• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.113-120
• /
• 2006

A node of mobile IPv6 moving foreign networks needs authentication process to support right services against from security threat. AAA is a trust infrastructure that authenticates, authorizes, and accounts nodes receiving a network service. And Mobile IPv6 Working Group recommends use of AAA infrastructure to authenticate mobile nodes. Event though AAA infrastructure provides strong authentication functions, it should exchange a lot of messages to authenticate mobile nodes every movement. The exchange of lots of messages causes latency and it is interfered with realization of real-time communication. This paper proposes an authentication method of improved speed using hash value of mobile node to reduce authentication latency. Directly after movement, a mobile node applying a Proposed method uses extended existing security authentication for a while and deletes the establishment latency of new security authentication. Performance evaluation of a proposed method verifies the efficiency through the analysis of cost comparison with other methods. The conclusion of performance evaluation is that the proposed method gets more 25% performance improvement than a general method when a mobile node moves another subnet.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.57-66
• /
• 2011

The current trend of the handover authentication delay time is gradually increased according to the interworking between 3G cellular network and WLANs. Therefore, authentication mechanism minimized in delay is required to perform the seamless handover and support the inter-subnet and inter-domain handover. In this paper, we propose a novel pre-authentication scheme based on the fast channel switching which directly performs the authentication with the next access point in advance. In addition, the proposed scheme is efficient in the inter-domain handover and can be easily implemented in current WLANs since it just modifies the client side of user. To analysis and evaluate our scheme, we compare the packet loss ratio and the delay time with the two standard 802.11 authentication schemes. The analytical results show that our scheme is approximate 10 times more effective than the standard schemes in packet loss and the delay time is minimized down to 0.16 msec.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.4
• /
• pp.1049-1065
• /
• 2023

Recently, with the development of IoT, AI, and mobile terminals, medical information platforms are expanding. The medical information platform can determine a patient's emergency situation, and medical staff can easily access patient information through a mobile terminal. However, in the existing platform, emergency situation decision is delayed, and faster and stronger authentication is required in emergency situations. Therefore, we propose an edge computing-based medical information platform for automatic authentication using patient situations. We design an edge computing-based medical information platform architecture capable of rapid transmission of biometric data of IoT and quick emergency situation decision, and implement the platform data flow in emergency situations. Relying on this platform, we propose the automatic authentication using patient situations. The automatic authentication protects patient information through patient-centered authentication by using the patient's situation as an authentication factor, and enables quick authentication by automatically proceeding with mobile terminal authentication after user authentication in emergencies without user intervention. We compared the proposed platform with existing platforms to show that it can make quick and stable emergency decisions. In addition, comparing the automatic authentication with existing authentication showed that it is fast and protects medical information centered on patient situations in emergency situations.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.2
• /
• pp.105-113
• /
• 2004

If the protocol has fast operations and short key length, it can be efficient user authentication protocol Lenstra and Verheul proposed XTR. XTR have short key length and fast computing speed. Therefore, this can be used usefully in complex arithmetic. In this paper, to design efficient user authentication protocol we used a subgroup of Galois Field to problem domain. Proposed protocol does not use GF($p^6$) that is existent finite field, and uses GF($p^2$) that is subgroup and solves problem. XTR-ElGamal based user authentication protocol reduced bit number that is required when exchange key by doing with upside. Also, Proposed protocol provided easy calculation and execution by reducing required overhead when calculate. In this paper, we designed authentication protocol that is required to do user authentication.

• The KIPS Transactions:PartA
• /
• v.11A no.6
• /
• pp.451-458
• /
• 2004

The previous studies focussed on the security problem and the fast re-authentication mechanism during handoffs in a single wireless LAN system. When the multiple wireless LAN systems share their network infrastructure one another, we propose an authentication mechanism allowing the subscriber to Perform the authentication procedure with the authentication server of its own wireless LAN system even in areas of other wireless LAN systems as well as in areas of its own wireless LAN system. In the proposed mechanism, the access point or the authentication server of other wireless LAN systems plays a role of the authentication agent between the subscriber and the authentication server of the subscriber's wireless LAN system. The proposed authentication mechanism is designed on the basis of the 802.1X and EAP-MD5 protocols.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.4
• /
• pp.43-53
• /
• 2020

There are three standards for FIDO1 authentication technology: Universal Second Factor (U2F), Universal Authentication Framework (UAF), and Client to Authenticator Protocols (CTAP). FIDO2 refers to the WebAuthn standard established by W3C for the creation and use of a certificate in a web application that complements the existing CTAP. In Korea, the FIDO certified market is dominated by UAF, which deals with standards for smartphone (Android, iOS) apps owned by the majority of the people. As the market requires certification through FIDO on PCs, FIDO Alliance and W3C established standards that can be certified on the platform-independent Web and published 『Web Authentication: An API for Accessing Public Key Credentials Level 1』 on March 4, 2019. Most PC do not contain biometrics, so they are not being utilized contrary to expectations. In this paper, we intend to present a model that allows login in PC environment through biometric recognition of smartphone and FIDO UAF authentication. We propose a model in which a user requests login from a PC and performs FIDO authentication on a smartphone, and authentication is completed on the PC without any other user's additional gesture.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.879-888
• /
• 2018

Along with the recent worldwide development of fintech, FIDO (Fast IDentity Online) using biometric technology is rapidly growing in the mobile payment market, replacing the existing password system. This FIDO authentication must be processed in a reliable environment that requires high level of security, as sensitive biometrics is being processed. However, this environment is currently dependent on the manufacturer as it is supported by certain hardware on the smartphone. Therefore, this thesis proposes a server-based authentication model using distributed management of compliance based biometric information that can be used universally safely without the need for specific hardware in mobile environments.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2006.05a
• /
• pp.505-509
• /
• 2006

Recently, wireless Internet service has become generalized, and required the user authentication of a mobile hosts and QoS. However, time required for user authentication during handoff Processes between a wireless LAN system and mobile hosts is long, and is unsuitable for real-time communication and multimedia applications. In this paper. we improved the existing system in order to reduce a lead time of user authentication as they extended a Fast Inter-AP handoff. We use a Mechanism to assume a confidence degree with bases by the time that stayed at individual wireless LAN systems in order to reduce the handoffs. The experiment network shows that it decreases communication load, and improves communication QoS.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1049-1062
• /
• 2019

The national accredited certificate is a user certificate issued based on the user's personal information, which has been identified in advance, and has become a universal authentication method used for most electronic financial transactions and user authentication. And it contributed a lot to the use of e-government and domestic service. However, due to the lack of web standards on how to use, it was inconvenient to install a separate plug-in, and efforts to improve it have been continued. In this paper, we attempt to solve the problem of certificate usage environment by presenting the certificate digital signature method using the extension of the FIDO2 (Fast Identity Online v2) client to authentication protocol (CTAP) specification.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.48 no.1
• /
• pp.84-91
• /
• 2011

To develop the new network, the future network architecture is studied. Since the mobile devices are also advanced, they need for the mobility protocols. The one of the protocols, Fast handovers for proxy MIPv6(PFMIPv6) has studied by the Internet Engineering Task Force(IETF). Since PFMIPv6 adopts the entities and the concepts of fast handovers for MIPv6(FMIPv6) in proxy MIPv6(PMIPv6), it reduces the packet loss. Although the conventional scheme has proposed that it cooperated with an Authentication, Authorization and Accounting (AAA) infrastructure for authentication of a mobile node in PFMIPv6, it has the drawbacks such as high signaling cost and long handover latency. To reduce the signaling cost and the handover latency, we propose an enhanced authentication scheme in Fast handover for Proxy MIPv6. The proposed scheme reduces the handover latency and the signaling cost because the registration procedure and the authentication procedure are simultaneously performed. We also compare the proposed scheme with the conventional scheme in terms of the signaling cost and the handover latency.