• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.7
• /
• pp.143-148
• /
• 2020

Recently, web services have been expanded to various areas with the evolution of cloud environment. Whenever a user accesses a web service, the user's log information is stored in the web server. This log information is used as data to analyze the user's web service tendencies and is also used as important data to track the user's system access when a security problem in the system occurs. Currently, most web servers manage user log information in a centralized manner. When user log information is managed in a centralized manner, it is simple in the side of operation, but has a disadvantage of being very vulnerable to external malicious attacks. In the case of centralized management, user log information stored in the web server can be arbitrarily manipulated by external attacks, and in severe cases, the manipulated information can be leaked. In this case, it not only decreases the trust of the web service, but also makes it difficult to trace the source and cause of the attack on the web server. In order to solve these problems, this paper proposes a new method of managing user log information in a cloud environment by applying blockchain technology as an alternative to the existing centralized log management method. The proposed method can manage log information safely from external attacks because user log information is distributed and stored in blockchain on a private network with cloud environment.

• Archives of design research
• /
• v.18 no.1 s.59
• /
• pp.135-144
• /
• 2005

Consumers' awareness of product value, and their product preferences, are becoming increasingly influential in product development, particularly in corporations' efforts in manufacturing products with a competitive edge. Corporations conduct surveys on consumers' product satisfaction and preferences and conduct in-depth studies on consumer needs. They then manufacture products in accordance with the results of these surveys and studies. With the necessity and demand for digital door lock products recently growing, this research sought to explore product competitiveness reinforcement factors that could facilitate market penetration, and to formulate corresponding design strategies. In-depth consumer interviews were also conducted to identify consumer lifestyles and needs. Furthermore, consumer preference images, purchase and use-related patterns, and the status of door lock markets were studied. In the past, to design and manufacture consumer-oriented products, corporations primarily resorted to the improvement of the products' technological features. At present, the users' product preferences and the ways that they use these products are the factors that determine product design. Consumers today tend to adjust their lifestyles according to available products, and prefer products that have greater value in terms of lifestyle and culture. Strategic points for reinforcing competitiveness were presented in this study: first, offering different values that will enhance consumer satisfaction, second, positively developing bio-recognizable methods that will boost consumer preference, third, meeting the consumers' expectations that door lock products should not be mere 'entrance and exit control' systems, but network security systems and fourth, adopting convenient authentication methods backed by advanced technologies.

• Journal of KIISE:Computer Systems and Theory
• /
• v.31 no.1_2
• /
• pp.27-40
• /
• 2004

The OSGi service platform has several characteristics as in the followings. First, the service is deployed in the form of self-installable component called service bundle. Second, the service is dynamic according to its life-cycle and has interactions with other services. Third, the system resources of a home gateway are restricted. Due to these characteristics of a home gateway, there are a lot of rooms for malicious services can be Installed, and further, the nature of service can be changed. It is possible for those service bundles to influence badly on service gateways and users. However, there is no service bundle authentication mechanism considering those characteristics for the home gateway In this paper, we propose a service bundle authentication mechanism considering those characteristics for the home gateway environment. We design the mechanism for sharing a key which transports a service bundle safely in bootstrapping step that recognize and initialize equipments. And we propose the service bundle authentication mechanism based on MAC that use a shared secret created in bootstrapping step. Also we verify the safety of key sharing mechanism and service bundle authentication mechanism using a BAN Logic. This service bundle authentication mechanism Is more efficient than PKI-based service bundle authentication mechanism or RSH protocol in the service platform which has restricted resources such as storage spaces and operations.

• Journal of the Korea Computer Industry Society
• /
• v.5 no.1
• /
• pp.39-48
• /
• 2004

An IP address shortage problem is happening with a rapid propagation of the Internet and demands about a new IP address. Address translation technology as NAT is becoming use widely in order to solve these problems. NAT is an very useful If address translation technique that allows two connected networks to use different and incompatible IP address schemes. Rut it is difficult to use NAT particularly for applications that embeded IP addresses in data payloads or encrypted IP packet to guarantee End-to-End Security such as IPSec. In addition to rewiting the source/destination IP address in the packet, NAT must modify IP checksum every time, which could lead to considerablely performance decrease of the overall system in the process of address translation. RSIP is an alternative to solve these disadvantages and address shortage problems of NAT. Both NAT and RSIP divide networks into inside and outside addressing realms. NAT translates addresses between internal network and external network, but RSIP uses a borrowed external address for outside communications. RSIP server assigns a routable, public address to an RSIP client temporaily to communicate with public network outside the private network. In this paper, I will analyze NAT and RSIP gateway system, and then I will propose the Linux-based RSIP gateway for more efficient IP Address Translation in Intranet environments based on RSIP standard of IETF.

• Korean Security Journal
• /
• no.49
• /
• pp.217-246
• /
• 2016

Most of the North Korean defectors are the socially disadvantaged, and formed the lowest class in South Korean society. Their main objectives are to achieve economic wealth. In this process, North Korean defectors have often committed the crime or have been criminal victims. The purpose of this study was to propose the effective preventive measures after analyzing the actual situation of North Korean defectors in criminal behaviors and criminal damages. This research has studied of the literature on the criminal behavior and the criminal damage by North Korean defectors, utilized the relevant statistical data, cited the news for the relevant cases, and proposed the effective preventive measures of criminal behaviors and criminal damages of North Korean defectors by doing in-depth interviews with personal protection officer First, in order to prevent criminal activity by North Korean defectors, we should uplift the identity as the members of Korean society, systemize the initial adapt education, enlarge the employment protection and the resettlement helper system, manage North Korean defectors according to adaptive type, develop the network, establish the management department for the defectors, strengthen the training of prison inmates, and strengthen the management of unprotected people. Next, in order to prevent the criminal damages of North Korean refugees, we should manage vulnerable North Korean defectors effectively, maintain the liaison between the personal protection officer and North Korean defector, arrange the personal safety measures in advance when traveling abroad, enhance the legal education for usual living in Korean society, and perform the re-education for the female socialization.

• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.41 no.4
• /
• pp.9-21
• /
• 2004

In this paper, we proposed the image hiding method which decreases calculation amount by encrypt partial data using discrete wavelet transform and linear scale quantization which were adopted as the main technique for frequency transform in JPEG2000 standard. Also we used the chaotic system which has smaller calculation amount than other encryption algorithms and then dramatically decreased calculation amount. This method operates encryption process between quantization and entropy coding for preserving compression ratio of images and uses the subband selection method and the random changing method using the chaotic system. For ciphering the quantization index we use a novel image encryption algerian of cyclically shifted in the right or left direction and encrypts two quantization assignment method (Top-down/Reflection code), made change of data less. Also, suggested encryption method to JPEG2000 progressive transmission. The experiments have been performed with the proposed methods implemented in software for about 500 images. consequently, we are sure that the proposed are efficient image encryption methods to acquire the high encryption effect with small amount of encryption. It has been shown that there exits a relation of trade-off between the execution time and the effect of the encryption. It means that the proposed methods can be selectively used according to the application areas. Also, because the proposed methods are performed in the application layer, they are expected to be a good solution for the end-to-end security problem, which is appearing as one of the important problems in the networks with both wired and wireless sections.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.47 no.4
• /
• pp.63-72
• /
• 2010

This paper proposes a new authentication protocol for the LR-WPAN. In order to guarantee the reliability and safety of a protocol, this protocol uses the hierarchical authentication approach. In addition, in order to reduce the impact of the denial of service attack, the proposed protocol performs the authentication between a parent router and a joiner device prior to the authentication between a trust center and the joiner device. Moreover, this protocol reduces the authentication delay by decreasing the number of message exchanges during authentication procedure. This paper evaluates the safety of the proposed protocol by the security analysis and reliability of the proposed protocol by the GNY analysis. This paper also compares the number of message exchanges of the ZigBee authentication protocol and the proposed protocol when denial of service attack occurs to evaluate the resistance of the proposed protocol against the denial of service attack. We also analyze the delay for authentication of the joiner device through the implementation of both protocols. Those results show that the proposed protocol effectively protects networks from the denial of service attack and reduces the time for authenticating the joiner device up to maximum 30% as the number of hops increases.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.22 no.1
• /
• pp.12-21
• /
• 2012

IEEE 802.11 MAC protocol standard, DCF(CSMA/CA), is originally designed to ensure the fair channel access between mobile nodes sharing the local wireless channel. It has been, however, revealed that some misbehavior nodes transmit more data than other nodes through artificial means in hot spot area spreaded rapidly. The misbehavior nodes may modify the internal process of their MAC protocol or interrupt the MAC procedure of normal nodes to achieve more data transmission. This problem has been referred to as a selfish node problem and almost literatures has proposed methods of analyzing the MAC procedures of all mobile nodes to detect the selfish nodes. However, these kinds of protocol analysis methods is not effective at detecting all kinds of selfish nodes enough. This paper address this problem of detecting selfish node using Tsallis-Entropy which is a kind of statistical method. Tsallis-Entropy is a criteria which can show how much is the density or deviation of a probability distribution. The proposed algorithm which operates at a AP node of wireless LAN extracts the probability distribution of data interval time for each node, then compares the one with a threshold value to detect the selfish nodes. To evaluate the performance of proposed algorithm, simulation experiments are performed in various wireless LAN environments (congestion level, how selfish node behaviors, threshold level) using ns2. The simulation results show that the proposed algorithm achieves higher successful detection rate.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.49 no.1
• /
• pp.29-38
• /
• 2012

Due to the rapid development of network environment and wireless communication technology, the distribution of digital video has made easily and the importance of the protection for digital video has been increased. This paper proposes the digital video encryption system based on multiple chaos maps for MPEG-2 video encoding process. The proposed method generates secret hash key of having 128-bit characteristics from hash chain using Tent map as a basic block and generates $8{\times}8$ lattice cipher by applying this hash key to Logistic map and Henon map. The method can reduce the encryption overhead by doing selective XOR operations between $8{\times}8$ lattice cipher and some coefficient of low frequency in DCT block and it provides simple and randomness characteristic because it uses the architecture of combining chaos maps. Experimental results show that PSNR of the proposed method is less than or equal to 12 dB with respect to encrypted video, the time change ratio, compression ratio of the proposed method are 2%, 0.4%, respectively so that it provides good performance in visual security and can be applied in real time.

• Proceedings of the Korea Inteligent Information System Society Conference
• /
• 2002.11a
• /
• pp.363-369
• /
• 2002

가정 내에서의 초고속망 이용이 활성화되면서 가정 내에서의 활동은 매우 다양하고 복잡하며 그에 따른 서비스도 여러 가지 형태가 존재한다. 외부 인터넷망과 연동되는 홈 네트워크의 개념이 생기기 전부터 흠 오토메이션, 홈시큐리티 등의 서비스를 제공하기 위한 고립적인 형태의 망과 서비스 제공 시스템이 있었다. 월드 와이드 웹 서비스를 기본으로 한 인터넷의 폭발적인 활성화와 고속 인터넷망의 확산에 따라 가정 내에서 제공되는 서비스를 인터넷과 연계시키려는 시도가 보편화되었고 가정 내에서 사용되는 독립적인 기기들을 인터넷에 연결하여, 외부의 정보를 이용해서 활용하거나, 가전내의 기기들을 외부에서 액세스할 수 있게 되었다. 이렇게 하여 보다 풍부한 서비스를 제공하고, 사용상의 시간적인 제약을 완화할 수 있다. 예들 들어 인터넷상에서 조리법을 전송받아 전자레인지를 작동할 수 있으며, 외부에서 잘못 켜둔 가스밸브를 잠글 수도 있다. 가정 내에서 wrhd되던 이러한 서비스들은 서로 다른 하드웨어와 통신방법을 사용하고 있어, 이러한 서비스를 통합하여 운영, 관리할 수 있도록 하는 흠 서버의 개념이 대두되었다. 외부 인터넷 망과 연계된 흠 오토메이션, 홈 시큐리티등을 제공할 수 있는 기반이 마련되었고, 가정 내에서 독립적으로 제공되던 서비스들을 단일 홈 서버를 통해서 관리하려는 시도가 진행되었다. 그러나 홈 서버는 개발하는 업체의 보유기술에 따라 중심기능은 약간씩 차이를 보이고 있다. 홈 서버 응용 영역은 전문 지식을 소유한 인력과의 연계가 필요하고, 다양한 서비스 영역 행위가 아주 복잡하기 때문에 이들을 연결해 주는 자치 시스템을 필요로 한다. 또한 홈 서버 서비스 영역에서 정보는 각 영역 전문가가 가진 지식의 전달을 필요로 하기 때문에, 지식을 주고받는 멀티 에이전트의 시스템의 활용 영역으로 적당하다. 멀티 에이전트 시스템은 분산된 환경에서 에이전트간에 에이전트 통신 언어를 사용해서 대화를 하기도 하고, 상호 협력하는 에이전트들로 구성된 시스템을 뜻하며 흠 서버처럼 동적이고 고도의 자치성을 요구하는 영역에 적당하다. 멀티 에이전트 플랫폼으로는 FIPA(Foundation for Intelligent Physical Agents)가 제시한 에이전트 표준 플랫폼이 1997년부터 2000년에 이르기까지, 계속적으로 변화, 발전하고 있다. 본 연구는 FIPA에서 제시하는 플랫폼을 기반으로 홈 서버에 정보가전을 제어하는 에이전트를 두고 외부에서 다른 에이전트가 홈 서버에 위치하는 에이전트와의 통신을 통하기 정보가전을 지능적으로 제어하도록 하였다. 정보가전 에이전트는 가정 내 가전제품을 외부에서 제어하기 위한 에이전트이다. 단순한 관리가 아닌 에이전트로 하여금 지능적으로 가전제품 관리를 하게 한다. 정보가전 에이전트는 홈 서버에서 작동하는 에이전트와 PDA에서 작동하는 에이전트로 구성된다. 정보가전 에이전트는 전력량, 수도 사용량 제어와 가전제품 제어 기능과 보안 관련 서비스를 제공한다. 두 에이전트는 FIPA에서 정의된 규격에 맞게 만들어지기 때문에 FIPA명세서를 따르는 다른 에이전트와 자유로운 통신이 가능하다.