• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제7권1호
• /
• pp.119-131
• /
• 2013

With the explosive growth of computer networks, many remote service providing servers and multi-server network architecture are provided and it is extremely inconvenient for users to remember numerous different identities and passwords. Therefore, it is important to provide a mechanism for a remote user to use single identity and password to access multi-server network architecture without repetitive registration and various multi-server authentication schemes have been proposed in recent years. Recently, Tsaur et al. proposed an efficient and secure smart card based user authentication and key agreement scheme for multi-server environments. They claimed that their scheme satisfies all of the requirements needed for achieving secure password authentication in multi-server environments and gives the formal proof on the execution of the proposed authenticated key agreement scheme. However, we find that Tsaur et al.'s scheme is still vulnerable to impersonation attack and many logged-in users' attack. We propose an extended scheme that not only removes the aforementioned weaknesses on their scheme but also achieves user anonymity for hiding login user's real identity. Compared with other previous related schemes, our proposed scheme keeps the efficiency and security and is more suitable for the practical applications.

• 전기학회논문지
• /
• 제65권12호
• /
• pp.2167-2176
• /
• 2016

In the multi-server environment, remote user authentication has a very critical issue because it provides the authorization that enables users to access their resource or services. For this reason, numerous remote user authentication schemes have been proposed over recent years. Recently, Lin et al. have shown that the weaknesses of Baruah et al.'s three factors user authentication scheme for multi-server environment, and proposed an enhanced biometric-based remote user authentication scheme. They claimed that their scheme has many security features and can resist various well-known attacks; however, we found that Lin et al.'s scheme is still insecure. In this paper, we demonstrate that Lin et al.'s scheme is vulnerable against the outsider attack and user impersonation attack, and propose a new biometric-based scheme for authentication and key agreement that can be used in the multi-server environment. Lastly, we show that the proposed scheme is more secure and can support the security properties.

• 디지털산업정보학회논문지
• /
• 제7권4호
• /
• pp.23-30
• /
• 2011

Recently, Tsai proposed a remote user authentication scheme suited for multi-server environments, in which users can be authenticated using a single password shared with the registration center. Our analysis shows that Tsai et al's scheme does not achieve its fundamental goal of password security. We demonstrate this by mounting an undetectable on-line password guessing attack on Tsai et al.'s scheme.

• 한국컴퓨터정보학회논문지
• /
• 제7권4호
• /
• pp.33-39
• /
• 2002

여러대의 CNC Controller를 DNC(Direct Numerical Control) Network Infra를 구축하기 위한 프로그램을 효율적으로 하기 위해 현재 많은 시스템들이 개발되어 사용되고 있다. 그러나 이 시스템들은 원거리 상의 서버 컴퓨터와 머시닝 센터간의 상호 연결이 원만하지 않아 작업에 비효율적인 면이 있고, 또 머시닝 센터에서의 데이터 송·수신에서 일어나는 오류 문제에 대한 시스템으로의 적절한 대처를 할 수가 없다는 문제점이 있다. 그래서, 본 논문에서는 Multi DNC system을 통해 CNC(Computer Numerical Control) 컨트롤러에서 CAD/CAM 서버 컴퓨터의 데이터를 오류 없이 수신 가능한 데이터 원격 제어 시스템을 구성하고자 하였다. 이 데이터 원격 제어 시스템의 주요 장점으로는 머시닝 센터에서 운영자가 쉽게 CAD/CAM 서버 컴퓨터에 저장된 NC 데이터 호출과 송출이 자유롭고, 서버 컴퓨터와 공작기계간의 상호 대화가 없이도 머시닝센터에서의 원격 제어가 가능하다.

• Journal of Power Electronics
• /
• 제14권5호
• /
• pp.1069-1078
• /
• 2014

This study presents the design and implementation of a web-based remote laboratory for a multi-mode single-leg power converter, which is a topic in advanced power electronics course. The proposed laboratory includes an experimental test rig with a multi-mode single-leg power converter and its driver circuits, a measurement board, a control platform, and a LabVIEW-based user interface program that is operated in the server computer. Given that the proposed web-based remote laboratory is based on client/server architecture, the experimental test rig can be controlled by a client computer with Internet connection and a standard web browser. Although the multi-mode single-leg power converter can work at four different modes (main boost, buck-boost, boost-boost, and battery boost modes), only the buck-boost mode is used in the experiment because of page limit. Users can choose the control structure, control parameters, and reference values, as well as obtain graphical results from the user interface software. Consequently, the feedbacks received from students who conducted remote laboratory studies indicate that the proposed laboratory is a useful tool for both remote and traditional education.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권1호
• /
• pp.523-549
• /
• 2018

The increasing number of subscribers and demand of multiplicity of services has turned Multi-Server Authentication (MSA) into an integral part of remote authentication paradigm. MSA not only offers an efficient mode to register the users by engaging a trusted third party (Registration Centre), but also a cost-effective architecture for service procurement, onwards. Recently, Lu et al.'s scheme demonstrated that Mishra et al.'s scheme is unguarded to perfect forward secrecy compromise, server masquerading, and forgery attacks, and presented a better scheme. However, we discovered that Lu et al.'s scheme is still susceptible to malicious insider attack and non-compliant to perfect forward secrecy. This study presents a critical review on Lu et al.'s scheme and then proposes a secure multi-server authentication scheme. The security properties of contributed work are validated with automated Proverif tool and proved under formal security analysis.

• 대한전기학회:학술대회논문집
• /
• 대한전기학회 2004년도 학술대회 논문집 정보 및 제어부문
• /
• pp.441-443
• /
• 2004

With the rapid development of the Internet over the recent years, in conjunction with the transmission protocol TCP/IP and the latest version of hypertext(HTML) facilities, new opportunities have come into existence for the use of the network for the remote control of experiments and the other practical systems in engineering education. Using graphical software environments in client-server systems, remote control and monitoring system can be easily designed. Client-server systems have some general advantages when compared with simple Remote-Access Systems. In this paper we present a client-server architecture for the distributed measurement system of instrumentation over the Internet. The proposed solution allows multi-user, multi-instruments sessions to be obtained by means of a queuing process and provides instrument lock capability. Client applications can be easily developed by using conventional high-level programming languages or well-assessed virtual instrumentation frameworks.

• 융합보안논문지
• /
• 제23권4호
• /
• pp.43-52
• /
• 2023

많은 기업과 단체들은 원격 접근을 위해 스마트카드 기반 사용자 인증을 사용한다. 그 동안 다양한 연구를 통하여 사용자와 서버 간의 연결을 보호하기 위해 분산된 다중 서버 환경에 대한 동적 ID 기반 원격 사용자 인증 프로토콜들이 제안되었다. 그 중, Qiu 등은 상호 인증 및 키 동의, 사용자 익명성, 다양한 종류의 공격에 대한 저항을 제공하는 효율적인 스마트카드 기반 원격 사용자 인증 프로토콜을 제안하였다. 이후, Andola 등은 Qiu 등이 제안된 인증 프로토콜에 대한 다양한 취약점을 찾아내었고, 그들의 인증 프로토콜에 대한 결점을 극복하고 사용자가 서버에 로그인하기를 원할 때마다 로그인하기 전에 사용자ID가 동적으로 변경되는 향상된 인증 프로토콜을 제안하였다. 본 논문에서는 Andola 등이 제안한 프로토콜의 동작 과정 및 취약점을 분석하여, Andola 등이 제안한 프로토콜이 offline smart card attack, dos attack, lack of perfect forward secrecy, session key attack에 취약하다는 것을 밝혔다.

• 한국통신학회논문지
• /
• 제38B권3호
• /
• pp.190-198
• /
• 2013

사용자가 원하는 서비스가 여러 개의 서버에 분산되어 있을 수 있기 때문에 다수의 서버가 존재하는 다중서버 환경을 위한 인증기법은 웹서비스를 이용할 때 반드시 필요하다. 일반적으로 Password를 사용하는 방법이 적용되나 안전성 측면에서 취약하고 서버마다 다른 Identity(ID)와 Password를 사용하는 것은 불편하다. 그래서 사용자가 사용하는 여러 서버에 접속할 때 항상 동일한 ID를 사용하는 것이 허용되나, 다양한 공격에 노출될 수 있다. 본 논문에서는 서버가 여러 개 존재하는 환경에서 원격지에 있는 사용자는 하나의 스마트카드만 사용하여 다양한 서비스를 편리하고 안전하게 받을 수 있는 인증기법을 제안한다. 추가로 제안한 기법의 안전성을 공격 유형별로 나누어 분석하고, 기존 방법과 성능비교를 통하여 제안하는 기법이 효율적임을 보인다.

• Journal of information and communication convergence engineering
• /
• 제7권3호
• /
• pp.340-344
• /
• 2009

Multi-server password authentication schemes enable remote users to obtain service from multiple servers with single password without separately registering to each server. In 2007, Hu-Niu-Yang proposed an improved efficient password authenticated key agreement scheme for multi-server architecture based on Chang-Lee's scheme proposed in 2004. This scheme is claimed to be more efficient and is able to overcome a few existing deficiencies in Chang-Lee's scheme. However, we find false claim of forward secrecy property and some potential threats such as offline dictionary attack, key-compromise attack, and poor reparability in their scheme. In this paper, we will discuss these issues in depth.