Byung-Rae Lee

Ticket based authentication and payment protocol for mobile telecommunications systems

In third generation mobile telecommunication systems such as UMTS, one of the important problems for value-added services is to check the recoverability of costs used by a mobile user. We present an efficient public-key protocol for mutual authentication and key exchange designed for value-added services in UMTS. The proposed ticket based authentication and payment protocol provides an efficient way for VASP to check the recoverability of costs without communication with the online TTP. Furthermore, the ticket based protocol can provide anonymous service usage for a mobile user.

CORBA-based pair contracts support system for subjects of electronic commerce

Electronic commerce shall provide a contract support system for its subjects with a credential in distributed computing. The contract support system is a fair exchange system of a package of business items between two parties, a merchant and a buyer. In this paper, based on the CORBA security service specification which OMG defined, we propose the fair contract support system for subjects of electronic commerce, providing the mutual authentication and the label-based authorization. This proposed system, by Kerberos for the authentication and the authenticated key exchange, assures not only the identification of a partner but also the confidence of the origin of the business item for contracts between subjects of electronic commerce. Since our deployed Kerberos is extended to the mutual authentication service based on distributed object space, it is efficient for security administration to manage the information such as key management in the distributed computing.

A Secure and Efficient Key Escrow Protocol for Mobile Communications

In this paper we present secure and efficient key escrow protocols that guarantees escrow secrecy, public verifiability, and robustness for mobile telecommunications systems. We present a new construction for key escrow scheme, which compared to previous solutions by Chen, Gollman, Mitchell and later by Martin, achieves improvements in efficiency and security. We proposed a new key escrow protocol, designed for the case where the pair of communicating users are in different domains, in which the pair of users and all the third parties jointly generate a session key for end-to-end encryption.

Authentication Service Model Supporting Multiple Domains in Distributed Computing

In this paper, based on CORBA security service specification[1, 3], we propose the authentication service model supporting multiple domains for distributed computing with an extension to the Kerberos[13] authentication framework using public key cryptosystem[15]. This proposed model supports the protection of the high-level resources and the preservation of the security policies of the underlying resources that form the foundation of various domains, between the Kerberized domains[14] and the Non-Kerberized domains. Also we achieved the flexibility of key management and reliable session key generation between the Client and the Provider using the public key cryptosystem.

Integrated secure-negotiation service for subjects of electronic commerce

Electronic commerce shall provide its subjects with a credential-based security service in the open distributed computing environment. In this paper, based on CORBA security service specification which the OMG defined, we propose an integrated secure-negotiation service for subjects of electronic commerce, providing mutual authentication and label-based authorization. This proposed structure, by Kerberos for authentication and authenticated key exchange, assures not only the identification of a partner but also the confidence of origin of the business item for negotiations between subjects of electronic commerce. Since our deployed Kerberos is extended to the mutual authentication service based on the CORBA platform, it is efficient for security administration to manage information such as a key management in an open distributed computing environment.

Relieble Communication Service for Mobile Agent Based on CORBA

Mobile agents [1] are active entities, which may migrate to meet other agents and access the place‘s services. For mobile agent collaboration in distributed environment, mobile agents should be able to exchange messages with each other, even if they are moving across a network. The ability to send messages to a moving agent is important mechanism for agent collaboration. In this paper, we propose reliable messaging mechanism with notification messages based on CORBA [2]. This mechanism allows messages in flight when a mobile agent moves, and messages sent based on an out-of-date IOR [3], to be forwarded directly to the mobile agent’s new location.

CORBA-Based Open Authentication Support Service of Electronic Commerce

In this paper, based on CORBA security service specification [4] which OMG defined, we propose the open authentication support service for subjects of electronic commerce, providing the authentication of object level and the authenticated key exchange. This proposed service, by Kerberos [5] for the authentication and the authenticated key exchange, assures not only the identification of a partner but also the confidence of origin of business item for negotiations between subjects of electronic commerce. Since our deployed Kerberos is extended to the open authentication support service based on CORBA platform, it is efficient for security administration to manage the information such as a key management in the heterogeneous distributed computing environment.

Remote Messaging Mechanism Supporting Agent Mobility Based on CORBA

Mobile agents[1] are active entities, which may migrate to meet other agents and access the places services. For agent collaboration in distributed environment, mobile agents should be able to exchange messages with each other, even if they are moving across a network. The ability to send messages to a moving agent is important mechanism for agent collaboration. In this paper, we propose CORBA[2]-based remote messaging mechanism with a binding table. This mechanism allows messages in flight when a mobile agent moves, and messages sent based on an out-of-date table binding, to be forwarded directly to the mobile agents new location. In this mechanism, an agent can transfer messages directly to the target agent based on the binding table.

Proxy Agent Consistency Service Based on CORBA

Mobile agent [1] platforms use proxy agents to provide location transparent communication. However, these platforms lack of consistency service between proxy agents and mobile agents. In this paper, we propose CORBA [2]-based proxy agent consistency service with MASIF [1] naming services. Control messages are defined to warn, request, update and confirm consistency related activities. If naming service is not available, proposed service can still update the proxy agent with up-to-date IOR [2] information. For reliable agent messaging, message forwarding is possible through the proposed proxy agent consistency service.