• Title/Summary/Keyword: 선행인증기법

Search Result 16, Processing Time 0.028 seconds

A Proactive Authentication Using Credentials based on Chameleon Hashing in MIH Environments (MIH 환경에서 카멜레온 해쉬 기반의 인증값을 이용한 선행 인증 기법)

  • Chae, Kang-Suk;Choi, Jae-Duck;Jung, Sou-Hwan
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.35 no.5B
    • /
    • pp.840-848
    • /
    • 2010
  • This paper proposes a proactive authentication scheme using credentials based on chameleon hashing in MIH environments. There is a proactive authentication structure defined by IEEE 802.21 Security Study Group for the link access in MIH environment. Both schemes based on EAP and on PKI can be applied to such structure, but the former has caused network traffic due to the complicated authentication procedure and the latter has complex structure for managing certificates. The proposed scheme performs the proactive authentication procedure only between a mobile node and a MIH Key Holder by using credentials based on chameleon hashing. Our scheme reduces the network traffic since authentication with the server is unnecessary in MIH environment and PKI structure is not required as well. In addition, the proposed scheme provides secure PFS and PBS features owing to the authenticated Diffie-Hellman key exchange of the chameleon-based credential.

A Design of Proactive Authentication Technique for Stable Roaming In Wireless LAN Environment (무선 랜 환경에서 안정적인 로밍을 위한 선행 인증기법 설계)

  • Hong, Soon-Ja;Koo, Yong-Wan
    • Journal of Internet Computing and Services
    • /
    • v.7 no.5
    • /
    • pp.33-41
    • /
    • 2006
  • Wireless LAN is intrinsically weak in security of transmissions. WPKI (Wireless Public Key Infrastructure) is a well known Method to deal with the security issues in wireless LAN. The authentication required by the method becomes a source of unrellability of the hand-off performance. This paper suggests a solution to overcome the instability while using the WPKI technique, Prior to getting into the next region, a station is provided with the keys of the surrounding regions so that the possible delay problem can be avoided during the actual hand-off time. Thereby the hand-off instability can be solved in the WPKI framework.

  • PDF

User Authentication Mechanism for SIP Call Signaling (SIP Call Signaling을 위한 사용자 인증 기법)

  • Choi, Kyoung-Ho;Im, Eul-Gyu
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2008.06d
    • /
    • pp.110-115
    • /
    • 2008
  • 음성 데이터를 IP기반의 패킷망을 통해 전송하는 기술인 VoIP(Voice over Internet Protocol) 기술은 음성 데이터를 기존의 PSTN(Public Switched Telephone Network)망을 통해 전송하는 방식에 비해 비용 절감 등의 장점을 가지고 있다. 그러나 VoIP가 기존의 PSTN망을 대체하기 위해서는 QoS(Quality of Service)의 보장과 보안이 제공되어야 한다는 문제점을 가지고 있다. VoIP망에서 보안을 위해서는 사용자간에 전송되는 음성 데이터에 대한 보안과 초기의 세션 연결 시 사용자를 인증하는 과정이 고려되어져야 한다. 실질적인 대화 내용인 음성 데이터의 보안도 중요한 부분이지만 대화에 참여하는 사용자를 인증하는 과정이 선행되어야 한다. VoIP에서는 세션 연결 설정을 위해 H.323과 SIP를 사용하고 있으며, 최근에는 H.323에 비해 간단한 SIP가 주목을 받고 있다. RFC3261에서는 SIP를 이용해 세션 연결을 하는 과정에서 사용자를 인증하기 위한 몇 가지 인증 메커니즘을 제시하고 있다. 본 논문에서는 SIP를 이용하여 세션을 연결하는 과정에서 사용자의 인증을 위해 사용되는 인증 메커니즘 중 한 가지인 HTTP Digest Authentication의 취약점을 분석하고, 이를 보완하기 위한 새로운 인증 메커니즘을 제시한다.

  • PDF

Scheme for Verification Between Mobile Devices in a Service with Expiration Time by Using Zero-knowledge Proof (영지식 증명을 이용한 가입기간이 정해진 서비스에서 이동 통신 기기간 인증 기법)

  • Park, Young-Hoon;Seo, Seung-Woo
    • Journal of the Institute of Electronics and Information Engineers
    • /
    • v.50 no.3
    • /
    • pp.23-32
    • /
    • 2013
  • As the mobile communication technology is developed, the services for communication between the mobile devices are provided, and the amount of usage is increasing tremendously. For the device-to-device communication, the device should be verified if it is a service member. The existing verification schemes include interactions with the third party, while this may cause the problems that the bandwidth is dissipated and the devices which are out of the communication range of the base station cannot communicate with other devices. To solve such problems, we propose a new scheme for verification between mobile devices without interaction of third party. For the proposed scheme, we develop and employ a new zero-knowledge proof protocol, which verifies the device's membership and its expiration time. Furthermore, the scheme guarantees privacy of the mobile device since it checks the encrypted verification message without decrypting, and protects replaying attack since it uses challenge-response method.

Proactive Code Verification Protocol Using Empty Memory Deletion in Wireless Sensor Network (무선 센서 네트워크에서의 메모리 공간 삭제를 이용한 선행 코드-검증 기법)

  • Choi, Young-Geun;Kang, Jeon-Il;Lee, Kyung-Hee;Nyang, Dae-Hun
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.17 no.4
    • /
    • pp.37-46
    • /
    • 2007
  • The authentication in WSN(Wireless Sensor Network) usually means the entity authentication, but owing to the data centric nature of sensor network, much more importance must be put on the authentication(or attestation) for code of sensor nodes. The naive approach to the attestation is for the verifier to compare the previously known memory contents of the target node with the actual memory contents in the target node, but it has a significant drawback. In this paper, we show what the drawback is and propose a countermeasure. This scheme can verify the whole memory space of the target node and provides extremely low probability of malicious code's concealment without depending on accurate timing information unlike SWATT. We provide two modes of this verification method: BS-to-node and node-to-node. The performance estimation in various environments is shown.

A Study on the Priority of Complementary Measures about Deficiencies on the PIMS Certification (PIMS 인증결함의 보완조치 우선순위에 관한 연구)

  • Kang, Da-Yeon;Jeon, Jin-Hwan;Hwang, Jong-Ho
    • The Journal of the Korea Contents Association
    • /
    • v.18 no.4
    • /
    • pp.10-17
    • /
    • 2018
  • Most of the privacy officers of organizations are hard to think of the corrective action about deficiencies of the PIMS(Personal Information Management Systems) certification. Because, it is difficult to define the priority of the complementary measures due to the unique characteristics and procedures of personal information protection for each organization. The purpose of this study is to evaluate the priority of the complementary measures using the Analytic Hierarchy Process(AHP). According to the results, it is important to comply with the legal requirements in the first tier. The second tier, PIMS experts answered that dedicated organization, password management, and agreement of the subject are important. Above all, agreement of the subject was found the highest priority for complementary measures about PIMS's deficiencies.

An Empirical Study on the Obstacle Factors of ISMS Certification Using Exploratory Factor Analysis (탐색적 요인 분석을 이용한 기업의 ISMS 인증 시 장애요인에 관한 연구)

  • Park, Kyeong-Tae;Kim, Sehun
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.5
    • /
    • pp.951-959
    • /
    • 2014
  • In the past few years, data leakage of information assets has become a prominent issue. According to the National Intelligence Service in South Korea, they found 375 cases of data leakage from 2003 to 2013, especially 49 of cases have been uncovered in 2013 alone. These criminals are increasing as time passes. Thus, it constitutes a reason for establishment and operation of ISMS (Information Security Management System) even for private enterprises. But to be ISMS certified, there are many exposed or unexposed barriers, moreover, sufficient amount of studies has not been conducted on the barriers of ISMS Certification. In this study, we analyse empirically through exploratory factor analysis (EFA) to find the obstacle factors of ISMS Certification. The result shows that there are six obstacle factors in ISMS Certification; Auditing difficulty and period, Consulting firm related, Certification precedence case and consulting qualification, Internal factor, CA reliability and auditing cost, Certification benefit.

Dynamic Analysis of Composite Satellite Antenna Structure for Sine Vibration Test (복합재료 위성안테나의 진동시험을 위한 구조 동해석)

  • ;;;;;Horst Stockburger
    • Proceedings of the Korean Society For Composite Materials Conference
    • /
    • 2002.05a
    • /
    • pp.119-122
    • /
    • 2002
  • The vibration qualification test of satellite antenna is required to verify that there will be no structural damage due to the severe vibration caused by the launch of satellite. For the qualification test, reasonable test load condition needs to be introduced by dynamic analysis. The present work has been performed to provide an understanding how the qualification test load can be evaluated by the results of both normal mode and sine vibration analyses with notching technique for a composite Ka-band antenna structure.

  • PDF

A Study on User Authentication with Smartphone Accelerometer Sensor (스마트폰 가속도 센서를 이용한 사용자 인증 방법 연구)

  • Seo, Jun-seok;Moon, Jong-sub
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.6
    • /
    • pp.1477-1484
    • /
    • 2015
  • With the growth of financial industry with smartphone, interest on user authentication using smartphone has been arisen in these days. There are various type of biometric user authentication techniques, but gait recognition using accelerometer sensor in smartphone does not seem to develop remarkably. This paper suggests the method of user authentication using accelerometer sensor embedded in smartphone. Specifically, calibrate the sensor data from smartphone with 3D-transformation, extract features from transformed data and do principle component analysis, and learn model with using gaussian mixture model. Next, authenticate user data with confidence interval of GMM model. As result, proposed method is capable of user authentication with accelerometer sensor on smartphone as a high degree of accuracy(about 96%) even in the situation that environment control and limitation are minimum on the research.

Proposal of a Mutual Authentication and Key Management Scheme based on SRP protocol (SRP 기반의 DCAS 상호인증 및 키 관리 기법의 제안)

  • Choi, Hyun-Woo;Yeo, Don-Gu;Jang, Jae-Hoon;Youm, Heung-Youl
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.3
    • /
    • pp.53-65
    • /
    • 2010
  • Conditional Access System (CAS) is a core security mechanism of IPTV SCP (Service and Content Protection) which enables only authenticated user to be able to watch the broadcasting contents. In the past, it was general that CAS was built in Set-Top Box (STB) as hardware or as a detachable cable card. However, numerous researches in Downloadable CAS (DCAS), where users can download CAS code in their STB through their network, have been recently conducted widely due to the lack of security and scalability problem. In this paper, the security requirements of OpenCable based DCAS which is typical example of downloadable IPTV SCP will be derived, the novel authentication and key management scheme will be proposed by using the Authentication Proxy (AP) which is the core DCAS. Also, the benefits of the proposed system will be evaluated by comparison and analysis with preceding research.