• Title, Summary, Keyword: Authentication

Search Result 3,844, Processing Time 0.056 seconds

Development Status and Prospects of Graphical Password Authentication System in Korea

  • Yang, Gi-Chul
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.11
    • /
    • pp.5755-5772
    • /
    • 2019
  • Security is becoming more important as society changes rapidly. In addition, today's ICT environment demands changes in existing security technologies. As a result, password authentication methods are also changing. The authentication method most often used for security is password authentication. The most-commonly used passwords are text-based. Security enhancement requires longer and more complex passwords, but long, complex, text-based passwords are hard to remember and inconvenient to use. Therefore, authentication techniques that can replace text-based passwords are required today. Graphical passwords are more difficult to steal than text-based passwords and are easier for users to remember. In recent years, researches into graphical passwords that can replace existing text-based passwords are being actively conducting in various places throughout the world. This article surveys recent research and development directions of graphical password authentication systems in Korea. For this purpose, security authentication methods using graphical passwords are categorized into technical groups and the research associated with graphical passwords performed in Korea is explored. In addition, the advantages and disadvantages of all investigated graphical password authentication methods were analyzed along with their characteristics.

Wireless PKI for Reducing Certificate Acquisition Time According to Authentication Path

  • Choi Seung-Kwon;Cho Yong-Hwan;Shin Seung-Soo;Jang Yoon-Sik
    • International Journal of Contents
    • /
    • v.1 no.1
    • /
    • pp.29-34
    • /
    • 2005
  • In this paper, we proposed an advanced authentication structure for reducing the certificate acquisition time which is one of the factors that should be improved in a conventional wireless PKI. A conventional key exchange method simply performs the key exchange setup step based on discrete algebraic subjects. But the mutual-authentication procedure of wireless PKI for reducing authentication time uses an elliptical curve for a key exchange setup step. We simulated and compared the authentication structure proposed by Sufatrio, K. Lam[4] and proposed authentication structure in terms of the authentication time. Simulation results show that the proposed method reduces the authentication time compared to the conventional wireless PKI authentication method.

  • PDF

Authentication Scheme in Wireless Mobile Multi-hop Networks (무선 모바일 멀티 홉 네트워크에서의 인증 기법 고찰 및 개선)

  • Lee, Yong;Lee, Goo Yeon
    • Journal of Industrial Technology
    • /
    • v.27 no.B
    • /
    • pp.43-51
    • /
    • 2007
  • In mobile multi-hop wireless networks, the authentication between a base station and a mobile multi-hop node, between multi-hop nodes, and between user a station and a multi-hop node is needed for the reliable and secure network operation. In this paper, we survey various authentication schemes which can be considered to be adopted in mobile multi-hop wireless networks and propose a concept of novel mutual authentication scheme applicable to mobile multi-hop network architecture. The scheme should resolve the initial trust gain problem of a multi-hop node at its entry to the network, the problem of rogue mobile multi-hop node and the problem of hop-by-hop authentication between multi-hop nodes. Effectively, the scheme is a hybrid scheme of the distributed authentication method and the centralized authentication method which are considered to be deployed in the wireless ad-hoc network and the wireless network connected to wired authentication servers, respectively.

  • PDF

An Improved Smart Card-based User Authentication Scheme with Session Key Agreement for Telecare Medicine Information System

  • Yang, Hyungkyu
    • International Journal of Internet, Broadcasting and Communication
    • /
    • v.9 no.3
    • /
    • pp.35-43
    • /
    • 2017
  • In 2013, Lee-Lie proposed secure smart card based authentication scheme of Zhu's authentication for TMIS which is secure against the various attacks and efficient password change. In this paper, we discuss the security of Lee-Lie's smart card-based authentication scheme, and we have shown that Lee-Lie's authentication scheme is still insecure against the various attacks. Also, we proposed the improved scheme to overcome these security problems of Lee-Lie's authentication scheme, even if the secret information stored in the smart card is revealed. As a result, we can see that the improved smart card based user authentication scheme for TMIS is secure against the insider attack, the password guessing attack, the user impersonation attack, the server masquerading attack, the session key generation attack and provides mutual authentication between the user and the telecare system.

New Authentication Methods based on User's Behavior Big Data Analysis on Cloud (클라우드 환경에서 빅데이터 분석을 통한 새로운 사용자 인증방법에 관한 연구)

  • Hong, Sunghyuck
    • Journal of Convergence Society for SMB
    • /
    • v.6 no.4
    • /
    • pp.31-36
    • /
    • 2016
  • User authentication is the first step to network security. There are lots of authentication types, and more than one authentication method works together for user's authentication in the network. Except for biometric authentication, most authentication methods can be copied, or someone else can adopt and abuse someone else's credential method. Thus, more than one authentication method must be used for user authentication. However, more credential makes system degrade and inefficient as they log on the system. Therefore, without tradeoff performance with efficiency, this research proposed user's behavior based authentication for secure communication, and it will improve to establish a secure and efficient communication.

Smart Card Based Password Authentication Scheme using Fuzzy Extraction Technology (퍼지추출 기술을 활용한 스마트 카드 기반 패스워드 인증 스킴)

  • Choi, Younsung
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.14 no.4
    • /
    • pp.125-134
    • /
    • 2018
  • Lamport firstly suggested password base authentication scheme and then, similar authentication schemes have been studied. Due to the development of Internet network technology, remote user authentication using smart card has been studied. Li et al. analyzed authentication scheme of Chen et al. and then, Li et al. found out the security weakness of Chen et al.'s scheme such forward secrecy and the wrong password login problem, and proposed an a new smart card based user password authentication scheme. But Liu et al. found out that Li et al.'s scheme still had security problems such an insider attack and man-in-the-middle attack and then Liu et al. proposed an efficient and secure smart card based password authentication scheme. This paper analyzed Liu et al.'s authentication and found out that Liu et al.'s authentication has security weakness such as no perfect forward secrecy, off-line password guessing attack, smart-card loss attack, and no anonymity. And then, this paper proposed security enhanced efficient smart card based password authentication scheme using fuzzy extraction technology.

Single Sign-On based Authentication System combined with Blockchain (블록체인을 활용한 Single Sign-On 기반 인증 시스템)

  • Im, Jihyeok;Lee, Myeongha;Lee, Hyung-Woo
    • Journal of The Korea Internet of Things Society
    • /
    • v.4 no.2
    • /
    • pp.13-20
    • /
    • 2018
  • In this paper, we propose an authentication system that combines 'Single-Sign-On' and 'Token-based authentication' based on 'Block Chain' technology. We provide 'access control' function and 'integrity' by combining block-chain technology with single-sign-on authentication method and provided stateless self-contained authentication function using Token based authentication method. It was able to enhance the security by performing the encryption based Token issuance and authentication process and provided convenience of authentication to Web Server. As a result, we can provide token-based SSO authentication service efficiently by providing a convenient way to improve the cumbersome authentication process.

User Authentication System using OCR (광학문자인식을 이용한 사용자 인증 시스템)

  • Jeong, Pil-Seong;Cho, Yang-Hyun
    • Journal of the Korea Convergence Society
    • /
    • v.9 no.9
    • /
    • pp.15-22
    • /
    • 2018
  • As smart devices become popular, users can use authentication services in various methods. Authentication services include authentication using an ID and a password, authentication using a sms, and authentication using an OTP(One Time Password). This paper proposed an authentication system that solves the security problem of knowledge-based authentication using optical character recognition and can easily and quickly authenticate users. The proposed authentication system extracts a character from an uploaded image by a user and authenticates the user using the extracted character information. The proposed authentication system has the advantage of not using a password or an OTP that are easily exposed or lost, and can not be authenticated without using accurate photographs. The proposed authentication system is platform independent and can be used for user authentication, file encryption and decryption.

A Study of User Perception on Features Used in Behavior-Based Authentication (행위 기반 인증을 위한 사용자 중심의 인증 요소 분석 연구)

  • Lee, Youngjoo;Ku, Yeeun;Kwon, Taekyoung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.1
    • /
    • pp.127-137
    • /
    • 2019
  • The growth in smartphone service has given rise to an increase in frequency and importance of authentication. Existing smartphone authentication mechanisms such as passwords, pattern lock and fingerprint recognition require a high level of awareness and authenticate users temporarily with a point-of-entry techniques. To overcome these disadvantages, there have been active researches in behavior-based authentication. However, previous studies focused on enhancing the accuracy of the authentication. Since authentication is directly used by people, it is necessary to reflect actual users' perception. This paper proposes user perception on behavior-based authentication with feature analysis. We conduct user survey to empirically understand user perception regarding behavioral authentication with selected authentication features. Then, we analyze acceptance of the behavioral authentication to provide continuous authentication with minimal awareness while using the device.

A Secure Authentication Model Using Two Passwords in Client Server Systems (클라이언트 서버 시스템 환경하에서 2개의 패스워드를 사용하는 안전한 인증 모델)

  • Lee, Jae-Woo
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.12 no.3
    • /
    • pp.1350-1355
    • /
    • 2011
  • It is very important issues to protect many system resources using authorized client authentication in distributed client server systems. So it is not enough to prevent unauthorized opponents from attacking our systems that client authentication is performed using only the client's identifier and password. In this paper, we propose a secure authentication database modeling with two authentication keys such as a client authentication key and a server authentication key. The proposed authentication model can be used making high quality of computer security using two authentication keys during transaction processing. The two authentication keys are created by client and server, and are used in every request transaction without user's extra input. Using the proposed authentication keys, we can detect intrusion during authorized client's transaction processing because we can know intrusion immediately through comparing stored authentication keys in client server systems when hackers attack our network or computer systems.