• Journal of Digital Convergence
• /
• v.11 no.7
• /
• pp.215-223
• /
• 2013

As cloud computing is activated, a variety of cloud services are being distributed. However, to use each different cloud service, you must perform a individual user authentication process to service. Therefore, not only the procedure is cumbersome but also due to repeated authentication process performance, it can cause password exposure or database overload that needs to have user's authentication information each cloud server. Moreover, there is high probability of security problem that being occurred by phishing attacks that result from different authentication schemes and input scheme for each service. Thus, when you want to use a variety of cloud service, we proposed OpenID based user authentication scheme that can be applied to a multi-cloud environment by the trusted user's verify ID provider.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.1909-1912
• /
• 2003

공개키 암호화와 X.400 프로토콜 그리고 PGP상에 존재하는 메시지 인증 문제를 해결하기 위하여 NMAP로 명명된 인증된 실체기반 암호화 시스템을 제안하고 이를 선계 구현하였다. 제안된 시스템은 전자상거래의 활성화와 비대화형 인증 서비스 제공에 사용될 수 있을 것이다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.10a
• /
• pp.364-366
• /
• 2001

Sun Microsystems에 의해서 개발된 Jini 네트워킹 기술은 자바 프로그램밍 언어를 기반으로 하여 분산환경을 만드는데 좋은 아키텍쳐를 제공한다. 그러나 현재의 자바 security solution 만으로는 분산환경에서의 보안 요구사항을 충족시키기에 충분하지 않다. 이를 해결하기 위한 여러 방법들이 있지만, 대부분이 centralized computing을 기반으로 하여 분산환경에는 맞지 않다. 이 논문에서는 PKDA(Public key based Kerberos for Distributed Authentication)를 사용하여 Jini의 security를 확장함으로써 분산환경에서의 security 요구사항을 충족시킬 수 있음을 보인다.

• Journal of Communications and Networks
• /
• v.11 no.6
• /
• pp.599-606
• /
• 2009

For many mission-critical related wireless sensor network applications such as military and homeland security, user's access restriction is necessary to be enforced by access control mechanisms for different access rights. Public key-based access control schemes are more attractive than symmetric-key based approaches due to high scalability, low memory requirement, easy key-addition/revocation for a new node, and no key predistribution requirement. Although Wang et al. recently introduced a promising access control scheme based on elliptic curve cryptography (ECC), it is still burdensome for sensors and has several security limitations (it does not provide mutual authentication and is strictly vulnerable to denial-of-service (DoS) attacks). This paper presents an energy-efficient access control scheme based on ECC to overcome these problems and more importantly to provide dominant energy-efficiency. Through analysis and simulation based evaluations, we show that the proposed scheme overcomes the security problems and has far better energy-efficiency compared to current scheme proposed byWang et al.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.12
• /
• pp.4568-4587
• /
• 2014

Authentication of videos and images based on the content is becoming an important problem in information security. Unfortunately, previous studies lack the consideration of Kerckhoffs's principle in order to achieve this (i.e., a cryptosystem should be secure even if everything about the system, except the key, is public knowledge). In this paper, a solution to the problem of finding a relationship between a frame's index and its content is proposed based on the creative utilization of a robust manifold feature. The proposed solution is based on a novel semi-fragile watermarking scheme for H.264/AVC video content authentication. At first, the input I-frame is partitioned for feature extraction and watermark embedding. This is followed by the temporal feature extraction using the Isometric Mapping algorithm. The frame index is included in the feature to produce the temporal watermark. In order to improve security, the spatial watermark will be encrypted together with the temporal watermark. Finally, the resultant watermark is embedded into the Discrete Cosine Transform coefficients in the diagonal positions. At the receiver side, after watermark extraction and decryption, temporal tampering is detected through a mismatch between the frame index extracted from the temporal watermark and the observed frame index. Next, the feature is regenerate through temporal feature regeneration, and compared with the extracted feature. It is judged through the comparison whether the extracted temporal watermark is similar to that of the original watermarked video. Additionally, for spatial authentication, the tampered areas are located via the comparison between extracted and regenerated spatial features. Experimental results show that the proposed method is sensitive to intentional malicious attacks and modifications, whereas it is robust to legitimate manipulations, such as certain level of lossy compression, channel noise, Gaussian filtering and brightness adjustment. Through a comparison between the extracted frame index and the current frame index, the temporal tempering is identified. With the proposed scheme, a solution to the Kerckhoffs's principle problem is specified.

• The KIPS Transactions:PartC
• /
• v.11C no.6 s.95
• /
• pp.755-764
• /
• 2004

Recently 'Banking IC Card Standard' and EMV Standard by the domestic standard is selected, and it is situation that is developing infrastructure vigorously to alternate Magnetic Stripe card by IC card. This paper analyzes EMV standard that is selecting public key cipher, and research wishes to study unexhausted EMV PKI relatively than internet PKI, WAP PKI etc. This paper propose utilizable EMV base Payment PKI model in IC card base payment system development, and developed EMV CA system with this. Also, this paper supplemented IC card Authentication mechanism that is defined in EMV standard, and propose 'Efficient smart card Authentication mechanism' to improve performance of this mechanism, and estimate performance.

• Journal of Convergence for Information Technology
• /
• v.9 no.6
• /
• pp.13-18
• /
• 2019

This paper proposes efficient and secure two-way authentication protocol for binding update messages between mobile devices and home agents / correspondent nodes in IoT and Mobile IPv6 (MIPv6) environments with limited computing power and resources. Based on the MIPv6 message exchange, the proposed protocol satisfies both the authentication and the public key exchange optimized for both sides of the communication with minimum modification. In the future, we will carry out a performance analysis study by implementing the proposed protocol in detail.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2006.05a
• /
• pp.1113-1116
• /
• 2006

Security in wireless sensor networks is very pressing especially when sensor nodes are deployed in hostile environments. To obtain security purposes, it is essential to be able to encrypt and authenticate messages sent amongst sensor nodes. Keys for encryption and authentication must be agreed upon by communicating nodes. Due to resource limitations and other unique features, obtaining such key agreement in wireless sensor network is extremely complex. Many key agreement schemes used in general networks, such as trusted server, Diffie-Hellman and public-key based schemes, are not suitable for wireless sensor networks [1], [2], [5], [7], [8]. In that situation, key pre-distribution scheme has been emerged and considered as the most appropriate scheme [2], [5], [7]. Based on that sense, we propose a new resource-optimal key pre-distribution scheme utilizing merits of the two existing key pre-distribution schemes [3], [4]. Our scheme exhibits the fascinating properties: substantial improvement in sensors' resource usage, rigorous guarantee of successfully deriving pairwise keys between any pair of nodes, greatly improved network resiliency against node capture attack. We also present a detailed analysis in terms of security and resource usage of the scheme.

• The Journal of the Korea Contents Association
• /
• v.20 no.9
• /
• pp.389-396
• /
• 2020

E-authentication is one of the key functions for electronic transactions with the identification function made through the information systems. With the abolition of the mandatory use of public certificates, various private e-authentication services have emerged, and are developing to provide various additional services in addition to e-authentication. In this study, we explored the factors that affect user satisfaction with e-authentication services, compared the relative influence among the factors that we explored, and produced implications that could contribute to strengthening the competitiveness of e-authentication services. Based on the characteristics of e-authentication service, we searched and found four factors such as availability, convenience, added functionality and security. After that, we established and analyzed our research model to analyze the causal relationship between these four factors and user satisfaction. The analysis results showed that availability, convenience and security had significant effects on user satisfaction, but added functionality had no significant impact. In addition, compared to availability and convenience, security had a very strong impact on user satisfaction. This study suggests that e-authentication service providers should make efforts to make users aware of the usefulness of additional services while enhancing security.

• Journal of Internet Computing and Services
• /
• v.5 no.1
• /
• pp.99-111
• /
• 2004

Two general security measures in computing networks are secure data transmission and user authentication, These problems are still critical in the wireless LAN environments. Thus security becomes most significant issue in personal network environments and ubiquitous networks based on wireless LANs. We purpose a new authentication system for these kind of environments, and coined it UPMA(Ubiquitous Personal Mutual Authen-tication) model. UPMA supports authenticating configurations which provides personal verification for each system. It guarantees secure communications through the session key setup, and provides mutual authentication by verifying each user and his/her station. UPMA solves security problems in ubiquitous networks without accessing authentication server, Instead it performs mutual authentication between terminals or between systems. It is a global authentication system which enables global roaming service through the Internet or other public networks, It can be used to guarantee safe and convenient access to a company Intranet or to a home network.