• Journal of Korea Multimedia Society
• /
• v.19 no.3
• /
• pp.585-594
• /
• 2016

Recently because of development of remote network technology, users are able to access the network freely without constraints of time and space. As users are getting more frequent to access the remote server in a computing environment, they are increasingly being exposed to various risk factors such as forward secrecy and server impersonation attack. Therefore, researches for remote user authentication scheme have been studying actively. This paper overcomes the weaknesses of many authentication schemes proposed recently. This paper suggests an improved authentication scheme that protects user's anonymity with preserving variable more safe and also provides forward secrecy.

• Journal of Convergence Society for SMB
• /
• v.4 no.3
• /
• pp.27-31
• /
• 2014

According to increasing of payment and settlements like smart banking, internet shopping and contactless transaction in smart device, the security issues are on the rise, such as the vulnerability of the mobile OS and certificates abuse problem, we need a secure user authentication. We apply the OTP using biometrics and PKI as user authentication way for dealing with this situation. Biometrics is less risk of loss and steal than other authentication that, in addition, the security can be enhanced more when using the biometric with OTP. In this paper, we propose a user authentication using biometrics and OTP in the mobile device.

• Journal of Korea Multimedia Society
• /
• v.16 no.3
• /
• pp.309-317
• /
• 2013

As the distribution rate of smart device increases, users of smartwork are increasingly able to work without constraints imposed by time and space. However, there are many security threats in smartwork environment. Security threats is illegal information for an unauthenticated device. Especially, smartwork environment is approach to users. Therefore, there are other matters concerning justifiable user and device authentication. However, the studies of smartwork are still in early stage of development, and the studies of user and device authentication also not enough to apply smartwork environment. In this paper, we proposed USIM based user and device authentication scheme in the smartwork environment.

• Journal of information and communication convergence engineering
• /
• v.5 no.2
• /
• pp.136-139
• /
• 2007

In this paper we will discuss a general idea about an information system which provides information a user really needs in user's authentication. We will discuss how RFID could be applied for this kind of system especially from the standpoint of using RFID as a way to collect information of personal belongings. Also we will discuss security issues of using RFID as a component of the proposed system because while RFID could provide usefulness, it could also be very dangerous for revealing private information without user's awareness.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.5
• /
• pp.2353-2359
• /
• 2011

The request of Green-IT technology and recommend of computer hardware resource are increasing explosively. So, necessity of Cloud computing is increasing rapidly. Berkeley Univ. announced teens constituent that threat Cloud computing in 2009 and problem for user authentication should be solved as is urgentest among them. So, We wish to propose effective user authentication protocol in Cloud computing environment. Secure safety for user quotation through Kerberos's ticket issue that is existent representative user authentication techniques, and defined authentication procedure of two steps that flow user authentication and service authentication through PKI's. Is uncomplicated structurally more than efficiency for certification protocol and examination result about safety, existent PKI that propose and simplify achievement procedure and system configuration more than Kerberos and reduced response time.

• The KIPS Transactions:PartC
• /
• v.10C no.1
• /
• pp.11-16
• /
• 2003

This paper implements Multiple User Authentication System to which the system authenticating with password only has been upgraded. The 4-staged authentication including user ID, password, smart card and access control information, etc. is used at the suggested Multiple User Authentication System. The user authentication system that this paper suggests has been developed based on SecuROS/FreeBSD with the function of access control added to FreeBSD kernel. It provides both the function to limit accost range to the system to each user and the function to check that when inputting important information the demand is the one if the system ; thus, the reliability becomes increased. In the SecuROS/FreeBSD system, MAC and RBAC are being used. So, in the case of users accessing to the system, the Information about the policies of MAC and RBAC to which users would access is used in the authentication. At the time, the access to system if permitted only when the access control information that users demanded satisfies all the access control rules which have been defined In the system.

• The KIPS Transactions:PartC
• /
• v.11C no.3
• /
• pp.309-318
• /
• 2004

AAAv6-based Diameter method is using in the user authentication to satisfy the users' increasing user authentication demand and to supply a safe communication between mobile node and server in the Mobile IP. therefore, In this paper, We design a model of server capacity based on EAP-TLS that in one of AAAv6 models with mobility among domains to get the optimized capacity index of the server for user authentication accomplishment. We elicitat the authentication capacity index for each server of which is accomplishing in user authentication using DSA/RSA algorithm and purpose the optimized condition for the AAAv6 capacity by the index.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.2
• /
• pp.7-17
• /
• 2004

It requires that user have to verify and conform with user authentication Protocol on non-meet face to face internet services offered by mobile terminal which user make known user's own intention, and user be using the normal. It is more operation time authentication protocol than Access control Protocol. That is what need to be user authentication protocol have verified security. non-reputation, and improved high-performance in operation time for mobile terminal. In order to solve the above demand, in this paper, we would design for mobile terminal of TCP User Authentication ECC Algorithm Protocol with a performance test. Algorithm has 160 bit key and designed IPv4 & IPv6 frame architecture. We should conclude that the proposed protocol have more verified security, non-reputation, confidentiality, and improved high-performance in operation time of mobile terminal from 1 to 17 times than before.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.11
• /
• pp.503-510
• /
• 2013

Recently, the rapid development of network technology has enabled people to use various services on the internet. However, the existing password-based user authentication system used in the internet environment requires a password table, which is a potential security threat as it could be leaked by an insider. To solve this issue, remote user authentication methods that do not require a user password table have been proposed. Regarding remote user authentication using a smart card in particular, various methods have been suggested to reduce expenses and to improve stability and efficiency, but the possibility of impersonation attacks and password-guessing attacks using information saved in a user's smart card still exist. Therefore, this study proposes a remote user authentication method that can safeguard against impersonation attacks and password guessing attacks, by analyzing weak points of conventional methods and creating a smart card's ID and password that are based on the user's ID and password.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.3
• /
• pp.133-138
• /
• 2009

Recently Lin et al. proposed the remote user authentication scheme using smart cards. But the proposed scheme has not been satisfied security requirements considering in the user authentication scheme using the password based smart card. In this paper, we showed that he can get the user's password using the off-line password guessing attack on the scheme when the adversary steals the user's smart card and extracts the information in the smart card. Also, we proposed the seven security requirements for evaluating remote user authentication schemes using smart card. As a result of analysis, in Lin et al's scheme we have found the deficiencies of security requirements. So we suggest the improved scheme, the mutual authentication scheme that does not store the user's password verifier in server and can authenticate each other at the same time between the user and server.