• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.12
• /
• pp.4568-4587
• /
• 2014

Authentication of videos and images based on the content is becoming an important problem in information security. Unfortunately, previous studies lack the consideration of Kerckhoffs's principle in order to achieve this (i.e., a cryptosystem should be secure even if everything about the system, except the key, is public knowledge). In this paper, a solution to the problem of finding a relationship between a frame's index and its content is proposed based on the creative utilization of a robust manifold feature. The proposed solution is based on a novel semi-fragile watermarking scheme for H.264/AVC video content authentication. At first, the input I-frame is partitioned for feature extraction and watermark embedding. This is followed by the temporal feature extraction using the Isometric Mapping algorithm. The frame index is included in the feature to produce the temporal watermark. In order to improve security, the spatial watermark will be encrypted together with the temporal watermark. Finally, the resultant watermark is embedded into the Discrete Cosine Transform coefficients in the diagonal positions. At the receiver side, after watermark extraction and decryption, temporal tampering is detected through a mismatch between the frame index extracted from the temporal watermark and the observed frame index. Next, the feature is regenerate through temporal feature regeneration, and compared with the extracted feature. It is judged through the comparison whether the extracted temporal watermark is similar to that of the original watermarked video. Additionally, for spatial authentication, the tampered areas are located via the comparison between extracted and regenerated spatial features. Experimental results show that the proposed method is sensitive to intentional malicious attacks and modifications, whereas it is robust to legitimate manipulations, such as certain level of lossy compression, channel noise, Gaussian filtering and brightness adjustment. Through a comparison between the extracted frame index and the current frame index, the temporal tempering is identified. With the proposed scheme, a solution to the Kerckhoffs's principle problem is specified.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.213-224
• /
• 2012

The integrated core network architecture and various mobile subscriber behavior can result in a significant increase of signaling load inside the evolved packet core network proposed by 3GPP in Release 8. Consequently, an authentication signaling analysis can provide insights into reducing the authentication signaling loads and latency, satisfying the quality-of-experience. In this paper, we evaluate the signaling loads in the EPS architecture via analytical modeling based on the renewal process theory. The renewal process theory works well, irrespective of a specific random process (i.e. Poisson). This paper considers various subscribers patterns in terms of call arrival rate, mobility, subscriber's preference and operational policy. Numerical results are illustrated to show the interactions between the parameters and the performance metrics. The sensitivity of vertical handover performance and the effects of heavy-tail process are also discussed.

• The Journal of Society for e-Business Studies
• /
• v.13 no.1
• /
• pp.21-32
• /
• 2008

RFID systems provide technologies of automatic object identification through wireless communications in invisible ranges and adaptability against various circumstances. These advantages make RFID systems to be applied in various fields of industries and individual life. However, it is difficult to use tags with distinction as tags are increasingly used in life because a tag usually stores only one object identifier in common RFID applications. In addition, RFID systems often make serious violation of privacy caused by various attacks because of their weakness of radio frequency communication. Therefore, information sharing methods among applications are necessary for expansive development of RFID systems. In this paper, we propose efficient RFID scheme. At first, we design a new RFID tag structure which supports many object identifiers of different applications in a tag and allows those applications to access them simultaneously. Secondly, we propose an authentication protocol to support the proposed tag structure. The proposed protocol is designed by considering of robustness against various attacks in low cost RFID systems. Especially, the proposed protocol is focused on efficiency of authentication procedure by considering security levels of applications. In the proposed protocol, each application goes through one of different authentication procedures according to their security levels. Finally, we prove efficiency of th proposed scheme compared with the other schemes through experiments and evaluation.

• Journal of KIISE:Information Networking
• /
• v.29 no.5
• /
• pp.482-494
• /
• 2002

In E-mail based accounting system, the remitter does not have need to find collector's account number. To transfer money to a collector's account, what remitter need is just a collector's E-mail address. But the current E-mail based accounting systems are built on SSL technology. Basically SSL provides some security services - confidentiality, user authentication and data integrity, but does not provide non-repudiation. So, in the current E-mail based accounting system, it is possible to deny transaction. And there is no receipt of transaction. In this paper, we design and implementation of a S/MIME applied Secure Payment Mechanism. In our system, every account information - account number, receiver name, amount of money, etc. - is included in a 'check' message. And this message is protected under the Secure Web-mail using S/MIME. In a view point of the convenience, users using our system do not have need to find collector's account number. And in a view point of the security, our system provides confidentiality, user authentication, data integrity and non-repudiation. Moreover our system provides a receipt.

• Proceedings of the CALSEC Conference
• /
• 2000.08a
• /
• pp.305-318
• /
• 2000

1 . E-Commerce 보안 ■ 인증(authentication) 정보의 송/수신자 또는 정보시스템 이용자의 신원을 식별, 확인하는 것 ■ 기밀성(confidentiality) 전송 또는 보관중인 정보를 비인가자가 부정한 방법으로 입수하더라도 그 내용을 알 수 없도록 보호하는 것 ■ 무결성(integity) 전송 또는 보관중인 정보에 대한 허가되지 않은 변경을 발견할 수 있도록 하는 것 ■ 부인방지(non-repudiation) 사용자가 정보통신시스템을 통하여 정보를 송/수신하거나 처리한 사실을 부인할 수 없도록 하는 것 ■ 접근통제(access control) 비인가자가 정보통신시스템에 부정한 방법으로 접근하여 사용하는 것을 방지하는 것(중략)

• The Journal of Society for e-Business Studies
• /
• v.3 no.2
• /
• pp.125-140
• /
• 1998

컴퓨터 통신망을 통한 자료교환이 증가되고 있는 요즘 정보보호 위협요소 역시 비례하여 증가되고 있다. 거래 상대방과 중요한 상역 거래문서를 전자문서 형태로 주고받는 EDI(Electronic Data Interchange) 는 부당한 행위자에 의한 불법적인 전자문서의 내용 변조 및 누출 그리고 송수신사실에 대한 부인(Repudiation) 등의 여러 위협들에 대항할 수 있는 정보보호 기능을 필수 서비스로 제공해야 한다. 본 고에서는 KT-EDI 시스템의 실제 운영환경을 기반으로 하여 시스템이 제공하는 정보보호 서비스 중에서 기본적인 메세지출처인증(Message Origin Authentication) 서비스와 내용 기밀성(Content Confidentiality) 서비스를 중심으로 UN/EDIFACT 전자문서 레벨에서의 구현에 관하여 다룬다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2001.04a
• /
• pp.379-382
• /
• 2001

본 논문에서는 WAP 포럼에서 제시한 WAP 프로토콜의 종단간 안전성 취약성을 분석하고 새로운 종단간 보안 세션을 위한 인증 프로토콜을 제안한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.5
• /
• pp.967-979
• /
• 2013

Now a day, Wireless Sensor Networks (WSNs) are being widely used in different areas one of which is healthcare services. A wireless medical sensor network senses patient's vital physiological signs through medical sensor-nodes deployed on patient's body area; and transmits these signals to devices of registered medical professionals. These sensor-nodes have low computational power and limited storage capacity. Moreover, the wireless nature of technology attracts malicious minds. Thus, proper user authentication is a prime concern before granting access to patient's sensitive and private data. Recently, P. Kumar et al. claimed to propose a strong authentication protocol for healthcare using Wireless Medical Sensor Networks (WMSN). However, we find that P. Kumar et al.'s scheme is flawed with a number of security pitfalls. Information stored inside smart card, if extracted, is enough to deceive a valid user. Adversary can not only access patient's physiological data on behalf of a valid user without knowing actual password, can also send fake/irrelevant information about patient by playing role of medical sensor-node. Besides, adversary can guess a user's password and is able to compute the session key shared between user and medical sensor-nodes. Thus, the scheme looses message confidentiality. Additionally, the scheme fails to resist insider attack and lacks user anonymity.

• Journal of Arbitration Studies
• /
• v.9 no.1
• /
• pp.367-390
• /
• 1999

The basic requirements for conducting electronic commerce include confidentiality, integrity, authentication and authorization. Cryptographic algorithms, make possible use of powerful authentication and encryption methods. Cryptographic techniques offer essential types of services for electronic commerce : authentication, non-repudiation. The oldest form of key-based cryptography is called secret-key or symmetric encryption. Public-key systems offer some advantages. The public key pair can be rapidly distributed. We don't have to send a copy of your public key to all the respondents. Fast cryptographic algorithms for generating message digests are known as one-way hash function. In order to use public-key cryptography, we need to generate a public key and a private key. We could use e-mail to send public key to all the correspondents. A better, trusted way of distributing public keys is to use a certification authority. A certification authority will accept our public key, along with some proof of identity, and serve as a repository of digital certificates. The digital certificate acts like an electronic driver's license. The Korea government is trying to set up the Public Key Infrastructure for certificate authorities. Both governments and the international business community must involve archiving keys with trusted third parties within a key management infrastructure. The archived keys would be managed, secured by governments under due process of law and strict accountability. It is important that all the nations continue efforts to develop an escrowed key in frastructure based on voluntary use and international standards and agreements.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.12
• /
• pp.6152-6168
• /
• 2017

Recently, the biometric-based authentication systems such as FIDO (Fast Identity Online) are increased in mobile computing environments. The biometric-based authentication systems are performed on the mobile devices with the battery, the improving energy efficiency is important issue. In the case, the size of images (i.e., face, fingerprint, iris, and etc.) affects both recognition accuracy and energy consumption, and hence the tradeoff analysis between the both recognition accuracy and energy consumption is necessary. In this paper, we propose an energy-efficient way to authenticate based on biometric information with tradeoff analysis between the both recognition accuracy and energy consumption in multimedia IoT (Internet of Things) transmission environments. We select the facial information among biometric information, and especially consider the multicore-based mobile devices. Based on our experimental results, we prove that the proposed approach can enhance the energy efficiency of GABOR+LBP+GRAY VALUE, GABOR+LBP, GABOR, and LBP by factors of 6.8, 3.6, 3.6, and 2.4 over the baseline, respectively, while satisfying user's face recognition accuracy.