• 제목/요약/키워드: Security Authentication

검색결과 2,521건 처리시간 0.031초

TETRA 인증 프로토콜 분석 (The Analysis of the TETRA Authentication Protocol)

  • 박용석;안재환;정창호;안정철
    • 한국정보통신학회:학술대회논문집
    • /
    • 한국해양정보통신학회 2006년도 춘계종합학술대회
    • /
    • pp.187-190
    • /
    • 2006
  • TETRA 시스템에서는 인가된 단말기만이 망에 접속하도록 하기 위해 단말기 인증 서비스를 제공한다. 단말기 인증이란 Challenge-response 프로토콜에 의해 단말기와 인증센터에 사전에 공유된 인증키가 일치하는지를 확인하는 과정이다. 본 논문에서는 TETRA 인증 시스템에서 인증키 생성/분배/주입 모델을 분석하고, 인증키의 노출로 인한 복제단말기의 위협을 분석한다.

  • PDF

사물인터넷 기기의 안전한 사용자 인증 방안에 관한 프레임워크 (Framework for Secure User Authentication of Internet of Things Devices)

  • 송용택;이재우
    • 한국전자거래학회지
    • /
    • 제24권2호
    • /
    • pp.217-228
    • /
    • 2019
  • 4차 산업혁명을 맞아 사물인터넷이 떠오르며 다양한 서비스가 생겨나고 편의성이 개선되었다. 사용빈도가 높아짐에 따라 개인정보의 유출 등과 같은 보안위협이 공존하게 되었으며 보안의 중요성이 증가하고 있다. 본 논문은 사물인터넷의 보안위협에 대해 분석하여 Fast IDentity Online(FIDO)을 사용한 사용자인증을 통하여 보안성을 강화하는 모델을 제시하고자 한다. 연구결과 향후 FIDO를 통한 2차 인증 도입을 통하여 강력한 사용자인증을 구현할 것을 제안한다.

Integration of PKI and Fingerprint for User Authentication

  • Shin, Sam-Bum;Kim, Chang-Su;Chung, Yong-Wha
    • 한국멀티미디어학회논문지
    • /
    • 제10권12호
    • /
    • pp.1655-1662
    • /
    • 2007
  • Although the PKl-based user authentication solution has been widely used, the security of it can be deteriorated by a simple password. This is because a long and random private key may be protected by a short and easy-to-remember password. To handle this problem, many biometric-based user authentication solutions have been proposed. However, protecting biometric data is another research issue because the compromise of the biometric data will be permanent. In this paper, we present an implementation to improve the security of the typical PKI-based authentication by protecting the private key with a fingerprint. Compared to the unilateral authentication provided by the typical biometric-based authentication, the proposed solution can provide the mutual authentication. In addition to the increased security, this solution can alleviate the privacy issue of the fingerprint data by conglomerating the fingerprint data with the private key and storing the conglomerated data in a user-carry device such as a smart card. With a 32-bit ARM7-based smart card and a Pentium 4 PC, the proposed fingerprint-based PKI authentication can be executed within 1.3second.

  • PDF

A Strong Biometric-based Remote User Authentication Scheme for Telecare Medicine Information Systems with Session Key Agreement

  • An, Younghwa
    • International Journal of Internet, Broadcasting and Communication
    • /
    • 제8권3호
    • /
    • pp.41-49
    • /
    • 2016
  • Recently, many biometrics-based user authentication schemes for telecare medicine information systems (TMIS) have been proposed to improve the security problems in user authentication system. In 2014, Mishra et al. proposed an improvement of Awasthi-Srivastava's biometric based authentication for TMIS which is secure against the various attacks and provide mutual authentication, efficient password change. In this paper, we discuss the security of Mishra et al.'s authentication scheme, and we have shown that Mishra et al.'s authentication scheme is still insecure against the various attacks. Also, we proposed the improved scheme to remove these security problems of Mishra et al.'s authentication scheme, even if the secret information stored in the smart card is revealed. As a result, we can see that the improved biometric based authentication scheme is secure against the insider attack, the password guessing attack, the user impersonation attack, the server masquerading attack and provides mutual authentication between the user and the telecare system.

An Improved Biometrics-based Password Authentication Scheme with Session Key Agreement

  • Yang, Hyungkyu
    • International Journal of Internet, Broadcasting and Communication
    • /
    • 제8권3호
    • /
    • pp.50-57
    • /
    • 2016
  • In 2013, Li et al. proposed an improved smart card-based remote user password authentication scheme, and claimed that their scheme not only overcomes security weaknesses of the Chen et al.'s scheme but also is a more user friendly scheme compared with other schemes. In this paper, we analyze the security of Li et al.'s authentication scheme and we show that Li et al.'s authentication scheme is still insecure against the various attacks, such as the off-line password guessing attack, the forgery attack, and the session key generation attack etc. Also, we propose an improved scheme that can resist these security drawbacks of Li et al.'s authentication, even if the secret information stored in the smart card is revealed. As a result of security analysis, the improved scheme is relatively more secure against several attacks than other related schemes in terms of the security.

Towards Smart Card Based Mutual Authentication Schemes in Cloud Computing

  • Li, Haoxing;Li, Fenghua;Song, Chenggen;Yan, Yalong
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제9권7호
    • /
    • pp.2719-2735
    • /
    • 2015
  • In the cloud environment, users pay more attentions to their data security since all of them are stored in the cloud server. Researchers have proposed many mutual authentication schemes for the access control of the cloud server by using the smart card to protect the sensitive data. However, few of them can resist from the smart card lost problem and provide both of the forward security and the backward security. In this paper, we propose a novel authentication scheme for cloud computing which can address these problems and also provide the anonymity for the user. The trick we use is using the password, the smart card and the public key technique to protect the processes of the user's authentication and key exchange. Under the Elliptic Curve Diffie-Hellman (ECDH) assumption, it is provably secure in the random oracle model. Compared with the existing smart card based authentication schemes in the cloud computing, the proposed scheme can provide better security degree.

의료 ICT융합 환경에서 안전한 사용자 관리를 위한 인증시스템 설계 및 구현: 중소형 의료기관을 중심으로 (Design and Implement of Authentication System for Secure User Management for Secure on Medical ICT Convergence Environment)

  • 김양훈;최연정
    • 융합보안논문지
    • /
    • 제19권3호
    • /
    • pp.29-36
    • /
    • 2019
  • 전통적인 산업과 ICT의 융합은 ICT에서 나타나는 보안 위협 및 취약점과 기존 산업의 특수한 산업 종속적인 문제점이 혼합되어 새로운 보안위협 및 취약점이 나타나고 있다. 특히, 의료ICT융합산업에서는 의료정보시스템을 중심으로 사용자 인증에 대한 다양한 문제가 파생되어, 오남용, 보안취약점에 악용되고 있는 실정이다. 이에 따라, 본 연구에서는 의료 ICT 융합환경에서 안전한 사용자 관리를 위한 사용자 인증시스템을 설계하고 프로토타입을 구현하였다. 구체적으로, 의료정보시스템을 중심으로 개인화 기기를 활용하여 사용자 인증을 수행함으로써 ID 공유로 나타나는 오남용과 보안 취약점을 해결하고, 개별 ID/PW 방식 인증의 불편함을 해소하기 위한 방안을 설계 및 프로타입을 구현하였다.

A Secure WLAN Authentication Scheme

  • Singh, Rajeev;Sharma, Teek Parval
    • IEIE Transactions on Smart Processing and Computing
    • /
    • 제2권3호
    • /
    • pp.176-187
    • /
    • 2013
  • Message replay, malicious Access Point (AP) associations and Denial of Service (DoS) attacks are the major threats in Wireless LANs. These threats are possible due to a lack of proper authentication and insecure message communications between wireless devices. Current wireless authentication & key exchange (AKE) schemes and security protocols (WEP, WPA and IEEE 802.11i) are not sufficient against these threats. This paper presents a novel Secure WLAN Authentication Scheme (SWAS). The scheme introduces the delegation concept of mobile authentication in WLANs, and provides mutual authentication to all parties (Wireless Station, Access Point and Authentication Server). The messages involved in the process serve both authentication and key refreshing purposes. The scheme enhances the security by protecting the messages through cryptographic techniques and reduces the DoS impact. The results showed that cryptographic techniques do not result in extra latencies in authentication. The scheme also reduces the communication cost and network overhead.

  • PDF

Design of User Authentication Mechanism based on WPKI

  • Lee Cheoi Seung;Park Do Jun;Shin Myung Souk;Lee Jeong Gi;Lee Joon
    • 대한전자공학회:학술대회논문집
    • /
    • 대한전자공학회 2004년도 학술대회지
    • /
    • pp.519-523
    • /
    • 2004
  • In this paper we challenge the user Authentication using KerberosV5 authentication protocol in WPKI environment. This paper is the security structure that defined in a WAP forum and security and watches all kinds of password related technology related to the existing authentication system. It looks up weakness point on security with a problem on the design that uses wireless public key based structure and transmission hierarchical security back of a WAP forum, and a server client holds for user authentication of an application layer all and all, and it provides one counterproposal. Therefore, We offer authentication way solution that connected X.509 V3 with using WIM for complement an authentication protocol KerberosV5 and its disadvantages.

  • PDF

Confidence Value Based Multi Levels of Authentication for Ubiquitous Computing Environments

  • Zheng He;Kwak Jin;Son Kyung-Ho;Lee Wan-Suk;Kim Seung-Joo;Won Dong-Ho
    • 한국정보보호학회:학술대회논문집
    • /
    • 한국정보보호학회 2006년도 하계학술대회
    • /
    • pp.329-333
    • /
    • 2006
  • New computing paradigm in ubiquitous computing environments is revolutionizing the way people interact with computers, services and the surrounding physical spaces. In order to provide stronger authentication, MIST proposed an authentication framework for ubiquitous computing environments and assigned confidence values to some authentication methods to facility the combining. However, the assigned confidence values lack sufficient evidence. In this paper reliable confidence values for each authentication method used in MIST is proposed. These confidence values can combine multiple confidence values in some manner, producing a more accurate net confidence value. Authentication entities with confidence values allows the authentication framework to blond nicely into ubiquitous computing environments.

  • PDF