• Title/Summary/Keyword: authentication system

Search Result 1,674, Processing Time 0.028 seconds

Designing Reliable P2P Transmission Mechanism Against MITM Attack (MITM 공격에 안전한 P2P 신뢰전송 메커니즘의 설계)

  • Kim, Sang-Choon;Kwon, Hyeonk-Chan;Nah, Jae-Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.4
    • /
    • pp.103-109
    • /
    • 2008
  • Many Internet application provide the PKI(public key infrastructure)-based service to provide authentication and message integrity. Several researchers proposed PKI-based p2p network framework. However, in the real world, the use of PKI is not suitable for peer to peer network, because the peer-to-peer network is an open and dynamic network. Moreover, currently there is no nation-to-nation interoperable certificate. In this paper, we designed reliable p2p file sharing application without public key infrastructure. To do this we propose reliable public key distribution mechanism to distribute public key safely without PKI infrastructure for two-tier super-peer architecture. In our system, each peer generates and distributes its public/private key pairs, and the public key is securely distributed without PKI. The proposed mechanism is safe against MITM attack. This mechanism can be applied various P2P applications such as file sharing, IPTV, distributed resource sharing and so on

Electronic Cash Schemes for EFT Using Smart Card (스마트카드를 이용한 새로운 전자현금 방식)

  • Youm, Heung-Youl;Lee, Seok-Lae;Rhee Man-Young
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.5 no.1
    • /
    • pp.37-50
    • /
    • 1995
  • The smart card with the cryptography and VLSI technologies makes it possible to implement the electronic cash easily. A number of electronic each schemes have been proposed by many cryptographic researchers. In this paper, we propose a practical electronic cash system, using blind digital signature scheme. Schnorr's authentication scheme based on the discrete logarithm problem, and the hierarchical cash tree based on two one-way hash functions for dividable payment. Thisf electronic cash scheme has such properties as privacy of the payment, off-line payment, non-reuseability of cash, transferability of cash to another customer, and dividable payment of cash. This electronic cash protocol is well suited for implementing in smart card.

Efficient authenticate protocol for very Low-Cost RFID (저가형 RFID 시스템을 위한 효율적인 인증 프로토콜)

  • Choi Eun Young;Choi Dong Hee;Lim Jong In;Lee Dong Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.15 no.5
    • /
    • pp.59-71
    • /
    • 2005
  • A RFID (Radio Frequency Identification) system receives attention as the technology which can realize the ubiquitous computing environment. However, the feature of the RFID tags may bring about new threats to the security and privacy of individuals. Recently, Juels proposed the minimalist cryptography for very low-cost RFID tags, which is secure. but only under the impractical assumption such that an adversary is allowed to eavesdrop only the pre-defined number of sessions. In this paper, we propose a scheme to protect privacy for very low-cost RFID systems. The proposed protocol uses only bit-wise operations without my costly cryptographic function such as hashing, encryption which is secure which is secure against an adversary who is allowed to eavesdrop transmitted message in every session any impractical assumption. The proposed scheme also is more efficient since our scheme requires less datas as well as few number of computations than Juels's scheme.

Influence Factors of Innovation Resistance of Cloud Computing Service: Focus on Small and Medium Enterprises (클라우드 컴퓨팅 서비스의 혁신저항 영향요인: 중소기업을 대상으로)

  • Lee, Sanghoon;Choi, Jeong Min
    • Journal of Digital Convergence
    • /
    • v.18 no.12
    • /
    • pp.105-115
    • /
    • 2020
  • The purpose of this study is to investigate the factors influencing the innovation resistance of cloud computing services and to suggest policy alternatives to increase the use of domestic cloud computing services. For this, a survey was conducted on 178 SMEs that introduced cloud computing services with government support. As a result, technostress, CEO informatization leadership and organizational structure concentration had a significant influence on innovation resistance. Therefore, in the future, first, it is necessary to provide user-centered cloud computing services in the direction of reducing technostress. Second, it is necessary to apply cloud computing services through a deeper understanding of the organizational characteristics of each small and medium enterprise. Third, there is a need for advanced security authentication and a compensation system. In order to promote the use of cloud computing services, an environment in which users can safely use should be prepared first.

Development of molecular markers for the differentiation of Angelica gigas Jiri line by using ARMS-PCR analysis (세발당귀(Angelica gigas Jiri)의 판별을 위한 ARMS-PCR용 분자표지 개발)

  • Lee, Shin-Woo;Lee, Soo Jin;Han, Eun-Hee;Shin, Yong-Wook;Kim, Yun-Hee
    • Journal of Plant Biotechnology
    • /
    • v.48 no.1
    • /
    • pp.26-33
    • /
    • 2021
  • Angelica is a widely used medicinal and perennial plant. Information on the genetic diversity of Angelica populations is essential for their conservation and germ plasmic utilization. Although Angelica is an important medicinal plant species registered in South Korea, no molecular markers are currently available to distinguish it from other similar species from different countries. This developed single nucleotide polymorphism (SNP) markers derived from nuclear ribosomal DNA internal transcribed spacer regions genomic sequences to identify distinct Korean-specific Angelica species via amplification refractory mutation system (ARMS)-PCR curve analyses. We performed molecular authentication of different kinds of Korean-specific Angelica species such as A. gigas Nakai and A. gigas Jiri using DNA sequences in the ITS intergenic region. The SNP markers developed in this study are useful for rapidly identifying specific Angelica species from different countr.

Cloud Security Scheme Based on Blockchain and Zero Trust (블록체인과 제로 트러스트 기반 클라우드 보안 기법)

  • In-Hye Na;Hyeok Kang;Keun-Ho Lee
    • Journal of Internet of Things and Convergence
    • /
    • v.9 no.2
    • /
    • pp.55-60
    • /
    • 2023
  • Recently, demand for cloud computing has increased and remote access due to home work and external work has increased. In addition, a new security paradigm is required in the current situation where the need to be vigilant against not only external attacker access but also internal access such as internal employee access to work increases and various attack techniques are sophisticated. As a result, the network security model applying Zero-Trust, which has the core principle of doubting everything and not trusting it, began to attract attention in the security industry. Zero Trust Security monitors all networks, requires authentication in order to be granted access, and increases security by granting minimum access rights to access requesters. In this paper, we explain zero trust and zero trust architecture, and propose a new cloud security system for strengthening access control that overcomes the limitations of existing security systems using zero trust and blockchain and can be used by various companies.

Single Sign On between Grid Portal and Web applications on MGrid (MGrid에서 그리드 포털과 웹 어플리케이션의 통합인증)

  • Heo, Dae-Young;Hwang, Dae-Bok;Hwang, Sun-Tae
    • Journal of the Korea Society of Computer and Information
    • /
    • v.14 no.12
    • /
    • pp.1-8
    • /
    • 2009
  • Grid services offer SSO(single sign-on) mechanism using GSI(grid security infrastructure) based on X.509. However. portal applications in web environment use ID and password model for single sign-on. Grid portals means a system which provides grid services by integrating portlet contents on single web interface. In existing research such as GAMA and PURSE, SSO for a whole grid portal is figured out in the way that user is authenticated by ID and password in front and call grid service via GSI at back-end. Other types of web applications outside of portlet framework cannot unfortunately access grid service in SSO way in the existing researches, because the SSO mechanism is developed for portlet framework only. In this paper, we suggest a SSO mechanism based on ID and password model, which forwards authentication information and a GSI token for grid access among portlets and grid-enabled web applications. This mechanism is applied to MGrid for SSO, which consists of applications of java web start, applet, servlet, and etc. as also as portlets.

Software Development Process for Project Complexity and Size (프로젝트 난이도와 규모에 따른 소프트웨어 개발 프로세스)

  • Yoon, Seok-Min;Kim, In-Sik
    • Journal of the Korea Society of Computer and Information
    • /
    • v.14 no.6
    • /
    • pp.33-40
    • /
    • 2009
  • In this thesis, for the assessment of software development process for project complexity and project size : one of digital watermarking algorithm is selected and examined. Digital watermarking provides a solution to illegal copying of digital contents and has many other useful applications, including web broadcast monitoring, transaction tracking, authentication, copy control and device control. This thesis focused on the method for customizing software development path, considering the project environments and characteristics. The selection standard of software development path is composed of process items, based on the ISO/IEC 15721 Information Technology Guide for ISO/IEC 12207 (Software Life Cycle Process) and ISO/IEC 15504 Information technology - Process assessment. To evaluate the algorithm, a system for selecting development path, which reflected algorithm, was examined.

Study on Zero Trust Architecture for File Security (데이터 보안을 위한 제로 트러스트 아키텍처에 대한 연구)

  • Han, Sung-Hwa;Han, Joo-Yeon
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2021.10a
    • /
    • pp.443-444
    • /
    • 2021
  • Security threats to information services are increasingly being developed, and the frequency and damage caused by security threats are also increasing. In particular, security threats occurring inside the organization are increasing significantly, and the size of the damage is also large. A zero trust model has been proposed as a way to improve such a security environment. In the zero trust model, a subject who has access to information resources is regarded as a malicious attacker. Subjects can access information resources after verification through identification and authentication processes. However, the initially proposed zero trust model basically focuses on the network and does not consider the security environment for systems or data. In this study, we proposed a zero trust-based access control mechanism that extends the existing zero trust model to the file system. As a result of the study, it was confirmed that the proposed file access control mechanism can be applied to implement the zero trust model.

  • PDF

Research on User-Centric Inter-Organizational Collaboration (UCICOIn) framework (사용자 제어 기반 다중 도메인 접근 제어에 대한 연구)

  • Sunghyuck Hong
    • Journal of Industrial Convergence
    • /
    • v.21 no.12
    • /
    • pp.37-43
    • /
    • 2023
  • In today's business landscape, collaboration and interoperability are crucial for organizational success and profitability. However, integrating operations across multiple organizations is challenging due to differing roles and policies in Identity and Access Management (IAM). User-centric identity (UCI) adopts a personalized approach to digital identity management, centering on the end-user for authentication and access control. It provides a decentralized system that ensures secure and customized access for each user. UCI aims to address complex security challenges by aligning access privileges with individual user requirements. This research delves into UCI's ability to streamline resource access amidst conflicting IAM roles and protocols across various organizations. The study presents a UCI-based multi-domain access control (MDAC) framework, which encompasses an ontology, a unified method for articulating access roles and policies across domains, and software services melding with UCI infrastructure. The goal is to enhance organizational resource management and decision-making by offering clear guidelines on access roles and policy management across diverse domains, ultimately boosting companies' return on investment.