Moon-Seog Jun

A Design of One-Time Password Mechanism Using Public Key Infrastructure

One-time password mechanism solves password problems like password conjecture and wiretapping that can occur by using the same password several times repeatedly. However, such one-time password mechanism also is exposed to various attacks, and is vulnerable in matters of confidentiality and security protection, the most important elements of security depending on mechanism. This paper solves user disguise problem by authenticating users with the use of public key infrastructure, and guarantees integrity by generating password by applying session identifier L and random value R to hash function in every applicable session. Additionally, to enhance security while transferring the generated password, the mechanism digital signature the password with users private key, encode it again with service providers public key, and guarantee denial prevention by requesting the server authentication while being able to verify the identity of user. Therefore in this paper proposes one-time password mechanism that has enhanced security using public key infrastructure to prevent integrity problem due to birthday attack and hash collision problem occurring from hash function. Comparison and analysis of existing one-time password mechanism will tell of the excellence of this paper.

A Mechanism to Prevent RP Phishing in OpenID System

Even though users have been assigned IDs after being authenticated by their real names and resident registration numbers for using Internet services, the I-PIN (Internet Personal Identification Number) service, which is a substitution means for the resident registration number, is recently applied because of security problem. In addition, the OpenID service, which could receive Internet service by integrating into a single ID, is now in force within the country, however, it could be wrongfully used as abusive comments and spam and is pointed out as problems for phishing since it has not user authentications. This paper proposes a technique to strengthen user authentications with the I-PIN when users sign up for memberships in the OpenID, and compensates the phishing problem of relaying parties (RPs) which users could receive Internet service with the OpenID. It could be found that the user authentication and the security of the OpenID are strengthened by comparison and analysis between the existing OpenID service and the OpenID service applying the I-PIN proposed in this paper, and it is designed enough to be safe for phishing.

A Privacy Technique for Providing Anonymity to Sensor Nodes in a Sensor Network

Research on sensor network had been focused on security services that provide authentication, confidentiality, integrity and availability until recently, but now there is growing interest in tackling the problem of actual sensor IDs being exposed. Many techniques for providing anonymity to the source in an ad-hoc network have been proposed, but they are not suitable. Thus, a technique that is well-suited to the characteristics of sensor networks is needed. This paper, limiting the type of attack against a sensor network to that of eavesdropping, proposes a new technique for providing anonymity using Phantom ID and SMAC. The degree of anonymity provided by the proposed technique was analyzed using an entropy-based modeling technique. The results showed that the anonymity is high when the proposed technique is used. The key factor responsible for the improved anonymity had to do with disguising the sensor ID so that it cant be found easily.

A Study on the Two-channel Authentication Method which Provides Two-way Authentication using Mobile Certificate in the Internet Banking Environment

The Internet banking service provides convenience than the traditional offline services. However, it still causes a number of security problems including hacking. In order to strengthen security, the financial institutions have provided such authentication methods as the official authentication certificate, the security token, the security card and OTP. However, the incidents related to hacking have continuously occurred. Especially, various weak points have been suggested for the authentication methods in regard to such types of hacking as the memory hacking or the MITM attack. So I needed was a new authentication method. In this study, the two-channel authentication method which provide two-way authentication on the user`s PC and mobile device when executing the electronic financial transactions in the Internet banking environment is suggested. Also, by analyzing it in comparison with other existing methods, it is possible to check that the prospects of safety and credibility are strengthened.

The Study on the Maturity Measurement Method of Security Management for ITSM

Management environment of enterprise is rapidly changed and continually pressed from market for the improvement of customer value. So the companies are preparing the countermeasure for the various strategic and tactical the rationalization of management. These companies are increasing that consider to introduce the effective process construction, integration of divided process and organization, analysis of decision making and process cost of business and improvement of business in relatively lower business part of strategic importance ITSM system construction is divided into service support and service delivery. In this thesis, it proposes the effectively measuring method about maturity of security management supporting both parts. Maturity measurement of security management is planned to measure the business maturity, analyze the result and be To-Be model after 3 phases of interview measurement of business maturity consists of 9 domains and 63 detailed items and it gives weights and standard score by each detailed item and then measures the personal weight of security business and maturity of security business in organization.

A Fast Authentication System for Home Network Devices Using Two Dimension Array

Home network is one composition of several various devices and has been expanded according to the development of those devices. The number and quantity of digital contents have been growing to various ways. However, it is not easy to protect a copyright of the digital contents continuously since it has a lack of operating the devices which need multimedia contents. It is also not easy to reissue a license from DRM server to move the contents the exterior requests. To solve those inconveniences, this thesis has suggested the authentication method between the devices using a certain framework. In the framework, the contents can move to another device without reissuing a license through interacts of the devices from DRM server, using two dimension array. In addition, even if all members of family access home network externally, it is designed to be able to use home network contents through a simple authentication of devices.

A Study on Realtime Detecting Smishing on Cloud Computing Environments

Learning By smartphone developed, mobile malicious code will produce many new species of fraud technique that Smishing using a mobile malicious code was born. Damage of Smishing Because of the increase, against this possibility is urgent. In this paper, filtering, API analysis, bypass detection, in order to capture the sewing machine’s detection is performed. The proposed test method is performed directly in a virtualized environment, so you can also detect unknown malware, and that’s sewing machine can reduce the damage caused.

A Study on Authentication of Mobile Agency AP Connection Using Trusted Third Party in Smart Phone Environment

Abstract As the IT industry develops, the smart-phone technology and functions which are actively being studied at the moment greatly influence the entire living environment. With the smart-phone technology and functions, peoples interest for the wireless LAN which can be used to get access to the Internet anytime anywhere is gradually increasing. However, since the malicious attacker can easily carry out hacking or approach the contents due to the characteristics of the wireless radio wave, the personal information with a high level of importance for data security is easily exposed due to Spoofing, Denial of Service attack and Man in the Middle attack. Therefore, the demand for security is gradually increasing.In this paper, the safe wireless network service environment is provided by supplementing the vulnerability in regard to Spoofing, Session Hijacking and Man in the Middle attack after executing the clients authentication process, the AP authentication process and the Mobile Agency authentication process with the clients information in the USIM, the AP information and the Mobile Agency information when the client uses the wireless Internet through the Mobile Agency AP access in the smart phone environment.

RFID Mutual Authentication Protocols Using Key Exchange Based on Hash Functions

A RFID system is a key technology used to create a ubiquitous society through non-contact radio identification technology, expected to provide us with information far above time and space. However, several security issues including a matter of privacy have been raised on account of restricted features of RFID communication environment. A variety of studies have been underway to bring solutions to them, but existing studies require excessive processing capabilities for security problems, tags and back-end database. To solve out this problem, this paper suggests mutual authentication RFID protocols that can guarantee safety from spoofing and re-transfer attack and also reduce the number of comparative operations in the back-end database, with the use of hash functions, XOR operation and key exchange.

Design of Secure Dynamic Clustering Algorithm using SNEP and μTESLA in Sensor network

Contrary to general network, sensor network has many restrictions such as energy recharge. Accordingly, security mechanism used to general network cannot be applied to sensor network. Many researchers propose method of security and energy efficiency separately. To maximize energy efficiency, the methods to support data aggregation and clusterhead selection algorithm are proposed. To strengthen the security, the methods to support encryption techniques and manage a secret key that is applicable to sensor network are proposed. However, energy and security issues are trade-off. This paper is devoted to design secure routing protocol combining conventional routing protocol with security protocol. This new protocol is that encryption algorithm and key management method are applied to specific routing protocol.