• Electronics and Telecommunications Trends
• /
• v.24 no.5
• /
• pp.133-142
• /
• 2009

본 고에서는 사용자가 모바일 환경에서 자신의 ID 정보를 효율적으로 공유하기 위한 ID 공유 게이트웨이 기술에 대해 기술하고 있다. ID 공유 게이트웨이는 모바일 환경에서 ID 정보 공유시 문제가 될 수 있는 프로토콜 변환 및 메시지 보안 기능을 전담하여 처리하는 것이 목적이다. 이러한 게이트웨이 기술은 향후 ID 공유 기술을 이용한 다양한 음복함 서비스를 모바일 웹 응용서비스에서도 가능하게 한다는 의미를 가지고 있다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.619-620
• /
• 2009

웹 기반의 전자ID지갑을 모바일 환경에서 활용하게 되면 오프라인에서 각종 인증 및 지불 등이 모바일 전자ID지갑을 통해 가능하게 된다. 모바일 전자ID지갑이 오프라인에서 활용되려면 근거리 무선망을 통한 통신이 이루어져야 하는데, 이를 위해서는 각 사업자별로 동일한 방식으로 무선 통신이 이루어져야 모바일 전자ID지갑의 상호운용성을 보장할 수 있다. 이러한 근거리 무선통신 기술로 NFC(Near Field Communication)가 세계 표준으로 지정되어 기술 개발이 이루어지고 있다. 본 논문에서는 전자ID지갑의 역할을 오프라인으로 확대시킬 수 있는 NFC 기술과 이와 관련된 보안 알고리즘, NFC와 USIM 인터페이스에 대해 연구한다.

• Journal of the Korea Convergence Society
• /
• v.2 no.1
• /
• pp.1-6
• /
• 2011

The wide use of mobile devices such as smart phones makes the mobile commerce industry be growing-up rapidly. In mobile commerce security, how to secure a copyright of mobile contents and how to distribute it are of major concerns. The user can carry the smart phone regardless of the places. Thus the utilization of it is very high than that of personal computers. The USIM(Universal Subscriber Information Module) inserted in the smart phone binds the user with the device. This means that the smart phone can be used to represent the owner's identity. In this paper, we develop the mobile ID based digital signature scheme. We create the mobile ID by combining USIM with the user's random secret value. In addition, undeniable property of our signature scheme can make ID based applications such as mobile voting and mobile content distribution be possible with the smart phone.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.7
• /
• pp.319-325
• /
• 2016

A variety of services for mobile payments by the activation of FinTech have been developed. Various payment methods were developed, and an authentication method was developed to improve the reliability of the payment. On the other hand, when mobile easy payment services are used, they have weak security because the authentication by phone number. Therefore, this paper proposes a technique for increasing the reliability of the authentication process using the unique device ID of the mobile device to improve the authentication process based on the telephone number. The core research contents are the architecture and process for the authentication of mobile payments based on the mobile device ID. The mobile payment architecture consists of a mobile device, authentication service, and mobile payment application. The mobile device consists of mobile device ID and phone number, and the authentication server consists of authentication module and encryption module. The mobile payment service consists of a pre-authentication module and decryption module. The process of mobile payment service is processed by the encrypted authentication information (device ID, phone number, and authentication number) among mobile devices, authentication server, and mobile payment application. The mobile device sends the telephone number and the device ID to the authentication server and the authentication server authenticates the user through an authentication process and encryption process. The mobile payment application performs the pre-authentication process by decrypting the received authentication number. This paper reports a difference that can prevent the risk of leakage of the authentication number in existing payment services through the authentication process of the authentication server and the pre-authentication process of the mobile payment service of this paper.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.10C
• /
• pp.764-777
• /
• 2008

In 4G environments, which is the next generation technology for mobile network, it is forecasted that the wireless Internet using a mobile devices such as a mobile phone, PDA will increase because of expansion of Internet and integration of heterogeneous networks. Therefore, we need a Digital ID management technology that can prevent illegal uses and manage private information efficiently in wired and wireless environments. In this paper, we analyze various Digital ID management technologies, and then define requirements of user-centric Digital ID management technology. In addition, we newly propose the authentication mechanism for mobile applications in LTE/SAE network. Finally, we propose the mobile Digital ID Wallet mechanism suitable for 4G environments.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.06d
• /
• pp.35-39
• /
• 2007

OpenID는 웹 서비스를 위한 사용자 중심의 분산형 인증 메커니즘을 제공한다. OpenID를 이용하면 기존의 아이디와 패스워드를 이용한 인증방법보다 더 편리한 회원등록과 로그인 기능을 제공 할 수 있다. 본 논문에서는 OpenID를 이용하여 모바일 웹 환경에서의 사용자 인증 메커니즘을 설계한다. 먼저, 이동통신 망과 무선인터넷에서의 사용자 인증기술에 대해서 분석하고, OpenID를 이용한 개선된 모바일 웹 사용자 인증 메커니즘을 제안한다. 제안하는 메커니즘의 목표는 모바일 웹 사용자에게는 보다 효율적인 회원등록과 로그인 기능을 제공하고, 모바일 웹 서비스 제공자에게는 좀 더 신뢰성 있는 사용자 인증 수단을 제공하는 데 있다.

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.3-8
• /
• 2015

Most mobile cloud computing system use public key cryptography to provide data security and mutual authentication. A variant of traditional public key technologies called Identity-Based Cryptography(IBC) has recently received considerable attention. The certificate-free approach of IBC may well match the dynamic qualities of cloud environment. But, there is a need for a lightweight secure framework that provides security with minimum processing overhead on mobile devices. In this paper, we propose to use hierarchical ID-Based Encryption in mobile cloud computing. It is suitable for a mobile network since it can reduce the workload of root Public Key Generators by delegating the privilege of user authentication and private key generation. The Identity-Based Encryption and Identity-Based Signature are also proposed and an ID-Based Authentication scheme is presented to secure data processing. The proposed scheme is designed by one-way hash functions and XOR operations, thus has low computation costs for mobile users.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.2
• /
• pp.258-264
• /
• 2015

This research suggests critical factors affecting success and failure of several commercial mobile operating systems from Palm OS appearing in to main mobile OSs appearing in 2013. For this, we analyses several mobile operating cases, elicit factors affecting success and failure of mobile OS, and conduct ID3 based inductive learning analyses based on elicited factors and values in case dataset. Through this, we draw rules in success and failure of mobile OS and suggest strategic implications for the commercial success of mobile OS in perspective of innovation and globalization.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.10a
• /
• pp.328-331
• /
• 2013

As digital ecosystem has been rapidly transforming into the mobile based platform, several mobile operating system, which is in charge of user interface with mobile device has been appeared. This research suggest critical factors affecting success and failure of several commercial mobile operating systems from Palm OS appearing in 1996 to main mobile OSs appearing in 2013. For this, we analyse several mobile operating OS cases, elicit factors affecting success and failure of mobile OS, and conduct ID3 based inductive learning analyses based on elicted factors and values in case dataset. Through this, we draw rules in success and failure of mobile OS and suggest strategic implications for the commercial success of mobile OS.

• Journal of KIISE:Information Networking
• /
• v.36 no.4
• /
• pp.297-308
• /
• 2009

In 2008, ETRI developed a new mobile digital ID wallet, in which anyone can store personal information and PKI credential. When the wallet is used, privacy protection is one of the most important problems and personal information should be protected under various usage scenarios such as exchanging sensitive information in on/off-line environments, joining as a new member in the web site, etc. In this paper, we propose a triangular trust management scheme that can effectively manage trustness and also protect sensitive personal information. This scheme relies on three techniques: PKI, reputation and condition (situation context). We implemented prototype of our scheme, and tested it under various scenarios, which showed that the proposed scheme can effectively be used for diverse cases.