• Journal of Information Processing Systems
• /
• v.13 no.1
• /
• pp.152-173
• /
• 2017

Mobile phones are the most common communication devices in history. For this reason, the number of mobile subscribers will increase dramatically in the future. Therefore, the determining the location of a mobile station will become more and more difficult. The mobile station must be authenticated to inform the network of its current location even when the user switches it on or when its location is changed. The most basic weakness in the GSM authentication protocol is the unilateral authentication process where the customer is verified by the system, yet the system is not confirmed by the customer. This creates numerous security issues, including powerlessness against man-in-the-middle attacks, vast bandwidth consumption between VLR and HLR, storage space overhead in VLR, and computation costs in VLR and HLR. In this paper, we propose a secure authentication mechanism based new mobility management method to improve the location management in the GSM network, which suffers from a lot off drawbacks, such as transmission cost and database overload. Numerical analysis is done for both conventional and modified versions and compared together. The numerical results show that our protocol scheme is more secure and that it reduces mobility management costs the most in the GSM network.

• Journal of The Korea Institute of Healthcare Architecture
• /
• v.24 no.4
• /
• pp.37-45
• /
• 2018

Purpose: The purpose of this study is to suggest directions for improving Authentication Of A Barrier-Free Living Environment(BF) of passenger facilities. Methods: We examined the parts (terms, Authentications, and dimensions) where the difference in the legal standards between the relevant items in the "ACT ON GUARANTEE OF PROMOTION OF CONVENIENCE OF PERSONS WITH DISABILITIES, THE AGED, PREGNANT WOMEN, ETC." and the "ACT ON PROMOTION OF THE TRANSPORTATION CONVENIENCE OF MOBILITY DISADVANTAGED PERSONS", which are the basis of Authentication of BF for buildings and passenger facilities. We also mention the differences by comparing and analyzing Authentications of BF. In addition, we survey the current status of passenger facilities in Korea that have been granted and not granted Authentication of BF of passenger facilities. and we describe improvement directions of Authentications of BF. Implications: Improvement of Authentications of BF should be made in accordance with relevant laws, and improvement of Authentications of BF to reflect various situations in the field is needed. Authentications of BF according to the type of passenger facilities should be distinguished.

• Journal of Software Assessment and Valuation
• /
• v.16 no.2
• /
• pp.63-68
• /
• 2020

This paper proposes a face authentication system based on deep learning framework. The proposed system is consisted of face region detection and feature extraction using deep learning algorithm, and performed the face authentication using joint-bayesian matrix learning algorithm. The performance of proposed paper is evaluated by various face database , and the face image of one person consists of 2 images. The face authentication algorithm was performed by measuring similarity by applying 2048 dimension characteristic and combined Bayesian algorithm through Deep Neural network and calculating the same error rate that failed face certification. The result of proposed paper shows that the proposed system using deep learning and joint bayesian algorithms showed the equal error rate of 1.2%, and have a good performance compared to previous approach.

• IEIE Transactions on Smart Processing and Computing
• /
• v.1 no.2
• /
• pp.95-105
• /
• 2012

The widespread implementation of RFID in ubiquitous computing is constrained considerably by privacy and security unreliability of the wireless communication channel. This failure to satisfy the basic, security needs of the technology has a direct impact of the limited computational capability of the tags, which are essential for the implementation of RFID. Because the universal application of RFID means the use of low cost tags, their security is limited to lightweight cryptographic primitives. Therefore, EPCGen2, which is a class of low cost tags, has the enabling properties to support their communication protocols. This means that satisfying the security needs of EPCGen2 could ensure low cost security because EPCGen2 is a class of low cost, passive tags. In that way, a solution to the hindrance of low cost tags lies in the security of EPCGen2. To this effect, many lightweight authentication protocols have been proposed to improve the privacy and security of communication protocols suitable for low cost tags. Although many EPCgen2 compliant protocols have been proposed to ensure the security of low cost tags, the optimum security has not been guaranteed because many protocols are prone to well-known attacks or fall short of acceptable computational load. This paper proposes a remedy protocol to the flyweight RFID authentication protocol proposed by Burmester and Munilla against a desynchronization attack. Based on shared pseudorandom number generator, this protocol provides mutual authentication, anonymity, session unlinkability and forward security in addition to security against a desynchronization attack. The desirable features of this protocol are efficiency and security.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.12
• /
• pp.6071-6080
• /
• 2012

Regarding the official authentication method which is a strong encrypt method for financial transactions, there has recently been a concern for the problem of storage. As a solution for such problems, this study provides the anonymous authentication method based on the smart card used for such a purpose by utilizing the pseudo ID replacing the user's personal data. Such an anonymous authentication method makes it possible to prevent any inside leakage, intermediary attack, limited re-transmission attack, service-denying attack, directional safety attack and secret inspector attack in regard to the user's personal data. As a result, there would be no concern for the leakage of any personal data. In comparative analysis, after executing the comparison and analysis process through the experiment for the authentication process by using the previously-used smart card, the new one has shown about 10% a high level of efficiency for the encrypt and decrypt process together with excellent features in terms of flexibility in regard to the user's anonymity and tracking ability.

• Journal of KIISE:Information Networking
• /
• v.29 no.4
• /
• pp.368-374
• /
• 2002

In the third generation mobile telecommunication systems such as UMTS, one of the important problems for value-added services is to check the recoverability of costs used by a mobile user. Previous authentication and payment schemes for value-added services by a mobile user across multiple service domains, rely on the concept of the on-line TTP, which serves as the users certification authority. In the third generation systems with many service providers, a wide range of services, and a diverse user population, authentication mechanisms with the on-line TTP provide a far from ideal solution. In this paper we present an efficient public-key protocol for mutual authentication and key exchange designed for value-added services in the third generation mobile telecommunications systems. The proposed ticket based authentication and payment protocol provides an efficient way for VASP to check the recoverability of costs without communication with the on-line TTP Furthermore, the proposed ticket based protocol can provide anonymous service usage for a mobile user.

• Journal of the Korea Society of Computer and Information
• /
• v.20 no.6
• /
• pp.13-20
• /
• 2015

A genuine product authentication framework and genuine distinction algorithm based on design QR code is proposed in this paper. The proposed framework consists of design QR code, a smart phone application for authentication, and a server system. Design QR code is a shape-modification of conventional QR code according to manufacturer's and/or product's need. In the design QR code, information about manufacturer and product is written. The written information can be read with general QR code reader, however, the content is transformed with authentication code, used in the first step authentication, and the meaning cannot be inferred. The application conducts the first step authentication and sends the resulting information to the server system for the second step authentication. The server system decides the genuinity using look-up history. The proposed framework can improve the authentication effect while minimizing the additional costs by managing the history through the server system. The proposed framework has proven to be effective in actual use, such as that used for the management of garbage bags in Ansan city.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.7
• /
• pp.2512-2529
• /
• 2015

Wireless mesh networks (WMNs) provide an efficient and flexible method to the field of wireless networking, but also bring many security issues. A mesh point may lose all of its available links during its movement. Thus, the mesh point needs to handover to a new mesh point in order to obtain access to the network again. For multi-domain WMNs, we proposed a new ID-based signcryption scheme and accordingly present a novel ID-based handover protocol for mesh points. The mutual authentication and key establishment of two mesh points which belong to different trust domains can be achieved by using a single one-round message exchange during the authentication phase. The authentication server is not involved in our handover authentication protocol so that mutual authentication can be completed directly by the mesh points. Meanwhile, the data transmitted between the two mesh points can be carried by the authentication messages. Moreover, there are no restrictions on the PKG system parameters in our proposed multi-domain ID-based signcryption scheme so our handover scheme can be easily applied to real WMNs circumstances. Security of the signcryption scheme is proved in the random oracle model. It shows that our protocol satisfies the basic security requirements and is resistant to existing attacks based on the security of the signcryption. The analysis of the performance demonstrates that the protocol is efficient and suitable for the multi-domain WMNs environment.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.17 no.5
• /
• pp.9-16
• /
• 2017

Recent advances in healthcare technologies along with improved medical care have led to a steady increase in life expectancy over the past few decades. As a result, the world population is aging rapidly. Various researches have been carried out to provide information and communication technologies based solutions that enhance the well-being of elderly people and provide them with a well margin of independency in their daily life. Ambient assisted living can be defined as the use of information and communication technologies in a person's daily living and working environment to enable them to stay active longer, remain socially connected and live independently into old age. Since the information transmitted in ambient assisted living systems is very sensitive, the security and privacy of such data are becoming important issues that must be dealt with. In this paper, we propose a novel lightweight authentication protocol for the ambient assisted living systems. The proposed authentication protocol not only supports several important security requirements needed by the ambient assisted living systems, but can also withstand various types of attacks. In addition, the security analysis results show that the proposed authentication protocol is more efficient and secure than the existing authentication protocols.

• Journal of Internet Computing and Services
• /
• v.9 no.2
• /
• pp.83-88
• /
• 2008

Session initiation protocol (SIP) is an application-layer prolocol to initiate and control multimedia client session. When client ask to use a SIP service, they need to be authenticated in order to get service from the server. Authentication in a SIP application is the process in which a client agent present credentials to another SIP element to establish a session or be granted access to the network service. In 2005, Yang et al. proposed a key exchange and authentication scheme for use in SIP applications, which is based on the Diffie-Hellman protocol. But, Yang et al.'s scheme is not suitable for the hardware-limited client and severs, since it requires the protocol participant to perform significant amount of computations (i.e., four modular exponentiations). Based on this observation. Huang and Wei have recently proposed a new efficient key exchange and authentication scheme thor improves on Yang et al.'s scheme. As for security, Huang and Wei claimed, among others, that their scheme is resistant to offline dictionary attacks. However, the claim turned out to be untrue. In this paper, we show thor Huang and Wei's key exchange and authentication scheme is vulnerable to on offline dictionary attack and forward secrecy.