• Title/Summary/Keyword: Mobile Authentication

Search Result 773, Processing Time 0.027 seconds

A Reliability Enhancement Technique of Mobile Payment (모바일 결제의 신뢰성 향상 방안)

  • Kim, Chul-Jin
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.17 no.7
    • /
    • pp.319-325
    • /
    • 2016
  • A variety of services for mobile payments by the activation of FinTech have been developed. Various payment methods were developed, and an authentication method was developed to improve the reliability of the payment. On the other hand, when mobile easy payment services are used, they have weak security because the authentication by phone number. Therefore, this paper proposes a technique for increasing the reliability of the authentication process using the unique device ID of the mobile device to improve the authentication process based on the telephone number. The core research contents are the architecture and process for the authentication of mobile payments based on the mobile device ID. The mobile payment architecture consists of a mobile device, authentication service, and mobile payment application. The mobile device consists of mobile device ID and phone number, and the authentication server consists of authentication module and encryption module. The mobile payment service consists of a pre-authentication module and decryption module. The process of mobile payment service is processed by the encrypted authentication information (device ID, phone number, and authentication number) among mobile devices, authentication server, and mobile payment application. The mobile device sends the telephone number and the device ID to the authentication server and the authentication server authenticates the user through an authentication process and encryption process. The mobile payment application performs the pre-authentication process by decrypting the received authentication number. This paper reports a difference that can prevent the risk of leakage of the authentication number in existing payment services through the authentication process of the authentication server and the pre-authentication process of the mobile payment service of this paper.

A Study on Mobile IPv4 Authentication Mechanisms

  • Lim, Jung-Muk;Lim, Hyung-Jin;Chung, Tai-Myoung
    • Proceedings of the Korea Society of Information Technology Applications Conference
    • /
    • 2005.11a
    • /
    • pp.277-280
    • /
    • 2005
  • With the proliferation of mobile terminals, use of the Internet in mobile environments is becoming more common. To support mobility in these terminals, Mobile IPv4 is proposed and represents the standard in IPv4 environments. Authentication should be mandatory, because mobile terminals can utilize Internet services in any foreign domain. Mobile IPv4 provides symmetric key based authentication using the default HMAC-MD5. However, symmetric key based authentication creates a key distribution problem. To solve this problem, public key based authentication mechanisms have been proposed. In this paper, the performance of each of these mechanisms is evaluated. The results present that, among these mechanisms, partial certificate based authentication has superior performance, and certificate based authentication has the worst performance. Although current public key based authentication mechanisms have lower performance than symmetric key based authentication, this paper presents the possibility that public key based authentication mechanisms may be used for future mobile terminal authentication.

  • PDF

The Classic Security Application in M2M: the Authentication Scheme of Mobile Payment

  • Hu, Liang;Chi, Ling;Li, Hong-Tu;Yuan, Wei;Sun, Yuyu;Chu, Jian-Feng
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.6 no.1
    • /
    • pp.131-146
    • /
    • 2012
  • As one of the four basic technologies of IOT (Internet of Things), M2M technology whose advance could influence on the technology of Internet of Things has a rapid development. Mobile Payment is one of the most widespread applications in M2M. Due to applying wireless network in Mobile Payment, the security issues based on wireless network have to be solved. The technologies applied in solutions generally include two sorts, encryption mechanism and authentication mechanism, the focus in this paper is the authentication mechanism of Mobile Payment. In this paper, we consider that there are four vital things in the authentication mechanism of Mobile Payment: two-way authentication, re-authentication, roaming authentication and inside authentication. Two-way authentication is to make the mobile device and the center system trust each other, and two-way authentication is the foundation of the other three. Re-authentication is to re-establish the active communication after the mobile subscriber changes his point of attachment to the network. Inside authentication is to prevent the attacker from obtaining the privacy via attacking the mobile device if the attacker captures the mobile device. Roaming authentication is to prove the mobile subscriber's legitimate identity to the foreign agency when he roams into a foreign place, and roaming authentication can be regarded as the integration of the above three. After making a simulation of our proposed authentication mechanism and analyzing the existed schemes, we summarize that the authentication mechanism based on the mentioned above in this paper and the encryption mechanism establish the integrate security framework of Mobile Payment together. This makes the parties of Mobile Payment apply the services which Mobile Payment provides credibly.

Analyses of a Signal Traffic for Authentication in Mobile Sensor Network (이동 센서 네트워크망에서의 인증 메카니즘 신호의 트래픽 분석)

  • Kim Jung-Tae
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.9 no.7
    • /
    • pp.1524-1528
    • /
    • 2005
  • In this paper, we analyses of a traffic for authentication signaling in third generation mobile sensor network. In universal mobile telecommunication system, authentication functions are utilized to identify and authentication a mobile station and validate the service request network services. The authenticating parties are the authentication the serving general packet radio service support node access the authentication center to obtain the authentication with the mobile station. In this paper, we propose that the automatic cost-effective solution size of the authentication vector array.

Analyses of atraffic for authentication signaling in third generation mobile sensor network (제3세대 이동 센서 네트워크망에서의 인증 메카니즘 신호의 트래픽 분석)

  • Kim, Jung-Tae
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • v.9 no.2
    • /
    • pp.275-279
    • /
    • 2005
  • In this paper, we analyses of a traffic for authentication signaling in third generation mobile sensor network. In universal mobile telecommunication system, authentication functions are utilized to identify and authentication a mobile station and validate the service request network services. The authenticating parties are the authentication the serving general packet radio service support node access the authentication center to obtain the authentication with the mobile station. In this paper, we propose that the automatic cost-effective solution size of the authentication vector array.

  • PDF

Authentication Scheme in Wireless Mobile Multi-hop Networks (무선 모바일 멀티 홉 네트워크에서의 인증 기법 고찰 및 개선)

  • Lee, Yong;Lee, Goo Yeon
    • Journal of Industrial Technology
    • /
    • v.27 no.B
    • /
    • pp.43-51
    • /
    • 2007
  • In mobile multi-hop wireless networks, the authentication between a base station and a mobile multi-hop node, between multi-hop nodes, and between user a station and a multi-hop node is needed for the reliable and secure network operation. In this paper, we survey various authentication schemes which can be considered to be adopted in mobile multi-hop wireless networks and propose a concept of novel mutual authentication scheme applicable to mobile multi-hop network architecture. The scheme should resolve the initial trust gain problem of a multi-hop node at its entry to the network, the problem of rogue mobile multi-hop node and the problem of hop-by-hop authentication between multi-hop nodes. Effectively, the scheme is a hybrid scheme of the distributed authentication method and the centralized authentication method which are considered to be deployed in the wireless ad-hoc network and the wireless network connected to wired authentication servers, respectively.

  • PDF

Secure Pre-authentication Schemes for Fast Handoff in Proxy Mobile IPv6

  • Baek, Jaejong
    • Journal of information and communication convergence engineering
    • /
    • v.14 no.2
    • /
    • pp.89-96
    • /
    • 2016
  • In mobile communication, there are various types of handoff for the support of all forms of mobility. Proxy mobile IPv6 (PMIPv6) enables local network-based mobility management of a mobile node without any effect of mobility-related signaling. Recently, PMIPv6 has been considered for supporting mobility management in LTE/SAE-based mobile networks. To support seamless mobility in heterogeneous mobile networks, the overall cost of handoffs needs to be minimized and the procedure should be guaranteed to be secure. However, the reduction of the authentication cost has not been fully investigated to provide seamless connectivity when mobile users perform a handoff between the PMIPv6 domains. This paper proposes secure pre-authentication schemes, completing an authentication procedure before performing a handoff, for a fast handoff in PMIPv6. Analytic models have been used for measuring the authentication latency and for the overhead cost analysis. In addition to providing fast authentication, the proposed pre-authentication schemes can prevent threats such as replay attacks and key exposure.

Security and Authentication System for Bluetooth Mobile Phone (블루투스 모바일 폰을 위한 보안인증 시스템)

  • S.P, Balakannan;Lee, Moon-Ho;B, Karthik.
    • Proceedings of the KIEE Conference
    • /
    • 2007.04a
    • /
    • pp.261-263
    • /
    • 2007
  • Authentication is a mechanism to establish proof of identities, the authentication process ensure that. Who a particular user is. Nowadays PC and laptop user authentication systems are always done once a hold until s explicitly revoked by the user, or asking the user to frequently reestablish his identity which encouraging him to disable authentication. Zero-Interaction Authentication (ZIA) provides solution to this problem. In ZIA,. a user wears a small authentication token that communicates with a laptop over a short-range, wireless link. ZIA combine authentication with a file encryption. Here we proposed a Laptop-user Authentication Based Mobile phone (LABM). In our model of authentication, a user uses his Bluetooth-enabled mobile phone, which work as an authentication token that provides the authentication for laptop over a Bluetooth wireless link, m the concept of transient authentication with our combining It with encryption file system. The user authenticate to the mobile phone infrequently. In turn, the mobile phone continuously authenticates to the laptop by means of the short-range, wireless link.

  • PDF

Efficient mutual authentication and key distribution protocol for cdma2000 packet data service (cdma2000 패킷 데이터 서비스를 위한 효율적인 상호 인증과 키 분배 프로토콜)

  • 신상욱;류희수
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.13 no.2
    • /
    • pp.107-114
    • /
    • 2003
  • In this paper, we propose an efficient mutual authentication and key distribution protocol for cdma2000 packet data service which uses Mobile U access method with DIAMETER AAA(Authentication, Authorization and Accounting) infrastructure. The proposed scheme provides an efficient mutual authentication between MN(Mobile Node) and AAAH(home AAA server), and a secure session-key distribution among Mobile If entities. The proposed protocol improves the efficiency of DIAMETER AAA and satisfies the security requirements for authentication and key distribution protocol. Also, the key distributed by the proposed scheme can be used to generate keys for packet data security over 1xEV-DO wireless interface, in order to avoid a session hijacking attack for 1xEV-DO packet data service.

Mutual Authentication Scheme of Mobile Routers Using Temporary Certificate in MANEMO (MANEMO 환경에서 임시 인증서를 이용한 이동 라우터 간 상호인증 기법)

  • Roh, Hyo-Sun;Jung, Sou-Hwan
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.3
    • /
    • pp.97-107
    • /
    • 2008
  • This paper proposes a mutual authentication scheme for mobile router in MANEMO. The NEMO used AAA server in order to authenticate mobile router in nested mobile network. So, this scheme has some problem that increases authentication message overhead and authentication time. The proposed scheme uses temporary certificate that signed by an access router's private key. The temporary certificate authenticates a mobile router when the mobile router entered a MANET domain. The proposed scheme reduces authentication message overhead and authentication time than the scheme to use AAA server when authenticating the mobile router.