• 제목/요약/키워드: security token

Search Result 152, Processing Time 0.024 seconds

Development of a Web Security System Using Cryptographic Token (보안토큰을 이용한 웹 보안 시스템 개발)

  • Ha, Gyeong-Ju;Yun, Jae-U;Gang, Chang-Gu;Jang, Seung-Ju
    • The Transactions of the Korea Information Processing Society
    • /
    • v.6 no.3
    • /
    • pp.654-663
    • /
    • 1999
  • In this paper, we develop a security system which enhances the security of information during transmission over the World Wide Web for solving problems related to outflow of the information on the internet. Our system provides safe security functions without modifying the existing Web server and browser by utilizing CGI, Plug-in, and Socket Spy techniques. Our system implements user access control and data encryption/decryption by using the hardware cryptographic token instead of using a software technique as in previous systems, and hence is a more robust security system.

  • PDF

Biometric Certificate on Secure Group Communication

  • Han, Kun-Hee
    • Journal of Convergence Society for SMB
    • /
    • v.4 no.4
    • /
    • pp.25-29
    • /
    • 2014
  • Security is a primary concern in group communication, and secure authentication is essential to establishing a secure group communication. Most conventional authentications consist of knowledge-based and token-based methods. One of the token-based methods is a X.509 certificate, which is used under a Public Key Infrastructure (PKI); it is the most well-known authentication system in a distributed network environment. However, it has a well-known weakness, which only proves the belonging of a certificate. PKI cannot assure identity of a person. The conventional knowledge-based and token-based methods do not really provide positive personal identification because they rely on surrogate representations of the person's identity. Therefore, I propose a secure X.509 certificate with biometric information to assure the identity of the person who uses the X.509 certificate in a distributed computing environment.

  • PDF

Debug Port Protection Mechanism for Secure Embedded Devices

  • Park, Keun-Young;Yoo, Sang-Guun;Kim, Ju-Ho
    • JSTS:Journal of Semiconductor Technology and Science
    • /
    • v.12 no.2
    • /
    • pp.240-253
    • /
    • 2012
  • In this paper we propose a protection mechanism for the debug port. While debug ports are useful tools for embedded device development and maintenance, they can also become potential attack tools for device hacking in case their usage is permitted to hackers with malicious intentions. The proposed approach prevents illicit use of debug ports by controlling access through user authentication, where the device generates and issues authentication token only to the server-authenticated users. An authentication token includes user access information which represents the user's permitted level of access and the maximum number of authentications allowed using the token. The device authenticates the user with the token and grants limited access based on the user's access level. The proposed approach improves the degree of overall security by removing the need to expose the device's secret key. Availability is also enhanced by not requiring server connection after the initial token generation and further by supporting flexible token transfer among predefined device groups. Low implementation cost is another benefit of the proposed approach, enabling it to be adopted to a wide range of environments in demand of debug port protection.

A Novel Cost-Effective Firewall Token for Hacking Protection on TCP/IP Based Network (TCP/IP를 이용하는 전산망의 해킹방지를 위한 경제적인 방화벽 토큰 설계 방안)

  • 고재영
    • Journal of the Korea Institute of Military Science and Technology
    • /
    • v.2 no.1
    • /
    • pp.159-169
    • /
    • 1999
  • Recently a firewall is being employed to protect hacking by controlling the traffics. The security services in the firewall include authentication, access control, confidentiality, integrity, and audit trail. A token is adapted for authentication to the firewall. A token has a small battery within which has restricted power capacity, This paper proposes a novel cost-effective firewall token for hacking protecting on transmission control protocol/internet protocol (TCP/IP) based network. This paper proposes a fast exponentiation method with a sparse prime that take a major operation for a public-key crypto-system and a major power consumption in the token. The proposed method uses much less amount of modular operations in exponentiation that is reduced of battery's capacity or CPU's price in the token.

  • PDF

Design of an USB Security Framework for Double Use Detection (이중사용 방지를 위한 USB 보안 프레임워크의 설계)

  • Jeong, Yoon-Su;Lee, Sang-Ho
    • Journal of the Korea Society of Computer and Information
    • /
    • v.16 no.4
    • /
    • pp.93-99
    • /
    • 2011
  • Recently, the development of internet technology makes user's personal data used by being saved in USB. But there is a critical issue that personal data can be exposed with malicious purpose because that personal data doesn't need to be certificate to use. This paper proposes USB security framework to prevent a duplicate use of personal data for protecting the data which in USB. The proposed USB security framework performs certification process of user with additional 4bite of user's identification data and usage choice of USB security token before certification data when the framework uses USB security product in different network. It makes communication overhead and service delay increased. As a result of the experiment, packet certification delay time is more increased by average 7.6% in the proposed USB security framework than simple USB driver and USB Token, and procedure rate of certification server on the number of USB is also increased by average 9.8%.

A secure token-updated authentication scheme using security key (비밀키를 이용한 토큰 업데이트 보안 인증 기법)

  • Liang, Jun;Jang, In-Joo;Yoo, Hyeong-Seon
    • The Journal of Society for e-Business Studies
    • /
    • v.12 no.1
    • /
    • pp.89-97
    • /
    • 2007
  • Recently, a large number of authentication schemes based on smart cards have been proposed, using the thinking of OTP (one-time password) to withstand replay attack. Unfortunately, if these schemes implement on PCs instead of smart cards, most of themcannot withstand impersonation attack and Stolen-Verifier attack since the data on PCs is easy to read and steal. In this paper, a secure authentication scheme based on a security key and a renewable token is proposed to implement on PCs. A comparison with other schemes demonstrates the proposed scheme has following merits: (1) Withstanding Stolen-Verifier attack (2) Withstanding Impersonation attack (3) Providing mutual authentication; (4) Easy to construct secure session keys.

  • PDF

Privacy of Capability Token in the IoT Service System

  • Jang, Deresa;Kim, Jin-bo;Kim, Mi-Sun;Seo, Jae-Hyun
    • Journal of Multimedia Information System
    • /
    • v.3 no.3
    • /
    • pp.103-110
    • /
    • 2016
  • The recent development of the Internet of things (IoT) has led to the introduction of new access control measures. Even during the access control for security, however, there might be privacy infringements due to unwanted information provision and collection. Measures to control this process are therefore required. This paper defines the structure and policies of tokens to protect privacy that can be exposed through the token information when you use the capability token in the IoT service system.

An Implementation of a Security Token System using USB (USB를 이용하는 보안 토큰 시스템의 구현)

  • 김영진;반성범;정용화
    • Proceedings of the IEEK Conference
    • /
    • 2002.06e
    • /
    • pp.285-288
    • /
    • 2002
  • The match-on-token is a system which executes the user-authentication on the system using the user's biometric information. Nowadays, due to increase of request of the secure user-authentication on various parts, it comes to more use. In this paper, the match-on-token system under development by ETRI is described. The system consists of a host and an emulator board. USB is employed as the communication channel between them. First, the hooting code of the emulator board was programmed and tested in order that USB programs and the finger-print matching program can be executed correctly. Then, host programs cooperating with the board was designed, implemented and tested. Finally, future research including optimization of applications on the match-on-token will be mentioned.

  • PDF

A Study of Improved Session Management for Mobile Web under BYOD environment (BYOD 환경을 고려한 모바일 웹을 위한 세션 관리 개선 방안 연구)

  • Kim, Young-hun;Park, Yongsuk
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.19 no.5
    • /
    • pp.1117-1124
    • /
    • 2015
  • This paper explains a web session management system for mobile web environment with BYOD(Bring Your Own Device). This system operates by enhanced secure session token. This system consists of an unique identifier, time stamp, and encryption algorithm. The Unique identifier in this system classifies each mobile device for web security based on mobile environment with BYOD. And the Time stamp in this system that determine session effectiveness for web security. Also the Cipher algorithm in this system that protects session token information for web security. This paper analysis a security of session management system running on mobile web environment using the simulation techniques. The proposed method is more suitable than the other methods under enviroment mobile web environment with BYOD.

IoT Multi-Phase Authentication System Using Token Based Blockchain (블록체인 기반의 토큰을 이용한 IoT 다단계 인증 시스템)

  • Park, Hwan;Kim, Mi-sun;Seo, Jae-hyun
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.8 no.6
    • /
    • pp.139-150
    • /
    • 2019
  • IoT(Internet of Things) security is becoming increasingly important because IoT potentially has a variety of security threats, including limited hardware specifications and physical attacks. This paper is a study on the certification technology suitable for the lightened IoT environment, and we propose a system in which many gateways share authentication information and issue authentication tokens for mutual authentication using blockchain. The IoT node can be issued an authentication token from one gateway to continuously perform authentication with a gateway in the block-chain network using an existing issued token without performing re-authentication from another gateway participating in the block-chain network. Since we do not perform re-authentication for other devices in a blockchain network with only one authentication, we proposed multi phase authentication consisting of device authentication and message authentication in order to enhance the authentication function. By sharing the authentication information on the blockchain network, it is possible to guarantee the integrity and reliability of the authentication token.