Journal of the Korea Convergence Society (한국융합학회논문지)

Korea Convergence Society (한국융합학회)
권호 표지
DOI QR코드

DOI QR Code

Smart City Security Management in Three Tier Smart City Management System

쓰리 티어 방식의 스마트시티 관리시스템에서의 보안 관리

  • Hwang, Eui-Dong (School of Electrical and Computer Engineering, University of Seoul) ;
  • Lee, Yong-Woo (School of Electrical and Computer Engineering, University of Seoul)
  • 황의동 (서울시립대학교 전자전기컴퓨터공학과) ;
  • 이용우 (서울시립대학교 전자전기컴퓨터공학과)
  • Received : 2018.09.11
  • Accepted : 2019.01.20
  • Published : 2019.01.28
Download PDF
⟨ Previous Next ⟩

Abstract

The security of the data dealt by the smart city system is important because they have many privacy and public information. Therefore, it is necessary to study security in the smart city system. In this paper, we define the security factors for the smart city system composed of three tiers and describe the technologies for each. In addition, the design and implementation of the security layer in the Smart City middleware for the security management of the urban component in the Smart City Infrastructure and middleware, which is one of the most important issues in the Smart City system, is introduced.

스마트시티 시스템에서 다루는 데이터는 개인의 사생활이나, 공공재적인 요소가 많기 때문에 보안이 중요하며, 따라서 스마트시티 시스템에서 보안에 대한 연구는 필요하다. 본 논문에서는 3 티어(Tier)로 구성된 스마트시티 시스템을 위한 보안 요소들을 정의하고, 각각에 필요한 기술들에 대해서 기술한다. 또한, 스마트시티 시스템에서 가장 중요한 이슈 중 하나인 도시구성요소와 미들웨어와의 보안 관리를 위하여 스마트시티 미들웨어에 보안계층을 설계하고 구현한 내용을 소개한다. 인프라보안계층은 블록 암호 (Block Cipher) 알고리즘과 메시지 다이제스트 알고리즘을 기반으로 구성되었으며, 이를 통해 데이터의 기밀성과 무결성을 보장하고, 정책서버를 통한 장치 접근 관리를 하여 인가된 장치만 스마트시티 구성요소를 관리할 수 있도록 한다.

Keywords

OHHGBW_2019_v10n1_25_f0001.png 이미지

Fig. 1. UTOPIA three tiers structure

OHHGBW_2019_v10n1_25_f0002.png 이미지

Fig. 2. Infrastructure security layer in smart city middleware

OHHGBW_2019_v10n1_25_f0003.png 이미지

Fig. 3. The sequence diagram of authentication processing about remote devices with infrastructure security layer of SmartUM middleware

OHHGBW_2019_v10n1_25_f0004.png 이미지

Fig. 4. Data flow of infrastructure security layer

References

  1. Ministry of Land, Transport and Maritime Affairs(Ministry of land, transport and maritime affairs), Korea, ACT ON THE CONSTRUCTION, ETC. OF UBUQUITOUS CITIES, amended by Act No. 9705, May 22, 2009.
  2. Ministry of Land, Infrastructure and Transport, Act on Smart City Creation and Industry Promotion, etc, This Decree enter into force on Sept. 22, 2017. Law No.14718.
  3. H. S. Jung, C. S. Jeong, Y. W. LEE & P. D. Hong. (2009). An Intelligent Ubiquitous Middleware for U-city: SmartUM, Journal of Information Science and Engineering, 25(2), 375-388. DOI: 10.1688/JISE.2009.25.2.3
  4. J. Hoh and C. Y. Jung. (2017). Convergence-based Smart Factory Security Threats and Response Trends. Journal of the Korea Convergence Society, 8(11), 29-35, DOI: 10.15207/JKCS.2017.8.11.029
  5. S. W. Lee, J. J. N. Kim. (2017). Service-oriented protocol security framework in ICT converged industrial environment. Journal of the Korea Convergence Society, 8(12), 15-22. DOI: 10.15207/JKCS.2017.8.12.015
  6. K. H. Lee. (2010). Analysis of Threats Factor in IT Convergence Security. Journal of the Korea Convergence Society, 1(1), 2233-4890. ISSN: 2233-4890
  7. S. W. Rho, C. H. Yun & Y. W. LEE. (2011). Provision of U-city web services using cloud computing. The 13th International Conference Advanced Communication Technology (ICACT), 1545-1549. ISBN: 978-89-5519-154-7
  8. S. Ramgovind, M. Eloff & E. Smith. (2010). The Management of Security in Cloud Computing. Information Security for South Africa (ISSA), 1-7, DOI: 10.1109/ISSA.2010.5588290
  9. S. M. Kim, J. O. Kim, C. H. Yun, J. W. Park, H. S. Jung & Y. W. Lee. (2011). Security Management of a Cloud-based U-City Management System, The Second International Conference on Cloud Computing, GRIDs, and Virtualization, 74-78. ISBN: 978-1-61208-153-3
  10. J. O. Kim, C. H. Yun, J. W. Park, T. H. Hong, K. G. Lee, E. D. Hwang, S. M. Kim & Y. W. LEE. (2011) Implementation of Security Layer for U-City Middleware, Proc. Korean Society For Internet Information. 12(1). 217-218. ISSN: 1738-9593
  11. S. K Yoon & H. S. Jang. (2011) Design of Information Security in Ubiquitous City, Journal of Information and Security, 11(4), 37-42, ISSN: 1598-7329
  12. Y. S. Kim & S. C. Park, Analysis and Protection Method of Security Threat Factor in u-City Management Center, Proc. Korean Society For Internet Information, 9(1), 129-132. ISSN: 1738-9593
  13. J. O. Kim, C. H. Yun, J. W. Park, T. H. Hong, K. G. Lee, E. D. Hwang, S. M. Kim, Y. W. LEE, Device Access Management in the U-City Middleware, Proc. Korean Society For Internet Information, 12(2). ISSN: 1738-9593
  14. S. H. Lee & D. W. Lee. (2013) A Study on Digital Convergence and Smart City. The Journal of Digital Convergence, 11(9), 167-172. DOI: 10.14400/JDPM.2013.11.9.167
  15. S. H. Lee. (2014) A Case Study on Foreign Smart City. The Journal of Digital Convergence, 12(4), 305-310. I: 10.14400/JDC.2014.12.4.305
  16. S. H. Lee, D. H. Shim & D. W. Lee. (2016). Actual Cases of Internet of Thing on Smart City Industry. Journal of Convergence for Information Technology, 6(4). 65-70. DOI: 10.22156/CS4SMB.2016.6.4.065
  17. K. G. Im & J. S. Kim. (2007). u-City operating Center and Platform as a u-City Infrastructure, TTA Journal IT Standard & Test, 112, 60-66. UCI: http://uci.or.kr/G901:A-0002388813
  18. Ministry of Public Administration and Security. (2010). Practices Guide for Information Security Management.[Online]. http://mois.go.kr/frt/bbs/type001/commonSelectBoardArticle.do?bbsId=BBSMSTR_000000000015&nttId=39918
  19. National Intelligence Service. (2018). White Paper on National Information Security, [Online]. https://isis.kisa.or.kr/ebook/ebook2.html#
  20. S. Frankel, P. Hoffman, A. Orebaugh, & R. Park. (2008). Guide to SSL VPNs. Special Publication (Nist SP) 800-113, 87. DOI: 10.6028/NIST.SP.800-113
  21. S. Frankel, K. Kent, R. Lewkowski, R., A. D. Orebaugh, R. W. Ritchey, & S. R. Sharma. (2005). Guide to IPsec VPNs. Special Publication (Nist SP) 800-77, 126. DOI: 10.6028/NIST.SP.800-77
  22. Korea Institute for Advancement of Technology. (2012) Technical Road Map for Information Security, [Online]. http://www.itfind.or.kr/report/analysis/read.do?selectedId=02-004-150421-000029
  23. Telecommunications Technology Association (TTA). (2009), Information Telecommunication Technology Standards Roadmap 2009, ISBN: 9788993092226
  24. Advanced Encryption Standard (AES). (2001) Federal Information Processing Standards Publication 197. DOI: 10.6028/NIST.FIPS.197
  25. Secure Hash Standard(SHS). (2015) Federal Information Processing Standard (FIPS) 180-4. DOI: 10.6028/NIST.FIPS.180-4
  26. D. Geer. (2010) Whatever Happened to Network Access Control Technology?. IEEE Computer, 43, 13-16, DOI: 10.1109/MC.2010.2692010