• Title/Summary/Keyword: Security Token

Search Result 152, Processing Time 0.029 seconds

Anonymous Qualification Verifying Method on Web Environment (웹 환경에서 익명성을 제공하는 자격증명 방법)

  • Lee, Yun-Kyung;Hwang, Jung-Yeon;Chung, Byung-Ho;Kim, Jeong-Nyeo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.21 no.5
    • /
    • pp.181-195
    • /
    • 2011
  • There's a controversy about an invasion of privacy which includes a leakage of private information and linking of user's behavior on internet. Although many solutions for this problem are proposed, we think anonymous authentication, authorization, and payment mechanism is the best solution for this problem. In this paper, we propose an effective anonymity-based method that achieves not only authentication but also authorization. Our proposed method uses anonymous qualification certificate and group signature method as an underlying primitive, and combines anonymous authentication and qualification information. An eligible user is legitimately issued a group member key pair through key issuing process and issued some qualification certificates anonymously, and then, he can take the safe and convenience web service which supplies anonymous authentication and authorization. The qualification certificate can be expanded according to application environment and it can be used as payment token.

Securing Sensitive Data in Cloud Storage (클라우드 스토리지에서의 중요데이터 보호)

  • Lee, Shir-Ly;Lee, Hoon-Jae
    • Annual Conference of KIPS
    • /
    • 2011.04a
    • /
    • pp.871-874
    • /
    • 2011
  • The fast emerging of network technology and the high demand of computing resources have prompted many organizations to outsource their storage and computing needs. Cloud based storage services such as Microsoft's Azure and Amazon's S3 allow customers to store and retrieve any amount of data, at anytime from anywhere via internet. The scalable and dynamic of the cloud storage services help their customer to reduce IT administration and maintenance costs. No doubt, cloud based storage services brought a lot of benefits to its customer by significantly reducing cost through optimization increased operating and economic efficiencies. However without appropriate security and privacy solution in place, it could become major issues to the organization. As data get produced, transferred and stored at off premise and multi tenant cloud based storage, it becomes vulnerable to unauthorized disclosure and unauthorized modification. An attacker able to change or modify data while data inflight or when data is stored on disk, so it is very important to secure data during its entire life-cycle. The traditional cryptography primitives for the purpose of data security protection cannot be directly adopted due to user's lose control of data under off premises cloud server. Secondly cloud based storage is not just a third party data warehouse, the data stored in cloud are frequently update by the users and lastly cloud computing is running in a simultaneous, cooperated and distributed manner. In our proposed mechanism we protect the integrity, authentication and confidentiality of cloud based data with the encrypt- then-upload concept. We modified and applied proxy re-encryption protocol in our proposed scheme. The whole process does not reveal the clear data to any third party including the cloud provider at any stage, this helps to make sure only the authorized user who own corresponding token able to access the data as well as preventing data from being shared without any permission from data owner. Besides, preventing the cloud storage providers from unauthorized access and making illegal authorization to access the data, our scheme also protect the data integrity by using hash function.

A Study on the Blockchain based Frequency Allocation Process for Private 5G (블록체인 기반 5G 특화망 주파수 할당 프로세스 연구)

  • Won-Seok Yoo;Won-Cheol Lee
    • The Journal of Korea Institute of Information, Electronics, and Communication Technology
    • /
    • v.16 no.1
    • /
    • pp.24-32
    • /
    • 2023
  • The current Private 5G use procedure goes through the step of application examination, use and usage inspection, and can be divided in to application, examination step as a procedure before frequency allocation, and use, usage inspection step as a procedure after frequency allocation. Various types of documents are required to apply for a Private 5G, and due to the document screening process and radio station inspection for using Private 5G frequencies, the procedure for Private 5G applicants to use Private 5G is complicated and takes a considerable amount of time. In this paper, we proposed Frequency Allocation Process for Private 5G using a blockchain platform, which is fast and simplified than the current procedure. Through the use of a blockchain platform and NFT (Non-Fungible Token), reliability and integrity of the data required in the frequency allocation process were secured, and security of frequency usage information was maintained and a reliable Private 5G frequency allocation process was established. Also by applying the RPA system that minimizes human intervention, fairness was secured in the process of allocating Private 5G. Finally, the frequency allocation process of Private 5G based on the Ethereum blockchain was performed though a simulation.

Authentication Mechanism Using Three-Dimensional Optical Memory (3차원 광메모리를 이용한 인증 기법)

  • Park, CheolYong;Ryou, JaeCheol
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.6
    • /
    • pp.1361-1373
    • /
    • 2016
  • Recently the need for user authentication with increasing, there are a variety of mechanisms, such as password, graphic authentication, token, biometrics and multiple authentication. in particular, the data of the 2-dimensional(2D) factors such as password, graphic authentication, biometrics is used because of the convenience. The stored information is problematic in that additional data recording needs to be performed whenever authentication data is updated. Furthermore, this storage method is problematic in that the time it takes to perform authentication increases because the time it takes to compare storage data with authentication data increases in proportion to an increase in the amount of the storage data. Accordingly, authentication through the rapid comparison of storage data with authentication data is a very important factor in data recording and authentication technology using memory. Using the three-dimensional(3D) optical memory by variously changing the recoding elements during recoding of data constitutes the way that multiple recoding different data storage. This enables high-density recoding in this way, and by applying the possible parallel processing at the time of recording and restoring method, provided that it is possible to quickly record and restore the data. In addition, each time to solve problems that require additional data recorded by a combination of the stored data record in the old data using a combination of the authentication. The proposed mechanism is proposed an authentication method using scheme after the recoding data in 3D optical memory to apply the conditions corresponding to the recoding condition when restoring the recorded data and through the experiment it was confirmed possible application as an authentication mechanism.

Enhanced and Practical Alignment Method for Differential Power Analysis (차분 전력 분석 공격을 위한 향상되고 실제적인 신호 정렬 방법)

  • Park, Jea-Hoon;Moon, Sang-Jae;Ha, Jae-Cheol;Lee, Hoon-Jae
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.5
    • /
    • pp.93-101
    • /
    • 2008
  • Side channel attacks are well known as one of the most powerful physical attacks against low-power cryptographic devices and do not take into account of the target's theoretical security. As an important succeeding factor in side channel attacks (specifically in DPAs), exact time-axis alignment methods are used to overcome misalignments caused by trigger jittering, noise and even some countermeasures intentionally applied to defend against side channel attacks such as random clock generation. However, the currently existing alignment methods consider only on the position of signals on time-axis, which is ineffective for certain countermeasures based on time-axis misalignments. This paper proposes a new signal alignment method based on interpolation and decimation techniques. Our proposal can align the size as well as the signals' position on time-axis. The validity of our proposed method is then evaluated experimentally with a smart card chip, and the results demonstrated that the proposed method is more efficient than the existing alignment methods.

Vulnerabilities Analysis of the OTP Implemented on a PC (PC에 탑재된 OTP의 취약점 분석)

  • Hong, Woo-Chan;Lee, Kwang-Woo;Kim, Seung-Joo;Won, Dong-Ho
    • The KIPS Transactions:PartC
    • /
    • v.17C no.4
    • /
    • pp.361-370
    • /
    • 2010
  • OTP(One Time Password) is a user authentication using secure mechanism to authenticate each other in a way to generate a password, an attacker could intercept the password to masquerade as legitimate users is a way to prevent attacks. The OTP can be implemented as H/W or S/W. Token and card type OTP, implemented as H/W, is difficult to popularize because of having problem with deployment and usability. As a way to replace it implemented as S/W on Mobile or PC is introduced. However, S/W products can be target of malicious attacks if S/W products have vulnerability of implementation. In fact, FSA said the OTP implemented on a mobile have vulnerability of implementation. However, the OTP implemented on a PC have no case about analysis of vulnerability. So, in this paper derive security review and vulnerabilities analysis of implemented on a PC.

Design and Implementation of Facial Biometric Data based User Authentication System using One-Time Password Generation Mechanism (얼굴 정보 기반 일회용 패스워드 생성 메커니즘을 이용한 사용자 인증 시스템 설계 및 구현)

  • Jang, Won-Jun;Lee, Hyung-Woo
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.12 no.4
    • /
    • pp.1911-1918
    • /
    • 2011
  • Internet banking, electronic financial services and internet telephony service can be available on smart phone recently. In this case, more robust authentication mechanisms should be provided for enhancing security on it. In this study, a facial biometric ID based one-time password generation mechanism is designed and implemented for enhancing user authentication on smart phone. After capturing a facial biometric data using camera module on smart phone, it is sent to server to generate one-time biometric ID. Finally one-time password will be generated by client module after receiving the one time biometric ID based challenge token from the server. Using proposed biometric ID based one-time password mechanism, it is possible for us to provide more secure user authentication service on smart phone for SIP protocol.

Survey on Analysis and Countermeasure for Hacking Attacks to Cryptocurrency Exchange (암호화폐 거래소 해킹 공격 분석 및 해결 방안 연구: 서베이)

  • Hong, Sunghyuck
    • Journal of the Korea Convergence Society
    • /
    • v.10 no.10
    • /
    • pp.1-6
    • /
    • 2019
  • As the value of technical information increases, hacking attacks are trying to steal technical information through hacking. Recently, hacking of cryptocurrency exchanges is much easier to monetize than existing technical information, making it a major attack target for hackers. In the case of technical information, it is required to seize the technical information and sell it to the black market for cashing.In the case of cryptocurrency, most hacking attacks are concentrated on cryptocurrency exchanges because it is easy to cash out and not easy to track when successful hacking. Although technology cannot be hacked, cryptocurrency transactions traded on cryptocurrency exchanges are not recorded on the blockchain which is simply internal exchanges, so insiders may manipulate the quotes and leave gaps or leak out. Therefore, this research analyzes the recent hacking attacks of cryptocurrency exchanges and proposes solutions to secure cryptocurrency trading.

Multi User-Authentication System using One Time-Pseudo Random Number and Personal DNA STR Information in RFID Smart Card (RFID 스마트카드내 DNA STR Information과 일회용 의사난수를 사용한 다중 사용자 인증시스템)

  • Sung, Soon-Hwa;Kong, Eun-Bae
    • The KIPS Transactions:PartC
    • /
    • v.10C no.6
    • /
    • pp.747-754
    • /
    • 2003
  • Thia paper suggests a milti user-authentication system comprises that DNA biometric informatiom, owner's RFID(Radio Frequency Identification) smartcard of hardware token, and PKI digital signqture of software. This system improved items proposed in [1] as follows : this mechanism provides one RFID smartcard instead of two user-authentication smartcard(the biometric registered seal card and the DNA personal ID card), and solbers user information exposure as RFID of low proce when the card is lost. In addition, this can be perfect multi user-autentication system to enable identification even in cases such as identical twins, the DNA collected from the blood of patient who has undergone a medical procedure involving blood replacement and the DNA of the blood donor, mutation in the DNA base of cancer cells and other cells. Therefore, the proposed system is applied to terminal log-on with RFID smart card that stores accurate digital DNA biometric information instead of present biometric user-authentication system with the card is lost, which doesn't expose any personal DNA information. The security of PKI digital signature private key can be improved because secure pseudo random number generator can generate infinite one-time pseudo randon number corresponding to a user ID to keep private key of PKI digital signature securely whenever authenticated users access a system. Un addition, this user-authentication system can be used in credit card, resident card, passport, etc. acceletating the use of biometric RFID smart' card. The security of proposed system is shown by statistical anaysis.

A case study of blockchain-based public performance video platform establishment: Focusing on Gyeonggi Art On, a new media art broadcasting station in Gyeonggi-do (블록체인 기반 공연영상 공공 플랫폼 구축 사례 연구: 경기도 뉴미디어 예술방송국 경기아트온을 중심으로)

  • Lee, Seung Hyun
    • Journal of Service Research and Studies
    • /
    • v.13 no.1
    • /
    • pp.108-126
    • /
    • 2023
  • This study explored the sustainability of a blockchain-based cultural art performance video platform through the construction of Gyeonggi Art On, a new media art broadcasting station in Gyeonggi-do. In addition, the technical limitations of video content transaction using block chain, legal and institutional issues, and the protection of personal information and intellectual property rights were reviewed. As for the research method, participatory observation methods such as in-depth interviews with developers and operators and participation in meetings were conducted. The researcher participated in and observed the entire development process, including designing and developing blockchain nodes, smart contracts, APIs, UI/UX, and testing interworking between blockchain and content distribution services. Research Question 1: The results of the study on 'Which technology model is suitable for a blockchain-based performance video content distribution public platform?' are as follows. 1) The blockchain type suitable for the public platform for distribution of art performance video contents based on the blockchain is the private type that can be intervened only when the blockchain manager directly invites it. 2) In public platforms such as Gyeonggi ArtOn, among the copyright management model, which is an art based on NFT issuance, and the BC token and cloud-based content distribution model, the model that provides content to external demand organizations through API and uses K-token for fee settlement is suitable. 3) For public platform initial services such as Gyeonggi ArtOn, a closed blockchain that provides services only to users who have been granted the right to use content is suitable. Research question 2: What legal and institutional problems should be reviewed when operating a blockchain-based performance video distribution public platform? The results of the study are as follows. 1) Blockchain-based smart contracts have a party eligibility problem due to the nature of blockchain technology in which the identities of transaction parties may not be revealed. 2) When a security incident occurs in the block chain, it is difficult to recover the loss because it is unclear how to compensate or remedy the user's loss. 3) The concept of default cannot be applied to smart contracts, and even if the obligations under the smart contract have already been fulfilled, the possibility of incomplete performance must be reviewed.