• Title/Summary/Keyword: user authentication

Search Result 1,424, Processing Time 0.031 seconds

Symmetric Key-Based Remote User Authentication Scheme With Forward Secrecy (순방향 안전성을 제공하는 대칭키 기반의 원격 사용자 인증 방식)

  • Lee, SungYup;Park, KiSung;Park, YoHan;Park, YoungHo
    • Journal of Korea Multimedia Society
    • /
    • v.19 no.3
    • /
    • pp.585-594
    • /
    • 2016
  • Recently because of development of remote network technology, users are able to access the network freely without constraints of time and space. As users are getting more frequent to access the remote server in a computing environment, they are increasingly being exposed to various risk factors such as forward secrecy and server impersonation attack. Therefore, researches for remote user authentication scheme have been studying actively. This paper overcomes the weaknesses of many authentication schemes proposed recently. This paper suggests an improved authentication scheme that protects user's anonymity with preserving variable more safe and also provides forward secrecy.

User Authentication Using Biometrics and OTP in Mobile Device (중소기업형 바이오정보와 OTP를 이용한 사용자 인증)

  • Lee, Sang Ho
    • Journal of Convergence Society for SMB
    • /
    • v.4 no.3
    • /
    • pp.27-31
    • /
    • 2014
  • According to increasing of payment and settlements like smart banking, internet shopping and contactless transaction in smart device, the security issues are on the rise, such as the vulnerability of the mobile OS and certificates abuse problem, we need a secure user authentication. We apply the OTP using biometrics and PKI as user authentication way for dealing with this situation. Biometrics is less risk of loss and steal than other authentication that, in addition, the security can be enhanced more when using the biometric with OTP. In this paper, we propose a user authentication using biometrics and OTP in the mobile device.

  • PDF

A Study on USIM Card Based User and Device Authentication Scheme in the Smartwork (USIM을 활용한 스마트워크 사용자 및 디바이스 인증 기술 연구)

  • Wi, Yukyeong;Kwak, Jin
    • Journal of Korea Multimedia Society
    • /
    • v.16 no.3
    • /
    • pp.309-317
    • /
    • 2013
  • As the distribution rate of smart device increases, users of smartwork are increasingly able to work without constraints imposed by time and space. However, there are many security threats in smartwork environment. Security threats is illegal information for an unauthenticated device. Especially, smartwork environment is approach to users. Therefore, there are other matters concerning justifiable user and device authentication. However, the studies of smartwork are still in early stage of development, and the studies of user and device authentication also not enough to apply smartwork environment. In this paper, we proposed USIM based user and device authentication scheme in the smartwork environment.

Design of RFID System for User's Authentication Under Ubiquitous Surroundings

  • Kim, Dae-Yoo;Kim, Jung-Tae
    • Journal of information and communication convergence engineering
    • /
    • v.5 no.2
    • /
    • pp.136-139
    • /
    • 2007
  • In this paper we will discuss a general idea about an information system which provides information a user really needs in user's authentication. We will discuss how RFID could be applied for this kind of system especially from the standpoint of using RFID as a way to collect information of personal belongings. Also we will discuss security issues of using RFID as a component of the proposed system because while RFID could provide usefulness, it could also be very dangerous for revealing private information without user's awareness.

An efficient user authentication protocol for cloud computing environments (클라우드 컴퓨팅 환경에서 효과적인 사용자 인증 프로토콜)

  • Moon, Jeong-Kyung;Kim, Jin-Mook;Kim, Hwang-Rae
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.12 no.5
    • /
    • pp.2353-2359
    • /
    • 2011
  • The request of Green-IT technology and recommend of computer hardware resource are increasing explosively. So, necessity of Cloud computing is increasing rapidly. Berkeley Univ. announced teens constituent that threat Cloud computing in 2009 and problem for user authentication should be solved as is urgentest among them. So, We wish to propose effective user authentication protocol in Cloud computing environment. Secure safety for user quotation through Kerberos's ticket issue that is existent representative user authentication techniques, and defined authentication procedure of two steps that flow user authentication and service authentication through PKI's. Is uncomplicated structurally more than efficiency for certification protocol and examination result about safety, existent PKI that propose and simplify achievement procedure and system configuration more than Kerberos and reduced response time.

Multiple User Authentication based on SecuROS/FreeBSD (SecuROS/FreeBSD 기반 다단계 사용자 인증 시스템)

  • Doo, So-Young;Kim, Jong-Nyeo;Kong, Eun-Bae
    • The KIPS Transactions:PartC
    • /
    • v.10C no.1
    • /
    • pp.11-16
    • /
    • 2003
  • This paper implements Multiple User Authentication System to which the system authenticating with password only has been upgraded. The 4-staged authentication including user ID, password, smart card and access control information, etc. is used at the suggested Multiple User Authentication System. The user authentication system that this paper suggests has been developed based on SecuROS/FreeBSD with the function of access control added to FreeBSD kernel. It provides both the function to limit accost range to the system to each user and the function to check that when inputting important information the demand is the one if the system ; thus, the reliability becomes increased. In the SecuROS/FreeBSD system, MAC and RBAC are being used. So, in the case of users accessing to the system, the Information about the policies of MAC and RBAC to which users would access is used in the authentication. At the time, the access to system if permitted only when the access control information that users demanded satisfies all the access control rules which have been defined In the system.

A Performance Evaluation of EAP-TLS Authentication Model in the AAAv6 (AAAv6에서의 EAP-TLS 인증모델 성능평가)

  • Jeong, Yun-Su;Kim, Hyung-Do;Lee, Hae-Dong;Kim, Hyun-Gon;Lee, Sang-Ho
    • The KIPS Transactions:PartC
    • /
    • v.11C no.3
    • /
    • pp.309-318
    • /
    • 2004
  • AAAv6-based Diameter method is using in the user authentication to satisfy the users' increasing user authentication demand and to supply a safe communication between mobile node and server in the Mobile IP. therefore, In this paper, We design a model of server capacity based on EAP-TLS that in one of AAAv6 models with mobility among domains to get the optimized capacity index of the server for user authentication accomplishment. We elicitat the authentication capacity index for each server of which is accomplishing in user authentication using DSA/RSA algorithm and purpose the optimized condition for the AAAv6 capacity by the index.

A Study on the Design and the Performance Improvement of TCP User Authentication ECC Algorithm Protocol for Mobile terminal (이동단말을 위한 TCP 사용자 인증 타원곡선 알고리즘 프로토콜의 설계 및 성능 개선에 관한 연구)

  • 임승린;박대우
    • Journal of the Korea Society of Computer and Information
    • /
    • v.9 no.2
    • /
    • pp.7-17
    • /
    • 2004
  • It requires that user have to verify and conform with user authentication Protocol on non-meet face to face internet services offered by mobile terminal which user make known user's own intention, and user be using the normal. It is more operation time authentication protocol than Access control Protocol. That is what need to be user authentication protocol have verified security. non-reputation, and improved high-performance in operation time for mobile terminal. In order to solve the above demand, in this paper, we would design for mobile terminal of TCP User Authentication ECC Algorithm Protocol with a performance test. Algorithm has 160 bit key and designed IPv4 & IPv6 frame architecture. We should conclude that the proposed protocol have more verified security, non-reputation, confidentiality, and improved high-performance in operation time of mobile terminal from 1 to 17 times than before.

  • PDF

A Study on Secure Remote User Authentication Scheme using Smart Card (스마트카드를 이용한 안전한 원격 사용자 인증기법에 관한 연구)

  • Go, Sung Jong;Lee, Im Yeong
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.2 no.11
    • /
    • pp.503-510
    • /
    • 2013
  • Recently, the rapid development of network technology has enabled people to use various services on the internet. However, the existing password-based user authentication system used in the internet environment requires a password table, which is a potential security threat as it could be leaked by an insider. To solve this issue, remote user authentication methods that do not require a user password table have been proposed. Regarding remote user authentication using a smart card in particular, various methods have been suggested to reduce expenses and to improve stability and efficiency, but the possibility of impersonation attacks and password-guessing attacks using information saved in a user's smart card still exist. Therefore, this study proposes a remote user authentication method that can safeguard against impersonation attacks and password guessing attacks, by analyzing weak points of conventional methods and creating a smart card's ID and password that are based on the user's ID and password.

Analysis to a Remote User Authentication Scheme Using Smart Cards (스마트 카드를 이용한 사용자 인증 스킴의 안전성 분석)

  • An, Young-Hwa;Lee, Kang-Ho
    • Journal of the Korea Society of Computer and Information
    • /
    • v.14 no.3
    • /
    • pp.133-138
    • /
    • 2009
  • Recently Lin et al. proposed the remote user authentication scheme using smart cards. But the proposed scheme has not been satisfied security requirements considering in the user authentication scheme using the password based smart card. In this paper, we showed that he can get the user's password using the off-line password guessing attack on the scheme when the adversary steals the user's smart card and extracts the information in the smart card. Also, we proposed the seven security requirements for evaluating remote user authentication schemes using smart card. As a result of analysis, in Lin et al's scheme we have found the deficiencies of security requirements. So we suggest the improved scheme, the mutual authentication scheme that does not store the user's password verifier in server and can authenticate each other at the same time between the user and server.