• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.87-97
• /
• 2003

In this paper, we define two security concepts, “non-computable security” and “distribution security”, about authentication information committed to a authentication server without any trustee, and propose an authenticatied key exchange protocol based on password, satisfying “distribution security”. We call it MAP(Muti-Server Authentication Protocol based on Password) and show that SSSO(Secure Single Sign On) using MAP solves a problem of SSO(Single Sign On) using authentication protocol based on password with a trustee.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.6
• /
• pp.53-65
• /
• 2001

Authentication mechanism for W-CMDA IMT-2000 system is developed by 3GPP TSG SA WG3. We simulated the mechanism and algorithms. In this paper, we overview 3GPP authentication procedures and present results of our simulation. We validate the mechanism and parameters transmitted during authentication procedures and we also discuss parameters which are unclear in specification.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1361-1373
• /
• 2016

Recently the need for user authentication with increasing, there are a variety of mechanisms, such as password, graphic authentication, token, biometrics and multiple authentication. in particular, the data of the 2-dimensional(2D) factors such as password, graphic authentication, biometrics is used because of the convenience. The stored information is problematic in that additional data recording needs to be performed whenever authentication data is updated. Furthermore, this storage method is problematic in that the time it takes to perform authentication increases because the time it takes to compare storage data with authentication data increases in proportion to an increase in the amount of the storage data. Accordingly, authentication through the rapid comparison of storage data with authentication data is a very important factor in data recording and authentication technology using memory. Using the three-dimensional(3D) optical memory by variously changing the recoding elements during recoding of data constitutes the way that multiple recoding different data storage. This enables high-density recoding in this way, and by applying the possible parallel processing at the time of recording and restoring method, provided that it is possible to quickly record and restore the data. In addition, each time to solve problems that require additional data recorded by a combination of the stored data record in the old data using a combination of the authentication. The proposed mechanism is proposed an authentication method using scheme after the recoding data in 3D optical memory to apply the conditions corresponding to the recoding condition when restoring the recorded data and through the experiment it was confirmed possible application as an authentication mechanism.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.763-768
• /
• 2003

In this paper, we propose a S/KEY based authentication protocol using smart cards to address the vulnerebilities of both the S/KEY authentication protocol and the secure one-time password protpcol which YEH, SHEN and HWANG proposed [1]. Because out protpcel is based on public key, it can authenticate the server and distribute a session key without any pre-shared secret. Also, it can prevent off-line dictionary attacks by using the randomly generated user is stored in the users smart card. More importantly, it can truly achieve the strength of the S/KEY scheme that no secret information need be stored on the server.

• TTA Journal
• /
• s.88
• /
• pp.141-148
• /
• 2003

TTA(한국정보통신기술협회)는 소프트웨어 품질인증 제품으로 2003년 6월 5일 3개, 7월 10일 4개 제품에 대하여 Good Software 마크를 발급하였다. 그리고 2003년 5월 21일에 VeriTest-TTA 인증으로 1개 제품에 대하여 VeriTest-TTA Good Quality, Optimized Performance & Internationalized를 발급하였다. 본 고에서는 상기한 인증 획득한 제품에 대하여 소개하고자 한다.

• Digital Contents
• /
• no.4 s.95
• /
• pp.38-48
• /
• 2001

최근 전자상거래의 활성화와 더불어 관심이 증대되고 있는 분야가 바로 인증 분야다. 따라서 전자인증의 증대에 따라 발생할 수 있는 사고와 그에 따른 인증기관의 업무와 배상 책임에 관해 다뤄보고자 한다. 본고는 한국정보보호센터(이하 KISA)의 정보보호 우수논문 공모전에서 입상한 논문으로 KISA의 허가에 의해 보도를 하며 저작권은 KISA에 있음을 밝힌다.

• TTA Journal
• /
• s.96
• /
• pp.86-93
• /
• 2004

한국정보통신기술협회(이하 TTA)는 2004월 1월부터 GSM 휴대폰에 대한 국제공인 인증시험을 제공하기 위해 시험설비 구축업무를 시작하여 지난 10월 1일부터 정식 인증시험을 제공하고 있다. 이에 본 고는 TTA가 제공하는 GSM 휴대폰 인증시험 종류, 시험장비, 시험서비스 장점 그리고 시험서비스 신청절차에 대하 소개하도록 한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.05a
• /
• pp.137-138
• /
• 2022

1. 생체 인증만을 이용하여 인증절차를 구성하여 장점을 극대화 한다. 2. 사용자를 인증하는 새로운 인증 방법을 고안하고, 융합 할 수 있다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.04a
• /
• pp.294-296
• /
• 2016

사물인터넷(Internet of Things)은 모든 사물들을 인터넷에 연결해 사람과 사물, 사물과 사물간의 정보를 상호 소통하여 지능형 서비스를 제공하는 기술을 의미한다. 그러나 IoT 환경은 유선 및 무선의 네트워크에 의한 연결이 필수이기 때문에 정보전달과 통신 과정에서 디바이스에 대한 인증이 반드시 필요하다. 따라서, 본 논문에서는 사물인터넷 네트워크 환경에서 사용자 디바이스 인증을 위해 SDN 기반의 IoT 디바이스 인증 모델을 제안한다.

• Journal of Internet Computing and Services
• /
• v.22 no.1
• /
• pp.99-107
• /
• 2021

With the recent establishment of a ubiquitous-based medical and healthcare environment, the medical information system for obtaining situation information from various sensors is increasing. In the medical information system environment based on context-awareness, the patient situation can be determined as normal or emergency using situational information. In addition, medical staff can easily access patient information after simple user authentication using ID and Password through applications on smart devices. However, these services of authentication and patient information access are staff-oriented systems and do not fully consider the ubiquitous-based healthcare information system environment. In this paper, we present a authentication service model based context-awareness system for providing situational information-driven authentication services to users who access medical information, and implemented proposed system. The authentication service model based context-awareness system is a service that recognizes patient situations through sensors and the authentication and authorization of medical staff proceed differently according to patient situations. It was implemented using wearables, biometric data measurement modules, camera sensors, etc. to configure various situational information measurement environments. If the patient situation was emergency situation, the medical information server sent an emergency message to the smart device of the medical staff, and the medical staff that received the emergency message tried to authenticate using the application of the smart device to access the patient information. Once all authentication was completed, medical staff will be given access to high-level medical information and can even checked patient medical information that could not be seen under normal situation. The authentication service model based context-awareness system not only fully considered the ubiquitous medical information system environment, but also enhanced patient-centered systematic security and access transparency.