• Journal of the Korea Society of Computer and Information
• /
• v.6 no.4
• /
• pp.146-153
• /
• 2001

A new password authentication method Is proposed in this paper for the purpose of providing web page authors the convenience in deploying password-protected Web realms at a web server. According to this method. a web realm is mapped to a secret directory at the web server. in which access-controlled web pages are stored. A password is used to construct the name of the secret directory. A javaScript code is embedded in a sign-in web pageoutside the secret directory, which converts the user-entered password into the directory name and forms a complete URL pointing to an access-controlled web page inside the secret directory. Thus, only users knowing the password can compose a valid URL and retrieve the access-controlled web page. Using this method, web page authors can deploy password-protected web realms in a server-independent manner.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.12
• /
• pp.2171-2178
• /
• 2008

Recently, Network companies have introduced security solutions to protect the network from intrusions, attacks and viruses but the network has still weakness and vulnerability. It is time to bring more stable and reliable authentication system that would meet the Internet user's need. In this study, Current broadband networks don't have hierarchic and stable authentication solutions. And so, an integrated and hierarchic system is needed to provide a various kinds of application services. I'd like to present a new authentication system which is based on unified web authentication design. It will unit various authentication systems that have been deployed in various network environment and reinforce network security to provice a various kinds of application services in a stable and safe environment. that is a simple and more secure method for fighting a rise in card-not-present fraud.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.8
• /
• pp.1466-1477
• /
• 2016

Public key infrastructure(PKI), principle technology of the certificate, is a security technology providing functions such as identification, non-repudiation, and anti-forgery of electronic documents on the Internet. Our government and financial organizations use PKI authentication using ActiveX to prevent security accident on the Internet service. However, like ActiveX, plug-in technology is vulnerable to security and inconvenience since it is only serviceable to certain browser. Therefore, the research on HTML5 authentication system has been conducted actively. Recently, domestic bank introduced PKI authentication complying with web standard for the first time. However, it still has inconvenience to register a certification on each website because of same origin policy of web storage. This paper proposes the certificate based SSO protocol that complying with web standard to provide user authentication using certificate on several sites by going around same origin policy and its security proof.

• Journal of the military operations research society of Korea
• /
• v.36 no.1
• /
• pp.123-140
• /
• 2010

Interworking Web Application to share the resource between Battlefield Management Systems(BMS) is critical issues for accomplishment of information superior. However, authentication system of BMS differ from each other because of having the independent plan for system build. This problem causes inefficiency such as the information insufficiency owing to not share web application and the need of additional laptops. To solve the problem, in this paper, we propose the improved certificate acquisition and verification algorithm for the user of different BMS. By testing the proposed algorithm appling to the real field, we verify the performance of proposed method.

• Journal of Information Processing Systems
• /
• v.7 no.1
• /
• pp.187-198
• /
• 2011

User authentication refers to user identification based on something a user knows, something a user has, something a user is or something the user does; it can also take place based on a combination of two or more of such factors. With the increasingly diverse risks in online environments, user authentication methods are also becoming more diversified. This research analyzes user authentication methods being used in various online environments, such as web portals, electronic transactions, financial services and e-government, to identify the characteristics and issues of such authentication methods in order to present a user authentication level system model suitable for different online services. The results of our method are confirmed through a risk assessment and we verify its safety using the testing method presented in OWASP and NIST SP800-63.

• The Journal of Society for e-Business Studies
• /
• v.10 no.2
• /
• pp.89-108
• /
• 2005

The SOAP specifications are not provided a functions of information security, especially authentication function. In case of user authentication, delivery of the username and password elements can be exposed to sniffing/replay attack by malicious attacker. In this paper, we propose a new mechanism to protect authentication attacks for the SOAP messages. The proposed mechanism is compensated for weakness of S/KEY system. Our mechanism has no limitation for time and overhead and also provide a more effective and secure delivery.

• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.63-76
• /
• 2023

Identity and access management in cloud computing is one of the leading significant issues that require various security countermeasures to preserve user privacy. An authentication mechanism is a leading solution to authenticate and verify the identities of cloud users while accessing cloud applications. Building a secured and flexible authentication mechanism in a cloud computing platform is challenging. Authentication techniques can be combined with other security techniques such as intrusion detection systems to maintain a verifiable layer of security. In this paper, we provide an interactive, flexible, and reliable multi-factor authentication mechanisms that are primarily based on a proposed Authentication Method Selector (AMS) technique. The basic idea of AMS is to rely on the user's previous authentication information and user behavior which can be embedded with additional authentication methods according to the organization's requirements. In AMS, the administrator has the ability to add the appropriate authentication method based on the requirements of the organization. Based on these requirements, the administrator will activate and initialize the authentication method that has been added to the authentication pool. An intrusion detection component has been added to apply the users' location and users' default web browser feature. The AMS and intrusion detection components provide a security enhancement to increase the accuracy and efficiency of cloud user identity verification.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.4
• /
• pp.29-38
• /
• 2005

Because IEEE 802.11 has several security vulnerabilities, IEEE 802.11i was proposed and accepted. But IEEE 802.11i has much overhead for most of users for the web surfing. Besides not only node the authentication but also the packet authentication is needed to communicate. Although IEEE 802.11i uses TKIP(Temporal Key integrity Protocol) and CCMP(CTR with CBC-MAC Protocol), they have a lot of overheads. In this paper, Lightweight Packet Authentication(LIPA) is proposed. LIPA has less overhead and short delay so that it can be affordable for simple web-surfing which does not need stronger security. After comparing performances of LIPA with those of TKIP and CCMP, LIPA is more efficient than other schemes for transmitting packets.

• KIPS Transactions on Computer and Communication Systems
• /
• v.3 no.12
• /
• pp.463-478
• /
• 2014

Portal site is not only providing search engine and e-mail service but also various services including blog, news, shopping, and others. The fact that average number of daily login for Korean portal site Naver is reaching 300 million suggests that many people are using portal sites. With the increase in number of users followed by the diversity in types of services provided by portal sites, the attack is also increasing. Most of studies of password authentication is focused on threat and countermeasures, however, in this study, we analyse the security threats and security requirement of membership, login, password reset first phase, password reset second phase. Also, we measure security score with common criteria of attack potential. As a result, we compare password authentication system of domestic and abroad portal sites.

• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.43-53
• /
• 2019

Recently, a number of military intranet infiltrations suspected of North Korea have been discovered. There was a problem that a vulnerability could occur due to the modification of user authentication data that can access existing military information systems. In this paper, we applied mutual verification technique and API (Application Programming Interface) forgery / forgery blocking and obfuscation to solve the authentication weakness in web browsers that comply with FIDO (Fast IDentity Online) standard. In addition, user convenience is improved by implementing No-Plugin that does not require separate program installation. Performance tests show that most browsers perform about 0.1ms based on the RSA key generation rate. In addition, it proved that it can be used for commercialization by showing performance of less than 0.1 second even in the digital signature verification speed of the server. The service is expected to be useful for improving military information system security as an alternative to browser authentication by building a web secure storage.