• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.4
• /
• pp.1049-1065
• /
• 2023

Recently, with the development of IoT, AI, and mobile terminals, medical information platforms are expanding. The medical information platform can determine a patient's emergency situation, and medical staff can easily access patient information through a mobile terminal. However, in the existing platform, emergency situation decision is delayed, and faster and stronger authentication is required in emergency situations. Therefore, we propose an edge computing-based medical information platform for automatic authentication using patient situations. We design an edge computing-based medical information platform architecture capable of rapid transmission of biometric data of IoT and quick emergency situation decision, and implement the platform data flow in emergency situations. Relying on this platform, we propose the automatic authentication using patient situations. The automatic authentication protects patient information through patient-centered authentication by using the patient's situation as an authentication factor, and enables quick authentication by automatically proceeding with mobile terminal authentication after user authentication in emergencies without user intervention. We compared the proposed platform with existing platforms to show that it can make quick and stable emergency decisions. In addition, comparing the automatic authentication with existing authentication showed that it is fast and protects medical information centered on patient situations in emergency situations.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.261-273
• /
• 2019

Recently, with the development of IT technology, there is an increasing interest in cloud services as the number of users using mobile devices such as mobile phones and tablets is increasing. However, there is a need for techniques to control or control various methods of accessing data as the user's service demands increase. In this paper, we propose a dual key based user authentication model that improves the user 's authentication efficiency by using two keys (secret key and access control key) to access the users accessing various services provided in the cloud environment. In the proposed model, the operation process and the function are divided through the sequence diagram of the algorithms (key generation, user authentication, permission class permission, etc.) for controlling the access right of the user with dual keys. In the proposed model, two keys are used for user authentication and service authorization class to solve various security problems in the cloud service. In particular, the proposed model is one of the most important features in that the algorithm responsible for access control of the user determines the service class of the user according to the authority, thereby shortening the management process so that the cloud administrator can manage the service access permission information of the user.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.4B
• /
• pp.687-694
• /
• 2010

IPTV(Internet Protocol Television) is an emerging technology in which telecommunication and broadcasting technologies are converged. IPTV service providers usually multicast scrambled contents. And only legitimate subscribers who pass the access control can de-scramble and use the contents. In order to ensure revenues, providers oftentimes employ password-based authentication protocols that ensure secure authentication processes between set-top box and smart card. In this paper, we propose a fingerprint-based 1-out-of-n authentication protocol which provides convenient and more secure authentication process in some organizational environments. The proposed scheme shows that only those who provide legitimate fingerprint information can be authenticated even in a situation that both password and smart card are compromised.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.4
• /
• pp.29-38
• /
• 2005

Because IEEE 802.11 has several security vulnerabilities, IEEE 802.11i was proposed and accepted. But IEEE 802.11i has much overhead for most of users for the web surfing. Besides not only node the authentication but also the packet authentication is needed to communicate. Although IEEE 802.11i uses TKIP(Temporal Key integrity Protocol) and CCMP(CTR with CBC-MAC Protocol), they have a lot of overheads. In this paper, Lightweight Packet Authentication(LIPA) is proposed. LIPA has less overhead and short delay so that it can be affordable for simple web-surfing which does not need stronger security. After comparing performances of LIPA with those of TKIP and CCMP, LIPA is more efficient than other schemes for transmitting packets.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.103-113
• /
• 2008

Reducing handoff latency is essential in providing seamless multimedia service in Wireless LAN based on the IEEE 802.11 standard. Reducing authentication delay is critical in reducing handoff latency. To this end, several authentication protocols for fBst handoff have been proposed. Mishra et al. used proactive key distribution to improve the authentication delay incurred in the current standard and Park et al. proposed a new authentication protocol based on Blom's key pre-distribution scheme. In this paper, we propose an enhanced authentication protocol based on Bresson et al.'s group key protocol. If a mobile node has previously access the network, our proposed protocol only requires simple hash operations in providing mutual authentication between a mobile node and access points. Our protocol is more efficient than Park et al.'s and Mishra et al.'s technique can be used in our protocol to further enhance our protocol.

• The Journal of the Korea Contents Association
• /
• v.22 no.9
• /
• pp.64-75
• /
• 2022

The method of accessing multiple control systems in the OT control network centered on operation technology uses the operator authentication technology of each control system. An example is ID/PW operator authentication technology. In this case, since the OT control network is composed of multiple control systems, operator authentication technology must be applied to each control system. Therefore, the operator must bear the inconvenience of having to manage authentication information for each control system he manages. To solve these problems, SSO technology is used in business-oriented IT networks. However, if this is introduced into the OT control network as it is, the characteristics of the limited size of the OT control network and rapid operator authentication are not reflected, so it cannot be seen as a realistic alternative. In this paper, a public key-based authentication mechanism was newly proposed as an operator authentication technology to solve this problem. In other words, an integrated public key certificate that applies equally to all control systems in the OT control network was issued and used to access all control systems, thereby simplifying the authentication information management and making access to the control system more efficient and secure.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.10
• /
• pp.361-372
• /
• 2016

Identity Privacy issues such as exposures of IMSIs(International Mobile Subscriber Identities) in access network have been consistently raised throughout GSM, UMTS, LTE in 3GPP. The 3GPP specification uses temporary identities instead of IMSI to ensure anonymity of the user. Even if temporary identities are disclosed, Identity Privacy may be maintained at a safe level by security policies such as no linkability and periodic update. But in case of IMSI, it cannot be changed even though it is exposed. There still exist some situations that IMSI is used in clear text for the authentication. Therefore, a protective mechanism for the identity confidentiality is needed. In this paper we propose a protocol based on IBE(Identity-based Encryption) to protect permanent identities in access network. By simplifying the scheme, this protocol has minimized the system impact on current 3GPP environment. And this scheme can be applied to all kind of permanent identities and 3GPP AKA(Authentication and Key Agreement) protocols in access network.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.1
• /
• pp.71-81
• /
• 2009

To the cause of the development of IT technology and the Internet, information leakage of industry is also facing a serious situation. However, most of the existing techniques to prevent leakage of information disclosure after finding the cause of defense. Therefore, in this paper by adding information about the Hardware to offer a way to protect the information. User authentication information to access the data according to different security policies to reflect a little more to strengthen security. And the security agent for the data by using a log of all actions by the record was so easy to analyze. It also analyzes and apply the different scenarios possible. And the analysis of how to implement and how to block. The future without the use of security agents to be able to control access to data and H/W information will be updated for the study will be done.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.11
• /
• pp.5496-5505
• /
• 2012

As the IT industry develops, the smart-phone technology and functions which are actively being studied at the moment greatly influence the entire living environment. With the smart-phone technology and functions, people's interest for the wireless LAN which can be used to get access to the Internet anytime anywhere is gradually increasing. However, since the malicious attacker can easily carry out hacking or approach the contents due to the characteristics of the wireless radio wave, the personal information with a high level of importance for data security is easily exposed due to Spoofing, Denial of Service attack and Man in the Middle attack. Therefore, the demand for security is gradually increasing. In this paper, the safe wireless network service environment is provided by supplementing the vulnerability in regard to Spoofing, Session Hijacking and Man in the Middle attack after executing the client's authentication process, the AP authentication process and the Mobile Agency authentication process with the client's information in the USIM, the AP information and the Mobile Agency information when the client uses the wireless Internet through the Mobile Agency AP access in the smart phone environment.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.60 no.2
• /
• pp.416-422
• /
• 2011

Smart grid is the next generation intelligent power grid that combines the existing electric power infrastructure and information infrastructure. It can optimize the energy efficiency in both directions, suppliers and power consumers to exchange information in real time. In smart grid environments, with existing network security threats due to the smart grid characteristics, there are additional security threats. In this paper, we propose a security mechanism that provides mutual authentication and key agreement between a remote user and the device. The proposed mechanism has some advantages that provides secure mutual authentication and key agreement and secure against a replay attack and impersonation attacks.