A Security Assessment on the Designated PC service (이용 PC 지정 서비스의 안전성 평가)

Kyungroul Lee (이경률); Kang-bin Yim (임강빈)

A Security Assessment on the Designated PC service

Journal of The Korea Society of Computer and Information
Abbr : JKSCI
2015, 20(12), pp.61-66
Publisher : The Korean Society Of Computer And Information
Research Area : Engineering > Computer Science

Kyungroul Lee ¹, Kang-bin Yim ¹

¹순천향대학교

Accredited

ABSTRACT

In this paper, we draw a security assessment by analyzing possible vulnerabilities of the designated PC service which is supposed for strengthening security of current online identification methods that provide various areas such as the online banking and a game and so on. There is a difference between the designated PC service and online identification methods. Online identification methods authenticate an user by the user's private information or the user's knowledge-based information, though the designated PC service authenticates a hardware-based unique information of the user's PC. For this reason, high task significance services employ with online identification methods and the designated PC service for improving security multiply. Nevertheless, the security assessment of the designated PC service has been absent and possible vulnerabilities of the designated PC service are counterfeiter and falsification when the hardware-based unique-information is extracted on the user's PC and sent an authentication server. Therefore, in this paper, we analyze possible vulnerabilities of the designated PC service and draw the security assessment.

KEYWORDS

the designated PC service, security assessment, device authentication, user authentication

Citation status

* References for papers published after 2023 are currently being built.

[journal] Su-Mi Lee / 2011 / Domestic Electronic Financial Status and Classification of Security Threats / Review of Korea Institute of Information Security and Cryptology(KIISC) 21(7) : 53~61

[journal] Kong Hoi Kim / 2010 / Security threats and countermeasures of certificate password attack by performing SEED algorithm in GPU / Review of Korea Institute of Information Security and Cryptology(KIISC) 20(6) : 43~50

[journal] 이윤영 / 2008 / CipherSuite Setting Problem of SSL Protocol and It’s Solutions / 정보처리학회논문지C / 한국정보처리학회 15(5) : 359~366

[journal] 임차성 / 2010 / An Effective Protection Mechanism for SSL Man-in-the-Middle Proxy Attacks / 정보과학회 컴퓨팅의 실제 논문지 / 한국정보과학회 16(6) : 693~697

[journal] 안우현 / 2010 / Attacking OpenSSL Shared Library Using Code Injection / 정보과학회논문지 : 시스템 및 이론 / 한국정보과학회 37(4) : 226~238

[journal] 강병탁 / 2011 / A study on the vulnerability of OTP implementation by using MITM attack and reverse engineering / 정보보호학회논문지 / 한국정보보호학회 21(6) : 83~100

[journal] 원동호 / 2010 / Vulnerabilities Analysis of the OTP Implemented on a PC / 정보처리학회논문지C / 한국정보처리학회 17(4) : 361~370

[report] Telecommunications Technology Association(TTA) / 2011 / Security Requirement for Virtual Keybord

[confproc] Kyungroul Lee / 2010 / Security Vulnerability Analysis of Touchpad on Image-Based Login Method / Proceedings of the Winter Conference on Korean Society for Internet Information(KSII) : 171~175

[confproc] Wan-soo Kim / 2010 / Analysis on Ivasion of Privacy using Display Device Vulnerability / Proceedings of the Winter Conference on Korean Society for Internet Information(KSII) 11(2) : 81~82

[report] Neowiz games corporaion / 2011 / Internet connection blocking method through a fixed PC service using an IP address and hardware information

[journal] Kangwon Lee / 2012 / Extraction of Platform-unique Information as an Identifie / Journal of Wireless Mobile Networks, Ubiquitous Computing and Dependable Application(JoWUA) 3(4) : 85~99

[confproc] Kyungroul Lee / 2015 / Security Assessment of the Designated PC Solution / Proceedings of the Spring Conference on Korean Institute of Smart Media(KISM)

[journal] 김종회 / 2011 / A New Malware Propagation Technique based on the Send Function Hooking and Its Countermeasure / 정보과학회논문지 : 시스템 및 이론 / 한국정보과학회 38(4) : 178~185

[journal] Kangwon Lee / 2012 / Extraction of Platform-unique Information as an Identifie / Journal of Wireless Mobile Networks, Ubiquitous Computing and Dependable Application(JoWUA) 3(4) : 85~99

[confproc] Hyeungjun Yeuk / 2015 / An Analysis of the Vulnerability of the Designated PC solution / Proceedings of the Spring Conference on Korean Institute of Smart Media(KISM)

This paper was written with support from the National Research Foundation of Korea.

KJCKorea
Journal Central

Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65