• Title/Summary/Keyword: Authentication Service application

Search Result 133, Processing Time 0.03 seconds

FIDO Universal Authentication System Based on Blockchain (블록체인 기반의 FIDO 범용 인증 시스템)

  • Kim, S.H.;Huh, S.Y.;Cho, Y.S.;Cho, S.R.;Kim, S.H.
    • Electronics and Telecommunications Trends
    • /
    • v.33 no.1
    • /
    • pp.34-44
    • /
    • 2018
  • In this paper, we describe a FIDO universal authentication system based on a Blockchain that can share the user's FIDO authentication information between the application services of multiple domains without the use of a server. In addition we provide a method to query the FIDO authentication information of the user recorded in the Blockchain using only the user's service ID. Therefore, even if the user executes the FIDO registration process only once, the user can use the FIDO authentication service of another application service without repeating an additional FIDO registration procedure, and the service provider can securely share and utilize the FIDO authentication information of the user without the use of a trusted third party, thereby lowering the deployment and maintenance costs of the FIDO server.

A Reliability Enhancement Technique of Mobile Payment (모바일 결제의 신뢰성 향상 방안)

  • Kim, Chul-Jin
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.17 no.7
    • /
    • pp.319-325
    • /
    • 2016
  • A variety of services for mobile payments by the activation of FinTech have been developed. Various payment methods were developed, and an authentication method was developed to improve the reliability of the payment. On the other hand, when mobile easy payment services are used, they have weak security because the authentication by phone number. Therefore, this paper proposes a technique for increasing the reliability of the authentication process using the unique device ID of the mobile device to improve the authentication process based on the telephone number. The core research contents are the architecture and process for the authentication of mobile payments based on the mobile device ID. The mobile payment architecture consists of a mobile device, authentication service, and mobile payment application. The mobile device consists of mobile device ID and phone number, and the authentication server consists of authentication module and encryption module. The mobile payment service consists of a pre-authentication module and decryption module. The process of mobile payment service is processed by the encrypted authentication information (device ID, phone number, and authentication number) among mobile devices, authentication server, and mobile payment application. The mobile device sends the telephone number and the device ID to the authentication server and the authentication server authenticates the user through an authentication process and encryption process. The mobile payment application performs the pre-authentication process by decrypting the received authentication number. This paper reports a difference that can prevent the risk of leakage of the authentication number in existing payment services through the authentication process of the authentication server and the pre-authentication process of the mobile payment service of this paper.

Service Management for Cloud Marketplace : A Case of Internet2 NET+ (클라우드 마켓플레이스를 위한 서비스 관리체계 연구 : Internet2 NET+ 사례)

  • Kwon, Suhn Beom;Ahn, Sung Mahn
    • Journal of Information Technology Services
    • /
    • v.14 no.4
    • /
    • pp.221-236
    • /
    • 2015
  • Application software is delivered to customers as a form of service at cloud environment. A cloud service provider is a marketplace between supply side (application providers) and demand side (customers). Cloud service providers have to validate applications to be included in their service portfolio. Not only performance, security, networking, compliances should be checked but also business contract, authentication should be provided. Organization customers are more sensitive to these validation criteria and process. We study the Internet2 NET+, which is a successful cloud marketplace of applications for research and education organizations. This case study shows us three things : (i) a cloud marketplace's application management process : selection, validation, transition to service, customization of applications (ii) what a cloud marketplace has for its infrastructure like authentication, security, access control etc. (iii) what a cloud marketplace has as its governance structure. This case study will provide informative analysis of Internet2 NET, a profit-making vertical and buyer's marketplace (education industry). And we will get some strategic implications for planning and implementing cloud marketplaces.

STB Virtualization based Enhanced IPTV User Authentication System (셋톱박스 가상화를 통한 향상된 IPTV 사용자 인증 시스템)

  • Go, Woong;Kwak, Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.21 no.4
    • /
    • pp.137-147
    • /
    • 2011
  • Because of the convergence between Internet and broadcast communication, users are able to use multimedia contents anytime. In addition, with the change of existing one-way service to two-way service, the provider can offer efficient and useful broadcast communication. However, As multimedia contents is provided by STB, it can validate only end-node STB. Thus, this method is limiting possibilities of individual service. Also, providers' STB are different, so problem of compatibility is emerging as an issue. Therefore, in this paper we proposed STB virtualization based enhanced IPTV user authentication system to improve individual authentication and compatibility of services.

IDENTITY-BASED AAA AUTHENTICATION PROTOCOL

  • Kim Dong-myung;Cho Young-bok;Lee Dong-heui;Lee Sang-ho
    • Proceedings of the KSRS Conference
    • /
    • 2005.10a
    • /
    • pp.678-682
    • /
    • 2005
  • IETF suggested AAA for safe and reliable user authentication on various network and protocol caused by development in internet and increase in users. Diameter standard authentication system does not provide mutual authentication and non-repudiation. AAA authentication system using public key was suggested to supplement such Diameter authentication but application in mobile service control nodes is difficult due to overhead of communication and arithmetic. ID based AAA authentication system was suggested to overcome such weak point but it still has the weak point against collusion attack or forgery attack. In this thesis, new ID based AAA authentication system is suggested which is safe against collusion attack and forgery attack and reduces arithmetic quantity of mobile nodes with insufficient arithmetic and power performance. In this thesis, cryptological safety and arithmetical efficiency is tested to test the suggested system through comparison and assessment of current systems. Suggested system uses two random numbers to provide stability at authentication of mobile nodes. Also, in terms of power, it provides the advantage of seamless service by reducing authentication executing time by the performance of server through improving efficiency with reduced arithmetic at nodes.

  • PDF

Distributed Security for Web Application Contents Protection (웹 어플리케이션 콘텐츠 보호를 위한 분산 보안)

  • Heo, Jin-Kyoung
    • Journal of Digital Contents Society
    • /
    • v.9 no.1
    • /
    • pp.125-130
    • /
    • 2008
  • User web service is increasing by development of internet technology. Quantity of encrypted data that transmitted through the network are increasing by development of encipherment technology. We have many problems; it is caused by technical development and service increase of user requests. It is like that, we have reliability of contents and illegality copy problem of internet contents in web application system. It is contents protection skills in web that encipherment technology, authentication and digital signature. We need message encoding and secret key for solve vulnerability of encipherment in web application system. In this paper, we propose a distributed secure system that can data confidentiality and user authentication. It prevent performance degradation from bottle neck in encipherment server, and improve service quality.

  • PDF

Kerberos Authentication Deployment Policy of US in Big data Environment (빅데이터 환경에서 미국 커버로스 인증 적용 정책)

  • Hong, Jinkeun
    • Journal of Digital Convergence
    • /
    • v.11 no.11
    • /
    • pp.435-441
    • /
    • 2013
  • This paper review about kerberos security authentication scheme and policy for big data service. It analyzed problem for security technology based on Hadoop framework in big data service environment. Also when it consider applying problem of kerberos security authentication system, it analyzed deployment policy in center of main contents, which is occurred in commercial business. About the related applied Kerberos policy in US, it is researched about application such as cross platform interoperability support, automated Kerberos set up, integration issue, OPT authentication, SSO, ID, and so on.

Dictionary Attack on Huang-Wei's Key Exchange and Authentication Scheme (Huang-Wei의 키 교환 및 인증 방식에 대한 사전공격)

  • Kim, Mi-Jin;Nam, Jung-Hyun;Won, Dong-Ho
    • Journal of Internet Computing and Services
    • /
    • v.9 no.2
    • /
    • pp.83-88
    • /
    • 2008
  • Session initiation protocol (SIP) is an application-layer prolocol to initiate and control multimedia client session. When client ask to use a SIP service, they need to be authenticated in order to get service from the server. Authentication in a SIP application is the process in which a client agent present credentials to another SIP element to establish a session or be granted access to the network service. In 2005, Yang et al. proposed a key exchange and authentication scheme for use in SIP applications, which is based on the Diffie-Hellman protocol. But, Yang et al.'s scheme is not suitable for the hardware-limited client and severs, since it requires the protocol participant to perform significant amount of computations (i.e., four modular exponentiations). Based on this observation. Huang and Wei have recently proposed a new efficient key exchange and authentication scheme thor improves on Yang et al.'s scheme. As for security, Huang and Wei claimed, among others, that their scheme is resistant to offline dictionary attacks. However, the claim turned out to be untrue. In this paper, we show thor Huang and Wei's key exchange and authentication scheme is vulnerable to on offline dictionary attack and forward secrecy.

  • PDF

A Method of Forensic Authentication via File Structure and Media Log Analysis of Digital Images Captured by iPhone (아이폰으로 촬영된 디지털 이미지의 파일 구조 및 미디어 로그 분석을 통한 법과학적 진본 확인 방법)

  • Park, Nam In;Lee, Ji Woo;Jeon, Oc-Yeub;Kim, Yong Jin;Lee, Jung Hwan
    • Journal of Korea Multimedia Society
    • /
    • v.24 no.4
    • /
    • pp.558-568
    • /
    • 2021
  • The digital image to be accepted as legal evidence, it is important to verify the authentication of the digital image. This study proposes a method of authenticating digital images through three steps of comparing the file structure of digital images taken with iPhone, analyzing the encoding information as well as media logs of the iPhone storing the digital images. For the experiment, digital image samples were acquired from nine iPhones through a camera application built into the iPhone. And the characteristics of file structure and media log were compared between digital images generated on the iPhone and digital images edited through a variety of image editing tools. As a result of examining those registered during the digital image creation process, it was confirmed that differences from the original characteristics occurred in file structure and media logs when manipulating digital images on the iPhone, and digital images take with the iPhone. In this way, it shows that it can prove its forensic authentication in iPhone.

An Authentication Mechanism Based on Clustering Architecture in Mobile Ad Hoc Networks (이동 Ad Hoc 네트워크 환경에서 클러스터링 구조에 기반한 인증 메커니즘)

  • Lee, Tao;Shin, Young-Tae
    • Annual Conference of KIPS
    • /
    • 2005.05a
    • /
    • pp.1461-1464
    • /
    • 2005
  • In contrast with conventional networks, mobile ad hoc networks usually do not provide online access to trusted authorities or to centralized servers, and they exhibit frequent partitioning due to link and node failures and node mobility. For these reasons, traditional security solutions that require online trusted authorities or certificate repositories, but those are not well-suited for securing ad hoc networks. Moreover, a fundamental issue of securing mobile ad hoc networks is to ensure mobile nodes can authenticate each other. Because of its strength and efficiency, public key and digital signature is an ideal mechanism to construct the authentication service. Although this is already mature in the internet application, providing public key based authentication is still very challenging in mobile ad hoc networks. In this paper I propose a secure public key authentication service based on clustering model and trust model to protect nodes from getting false public keys of the others efficiently when there are malicious nodes in the network.

  • PDF