• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.04a
• /
• pp.360-363
• /
• 2014

스마트 그리드는 IT 기술을 전력망에 도입함으로써 전력 인프라의 신뢰성, 효율성, 안전성 등을 향상 시키고 공급자와 소비자 간의 양방향 통신을 가능하게 하여 전력 선택 범위를 넓히고 전력 인프라의 효율성을 향상시키는 차세대 지능형 전력망이다. 그러나 스마트 그리드의 효과적인 운용을 보장하기 위한 보안서비스 제공을 위해서는 전력망 내의 통신환경에 대한 특성 파악과 보안 서비스가 전력 통신망에 끼치는 영향을 파악하여야 한다. 본 연구에서는 보안 서비스와 네트워크 부하가 전력 통신망에 어떠한 영향을 주는지 실험을 통해서 분석한다.

• Journal of Digital Contents Society
• /
• v.17 no.6
• /
• pp.499-507
• /
• 2016

The era of IoT, which figures exchanging data from the internet between things is coming. Recently, former electric power energy policy paradigm, namely Supply side paradigm, is changing, because electric power energy consumption is rapidly increasing. As new paradigm for this limit, convergence of existing electric power grid and ICT(Information and Communication Technology) will accelerate intellectualization of electric power device, its operation system. This change brought opened electric power grid. Consequently, attacks to the national electric power grid are increasing. On this paper, we will analyze security threats of existing IoT, discuss security weakness on electric power industry IoT and suggest needed security requirements, security technology.

• Review of KIISC
• /
• v.19 no.4
• /
• pp.65-71
• /
• 2009

기존의 전력망에 정보기술을 융합하여 전력 공급자와 소비지가 양방향 통신을 통하여 에너지 생산과 소비 효율을 최적화 할 수 있는 지능형 전력망이 개발되고 있다. 특히 우리나라는 이 기술의 세계 선도국가로 지정되어 스마트 그리드 구축을 위한 로드맵을 수립할 예정으로 있다. 그러나 전력망이 통신망에 융합되면서 정보통신 인프라에서 발생하고 있는 보안 문제가 전력망에서도 그대로 재현되고 있다. 따라서 전력 인프라에 대한 사이버 공격을 방지하고 대응하기 위하여 정보보호 기술이 개발단계 초기부터 고려될 필요가 있다. 본 논문에서는 스마트 그리드와 같은 국가적인 주요 인프라를 보호하기 위한 정보보호 기술의 필요성과 요구사항 등에 대하여 살펴보고자 한다.

• Convergence Security Journal
• /
• v.14 no.4
• /
• pp.95-100
• /
• 2014

The trend of business work that is related to supply chain changed into e-business using the electronic document However, the small and medium enterprise organizations still use huge volume of paper document, especially in private sector. Recently, the need for eco-friendly and low cost logistics becomes increasing. For this, it has expanded to exchange or to use e-document rather than the paper or manual processing in supply chain business. Therefore, this paper proposed the electronic access system for supply chain by business process modeling. If it is using the proposed system, it can be saving the exchanged or the scanned document to system, and user can utilize that document on just accessing system whenever they need the document. We believe it might reduce the burden of each organization because they don't need to save large volume data to their system or place. Furthermore, the benefits will effect across the national as well as global.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.989-1000
• /
• 2023

In order to respond to supply chain threats, active research and development efforts are underway for software tamper prevention technologies such as Secure Boot and management systems like Software Bill of Materials(SBOM). Particularly, the Trusted Computing Group (TCG) is introducing standards for Trusted Platform Module(TPM) to provide a secure and trustworthy computing boot environment. This paper emphasizes the need for introducing secure booting technology for cryptographic modules to ensure that they remain safe and provide reliable functionality even in the face of supply chain threats. Furthermore, it analyzes vulnerabilities in cryptographic modules verified by the ISO/IEC 19790 standard and proposes security requirements for secure booting of cryptographic modules to address these vulnerabilities.

• Journal of Advanced Navigation Technology
• /
• v.13 no.5
• /
• pp.691-698
• /
• 2009

Chen et al. proposed a RFID authentication protocol for anti-counterfeiting and privacy protection. A feasible security mechanism for anti-counterfeiting and privacy protection was proposed using XOR and random number shifting operations to enhance RFID tag's security providing a low cost. However, their authentication protocol has some drawbacks and security problems because they did not consider the surrounding environments. We conduct analysis on the protocol and identify problematic areas for improvement of the research. We also provide enhanced authentication and update scheme based on the comment for efficient supply chain management. The proposed protocol was analyzed and compared with typical XOR based RFID authentication protocols and it was confirmed that our protocol has high safety and low communication cost.

• Journal of Digital Convergence
• /
• v.11 no.4
• /
• pp.279-284
• /
• 2013

Improve the global environment for low carbon emissions and green energy, and the growing interest in IT technology, combined with the existing power grid to achieve this, to achieve more efficient and environment-friendly smart grid smart grid projects around the world actively being deployed. A smart grid is expected to be a modernization of the legacy electricity network. Therefore, this research provides a secure smart grid model so that it provides better monitoring, protecting and optimizing automatically to operation of the interconnected elements.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.793-805
• /
• 2015

Due to the rise of automotive security problems following automotive safety and the progress of the internet technology leading to a hyper-connected society, guaranteeing the safety of automotive requires security plans in the supply chain assurance and automotive software, and risk management plans for identifying, evaluating, and controlling the risks that may occur from the supply chain since the modern automotive is a Safety Critical system. In this paper, we propose a study on Automotive Supply Chain Risk Management (A-SCRM) procedures by person interested within the automotive Life-Cycle.

• Journal of Korea Multimedia Society
• /
• v.16 no.12
• /
• pp.1413-1426
• /
• 2013

RFID thecnology has been widely adopted by industries for supply chain management. When a product item is manufactured RFID tag is attached to the product item and supply chain management among factories, distributors, retailers and customers needs to handle ownership transfer for the product item carefully. With RFID technology, the secure and efficient ownership transfer protocol is an important issue for the identification of product items and the overall system efficiency on supply chain. Many ownership transfer protocols have been proposed now. They have security problems and use complex operations such as encryption operation and hash function. Lo et al. proposed a protocol using lightweight operations such as shift, addition, XOR, and random number generation[1]. However, this protocol has a security problem in which the secret key between the tag and the new owner is disclosed to the attackers, and it is also weak against the Fraud attack[2]. In this paper, we propose a new ownership transfer protocol using lightweight operations such as shift, addition, and random number generation. This protocol is the modified version of Lo et al.'s protocol and is secure against the security attacks.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.11a
• /
• pp.747-750
• /
• 2011

최근 에너지와 자원 절약 사업의 일원으로 차세대 전력 관리 시스템인 스마트 그리드에 대한 관심이 증가하고 있다. 스마트 그리드는 전력 공급자와 소비자 사이에 통신망을 기반으로 한 양방향 전력 공급 방식을 말한다. 스마트 그리드를 통하여 전력 공급자는 소비자의 전력 사용량에 따른 탄력적인 전력 생산 및 공급이 가능하고, 소비자는 자신의 소비 패턴을 통한 효율적 전력 소비를 할 수 있다. 하지만 사이버 공격에 대한 위협이 높아지면서 공용망을 기반으로 운용되는 스마트 그리드 운용 정보에 대한 보안요구사항이 증가하고 있다. 이에 본 논문에서는 소비자 전력 사용량, 전력 사용 패턴 등의 정보가 송수신되는 지능형검침인프라의 보안 위협을 분석하고, 이를 해결하기 위한 방안을 제안한다.