제 아키텍쳐는 모바일 디바이스, 인증 서비스, 그리고 모바일 결제 어플리케이션으로 구성된다. 모바일 디바이스는 모바일 디바이스 ID와 전화번호로 구성하며, 인증 서버는 인증 모듈과 암호화 모듈로 구성된다. 모바일 결제 서비스는 사전 인증 모듈과 복호화 모듈로 구성된다. 모바일 결제 서비스의 프로세스는 모바일 디바이스, 인증 서버, 그리고 모바일 결제 어플리케이션 간에 암호화된 인증 정보(디바이스 ID, 전화번호, 인증 번호)에 의해 처리된다. 모바일 디바이스는 전화번호와 디바이스 ID를 인증 서버로 전달하며, 인증 서버는 인증 과정과 암호화 과정을 통해 사용자를 인증한다. 모바일 결제 어플리케이션은 전달받은 인증 번호에 대해 복호화를 통해 사전 인증 과정을 수행한다. 본 논문의 인증 서버의 인증 과정과 모바일 결제 서비스의 사전 인증 과정을 통해 기존 결제 서비스의 인증 번호 누출에 의한 위험을 예방할 수 있는 차별성을 제공할 것이다.

• 한국정보기술응용학회:학술대회논문집
• /
• 한국정보기술응용학회 2005년도 6th 2005 International Conference on Computers, Communications and System
• /
• pp.277-280
• /
• 2005

With the proliferation of mobile terminals, use of the Internet in mobile environments is becoming more common. To support mobility in these terminals, Mobile IPv4 is proposed and represents the standard in IPv4 environments. Authentication should be mandatory, because mobile terminals can utilize Internet services in any foreign domain. Mobile IPv4 provides symmetric key based authentication using the default HMAC-MD5. However, symmetric key based authentication creates a key distribution problem. To solve this problem, public key based authentication mechanisms have been proposed. In this paper, the performance of each of these mechanisms is evaluated. The results present that, among these mechanisms, partial certificate based authentication has superior performance, and certificate based authentication has the worst performance. Although current public key based authentication mechanisms have lower performance than symmetric key based authentication, this paper presents the possibility that public key based authentication mechanisms may be used for future mobile terminal authentication.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제6권1호
• /
• pp.131-146
• /
• 2012

As one of the four basic technologies of IOT (Internet of Things), M2M technology whose advance could influence on the technology of Internet of Things has a rapid development. Mobile Payment is one of the most widespread applications in M2M. Due to applying wireless network in Mobile Payment, the security issues based on wireless network have to be solved. The technologies applied in solutions generally include two sorts, encryption mechanism and authentication mechanism, the focus in this paper is the authentication mechanism of Mobile Payment. In this paper, we consider that there are four vital things in the authentication mechanism of Mobile Payment: two-way authentication, re-authentication, roaming authentication and inside authentication. Two-way authentication is to make the mobile device and the center system trust each other, and two-way authentication is the foundation of the other three. Re-authentication is to re-establish the active communication after the mobile subscriber changes his point of attachment to the network. Inside authentication is to prevent the attacker from obtaining the privacy via attacking the mobile device if the attacker captures the mobile device. Roaming authentication is to prove the mobile subscriber's legitimate identity to the foreign agency when he roams into a foreign place, and roaming authentication can be regarded as the integration of the above three. After making a simulation of our proposed authentication mechanism and analyzing the existed schemes, we summarize that the authentication mechanism based on the mentioned above in this paper and the encryption mechanism establish the integrate security framework of Mobile Payment together. This makes the parties of Mobile Payment apply the services which Mobile Payment provides credibly.

• 한국정보통신학회논문지
• /
• 제9권7호
• /
• pp.1524-1528
• /
• 2005

In this paper, we analyses of a traffic for authentication signaling in third generation mobile sensor network. In universal mobile telecommunication system, authentication functions are utilized to identify and authentication a mobile station and validate the service request network services. The authenticating parties are the authentication the serving general packet radio service support node access the authentication center to obtain the authentication with the mobile station. In this paper, we propose that the automatic cost-effective solution size of the authentication vector array.

• 한국정보통신학회:학술대회논문집
• /
• 한국해양정보통신학회 2005년도 추계종합학술대회
• /
• pp.275-279
• /
• 2005

In this paper, we analyses of a traffic for authentication signaling in third generation mobile sensor network. In universal mobile telecommunication system, authentication functions are utilized to identify and authentication a mobile station and validate the service request network services. The authenticating parties are the authentication the serving general packet radio service support node access the authentication center to obtain the authentication with the mobile station. In this paper, we propose that the automatic cost-effective solution size of the authentication vector array.

• 산업기술연구
• /
• 제27권B호
• /
• pp.43-51
• /
• 2007

In mobile multi-hop wireless networks, the authentication between a base station and a mobile multi-hop node, between multi-hop nodes, and between user a station and a multi-hop node is needed for the reliable and secure network operation. In this paper, we survey various authentication schemes which can be considered to be adopted in mobile multi-hop wireless networks and propose a concept of novel mutual authentication scheme applicable to mobile multi-hop network architecture. The scheme should resolve the initial trust gain problem of a multi-hop node at its entry to the network, the problem of rogue mobile multi-hop node and the problem of hop-by-hop authentication between multi-hop nodes. Effectively, the scheme is a hybrid scheme of the distributed authentication method and the centralized authentication method which are considered to be deployed in the wireless ad-hoc network and the wireless network connected to wired authentication servers, respectively.

• Journal of information and communication convergence engineering
• /
• 제14권2호
• /
• pp.89-96
• /
• 2016

In mobile communication, there are various types of handoff for the support of all forms of mobility. Proxy mobile IPv6 (PMIPv6) enables local network-based mobility management of a mobile node without any effect of mobility-related signaling. Recently, PMIPv6 has been considered for supporting mobility management in LTE/SAE-based mobile networks. To support seamless mobility in heterogeneous mobile networks, the overall cost of handoffs needs to be minimized and the procedure should be guaranteed to be secure. However, the reduction of the authentication cost has not been fully investigated to provide seamless connectivity when mobile users perform a handoff between the PMIPv6 domains. This paper proposes secure pre-authentication schemes, completing an authentication procedure before performing a handoff, for a fast handoff in PMIPv6. Analytic models have been used for measuring the authentication latency and for the overhead cost analysis. In addition to providing fast authentication, the proposed pre-authentication schemes can prevent threats such as replay attacks and key exposure.

• 대한전기학회:학술대회논문집
• /
• 대한전기학회 2007년도 심포지엄 논문집 정보 및 제어부문
• /
• pp.261-263
• /
• 2007

Authentication is a mechanism to establish proof of identities, the authentication process ensure that. Who a particular user is. Nowadays PC and laptop user authentication systems are always done once a hold until s explicitly revoked by the user, or asking the user to frequently reestablish his identity which encouraging him to disable authentication. Zero-Interaction Authentication (ZIA) provides solution to this problem. In ZIA,. a user wears a small authentication token that communicates with a laptop over a short-range, wireless link. ZIA combine authentication with a file encryption. Here we proposed a Laptop-user Authentication Based Mobile phone (LABM). In our model of authentication, a user uses his Bluetooth-enabled mobile phone, which work as an authentication token that provides the authentication for laptop over a Bluetooth wireless link, m the concept of transient authentication with our combining It with encryption file system. The user authenticate to the mobile phone infrequently. In turn, the mobile phone continuously authenticates to the laptop by means of the short-range, wireless link.

• 정보보호학회논문지
• /
• 제13권2호
• /
• pp.107-114
• /
• 2003

본 논문에서는 DIAMETER AAA(Authentication, Authorization and Accounting) 하부 구조를 가지고 Mobile IP 액세스 기법을 사용하는 cdma2000 패킷 데이터 서비스에서 W(mobile node)와 AAAH(home AAA server)간의 상호 인증과 Mobile IP 개체들간에 안전한 세션키 분배를 위한 방법을 제안한다. 제안된 프로토콜은 DIAMETER AAA 하부 구조를 가정하며 c의 비효율성을 개선하고, 인증과 키 분배 프로토콜의 안전성 요구 사항들을 모두 만족한다. 또한 1xEV-DO에 대한 패킷 데이터 세션 하이재킹 공격을 방지하기 위해 제안된 기법에 의해 분배된 키를 1xEV-DO 무선 인터페이스 패킷 데이터 보안을 위한 키 생성에 적용한다.

• 정보보호학회논문지
• /
• 제18권3호
• /
• pp.97-107
• /
• 2008

본 논문은 MANEMO 환경에서 액세스 라우터의 임시 인증서를 이용한 이동 라우터 간의 상호인증 기법을 제안한다. 기존 NEMO에서는 AAA 서버를 사용하여 이동 라우터를 인증하기 때문에 중첩된 이동 네트워크 레벨이 증가할수록 인증시간과 인증 메시지의 오버헤드가 증가하는 문제가 있다. 본 논문에서 제안된 방법은 액세스 라우터가 자신의 개인키로 서명한 임시 인증서를 이동 라우터에게 발급하여 중첩된 이동 네트워크에 속한 이동 라우터 간에 AAA 서버를 사용하지 않고 상호인증 하는 방법으로 AAA 서버를 사용하는 방법보다 인증시간이 적게 들고 인증 메시지의 오버헤드를 줄일 수 있다.