• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.7 s.349
• /
• pp.50-59
• /
• 2006

The new communication paradigm is rapidly shifted from wireless mobile networks to an All-IP(Internet Protocol) network, led by service industry leaders and communication manufacturers. In this paradigm, providing authentication and session keys of a subscriber becomes one of the critical tasks because of IP open accessibility among heterogeneous networks. In this paper, we introduce authentication process procedure of heterogeneous wireless mobile networks and develop so-called IMAS(Integrated Mobile Authentication Server) which can securely inter-work among all mobile networks and support the legacy networks with backward compatibility. Especially, in designing IMAS, mobile authentication inter-working mechanism, key management technique, and other issues to be overcome are presented. We analyze and evaluate the performance of authentication algorithm which creates session key. A simulation environment of IMAS is established, and a performance(TPS; Transaction Per Second) result is analyzed and evaluated. It turned out that IMAS works among heterogeneous wireless mobile networks without compensating efficiency and functionalities of the legacy networks and decrease the entropy of data redundancy and data inconsistency among networks because of the integrity of the distributed Data Base(DB).

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.12C
• /
• pp.1288-1296
• /
• 2006

This paper proposes a fast authentication scheme based on hierarchical key structure (HiFA) for roaming mobile nodes in both intra-domain and inter-domain. The full authentication procedure standardized in IEEE 802.11 and 802.16 is difficult to be applied to a handover since it needs a heavy operation and long delay time during a handover. Though a number of schemes were proposed to solve the problem, the existing schemes might degrade the security of authentication or impose heavy administrative burden on the Pome authentication server. The main contribution of this paper is to reduce the communication and computation overhead of the home authentication sewer without degrading the security strength of the fast roaming authentication using hierarchical authentication key structure. The proposed scheme iii this paper decentralizes the administrative burden of the home authentication server to other network entities such as a local authentication server or access point and supports the security separation of the authentication key among local authentication servers using hash key chain.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.1
• /
• pp.75-82
• /
• 2018

As user of mobile device increases, various user authentication methods are actively researched. The user authentication methods includes a method of using a user ID and a password, a method of using user biometric feature, a method of using location based, and a method of authenticating secondary authentication such as OTP(One Time Password) method is used. In this paper, we propose a user system which improves the problem of existing authentication method and encryption can proceed in a way that user desires. The proposed authentication system is composed of an authentication factor collection module that collects authentication factors using a mobile device, a security key generation module that generates a security key by combining the collected authentication factors, and a module that performs authentication using the generated security key module.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2003.11a
• /
• pp.445-448
• /
• 2003

During a time when cellular systems are being deployed in massive scale worldwide, international roaming is becoming increasingly important. This paper presents UIM (User Identification Module) for mobility support, authentication, and service portability between different mobile systems. We also introduce network model based on PASM(Portable Authentication and Mobility Service Machine) which will support signaling protocol and user information conversions with database for roaming between different mobile networks. Stored data types and elements in UIM, logical data structure and configuration, and registration procedures are described here in the case of DCN (Digital CDMA (Code Division Multiple Access) Network System) and GSM (Global System for Mobile Communications).

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2009.01a
• /
• pp.298-302
• /
• 2009

This paper proposes a single sign-on scheme in which a mobile user offers his credential information to a home network running the OSGi (Open Service Gateway Initiative) service platform, to obtain user authentication and control a remote device through a mobile device using this authentication scheme, based on SAML (Security Assertion Markup Language). Especially by defining the single sign-on profile to overcome the handicap of the low computing and memory capability of the mobile device, we provide a clue to applying automated user authentication to control a remote device via a mobile device for distributed mobile environments such as a home network based on OSGi.

• The KIPS Transactions:PartC
• /
• v.11C no.3
• /
• pp.309-318
• /
• 2004

AAAv6-based Diameter method is using in the user authentication to satisfy the users' increasing user authentication demand and to supply a safe communication between mobile node and server in the Mobile IP. therefore, In this paper, We design a model of server capacity based on EAP-TLS that in one of AAAv6 models with mobility among domains to get the optimized capacity index of the server for user authentication accomplishment. We elicitat the authentication capacity index for each server of which is accomplishing in user authentication using DSA/RSA algorithm and purpose the optimized condition for the AAAv6 capacity by the index.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.2
• /
• pp.7-17
• /
• 2004

It requires that user have to verify and conform with user authentication Protocol on non-meet face to face internet services offered by mobile terminal which user make known user's own intention, and user be using the normal. It is more operation time authentication protocol than Access control Protocol. That is what need to be user authentication protocol have verified security. non-reputation, and improved high-performance in operation time for mobile terminal. In order to solve the above demand, in this paper, we would design for mobile terminal of TCP User Authentication ECC Algorithm Protocol with a performance test. Algorithm has 160 bit key and designed IPv4 & IPv6 frame architecture. We should conclude that the proposed protocol have more verified security, non-reputation, confidentiality, and improved high-performance in operation time of mobile terminal from 1 to 17 times than before.

• Journal of KIISE:Information Networking
• /
• v.33 no.3
• /
• pp.218-230
• /
• 2006

The enterprise service network is composed of internet, intranet and DMZ. The design rationale of Mobile IP is providing of seamless mobility transparency without regarding to the type of network topology and services. However, Mobile IP specification does not include the mobility support in case of using VPN environment and define the access scenarios to get into the VPN intranet without disturbing existing security policy. In this paper, we propose an authentication method using AAA infrastructure and keying material exchange to enable an user in internet to be able to access the intranet through the VPN gateway. Finally, performance analysis for the proposed scheme is provided.

• Journal of Internet Computing and Services
• /
• v.9 no.1
• /
• pp.1-8
• /
• 2008

IETF has proposed Fast Handovers for Mobile IPv6 (FMIPv6) for efficient mobility management, FMIPv6 has no solutions to protect binding updates. Previous researches have mainly concentrated on using AAA, public cerificates or cryptographic algorithms to secure binding updates. However the approaches need a particular infrastructure or a heavy processing cost to setup secure associations for handovers. Proposed scheem provides authentication for FMIPv6 without infrasturcture and costly cryptographic algorithms by extending Return Routability Protocol. Also proposed scheme is oble to be used for various existing handover mechanisms in IPv6 network.

• Journal of Internet Computing and Services
• /
• v.19 no.6
• /
• pp.31-40
• /
• 2018

With the development of IT technology recently, medical information systems are being constructed in an integrated u-health environment through cloud services, IoT technologies, and mobile applications. These kinds of medical information systems should provide the medical staff with authorities to access patients' medical information for emergency status treatments or therapeutic purposes. Therefore, in the medical information systems, the reliable and prompt authentication processes are necessary to access the biometric information and the medical information of the patients in charge of the medical staff. However, medical information systems are accessing with simple and static user authentication mechanism using only medical ID / PWD in the present system environment. For this reason, in this paper, we suggest a dynamic situation authentication mechanism that provides transparency of medical information access including various authentication factors considering patient's emergency status condition and dynamic situation authentication system supporting it. Our dynamic Situation Authentication is a combination of user authentication and mobile device authentication, which includes various authentication factor attributes such as emergency status, role of medical staff, their working hours, and their working positions and so forth. We designed and implemented a dynamic situation authentication system including emergency status decision, dynamic situation authentication, and authentication support DB construction. Finally, in order to verify the serviceability of the suggested dynamic situation authentication system, the medical staffs download the mobile application from the medical information server to the medical staff's own mobile device together with the dynamic situation authentication process and the permission to access medical information to the patient and showed access to medical information.