• The Transactions of the Korea Information Processing Society
• /
• v.6 no.3
• /
• pp.654-663
• /
• 1999

In this paper, we develop a security system which enhances the security of information during transmission over the World Wide Web for solving problems related to outflow of the information on the internet. Our system provides safe security functions without modifying the existing Web server and browser by utilizing CGI, Plug-in, and Socket Spy techniques. Our system implements user access control and data encryption/decryption by using the hardware cryptographic token instead of using a software technique as in previous systems, and hence is a more robust security system.

• Journal of Convergence Society for SMB
• /
• v.4 no.4
• /
• pp.25-29
• /
• 2014

Security is a primary concern in group communication, and secure authentication is essential to establishing a secure group communication. Most conventional authentications consist of knowledge-based and token-based methods. One of the token-based methods is a X.509 certificate, which is used under a Public Key Infrastructure (PKI); it is the most well-known authentication system in a distributed network environment. However, it has a well-known weakness, which only proves the belonging of a certificate. PKI cannot assure identity of a person. The conventional knowledge-based and token-based methods do not really provide positive personal identification because they rely on surrogate representations of the person's identity. Therefore, I propose a secure X.509 certificate with biometric information to assure the identity of the person who uses the X.509 certificate in a distributed computing environment.

• JSTS:Journal of Semiconductor Technology and Science
• /
• v.12 no.2
• /
• pp.240-253
• /
• 2012

In this paper we propose a protection mechanism for the debug port. While debug ports are useful tools for embedded device development and maintenance, they can also become potential attack tools for device hacking in case their usage is permitted to hackers with malicious intentions. The proposed approach prevents illicit use of debug ports by controlling access through user authentication, where the device generates and issues authentication token only to the server-authenticated users. An authentication token includes user access information which represents the user's permitted level of access and the maximum number of authentications allowed using the token. The device authenticates the user with the token and grants limited access based on the user's access level. The proposed approach improves the degree of overall security by removing the need to expose the device's secret key. Availability is also enhanced by not requiring server connection after the initial token generation and further by supporting flexible token transfer among predefined device groups. Low implementation cost is another benefit of the proposed approach, enabling it to be adopted to a wide range of environments in demand of debug port protection.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.2 no.1
• /
• pp.159-169
• /
• 1999

Recently a firewall is being employed to protect hacking by controlling the traffics. The security services in the firewall include authentication, access control, confidentiality, integrity, and audit trail. A token is adapted for authentication to the firewall. A token has a small battery within which has restricted power capacity, This paper proposes a novel cost-effective firewall token for hacking protecting on transmission control protocol/internet protocol (TCP/IP) based network. This paper proposes a fast exponentiation method with a sparse prime that take a major operation for a public-key crypto-system and a major power consumption in the token. The proposed method uses much less amount of modular operations in exponentiation that is reduced of battery's capacity or CPU's price in the token.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.4
• /
• pp.93-99
• /
• 2011

Recently, the development of internet technology makes user's personal data used by being saved in USB. But there is a critical issue that personal data can be exposed with malicious purpose because that personal data doesn't need to be certificate to use. This paper proposes USB security framework to prevent a duplicate use of personal data for protecting the data which in USB. The proposed USB security framework performs certification process of user with additional 4bite of user's identification data and usage choice of USB security token before certification data when the framework uses USB security product in different network. It makes communication overhead and service delay increased. As a result of the experiment, packet certification delay time is more increased by average 7.6% in the proposed USB security framework than simple USB driver and USB Token, and procedure rate of certification server on the number of USB is also increased by average 9.8%.

• The Journal of Society for e-Business Studies
• /
• v.12 no.1
• /
• pp.89-97
• /
• 2007

Recently, a large number of authentication schemes based on smart cards have been proposed, using the thinking of OTP (one-time password) to withstand replay attack. Unfortunately, if these schemes implement on PCs instead of smart cards, most of themcannot withstand impersonation attack and Stolen-Verifier attack since the data on PCs is easy to read and steal. In this paper, a secure authentication scheme based on a security key and a renewable token is proposed to implement on PCs. A comparison with other schemes demonstrates the proposed scheme has following merits: (1) Withstanding Stolen-Verifier attack (2) Withstanding Impersonation attack (3) Providing mutual authentication; (4) Easy to construct secure session keys.

• Journal of Multimedia Information System
• /
• v.3 no.3
• /
• pp.103-110
• /
• 2016

The recent development of the Internet of things (IoT) has led to the introduction of new access control measures. Even during the access control for security, however, there might be privacy infringements due to unwanted information provision and collection. Measures to control this process are therefore required. This paper defines the structure and policies of tokens to protect privacy that can be exposed through the token information when you use the capability token in the IoT service system.

• Proceedings of the IEEK Conference
• /
• 2002.06e
• /
• pp.285-288
• /
• 2002

The match-on-token is a system which executes the user-authentication on the system using the user's biometric information. Nowadays, due to increase of request of the secure user-authentication on various parts, it comes to more use. In this paper, the match-on-token system under development by ETRI is described. The system consists of a host and an emulator board. USB is employed as the communication channel between them. First, the hooting code of the emulator board was programmed and tested in order that USB programs and the finger-print matching program can be executed correctly. Then, host programs cooperating with the board was designed, implemented and tested. Finally, future research including optimization of applications on the match-on-token will be mentioned.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.5
• /
• pp.1117-1124
• /
• 2015

This paper explains a web session management system for mobile web environment with BYOD(Bring Your Own Device). This system operates by enhanced secure session token. This system consists of an unique identifier, time stamp, and encryption algorithm. The Unique identifier in this system classifies each mobile device for web security based on mobile environment with BYOD. And the Time stamp in this system that determine session effectiveness for web security. Also the Cipher algorithm in this system that protects session token information for web security. This paper analysis a security of session management system running on mobile web environment using the simulation techniques. The proposed method is more suitable than the other methods under enviroment mobile web environment with BYOD.

• KIPS Transactions on Computer and Communication Systems
• /
• v.8 no.6
• /
• pp.139-150
• /
• 2019

IoT(Internet of Things) security is becoming increasingly important because IoT potentially has a variety of security threats, including limited hardware specifications and physical attacks. This paper is a study on the certification technology suitable for the lightened IoT environment, and we propose a system in which many gateways share authentication information and issue authentication tokens for mutual authentication using blockchain. The IoT node can be issued an authentication token from one gateway to continuously perform authentication with a gateway in the block-chain network using an existing issued token without performing re-authentication from another gateway participating in the block-chain network. Since we do not perform re-authentication for other devices in a blockchain network with only one authentication, we proposed multi phase authentication consisting of device authentication and message authentication in order to enhance the authentication function. By sharing the authentication information on the blockchain network, it is possible to guarantee the integrity and reliability of the authentication token.