• Journal of Korea Multimedia Society
• /
• v.14 no.2
• /
• pp.249-257
• /
• 2011

To protect the market for various products, existing authentication techniques using ID, hologram and RFID have been gradually developed. However, these methods can be easily exposed the authentication information, and also these exposed information easily copy. Thus, production of the counterfeit goods can not completely prevent. In this paper, to solve these problems, we designed JCVM file system for saving and managing the authentication information, user's information and a sales agency information into the smart card. And we designed and implemented an authentication protocol that can authenticate to avoiding exposure using processor of the smart card. Through this, this proposed scheme can prevent occurrences of the counterfeit goods. And also, can be used for authentication as any product that can attach the smart card.

• Journal of Advanced Navigation Technology
• /
• v.15 no.5
• /
• pp.722-728
• /
• 2011

Most services need to have authentication protocols to verify users' eligibility in the network environment. For this, a lot of user authentication protocols have been researched and developed. Two of them, SPMA and I-SPMA protocols, introduced the lack of mutual authentication and vulnerability to the reply attack of the prior protocols and suggested revised protocols. Nevertheless, these protocols did not mention about the critical problem caused when the server and the client lose synchronization on the secret information between them. Therefore, in this paper, we analyze the security characteristics of the existing protocols and prove the vulnerability to the synchronization of the protocols.

• The Journal of the Korea Contents Association
• /
• v.17 no.7
• /
• pp.571-578
• /
• 2017

In order to approach information system through smart device and pc, user has to authenticate him or herself via user authentication. At that time when user tries reaching the system, well-used user authentication technologies are ID/PW base, OTP, certificate, security card, fingerprint, etc. The ID/PWbased method is familiar to users, however, it is vulnerable to brute force cracking, keylogging, dictionary attack. so as to protect these attacks, user has to change the passwords periodically as per password combination instructions. In this paper, we designed and implemented a user authentication system using smartphone's USIM without using password while enhancing security than existing ID / PW based authentication technology.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.3C
• /
• pp.348-354
• /
• 2007

RFID system is emerging new technology for ubiquitous computing environment. RFID system, however, provides privacy problems while the technology offers incredible rich opportunities for applications in the filed of logistics, distribution, and medical services, etc. Many researches have been conducted in order to solve this problem, but the current RFID authentication protocols are still insufficient for settling the privacy problem in the point of view of privacy intrusion and system efficiency. The purpose of this paper is to present a RFID mutual authentication protocol which improves safety level, compared with current authentication protocols. The proposed authentication protocol can provide mutual authentication services, and is secure against location tracing, spoofing, reflection attack.

• Proceedings of the Korea Contents Association Conference
• /
• 2004.05a
• /
• pp.301-306
• /
• 2004

The Grid VO(Virtual Organization) is temporary VO where gather indivisual, authority, or system resource, differ from previous VO concept that controled by internal principal and policy set. It have many problems in case of indivisuals, authorities, or system resources that became member\ulcorner of some Grid VO at same time and combination followed changing condition of system resource for building Grid VO. This paper propose lightweighted Grid VO authentication system based on XML security to solve the authentication of the problems occuring in building Grid VO. In this paper, Grid VO authentication system is including Grid VO authentication module that is intermediate management system in PH to previous authentication service structure and provide effective authentication service to Grid VO.

• Journal of Internet of Things and Convergence
• /
• v.2 no.1
• /
• pp.1-6
• /
• 2016

The IOT environment, people connected to the network, object, everything such as space (Things) generates data in real time. The information between the object collecting, sharing, are utilized. Currently health care, research in various fields such as smart home has been promoted. Also appeared concepts emphasized all things(IOE) Internet connection between the geographic space and the Internet. Human, while important connections between the objects, such as objects, studies of efficient and secure authentication technologies have been developed. In this paper, we propose a RADIUS (Remote Authentication Dial In User Service) protocol for improved mutual authentication between each object in the IOT environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.361-371
• /
• 2017

The increase in user data stored in the device implies the increase in threats of users' sensitive data. Currently, smartphone authentication mechanisms such as Pattern Lock, fingerprint recognition are widely used. Although, there exist disadvantages of inconvenience use and dependence that users need to depend on their own memory. User behavior based authentication mechanism have advantages of high convenience by offering continuous authentication when using the mobile device. However, these mechanisms show limitations on low accuracy of authentication and there are researches to improve the accuracy. This paper proposes improved authentication mechanism that uses user's smartphone application usage pattern which has not considered on earlier studies. Also, we analyze performance of proposed mechanism with collected datasets from actual use of smartphone applications.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.7
• /
• pp.1516-1523
• /
• 2004

In the paper, an algorithm fitted to P2P system was proposed by improving Kerberos which is an algorithm for mutual authentication. To keep the role of Kerberos and minimize load to server, the proposed algorithm imposed the server role of ticket recognition to the opposite peer. Using this method, the number of sewers as ticket recognition server was averted and function of server for authentication was minimized so that server load was mininized. The proposed algorithm enables the server to play the minimum of the role and to perform strong mutual authentication, while imposeing on the peers the role of authentication. To make suitable to P2P system, trial number oriented authentication limit was given, not time-oriented authentication expiration time. In the paper, a new P2P system was designed using this algorithm.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.12
• /
• pp.159-167
• /
• 2012

The authentication system of the PKI(public key infrastructure) provides the authenticity and security, accessibility, economic feasibility, and convenience to the service provider and users. Therefore the public and private companies in Korea widely use it as the authentication method of the web service. However, the safety client system is threatened by many vulnerable factors which possibly caused when using PKI-based authentication system. Thus, in this article vulnerable factors caused by using the PKI-based authentication system will be analyzed, which is expected to be the useful data afterwards for the construction of the new authentication system as well as performance improvement.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.11
• /
• pp.1996-2001
• /
• 2006

Open System Authentication Method, Shared Key Method, Mac Based Authentication Method are very hard to use in wireless network that needs security. So now, many researches have been performed about 802.1x and user authentication method applying PKI. but certificate verification protocol has been used abolished list called CRL since it's first usage of PKI, there were still has a problem about distribution point. This paper applied CVS to use CA direct not to use CRL and OSCP server in order to improve this problems. Also It suggested the system that can make authentication steps more shorter using authentication server and Mutual authentication system by public certificate(small size/low speed wireless terminal can access to wireless network fast and safely)