• 제목/요약/키워드: device authentication

검색결과 432건 처리시간 0.027초

Security Improvement of User Authentication Protocol for Heterogeneous Wireless Sensor Networks for the Internet of Things Environment (Heterogeneous Wireless Sensor Networks 환경에서의 안전한 사용자 인증 프로토콜)

  • Lee, Young sook
    • Convergence Security Journal
    • /
    • 제21권1호
    • /
    • pp.55-62
    • /
    • 2021
  • Recently, the use of sensor devices is gradually increasing. As various sensor device emerge and the related technologies advance, there has been a dramatic increase in the interest in heterogeneous wireless sensor networks (WSNs). While sensor device provide us many valuable benefits, automatically and remotely supported services offered and accessed remotely through WSNs also exposes us to many different types of security threats. Most security threats were just related to information leakage and the loss of authentication among the involved parties: users, sensors and gateways. An user authentication protocol for wireless sensor networks is designed to restrict access to the sensor data only to user. In 2019, Chen et al. proposed an efficient user authentication protocol. However, Ryu et al. show that it's scheme still unstable and inefficient. It cannot resist offline password guessing attack and session key attack. In this paper, we propose an improved protocol to overcome these security weaknesses by storing secret data in device. In addition, security properties like session-key security, perfect forward secrecy, known-key security and resistance against offline password attacks are implied by our protocol.

Secure Authentication with Mobile Device for Ubiquitous RFID Healthcare System in Wireless Sensor Networks

  • Kim, Jung-Tae
    • Journal of information and communication convergence engineering
    • /
    • 제9권5호
    • /
    • pp.562-566
    • /
    • 2011
  • As telecommunication technologies in telemedicine services are developed, the expeditious development of wireless and mobile networks has stimulated wide applications of mobile electronic healthcare systems. However, security is an essential system requirement since many patients have privacy concerns when it comes to releasing their personal information over the open wireless channels. Due to the invisible feature of mobile signals, hackers have easier access to hospital networks than wired network systems. This may result in several security incidents unless security protocols are well prepared. In this paper, we analyzed authentication and authorization procedures for healthcare system architecture to apply secure M-health systems in the hospital environment. From the analyses, we estimate optimal requirements as a countermeasure to its vulnerabilities.

Implementation of Telebiometrics Application System Using Mobile Device

  • Shin, Yong-Nyuo;Kim, Jae-Sung
    • International Journal of Fuzzy Logic and Intelligent Systems
    • /
    • 제14권1호
    • /
    • pp.34-40
    • /
    • 2014
  • Today, with the wide use of mobile devices, the amount of business transactions conducted through such devices is increasing drastically. However, there are several limitations in the area of authentication for mobile use, which requires strong authentication mechanisms to satisfy security and convenience requirements. The proposed model and application system provide a framework to ensure the security and reliability of the flow of biometric information for telebiometric applications using mobile devices. We also specify protocols for each model and implement a mobile telebiometric application to improve security vulnerabilities compared to storage in a microSD match on card (MOC) based on the proposed model. As a consequence of this implementation, we propose substantial guidelines for security countermeasures from both technical and managerial perspectives in order to establish a safe mobile environment for the use of telebiometric systems.

Research on Identity-based Batch Anonymous Authentication Scheme for VANET

  • Song, Cheng;Gu, Xinan;Wang, Lei;Liu, Zhizhong;Ping, Yuan
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제13권12호
    • /
    • pp.6175-6189
    • /
    • 2019
  • To slove the security and efficiency problem of anonymous authentication in vehicular ad-hoc network (VANET), we adopt the bilinear pairing theory to propose an identity-based batch anonymous authentication scheme for VANET. The tamper-proof device in the on-board unit and the trusted authority jointly realize the anonymity of vehicle identity and the signature of messages, which further enhances the security of this scheme, as well as reduces the overhead of trusted authority. Batch authentication can improve the efficiency of anonymous authentication for VANET. Security and efficiency analyses demonstrate that this scheme not only satisfies such security properties as anonymity, non-forgeability and non-repudiation, but also has advantage in time and space complexity. Simulation results show that this scheme can achieve good performance in real-time VANET communication.

Design of Improved Authentication Protocol for Sensor Networks in IoT Environment (사물인터넷 환경에서 센서 네트워크에 대한 개선된 인증 프로토콜 설계)

  • Kim, Deuk-Hun;Kwak, Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • 제25권2호
    • /
    • pp.467-478
    • /
    • 2015
  • Recently interest in Internet of Things(IoT) is increasing, and a variety of the security technologies that are suitable for Internet of Things has being studied. Especially sensor network area of the device is an increased using and diversified for a low specification devices because of characteristic of the Internet of Things. However, there is difficulty in directly applying the security technologies such as the current authentication technologies to a low specification device, so also increased security threats. Therefore, authentication protocol between entities on the sensor network communication in Internet of Things has being studied. In 2014, Porambage et al. suggested elliptic curve cryptography algorithm based on a sensor network authentication protocol for advance security of Internet of Things environment, but it is vulnerability exists. Accordingly, in this paper, we analyze the vulnerability in elliptic curve cryptography algorithm based on authentication protocol proposed by Porambage et al. and propose an improved authentication protocol for sensor networks in Internet of Things environment.

A Study on gateway authentication protocol in IoT (IoT에서 게이트웨이에 대한 인증 프로토콜에 관한 연구)

  • Lee, Jae-Young
    • Journal of Convergence for Information Technology
    • /
    • 제7권3호
    • /
    • pp.91-96
    • /
    • 2017
  • IoT which is an abbreviation of Internet of Things refers to the communication network service among various objects such as people-people, objects-objects interconnection. The characteristic of IoT that enables direct connection among each device makes security to be considered as more emphasized factor. Though a security module such as an authentication protocol for resolving various security problems that may occur in the IoT environment has been developed, some weak points in security are still being revealed. Therefore, this paper proposes a method for including a protocol including gateway authentication procedure and mutual authentication between the devices and gateways. Protocols with additional authentication procedures can appropriately respond to attackers' spoofing attacks. In addition, important information in the message used for authentication process is protected by encryption or hash function so that it can respond to wiretapping attacks.

Integration of PKI and Fingerprint for User Authentication

  • Shin, Sam-Bum;Kim, Chang-Su;Chung, Yong-Wha
    • Journal of Korea Multimedia Society
    • /
    • 제10권12호
    • /
    • pp.1655-1662
    • /
    • 2007
  • Although the PKl-based user authentication solution has been widely used, the security of it can be deteriorated by a simple password. This is because a long and random private key may be protected by a short and easy-to-remember password. To handle this problem, many biometric-based user authentication solutions have been proposed. However, protecting biometric data is another research issue because the compromise of the biometric data will be permanent. In this paper, we present an implementation to improve the security of the typical PKI-based authentication by protecting the private key with a fingerprint. Compared to the unilateral authentication provided by the typical biometric-based authentication, the proposed solution can provide the mutual authentication. In addition to the increased security, this solution can alleviate the privacy issue of the fingerprint data by conglomerating the fingerprint data with the private key and storing the conglomerated data in a user-carry device such as a smart card. With a 32-bit ARM7-based smart card and a Pentium 4 PC, the proposed fingerprint-based PKI authentication can be executed within 1.3second.

  • PDF

EAP Using Split Password-based Authenticated Key Agreement Protocol for IEEE Std 802.1x User Authentication (IEEE Std 802.1x 사용자 인증을 위한 분할된 패스워드 인증 기반 EAP)

  • Ryu, Jong-Ho;Seo, Dong-Il;Youm, Heung-Youl
    • Journal of Internet Computing and Services
    • /
    • 제6권5호
    • /
    • pp.27-43
    • /
    • 2005
  • EAP provides authentication for each entity based on IEEE Std 802.1x Wireless lAN and RADIUS/DIAMETER protocol, and it uses certificate, dual scheme(e.g., password and token) with the authentication method. The password-based authentication scheme for authenticated key exchange is the most widely-used user authentication method due to various advantages, such as human-memorable simplicity, convenience, mobility, A specific hardware device is also unnecessary, This paper discusses user authentication via public networks and proposes the Split Password-based Authenticated Key Exchange (SPAKE), which is ideal for both authenticating users and exchanging session keys when using a subsequent secure communication over untrusted network, And then we provides EAP authentication framework EAP-SPAKE by using it.

  • PDF

Fingerprint Smudge Attacks Based on Fingerprint Image Reconstruction on Smart Devices (지문 영상 복원 기반의 스마트 기기 지문 스머지 공격 연구)

  • Lee, Hoyeon;Kwon, Taekyoung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • 제27권2호
    • /
    • pp.233-240
    • /
    • 2017
  • Fingerprint authentication identifies individuals based on user specific information. It is widely used as it is convenient, secure and has no risk of leakage, loss, or forgotten. However, the latent fingerprints remaining on the smart device's surface are vulnerable to smudge attacks. We analyze the usage patterns of individuals using smart device and propose methods to reconstruct damaged fingerprint images using fingerprint smudges. We examine the feasibility of smudge attacks with frequent usage situations by reconstructing fingerprint smudges collected from touch screens. Finally, we empirically verify the vulnerability of fingerprint authentication systems by showing high attack rates.

Multiple Method Authentication System Using Embedded Device (임베디드 기기를 활용한 다중 방식 인증 시스템)

  • Jeong, Pil-Seong;Cho, Yang-Hyun
    • Journal of the Korea Convergence Society
    • /
    • 제10권7호
    • /
    • pp.7-14
    • /
    • 2019
  • Users who use smartphone can using knowledge-based authentication, possession-based authentication, biometric-based authentication, and token-based authentication in order to access rights to systems requiring authentication. However, desktop computer users use method only ID and password, which are knowledge-based authentication factors, due to limitations of authentication devices, despite various authentication methods. In this paper, we designed and implemented a raspberry pi based authentication system that provides multiple authentication method of a user's desired type. The implementation system uses knowledge-based authentication, possessive-based authentication, biometric-based authentication, and token-based authentication. The proposed system can provide a security function that can be used by SMEs, which is difficult to hire a security officer due to the economic burden. The implemented system can be used not only for personal use but also for enterprise, and it can be applied to various fields such as finance and game.