The Authentication Model which Utilized Tokenless OTP (Tokenless OTP를 활용한 인증 모델)

김기환; 박대우

The Authentication Model which Utilized Tokenless OTP

Journal of The Korea Society of Computer and Information
Abbr : JKSCI
2007, 12(1), pp.109-118
Publisher : The Korean Society Of Computer And Information
Research Area : Engineering > Computer Science

김기환 ¹, 박대우 ¹

¹호서대학교

Accredited

ABSTRACT

Is need Remote Access through internet for business of Ubiquitous Computing age, and apply OTP for confidentiality about inputed ID and Password, network security of integrity. Current OTP must be possessing hardware of Token, and there is limitation in security. Install a Snooping tool to OTP network in this treatise, and because using Cain, enforce ARP Cache poisoning attack and confirm limitation by Snooping about user password .Wish to propose new system that can apply Tokenless OTP by new security way, and secure confidentiality and integrity.Do test for access control inflecting Tokenless OTP at Remote Access from outside, and could worm and do interface control with certification system in hundred. Even if encounter hacking at certification process, thing that connection is impossible without pin number that only user knows confirmed. Because becoming defense about outward flow and misuse and hacking of password when apply this result Tokenless OTP, solidify security, and evaluated by security system that heighten safety.

KEYWORDS

Authentication, OTP, Tokenless OTP, Ubiquitous Security

Citation status

* References for papers published after 2023 are currently being built.

[other] 한국정보보호진흥원 / 2006 / 와이브로 보안기술 해설서 / 한국정보보호진흥원

[journal] 박대우 / 2006 / A Study about Wiretapping Attack and Security of VoIP Service / 한국컴퓨터정보학회논문지 / 한국컴퓨터정보학회 11(4) : 155~164

[journal] 송유진 / 2005 / Design and Implementation of OTP Based Authentication Mechanism for Web Service / 한국전자거래학회지 / 한국전자거래학회 10(2) : 89~107

[book] Jalil Feghhi / 1999 / Digital Certifi -cates: Applied Internet Security / Addison- Wesley

[other] / 2006 / OTP솔루션 / NetworkTimes

[web] / 2003 / Token OTP / http://www.autehnex.com

[journal] 박중길 / 1999 / S/KEY를 개선한 일회용 패스워드 매커니즘 개발 / 통신정보보호논문지 9(2) : 28~32

[web] / 2006 / Cain & Abel v2.9. Cain &Abel / http://www.oxid.it/cain.html

[web] / 2006 / Ethereal-network protocol analyzer Version 0.99.0 / Ethereal / http://www.ethereal.com/

[web] / 2006 / NTOP / http://www.ntop.org/download.html

[journal] 박대우 / 2005 / A Study of Security Method against Attack in TCP/IP / 한국컴퓨터정보학회논문지 / 한국컴퓨터정보학회 10(5) : 217~226

[book] W. Stallings / 2005 / Cryptography and Network Security, Principles and Practice Third Edition / Prentice-Hall

[web] / 2006 / Security String 과 Tokenless OTP / http://www.swivelsecure.com/?page=whitepapers/

[journal] 김우경 / 2004 / SMS와 OTP개념을 이용한 사용자 인증 / 한국정보과학회논문집 31(2)

KJCKorea
Journal Central

Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65