• Title/Summary/Keyword: 분산 식별자 인증

Search Result 6, Processing Time 0.019 seconds

The Reliable Communication Method for Self-Sovereign Identity Ecosystems (자기주권 신원 생태계를 위한 신뢰할 수 있는 통신 방법)

  • Chio, Gyu Hyun;Kim, Geun-Hyung
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.11 no.3
    • /
    • pp.91-98
    • /
    • 2022
  • With the recent increase in interest in metaverse in which virtual and physical spaces are digitally fused, many activities in physical spaces are expected to take place in web-based virtual spaces. Therefore, there is a need for research on a self-sovereign identity system that can secure privacy and mutual trust in a DID(decentralized identifier)-based virtual space environment. We, in this paper, developed and validated a reliable communication method consisting of DIDComm messages, a procedure for generating distributed identifiers, asymmetric keys, and DID documents based on Hyperledger Indy and DIDComm open sources. The developed communication method can be applied to verify each other by exchanging additional information and verifiable credentials for trust among communication participants.

A GRID Security System based on Proactive Authentification Information Service (선행적 인증 정보 서비스에 기반한 그리드 보안 시스템)

  • 권영도;서명구;장경일;남성진;박규석
    • Proceedings of the Korea Multimedia Society Conference
    • /
    • 2003.11b
    • /
    • pp.969-973
    • /
    • 2003
  • 지리적으로 분산되어 있는 이기종의 분산 컴퓨팅 자원과 대규모 데이터를 효과적으로 활용하기 위해서 최근에 GRID 컴퓨팅 환경에 대한 연구가 매우 활성화되고 있다. 이러한 GRID 환경을 구현하기 위해 필요한 부분중의 하나가 사용자와 자원간의 인증에 관련된 문제이다. 현재 Globus Toolkit은 PKI(Public Key Infrastructure)를 기본으로 하는 보안정책을 사용하고 있다. 이 정책은 인증과정에 적지않은 오버헤드가 발생되는 문제점을 가지고 있다. 이에 본 논문에서는 사용자와 자원간의 직접적인 인증으로 인해 발생하는 성능상의 비효율성을 줄이기 위해 사용자가 자원에 접속 하기전 AIS서버(Authentification Information Server)를 이용하여 미리 인증을 거친후, 자원에 접근한 때는 기 발급된 식별자로 인증 될 수 있도록 처리해주는 메커니즘을 제안한다.

  • PDF

Blockchain-based Smart Meter Authentication Protocol in Smart Grid Environment (스마트 그리드 환경에서 블록체인 기반 스마트 미터 인증 프로토콜)

  • Jonghyun Kim;Myeonghyun Kim;Youngho Park
    • Journal of Korea Society of Industrial Information Systems
    • /
    • v.28 no.5
    • /
    • pp.41-54
    • /
    • 2023
  • Smart grid that supports efficient energy production and management is used in various fields and industries. However, because of the environment in which services are provided through open networks, it is essential to resolve trust issues regarding security vulnerabilities and privacy preservation. In particular, the identification information of smart meter is managed by a centralized server, which makes it vulnerable to security attacks such as device stolen, data forgery, alteration, and deletion. To solve these problems, this paper proposes a blockchain based authentication protocol for a smart meter. The proposed scheme issues an unique decentralized identifiers (DIDs) for individual smart meter through blockchain and utilizes a random values based on physical unclonable function (PUF) to strengthen the integrity and reliability of data. In addition, we analyze the security of the proposed scheme using informal security analysis and AVISPA simulation, and show the efficiency of the proposed scheme by comparing with related work.

The Shortest Authentication Path for Performance Improvement of MHT Contents Authentication Method in Distributed Network Environment (분산 네트워크 환경에서의 MHT 콘텐츠 인증 기술 성능 개선을 위한 최소 인증 경로에 관한 연구)

  • Kim, DaeYoub
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.7 no.9
    • /
    • pp.235-242
    • /
    • 2018
  • Various technologies have been developed to more efficiently share content such as P2P, CDN, and CCN. These technologies take a common approach that content request packets is responded by distributed network nodes or hosts, not by a single content distributor. Such approaches not only resolve network congestion around content distributors, but also make it possible to distribute content regardless of the system and network status of content distributors. However, when receiving content from distributed nodes/hosts, not from authenticated distributors, users cannot practically identify which node/host sent content to them. Due to this characteristic, various hacking caused by the malicious modification of content is possible. Therefore, to make such approaches more secure, a content authentication technique is required. In this paper, we propose a improved operation of MHT used in CCN for authenticating distributed content. Then we evaluate the proposed method by comparing its performance with the existing technology.

Network Overhead Improvement for MHT-based Content Authentication Scheme (MHT 기반 콘텐츠 인증 기술의 전송량 개선)

  • KIM, DAEYOUB
    • Journal of Digital Convergence
    • /
    • v.16 no.1
    • /
    • pp.271-279
    • /
    • 2018
  • Various technologies have been developed to more efficiently share content such as P2P and CDN. These technologies take a common approach that request packets are responded by distributed network nodes, not by a single distributor. Such approaches not only resolve network congestion around content distributors, but also make it possible to distribute content regardless of the system and network status of content distributors. However, when receiving content from distributed nodes/hosts, not from authenticated distributors, users cannot practically identify which node/host sent content to them. Due to this characteristic, various hacking caused by the malicious modification of content is possible. Therefore, to make such approaches more secure, a content authentication technique is required. In this paper, we propose a improved operation of MHT used in CCN for authenticating distributed content. Then we evaluate the proposed method by comparing its performance with the existing technology.

Proposal for a Custody and Federated Service Model for the Decentralized Identity (분산 ID 보관 및 연계 서비스 모델 제안)

  • Yeo, Kiho;Park, Keundug;Youm, Heung Youl
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.30 no.3
    • /
    • pp.513-525
    • /
    • 2020
  • Until today, the personal information of subjects has been centralized in many companies or institutions. However, in recent days, the paradigm has gradually changed in the direction that subjects control their personal information and persue their self-sovereignty. Globally, individual data sovereignty is strengthened by the European Union's General Data Protection Regulation(GDPR) and the US California Consumer Privacy Act(CCPA). In Korea, a few alliances consist of various companies are creating technology research and service application cases for decentralized ID service model. In this paper, the current decentralized ID service model and its limitations are studied, and a improved decentralized ID service model that can solve them is proposed. The proposed model has a function of securely storing decentralized ID to the third party and a linkage function that can be interoperated even if different decentralized ID services are generated. In addition, a more secure and convenient model by identifying the security threats of the proposed model and deriving the security requirements, is proposed. It is expected that the decentralized ID technology will be applied not only to the proof of people but also to the device ID authentication management of the IoT in the future.