• Electronics and Telecommunications Trends
• /
• v.33 no.1
• /
• pp.34-44
• /
• 2018

In this paper, we describe a FIDO universal authentication system based on a Blockchain that can share the user's FIDO authentication information between the application services of multiple domains without the use of a server. In addition we provide a method to query the FIDO authentication information of the user recorded in the Blockchain using only the user's service ID. Therefore, even if the user executes the FIDO registration process only once, the user can use the FIDO authentication service of another application service without repeating an additional FIDO registration procedure, and the service provider can securely share and utilize the FIDO authentication information of the user without the use of a trusted third party, thereby lowering the deployment and maintenance costs of the FIDO server.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.7
• /
• pp.319-325
• /
• 2016

A variety of services for mobile payments by the activation of FinTech have been developed. Various payment methods were developed, and an authentication method was developed to improve the reliability of the payment. On the other hand, when mobile easy payment services are used, they have weak security because the authentication by phone number. Therefore, this paper proposes a technique for increasing the reliability of the authentication process using the unique device ID of the mobile device to improve the authentication process based on the telephone number. The core research contents are the architecture and process for the authentication of mobile payments based on the mobile device ID. The mobile payment architecture consists of a mobile device, authentication service, and mobile payment application. The mobile device consists of mobile device ID and phone number, and the authentication server consists of authentication module and encryption module. The mobile payment service consists of a pre-authentication module and decryption module. The process of mobile payment service is processed by the encrypted authentication information (device ID, phone number, and authentication number) among mobile devices, authentication server, and mobile payment application. The mobile device sends the telephone number and the device ID to the authentication server and the authentication server authenticates the user through an authentication process and encryption process. The mobile payment application performs the pre-authentication process by decrypting the received authentication number. This paper reports a difference that can prevent the risk of leakage of the authentication number in existing payment services through the authentication process of the authentication server and the pre-authentication process of the mobile payment service of this paper.

• Journal of Information Technology Services
• /
• v.14 no.4
• /
• pp.221-236
• /
• 2015

Application software is delivered to customers as a form of service at cloud environment. A cloud service provider is a marketplace between supply side (application providers) and demand side (customers). Cloud service providers have to validate applications to be included in their service portfolio. Not only performance, security, networking, compliances should be checked but also business contract, authentication should be provided. Organization customers are more sensitive to these validation criteria and process. We study the Internet2 NET+, which is a successful cloud marketplace of applications for research and education organizations. This case study shows us three things : (i) a cloud marketplace's application management process : selection, validation, transition to service, customization of applications (ii) what a cloud marketplace has for its infrastructure like authentication, security, access control etc. (iii) what a cloud marketplace has as its governance structure. This case study will provide informative analysis of Internet2 NET, a profit-making vertical and buyer's marketplace (education industry). And we will get some strategic implications for planning and implementing cloud marketplaces.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.137-147
• /
• 2011

Because of the convergence between Internet and broadcast communication, users are able to use multimedia contents anytime. In addition, with the change of existing one-way service to two-way service, the provider can offer efficient and useful broadcast communication. However, As multimedia contents is provided by STB, it can validate only end-node STB. Thus, this method is limiting possibilities of individual service. Also, providers' STB are different, so problem of compatibility is emerging as an issue. Therefore, in this paper we proposed STB virtualization based enhanced IPTV user authentication system to improve individual authentication and compatibility of services.

• Proceedings of the KSRS Conference
• /
• 2005.10a
• /
• pp.678-682
• /
• 2005

IETF suggested AAA for safe and reliable user authentication on various network and protocol caused by development in internet and increase in users. Diameter standard authentication system does not provide mutual authentication and non-repudiation. AAA authentication system using public key was suggested to supplement such Diameter authentication but application in mobile service control nodes is difficult due to overhead of communication and arithmetic. ID based AAA authentication system was suggested to overcome such weak point but it still has the weak point against collusion attack or forgery attack. In this thesis, new ID based AAA authentication system is suggested which is safe against collusion attack and forgery attack and reduces arithmetic quantity of mobile nodes with insufficient arithmetic and power performance. In this thesis, cryptological safety and arithmetical efficiency is tested to test the suggested system through comparison and assessment of current systems. Suggested system uses two random numbers to provide stability at authentication of mobile nodes. Also, in terms of power, it provides the advantage of seamless service by reducing authentication executing time by the performance of server through improving efficiency with reduced arithmetic at nodes.

• Journal of Digital Contents Society
• /
• v.9 no.1
• /
• pp.125-130
• /
• 2008

User web service is increasing by development of internet technology. Quantity of encrypted data that transmitted through the network are increasing by development of encipherment technology. We have many problems; it is caused by technical development and service increase of user requests. It is like that, we have reliability of contents and illegality copy problem of internet contents in web application system. It is contents protection skills in web that encipherment technology, authentication and digital signature. We need message encoding and secret key for solve vulnerability of encipherment in web application system. In this paper, we propose a distributed secure system that can data confidentiality and user authentication. It prevent performance degradation from bottle neck in encipherment server, and improve service quality.

• Journal of Digital Convergence
• /
• v.11 no.11
• /
• pp.435-441
• /
• 2013

This paper review about kerberos security authentication scheme and policy for big data service. It analyzed problem for security technology based on Hadoop framework in big data service environment. Also when it consider applying problem of kerberos security authentication system, it analyzed deployment policy in center of main contents, which is occurred in commercial business. About the related applied Kerberos policy in US, it is researched about application such as cross platform interoperability support, automated Kerberos set up, integration issue, OPT authentication, SSO, ID, and so on.

• Journal of Internet Computing and Services
• /
• v.9 no.2
• /
• pp.83-88
• /
• 2008

Session initiation protocol (SIP) is an application-layer prolocol to initiate and control multimedia client session. When client ask to use a SIP service, they need to be authenticated in order to get service from the server. Authentication in a SIP application is the process in which a client agent present credentials to another SIP element to establish a session or be granted access to the network service. In 2005, Yang et al. proposed a key exchange and authentication scheme for use in SIP applications, which is based on the Diffie-Hellman protocol. But, Yang et al.'s scheme is not suitable for the hardware-limited client and severs, since it requires the protocol participant to perform significant amount of computations (i.e., four modular exponentiations). Based on this observation. Huang and Wei have recently proposed a new efficient key exchange and authentication scheme thor improves on Yang et al.'s scheme. As for security, Huang and Wei claimed, among others, that their scheme is resistant to offline dictionary attacks. However, the claim turned out to be untrue. In this paper, we show thor Huang and Wei's key exchange and authentication scheme is vulnerable to on offline dictionary attack and forward secrecy.

• Journal of Korea Multimedia Society
• /
• v.24 no.4
• /
• pp.558-568
• /
• 2021

The digital image to be accepted as legal evidence, it is important to verify the authentication of the digital image. This study proposes a method of authenticating digital images through three steps of comparing the file structure of digital images taken with iPhone, analyzing the encoding information as well as media logs of the iPhone storing the digital images. For the experiment, digital image samples were acquired from nine iPhones through a camera application built into the iPhone. And the characteristics of file structure and media log were compared between digital images generated on the iPhone and digital images edited through a variety of image editing tools. As a result of examining those registered during the digital image creation process, it was confirmed that differences from the original characteristics occurred in file structure and media logs when manipulating digital images on the iPhone, and digital images take with the iPhone. In this way, it shows that it can prove its forensic authentication in iPhone.

• Annual Conference of KIPS
• /
• 2005.05a
• /
• pp.1461-1464
• /
• 2005

In contrast with conventional networks, mobile ad hoc networks usually do not provide online access to trusted authorities or to centralized servers, and they exhibit frequent partitioning due to link and node failures and node mobility. For these reasons, traditional security solutions that require online trusted authorities or certificate repositories, but those are not well-suited for securing ad hoc networks. Moreover, a fundamental issue of securing mobile ad hoc networks is to ensure mobile nodes can authenticate each other. Because of its strength and efficiency, public key and digital signature is an ideal mechanism to construct the authentication service. Although this is already mature in the internet application, providing public key based authentication is still very challenging in mobile ad hoc networks. In this paper I propose a secure public key authentication service based on clustering model and trust model to protect nodes from getting false public keys of the others efficiently when there are malicious nodes in the network.