• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.41-49
• /
• 2007

USIM(UMTS Subscriber Identity Module) technology that accept 3GPP(3rd Generation Partnership Project) standards for information security supports security function in 3GPP. Supported security functions of USIM are confidentiality of user identity, mutual authentication and key agreement between end user and network, confidentiality of user data and data integrity. It is very important technology in wireless network. It makes secure environment that user and service provider can use securely mobile service in network. In this paper, design and implementation USIM security module that supports common network access method and authentication protocol in 3GPP and WLAN(Wireless LAN) and AAA (3A-Authentication Authorization Accounting) server system based RADIUS.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.12 no.2
• /
• pp.295-300
• /
• 2017

AAA, an information-protective protocol authorizes the degree of service and rights to the user through a safe and reliable authentication. The protocol also systematically manages the accounting functions including billing, monitoring, and reporting using the user information. After a topology was created to design a network based on a router and server using RADIUS and TACACS+, a common virtual network was made using a packet tracker. This paper presents cases showing valid authentication through simulations.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.573-586
• /
• 2016

With the adoption of cloud computing, the number of companies that take advantage of cloud computing has increased. Additionally, various of existing service providers have moved their service onto the cloud and provided user with various cloud-based service. The management of user authentication and authorization in cloud-based service technology has become an important issue. This paper introduce a new technique for providing authentication and authorization with other inter-cloud IAM (Identity and Access Management). It is an essential and easy method for data sharing and communication between other cloud users. The proposed system uses the credentials of a user that has already joined an organization who would like to use other cloud services. When users of a cloud provider try to obtain access to the data of another cloud provider, part of credentials from IAM server will be forwarded to the cloud provider. Before the transaction, Access Agreement must be set for granting access to the resource of other Organization. a user can access the resource of other organization based on the control access configuration of the system. Using the above method, we could provide an effective and secure authentication system on the cloud.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.8B
• /
• pp.755-761
• /
• 2004

Currently, Wireless LAN(WLAN) service is widely deployed to provide high speed wireless Internet access through the mobile stations such as notebook and PDA. To provide enhanced security and user access control in the public WLAN area, WLAM access points should have the capability of IEEE 802.1x-based user authentication and authorization functionality. In this paper, we provide a brief understanding of IEEE 802. 1x standards and related protocols likeEAPoL(Extended Authentication Protocol Over LAN), EAP, RADIUS and describe how the IEEE 802.1x is designed and implemented in our embedded linux-based WLAN AP which is named i-WiNG.(Intelligent Wireless Internet Gateway).

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.3
• /
• pp.19-26
• /
• 2007

In recent rears. web portal system has received much attention as a user interface for the grid environment. Grid system uses symmetric key for authenticating user identity while the traditional portal system does a password-based authentication. Regarding this, many researches are progressing to integrate portal accounts with symmetric key. Specially. researches such as GAMA and PURSE are active and those focus on easy usability for users who familiar with password-based authentication. However the protection of data and resources is a critical issue in Grid environment, because those are shared through a wide-area network. In this paper, we suggest a new authentication mechanism which unify authentication mechanisms between portal system and grid service by using symmetric key. It will improve a security level in UI layer as much as in grid service.

• The KIPS Transactions:PartC
• /
• v.15C no.6
• /
• pp.455-468
• /
• 2008

In this paper, we propose FAS model for establishing trust based on digital certificates in Grid security framework. The existing RBAC(Role Based Access Control) model is extended to provide permissions depending on the users‘ roles. The FAS model is designed for a system independent integrated Grid security by detailing and extending the fundamental architecture of user, role, and permission. FAS decides each user’s role, allocates access right, and publishes attribute certificate. FAS is composed of three modules: RDM, PCM, and CCM. The RDM decides roles of the user during trust negotiation process and improves the existing low level Grid security in which every single user maps a single shared local name. Both PCM and CCM confirm the capability of the user based on various policies that can restrict priority of the different user groups and roles. We have analyzed the FAS strategy with the complexity of the policy graph-based strategy. In particular, we focused on the algorithm for constructing the policy graph. As a result, the total running time was significantly reduced.

• The Journal of the Korea Contents Association
• /
• v.9 no.1
• /
• pp.53-60
• /
• 2009

In home network environments, the user authentication and authorization associated user's information and usability may be important security issue. The OSGi service platform, a well-known home network gateway already specifies the mechanism of that. The traditional authority method provided OSGi implements simple RBAC(Role Based Access Control) model. This is difficult to support efficient access control. In this paper, we propose the dynamic RBAC model based on OSGi. The proposed method describes the extended framework that manage two roles named as absolute role and relative role, extend existed framework with relative role and propose programming model to enable dynamic access control. Finally, we implement the proposed framework using AspectJ and Java annotation.

• Journal of Korea Multimedia Society
• /
• v.8 no.2
• /
• pp.225-232
• /
• 2005

A PDA has limitation of storage space and inconvenience of Pen-based equipment to input. To solve these problems, this paper implemented that previous Speech Recognition provides using XML(extensile Markup Language) Web Service and PDA Client is possible to use speech command by request Speech Recognition Web Service. This system consists of Mobile Client and Speech Recognition Web Service Provider. The Mobile Client transmits user information and speech data to the Speech Recognition Web Service Provider using DIME(Direct Internet Message Encapsulation). The Speech Recognition Web Service Provider returns recognition results and user name only to an authorized Mobile Client. So We are able to use speech service without installing Speech Recognition or Speech DB in PDA.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.8 no.3
• /
• pp.528-534
• /
• 2007

As XML is becoming a standard for representation and exchange of abundant information on the Web, solutions for a secure and selective dissemination of XML data, known as SDI, are strongly demanded. Such trends are more outstanding especially in distributed heterogeneous environment such as Peer-to-Peer. Although many approaches have been proposed to provide secure and efficient SDI mechanisms, almost previous approaches have focused only on filtering with user profile and they adopt center-oriented administration approaches. It is therefore difficult to adapt them directly to the distributed Peer-to-Peer environments characterized by dynamic participation. In this paper, we develop a novel dissemination method, which makesuse of authorization policy and secret sharing scheme. It provides more secure, scalable means for XML dissemination on Peer-to-Peer networks.

• Journal of Internet Computing and Services
• /
• v.9 no.2
• /
• pp.61-68
• /
• 2008

Authentication for inter-NEMO rooming is on important issue for achieving the seamless mobile networking. In this proposal, the technical challenge lies in the fact that a visited network does not initially have the authentication credentials of a roaming mobile router. This paper proposes an efficient approach for providing AAA service in NEMO environment. This approach uses localized authentication based on the roaming agreement between ISPs. A public key certificate structure is proposed, tailored to the business model of wireless internet Service Providers (ISPs). In this approach, the mutual authentication between a visited network and a roaming user can be performed locally without any control with user's home network. In conclusion, our protocol shown that communication delay can be reduced by overuse 45% overhead in communication delay than the previous AAA approach.