• Journal of KIISE:Information Networking
• /
• v.29 no.4
• /
• pp.368-374
• /
• 2002

In the third generation mobile telecommunication systems such as UMTS, one of the important problems for value-added services is to check the recoverability of costs used by a mobile user. Previous authentication and payment schemes for value-added services by a mobile user across multiple service domains, rely on the concept of the on-line TTP, which serves as the users certification authority. In the third generation systems with many service providers, a wide range of services, and a diverse user population, authentication mechanisms with the on-line TTP provide a far from ideal solution. In this paper we present an efficient public-key protocol for mutual authentication and key exchange designed for value-added services in the third generation mobile telecommunications systems. The proposed ticket based authentication and payment protocol provides an efficient way for VASP to check the recoverability of costs without communication with the on-line TTP Furthermore, the proposed ticket based protocol can provide anonymous service usage for a mobile user.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.11
• /
• pp.495-502
• /
• 2013

In this paper, we present an anonymous authentication and location assurance protocol for secure location-aware services over vehicular ad hoc networks (VANETs). In other to achieve our goal, we propose the notion of a location-aware signing key so as to strongly bind geographic location information to cryptographic function while providing conditional privacy preservation which is a desirable property for secure vehicular communications. Furthermore, the proposed protocol provides an efficient procedure based on hash chain technique for revocation checking to effectively alleviate communication and computational costs on vehicles in VANETs. Finally, we demonstrate comprehensive analysis to confirm the fulfillment of the security objectives, and the efficiency and effectiveness of the proposed protocol.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.12
• /
• pp.511-516
• /
• 2013

The cases of identification forgery and counterfeiting are increasing under the current identification system, which was established based on social conditions and administrative environments over 20 years ago. This leads to an increase of various criminal acts including illegal loan using fake ID and a number of damages caused out of good intentions that result in interference with the operations of public organizations. In addition, according to the advancement of information society, privacy protection has emerged as an important issue. However, ID card exposes individuals' personal information, such as names, resident registration numbers, photos, addresses and fingerprints, and thus the incidents associated with illegal use of personal information are increasing continuously. Accordingly, this study aimed at examining the issues of ID card forgery/counterfeiting and privacy protection and at proposing a next-generation identification system to supplement such weaknesses. The top priority has been set as prevention of forgery/counterfeiting and privacy protection in order to ensure the most important function of national identification system, which is user identification.

• ETRI Journal
• /
• v.35 no.3
• /
• pp.501-511
• /
• 2013

Protecting privacy is an important goal in designing location-based services. Service providers want to verify legitimate users and allow permitted users to enjoy their services. Users, however, want to preserve their privacy and prevent tracking. In this paper, a new framework providing users with more privacy and anonymity in both the authentication process and the querying process is proposed. Unlike the designs proposed in previous works, our framework benefits from a combination of three important techniques: k-anonymity, timed fuzzy logic, and a one-way hash function. Modifying and adapting these existing schemes provides us with a simpler, less complex, yet more mature solution. During authentication, the one-way hash function provides users with more privacy by using fingerprints of users' identities. To provide anonymous authentication, the concept of confidence level is adopted with timed fuzzy logic. Regarding location privacy, spatial k-anonymity prevents the users' locations from being tracked. The experiment results and analysis show that our framework can strengthen the protection of anonymity and privacy of users by incurring a minimal implementation cost and can improve functionality.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.8
• /
• pp.2827-2848
• /
• 2021

Mobile Crowdsourcing (MCS) has become an emerging paradigm evolved from crowdsourcing by employing advanced features of mobile devices such as smartphones to perform more complicated, especially spatial tasks. One of the key procedures in MCS is to collect answers from mobile users (workers), which may face several security issues. First, authentication is required to ensure that answers are from authorized workers. In addition, MCS tasks are usually location-dependent, so the collected answers could disclose workers' location privacy, which may discourage workers to participate in the tasks. Finally, the overhead occurred by authentication and privacy protection should be minimized since mobile devices are resource-constrained. Considering all the above concerns, in this paper, we propose a lightweight and privacy-preserving answer collection scheme for MCS. In the proposed scheme, we achieve anonymous authentication based on traceable ring signature, which provides authentication, anonymity, as well as traceability by enabling malicious workers tracing. In order to balance user location privacy and data availability, we propose a new concept named current location privacy, which means the location of the worker cannot be disclosed to anyone until a specified time. Since the leakage of current location will seriously threaten workers' personal safety, causing such as absence or presence disclosure attacks, it is necessary to pay attention to the current location privacy of workers in MCS. We encrypt the collected answers based on timed-release encryption, ensuring the secure transmission and high availability of data, as well as preserving the current location privacy of workers. Finally, we analyze the security and performance of the proposed scheme. The experimental results show that the computation costs of a worker depend on the number of ring signature members, which indicates the flexibility for a worker to choose an appropriate size of the group under considerations of privacy and efficiency.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.7C
• /
• pp.997-1006
• /
• 2004

The rapid expansion of the Internet has provided users with a diverse range of services. Most Internet users create many different IDs and passwords to subscribe to various Internet services. Thus, the SSO system has been proposed to supplement vulnerable security that may arise from inefficient management system where administrators and users manage a number of ms. The SSO system can provide heightened efficiency and security to users and administrators. Recently commercialized SSO systems integrate a single agent with the broker authentication model. However, this hybrid authentication system cannot resolve problems such as those involving user pre-registration and anonymous users. It likewise cannot provide non-repudiation service between joining objects. Consequently, the hybrid system causes considerable security vulnerability. Since it cannot provide security service for the agent itself, the user's private information and SSO system may have significant security vulnerability. This paper proposed an authentication model that integrates a broker authentication model, out of various authentication models of the SSO system, with a multi-agent system. The proposed method adopts a secure multi-agent system that supplements the security vulnerability of an agent applied to the existing hybrid authentication system. The method proposes an SSO authentication model that satisfies various security requirements not provided by existing broker authentication models and hybrid authentication systems.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.42 no.4 s.304
• /
• pp.25-32
• /
• 2005

The spread of mobile devices, PDAs and sensors has enabled the construction of ubiquitous computing environments, transforming regular physical spaces into 'Smart space' augmented with intelligence and enhanced with services. However, the deployment of this computing paradigm in real-life is disturbed by poor security, particularly, the lack of proper authentication and authorization techniques. Also, it is very important not only to find security measures but also to preserve user privacy in ubiquitous computing environments. In this Paper, we propose efficient user authentication and authorization model with anonymity for the privacy-preserving for ubiquitous computing environments. Our model is suitable for distributed environments with the computational constrained devices by using MAC-based anonymous certificate and security association token instead of using Public key encryption technique. And our Proposed Protocol is better than Kerberos system in sense of cryptographic computation processing.

• Electronics and Telecommunications Trends
• /
• v.23 no.4
• /
• pp.19-29
• /
• 2008

인터넷 이용이 활성화 되면서 각종 웹 서버에서의 개인정보 과다 수집 및 노출이 큰 이슈가 되고 있다. 인터넷이 우리 생활에 주는 편리함을 그대로 누리면서 개인정보를 보호할 수 있는 방안으로 익명 인증 기술이 있을 수 있다. 익명 인증은 익명성을 제공하는 디지털 서명을 이용한 인증 방법이다. 익명성을 제공하는 디지털 서명 방법은 전자화폐와 전자투표 시스템 등의 응용을 위해서 주로 연구되어 왔으나, 최근에는 인터넷 환경에서 개인정보 보호를 위한 익명 인증 방법의 하나로써 연구되고 있다. 본 고에서는 익명성을 제공하는 전자서명 방법에 관하여 소개하고, 이들 전자서명 방법 중 익명 인증을 위해서 가장 많은 연구가 되고 있는 그룹 서명 방법의 최근 연구동향에 관하여 기술하고자 한다.

• Review of KIISC
• /
• v.17 no.3
• /
• pp.32-40
• /
• 2007

유비쿼터스 서비스 인프라로 부각되고 있는 P2P(Peer-to-Peer) 네트워크는 사용자 제작 콘텐트, 동영상, 파일 등으로 대표되는 지식 콘텐트뿐만 아니라, 컴퓨터 및 네트워크 자원(Resource)을 다양한 환경에서 N 대 N의 형태로 상호 공유 및 분배할 수 있는 구조적 가능성을 제공하고 있다. 그러나 "Open, Dynamic, Anonymous" 등의 특성을 기반으로 하는 P2P 네트워크는 신뢰적 ID(Identity) 생성 및 관리 그리고 이의 적절한 인증에 대한 지원 없이는 현실적으로 잠재적인 보안 위협에 노출되는 제약이 따르게 된다. 한편, 최근 금융보안업계가 주축이 되어 일회용패스워드로 지칭되는 OTP(One Time Password) 인증 메커니즘(Authentication Mechanism)을 제 1 등급 보안방법으로 명시화하고 있고, 온라인 업계에서도 이를 활용하는 기술적 시도 및 개발 사례가 늘어나고 있어, OTP 기술의 보안성 검토 및 활용 범위를 확대하는 방안에 대한 논의의 필요성이 대두되고 있다. 본고에서는 이러한 기술적 흐름 및 산업계 동향에 발맞춰 P2P 네트워크에서 사용자 인증을 위해 OTP 메커니즘을 활용하기 위한 방안에 대해 검토하고 이의 적용 가능성을 분석한다.

• Journal of Information Processing Systems
• /
• v.9 no.3
• /
• pp.461-476
• /
• 2013

Recently, smart devices for various services have been developed using converged telecommunications, and the markets for near field communication mobile services is expected to grow rapidly. In particular, the realization of mobile NFC payment services is expected to go commercial, and it is widely attracting attention both on a domestic and global level. However, this realization would increase privacy infringement, as personal information is extensively used in the NFC technology. One example of such privacy infringement would be the case of the Google wallet service. In this paper, we propose an zero-knowledge proof scheme and ring signature based on NTRU for protecting user information in NFC mobile payment systems without directly using private financial information of the user.