Journal of the Korea Academia-Industrial cooperation Society (한국산학기술학회논문지)

The Korea Academia-Industrial cooperation Society (한국산학기술학회)
권호 표지
DOI QR코드

DOI QR Code

A Secure Authentication Model Using Two Passwords in Client Server Systems

클라이언트 서버 시스템 환경하에서 2개의 패스워드를 사용하는 안전한 인증 모델

  • Lee, Jae-Woo (Division of Computer Science & Information, Kyungbok College)
  • Received : 2010.12.22
  • Accepted : 2011.03.10
  • Published : 2011.03.31
Download PDF
⟨ Previous Next ⟩

Abstract

It is very important issues to protect many system resources using authorized client authentication in distributed client server systems. So it is not enough to prevent unauthorized opponents from attacking our systems that client authentication is performed using only the client's identifier and password. In this paper, we propose a secure authentication database modeling with two authentication keys such as a client authentication key and a server authentication key. The proposed authentication model can be used making high quality of computer security using two authentication keys during transaction processing. The two authentication keys are created by client and server, and are used in every request transaction without user's extra input. Using the proposed authentication keys, we can detect intrusion during authorized client's transaction processing because we can know intrusion immediately through comparing stored authentication keys in client server systems when hackers attack our network or computer systems.

클라이언트 서버 환경하에서 정당한 클라이언트를 인증하고 시스템 자원들을 보호하는 일은 매우 중요한 이슈 중에 하나이다. 즉, 인가받지 않은 사용자들에 의해 시스템이 보안 공격을 막아내기 위해서는 사용자의 아이디와 패스워드로는 불충분하다. 본 논문에서는 클라이언트 인증키와 서버 인증키를 사용하는 안전한 데이터베이스 인증모델을 제안하였다. 제안모델은 2개의 인증키를 사용하여 보안성을 높이고자 하였는데, 클라이언트와 서버간 데이타베이스 트랜잭션을 처리할 때 서로의 인증 패스워드를 관리하여 사용자의 별도의 입력 작업 없이 사용자 패스워드에 더하여 인증패스워드를 사용함으로써 시스템의 보안성을 높여줄 수 있는 안전한 인증모델을 제시하고자 하였다.

Keywords

References

  1. William Stallings, Network Security Essentials : Application and Standards, Prentice Hall, 1999.
  2. William Stallings, Cryptography and Network Security : Principles and Practice, Prentice Hall, 1999.
  3. Charlie Kaufman, Radia Perlman and Mike Speciner, Network Security : Private Communication in a Public World, Prentice Hall, 1995.
  4. Ravi Sandhu and Pierangela Samarati, "Authentication, Access Control, and Audit," ACM Computing Surveys, 28(1), pp.241-243, March 1996. https://doi.org/10.1145/234313.234412
  5. B.C. Neuman and Theodore Ts'o. Kerberos, "An Authentication Service for Computer Networks," IEEE Communications, 32(9), pp.33-38, September 1994. https://doi.org/10.1109/35.312841
  6. Shai Halevi and Hugo Krawczyk, "Public-key Cryptography and Password Protocols," ACM Transactions on Information and System Security, 2(3), pp.230-268, August 1999. https://doi.org/10.1145/322510.322514
  7. James Giles, Reiner Sailer, Dinesh Verma, and Suresh Chari, "Authentication for Distributed Web Caches," Lecture Notes in Computer Science, Vol. 2502, Springer-Verlag, pp.126-145, 2002. https://doi.org/10.1007/3-540-45853-0_8
  8. Ferdinand J. Dafelmair, "Survivability Strategy for a Security Critical Process," Lecture Notes in Computer Science, Vol. 2434, Springer-Verlag, pp.61-69, 2002. https://doi.org/10.1007/3-540-45732-1_8
  9. Jonathan Katz, Rafail Ostrovsky, and Moti Yung, "Forward Secrecy in Password-Only Key Exchange Protocols," Lecture Notes in Computer Science, Vol. 2576, Springer-Verlag, pp.29-44, 2002.
  10. Yasunori Ishihara, Shuichiro Ako, and Toru Fujiwara, "Security against Inference Attacks on Negative Information in Object-Oriented Databases," Lecture Notes in Computer Science, Vol. 2513, Springer-Verlag, pp.49-60, 2002.
  11. Donk-Kwan Kim, Seung-Soo Shin, "Three-Factor authentication system based on one time password," Proceedings of the KAIS Fall conference, The Korea Academia-Industrial cooperation Society, pp.25-28, 2008.