• Title, Summary, Keyword: Authentication

Search Result 3,844, Processing Time 0.049 seconds

The Classic Security Application in M2M: the Authentication Scheme of Mobile Payment

  • Hu, Liang;Chi, Ling;Li, Hong-Tu;Yuan, Wei;Sun, Yuyu;Chu, Jian-Feng
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.6 no.1
    • /
    • pp.131-146
    • /
    • 2012
  • As one of the four basic technologies of IOT (Internet of Things), M2M technology whose advance could influence on the technology of Internet of Things has a rapid development. Mobile Payment is one of the most widespread applications in M2M. Due to applying wireless network in Mobile Payment, the security issues based on wireless network have to be solved. The technologies applied in solutions generally include two sorts, encryption mechanism and authentication mechanism, the focus in this paper is the authentication mechanism of Mobile Payment. In this paper, we consider that there are four vital things in the authentication mechanism of Mobile Payment: two-way authentication, re-authentication, roaming authentication and inside authentication. Two-way authentication is to make the mobile device and the center system trust each other, and two-way authentication is the foundation of the other three. Re-authentication is to re-establish the active communication after the mobile subscriber changes his point of attachment to the network. Inside authentication is to prevent the attacker from obtaining the privacy via attacking the mobile device if the attacker captures the mobile device. Roaming authentication is to prove the mobile subscriber's legitimate identity to the foreign agency when he roams into a foreign place, and roaming authentication can be regarded as the integration of the above three. After making a simulation of our proposed authentication mechanism and analyzing the existed schemes, we summarize that the authentication mechanism based on the mentioned above in this paper and the encryption mechanism establish the integrate security framework of Mobile Payment together. This makes the parties of Mobile Payment apply the services which Mobile Payment provides credibly.

Multiple Method Authentication System Using Embedded Device (임베디드 기기를 활용한 다중 방식 인증 시스템)

  • Jeong, Pil-Seong;Cho, Yang-Hyun
    • Journal of the Korea Convergence Society
    • /
    • v.10 no.7
    • /
    • pp.7-14
    • /
    • 2019
  • Users who use smartphone can using knowledge-based authentication, possession-based authentication, biometric-based authentication, and token-based authentication in order to access rights to systems requiring authentication. However, desktop computer users use method only ID and password, which are knowledge-based authentication factors, due to limitations of authentication devices, despite various authentication methods. In this paper, we designed and implemented a raspberry pi based authentication system that provides multiple authentication method of a user's desired type. The implementation system uses knowledge-based authentication, possessive-based authentication, biometric-based authentication, and token-based authentication. The proposed system can provide a security function that can be used by SMEs, which is difficult to hire a security officer due to the economic burden. The implemented system can be used not only for personal use but also for enterprise, and it can be applied to various fields such as finance and game.

A Reliability Enhancement Technique of Mobile Payment (모바일 결제의 신뢰성 향상 방안)

  • Kim, Chul-Jin
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.17 no.7
    • /
    • pp.319-325
    • /
    • 2016
  • A variety of services for mobile payments by the activation of FinTech have been developed. Various payment methods were developed, and an authentication method was developed to improve the reliability of the payment. On the other hand, when mobile easy payment services are used, they have weak security because the authentication by phone number. Therefore, this paper proposes a technique for increasing the reliability of the authentication process using the unique device ID of the mobile device to improve the authentication process based on the telephone number. The core research contents are the architecture and process for the authentication of mobile payments based on the mobile device ID. The mobile payment architecture consists of a mobile device, authentication service, and mobile payment application. The mobile device consists of mobile device ID and phone number, and the authentication server consists of authentication module and encryption module. The mobile payment service consists of a pre-authentication module and decryption module. The process of mobile payment service is processed by the encrypted authentication information (device ID, phone number, and authentication number) among mobile devices, authentication server, and mobile payment application. The mobile device sends the telephone number and the device ID to the authentication server and the authentication server authenticates the user through an authentication process and encryption process. The mobile payment application performs the pre-authentication process by decrypting the received authentication number. This paper reports a difference that can prevent the risk of leakage of the authentication number in existing payment services through the authentication process of the authentication server and the pre-authentication process of the mobile payment service of this paper.

User Authentication System based on Auto Identification and Data Collection (자동인식 및 데이터 수집을 이용한 사용자 인증 시스템)

  • Jeong, Pil-seong;Cho, Yang-hyun
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.22 no.1
    • /
    • pp.75-82
    • /
    • 2018
  • As user of mobile device increases, various user authentication methods are actively researched. The user authentication methods includes a method of using a user ID and a password, a method of using user biometric feature, a method of using location based, and a method of authenticating secondary authentication such as OTP(One Time Password) method is used. In this paper, we propose a user system which improves the problem of existing authentication method and encryption can proceed in a way that user desires. The proposed authentication system is composed of an authentication factor collection module that collects authentication factors using a mobile device, a security key generation module that generates a security key by combining the collected authentication factors, and a module that performs authentication using the generated security key module.

A Framework for Trustworthy Open Shared Authentication Protocol (신뢰적인 개방형 공유 인증 프로토콜 프레임워크)

  • Park, Seung-Chul
    • The KIPS Transactions:PartC
    • /
    • v.18C no.6
    • /
    • pp.389-396
    • /
    • 2011
  • Recently, researches on the shared authentication based on single sign-on have been actively performed so as to solve the problems of current service provider-centric and isolated Internet authentications, including low usability, high cost structure, and difficulty in privacy protection. In order for the shared authentication model, where the authentications of an authentication provider are shared by several Internet service providers, to be accepted in real Internet environment, trustworthiness among users, service providers, and authentication providers on the level of authentication assurance and the level of authentication information protection is necessarily required. This paper proposes a framework for trustworthy and privacy-protected shared authentication protocol based on the user-centric operation and open trust provider network. The proposed framework is differentiated from previous works in the points that it is able to provide interoperable shared authentication services on the basis of open trust infrastructure.

IoT Multi-Phase Authentication System Using Token Based Blockchain (블록체인 기반의 토큰을 이용한 IoT 다단계 인증 시스템)

  • Park, Hwan;Kim, Mi-sun;Seo, Jae-hyun
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.8 no.6
    • /
    • pp.139-150
    • /
    • 2019
  • IoT(Internet of Things) security is becoming increasingly important because IoT potentially has a variety of security threats, including limited hardware specifications and physical attacks. This paper is a study on the certification technology suitable for the lightened IoT environment, and we propose a system in which many gateways share authentication information and issue authentication tokens for mutual authentication using blockchain. The IoT node can be issued an authentication token from one gateway to continuously perform authentication with a gateway in the block-chain network using an existing issued token without performing re-authentication from another gateway participating in the block-chain network. Since we do not perform re-authentication for other devices in a blockchain network with only one authentication, we proposed multi phase authentication consisting of device authentication and message authentication in order to enhance the authentication function. By sharing the authentication information on the blockchain network, it is possible to guarantee the integrity and reliability of the authentication token.

A Study on PIN-based Authentication and ID Registration by Transfer in AAA System (AAA시스템에서의 이동에 따른 PIN 기반의 인증 및 ID 등록에 관한 연구)

  • Kang Seo-Il;Lee Im-Yeong
    • The KIPS Transactions:PartC
    • /
    • v.13C no.3
    • /
    • pp.359-368
    • /
    • 2006
  • AAA(Authentication, Authorization, Accounting) is the service that offers authentication, authorization, and accounting method, and every terminal that accesses the network requires this AAA service. The authentication process of a mobile terminal is as follows: a mobile phone accesses an authentication server in a home network via the authentication service in an external network, which receives the authentication result. And, for the home authentication server to offer secure service, a unique key is distributed for the secure communication between the external agent and the user, the external agent and the home authentication server, and the user and the home authentication server. This paper discusses and proposes the key distribution for secure communication among external authentication servers when a mobile terminal travels to an external network. As the proposed method does not require the home authentication server to reissue another authentication when a user travels to other external networks, it reduces the overload in the home authentication server. It can also distribute a PIN-driven key.

A Secure WLAN Authentication Scheme

  • Singh, Rajeev;Sharma, Teek Parval
    • IEIE Transactions on Smart Processing and Computing
    • /
    • v.2 no.3
    • /
    • pp.176-187
    • /
    • 2013
  • Message replay, malicious Access Point (AP) associations and Denial of Service (DoS) attacks are the major threats in Wireless LANs. These threats are possible due to a lack of proper authentication and insecure message communications between wireless devices. Current wireless authentication & key exchange (AKE) schemes and security protocols (WEP, WPA and IEEE 802.11i) are not sufficient against these threats. This paper presents a novel Secure WLAN Authentication Scheme (SWAS). The scheme introduces the delegation concept of mobile authentication in WLANs, and provides mutual authentication to all parties (Wireless Station, Access Point and Authentication Server). The messages involved in the process serve both authentication and key refreshing purposes. The scheme enhances the security by protecting the messages through cryptographic techniques and reduces the DoS impact. The results showed that cryptographic techniques do not result in extra latencies in authentication. The scheme also reduces the communication cost and network overhead.

  • PDF

Security enhanced privacy-aware two-factor authentication protocol for wireless sensor networks (무선 센서 네트워크 환경을 위한 보안성이 향상된 프라이버시 보호형 two-factor 인증 프로토콜)

  • Choi, Younsung;Chang, Beom-Hwan
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.15 no.4
    • /
    • pp.71-84
    • /
    • 2019
  • Various researchers conducted the research on two-factor authentication suitable for wireless sensor networks (WSNs) after Das first proposed two-factor authentication combining the smart card and password. After then, To improve the security of user authentication, elliptic curve cryptography(ECC)-based authentication protocols have been proposed. Jiang et al. proposed a privacy-aware two-factor authentication protocol based on ECC for WSM for resolving various problems of ECC-based authentication protocols. However, Jiang et al.'s protocol has the vulnerabilities on a lack of mutual authentication, a risk of SID modification and a lack of sensor anonymity, and user's ID exposed on sensor node Therefore, this paper proposed security enhanced privacy-aware two-factor authentication protocol for wireless sensor networks to solve the problem of Jiang et al.'s protocol, and security analysis was conducted for the proposed protocol.

Authentication and Trust Relationship Chaining for Resource Sharing Community (자원 공유 커뮤니티를 위한 인증 기술과 신뢰관계사슬)

  • Kim, Jeong Gon;Kim, Shin Kon
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.6 no.2
    • /
    • pp.55-69
    • /
    • 2010
  • This article proposed the authentication protocol for peer-to-peer resource sharing community. The proposed protocol does not require a priori information for generating and exchanging authentication key. Also this protocol can provide the delicate access control by allowing the user(authenticator) to assign the trust level to the authentication supplicant, which can be used to decide if the resource providing node will accept the resource sharing request from a resource requesting node. Trust Relationship Chaining provides the environment where trust levels (included in the trust table) of nodes in the resource sharing community are propagated among nodes when trust tables are exchanged between two nodes engaged in mutual authentication process and authentication refresh so that any two nodes which are not directly mutual-authenticated can assign the trust level each other for the access control for resource sharing. In the proposed protocol a node can implements the authentication refresh continuously to verify the effectiveness of authentication after mutual authentication so that the authentication of new node or authentication revocation(effectiveness cancellation) of the departed node can be propagated to the all the nodes in RSC and eventually safe resource sharing community is configured.