A Study on a Secure USB Mechanism That Prevents the Exposure of Authentication Information for Smart Human Care Services

Abstract

The secure USB flash drive was developed to improve the security of the conventional USB flash drive, which is vulnerable to leakages of internally stored data caused by extortion, loss, etc. However, it has been continuously reported that the secure USB flash drive, which protects data through the adoption of a wide range of security technologies in wide-ranging ways, cannot assure data security because of implementation and environmental vulnerabilities, eavesdropping, unlock commands, and reverse engineering. As such, there is growing demand for a more powerful secure USB flash drive to solve these fundamental problems. Therefore, this paper presents a secure USB mechanism that prevents leakages of authentication data and does not compare authentication data for smart human care services, which have been a fundamental problem of existing flash drives. The proposed mechanism provides better security than the existing secure USB flash drive by satisfying the need for confidentiality, integrity, authentication, and access control and safely protecting data from impersonation, man-in-the-middle, replay, and eavesdropping attacks by malicious attackers. An assessment of its security using the formalized verification tool AVISPA has proved that it is safe. Therefore, it is considered that a safer, more secure USB flash drive can be manufactured using the mechanism proposed in this paper.