• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.12
• /
• pp.7292-7301
• /
• 2014

With the development of IT Info-Communications technology, the vehicle with a combination of wireless-communication technology has resulted in significant research into the convergence of the component of existing traffic with information, electronics and communication technology. Intelligent Vehicle Communication is a Machine-to-Machine (M2M) concept of the Vehicle-to-Vehicle. The Vehicle-to-Infrastructure communication consists of safety and the ease of transportation. Security technologies must precede the effective Intelligent Vehicle Communication Structure, unlike the existing internet environment, where high-speed vehicle communication is with the security threats of a wireless communication environment and can receive unusual vehicle messages. In this paper, the Vehicle Identification number between the V2I and the secure message communication protocol was proposed using hash functions and a time stamp, and the validity of the vehicle was assessed. The proposed system was the performance evaluation section compared to the conventional technique at a rate VPKI aspect showed an approximate 44% reduction. The safety, including authentication, confidentiality, and privacy threats, were analyzed.

• Journal of Digital Convergence
• /
• v.12 no.1
• /
• pp.229-239
• /
• 2014

Smartwork technology, using teleworking, smartwork centers and mobile terminal, provides a flexible work environments without constraints of time and space. Smartwork system to increase the work efficiency has the information protection threats according to their convenience. Thus, in order to build smartwork, it is proper to provide information protection audit to help ensure the information protection. In this paper, we have proposed an infortaion protection audit model at the practical and technical level for building a smartwork environment. We were classified as a terminal, network and server area for information protection, and derived a professional information protection check items. Further, by establishing a smartwork information protection audit time to map ISMS control items, we have proposed an audit model so that it is possible to improve the security and efficiency. It also verified whether the proposed model is suitable or not by doing a survey if deduced audit domain and check items correspond with the purpose of the smartwork information protection audit to auditors and IT specialists. As the result, this study was 97% satisfaction out of 13 check items.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.3
• /
• pp.81-88
• /
• 2020

The Renewable Portfolio Standard(RPS) which is in operated by country for many years is eco-friendly energy business. Although a variety of institute are accessing the RPS, it consists of a centralized system. Also, it shows opacity of data access in user's point of view. And each institutes is possessing their own data collected by themselves. Therefore decentralization and integrated control is demanded. Also, when institutes are attacked, the interruption of RPS can be existed. For resolving this issue, this study proposes the RPS using blockchain. Using the consortium method of blockchain, every institutes has possessing same data inserting REC data in block data, it is resolvable that transparency and security issue as transaction through verification of certain block. Furthermore, in case of one institute is paused by external attack, the role can be replaced by other institutes. This study tried the processing of putting data through ethereum network, therefore it presents the possibility of introducing the blockchain method in RPS.

• Journal of the Korea Convergence Society
• /
• v.7 no.4
• /
• pp.33-38
• /
• 2016

DDoS attack has been continuously utilized that caused the excessively large amount of traffic that network bandwidth or server was unable to deal with paralyzing the service. Most of the people regard NTP as the biggest cause of DDoS. However, according to recently executed DDoS attack, there have been many SSDP attack in the use of amplified technique. According to characteristics of SSDP, there is no connection for making a forgery of source IP address and amplified resources feasible. Therefore, it is frequently used for attack. Especially, as it is mostly used as a protocol for causing DDoS attack on IoT devices that constitute smart home including a wireless router, media server, webcam, smart TV, and network printer. Hereupon, it is anticipated for servers of attacks to gradually increase. This might cause a serious threat to major information of human lives, major government bodies, and company system as well as on IoT devices. This study is intended to identify DDoS attack techniques in the use of weakness of SSDP protocol occurring in IoT devices and attacking scenario and counter-measures on them.

• The Journal of the Korea Contents Association
• /
• v.11 no.7
• /
• pp.60-69
• /
• 2011

As the mobile industry has developed, people have become to pursue more delicate information exchange and close relationships between individuals through it. According to such a request, Social Networking Services have been activated based on short messages. Moreover, in combination with smart phones, the needs for adding location information is recently increasing more and more. Security and Privacy problems, however, are raised because such location information is so sensitive and may be used maliciously by someone else. Especially, storing location information of family members in a public server may become a negative factor to hinder people from utilizing such services. Therefore, this paper proposes a location based SNS service using smart phones for home community that runs on a home server in a house so that relationships between family members at home may be closer and improved through utilizing the service.

• Journal of Korea Multimedia Society
• /
• v.13 no.4
• /
• pp.575-581
• /
• 2010

With widespread use of the Internet and improvements in streaming media and compression technology, digital music, video, and image can be distributed instantaneously across the Internet to end-users. However, most conventional Digital Right Management are often not secure and not fast enough to process the vast amount of data generated by the multimedia applications to meet the real-time constraints. The SVC offers temporal, spatial, and SNR scalability to varying network bandwidth and different application needs. Meanwhile, for many multimedia services, security is an important component to restrict unauthorized content access and distribution. This suggests the need for new cryptography system implementations that can operate at SVC. In this paper, we propose a new scrambling encryption for reserving the characteristic of scalability in MPEG4-SVC. In the base layer, the proposed algorithm is applied and performed the selective scambling. And it encrypts various MVS and intra-mode scrambling in the enhancement layer. In the decryption, it decrypts each encrypted layers by using another encrypted keys. Throughout the experimental results, the proposed algorithms have low complexity in encryption and the robustness of communication errors.

• Journal of Korea Multimedia Society
• /
• v.12 no.5
• /
• pp.644-652
• /
• 2009

New communication environments such as USN, WiBro and RFID have been realized nowadays. Thus, in order to ensure security and privacy protection, various light-weight block ciphers, e.g., mCrypton, HIGHT, SEA and PRESENT, have been proposed. The block cipher mCrypton, which is a light-weight version of Crypton, is a 64-bit block cipher with three key size options (64 bits, 96 bits, 128 bits). In this paper we show that 8-round mCrypton with 128-bit key is vulnerable to related-key rectangle attack. It is the first known cryptanalytic result on mCrypton. We first describe how to construct two related-key truncated differentials on which 7-round related-key rectangle distinguisher is based and then exploit it to attack 8-round mCrypton. This attack requires $2^{45.5}$dada and $2^{45.5}$time complexities which is faster than exhaustive key search.

• Journal of KIISE:Information Networking
• /
• v.35 no.4
• /
• pp.311-317
• /
• 2008

This paper proposes a session key exchange scheme for providing secure communication between Vehicles and Infrastructure in VANET. In the current VANET environment, IEEE 802.11i or PKI based mechanism is used to provide secure communication between V2I. However, since the vehicles and the frequent changes of network topology, VANET nodes have some difficulties to exchange the session key using IEEE 802.11i or PKI method. In the proposed scheme, Local Router is newly defined for exchanging the session key between moving vehicles and infrastructure. A session key is generated by XOR operation based on the random values between Local Router and OBU. As a result, the proposed scheme has a noticeable advantage on the fastness of key exchange by exchanging session keys between LR and OBU.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.5C
• /
• pp.737-749
• /
• 2004

Kerberos authenticates clients using symmetric-key cryptography, and supposed to Oust other systems of the realm in distributed network environment. But, authentication and authorization are essential elements for the security. In this paper, we design an efficient and secure authentication/authorization mechanism by introducing the public/private-key and installing the proxy privilege server to Kerberos. In the proposed mechanism, to make a system more secure, the value of the session key is changed everytime using MAC(message authentication code) algorithm with the long-term key for user-authentication and a random number exchanged through the public key. Also, we reduce the number of keys by simplifying authentication steps. Proxy privilege server certifies privilege request of client and issues a privilege attribute certificate. Application server executes privilege request of client which is included a privilege attribute certificate. Also, a privilege attribute certificate is used in delegation. We design an efficient and secure authentication/authorization algorithm with Kerberos.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.41 no.4
• /
• pp.1-10
• /
• 2004

In NGNs(Next Generation Networks), It is necessary for Integrated management of resource and information to satisfy high-quality users'demands, such as stable speed, guarantee of high level service and service requirement in various fields. In relation to this, technology for efficiently using limited resources is becoming interesting things more and more. Therefore policy of network service is dealt essentially. Recently, DEN(Directory Enabled Network)-based personalization service is user-dependent services in NGNs, and integrated management and efficient use of limited resources. Also, PBNM(Policy-Based Network Management) is new technology defined and applied by policies of communication service environments and users on demand. Subsequently to study on how to optimizing the PBNM is of great importance. In this paper, we propose a technology of the PBNM based on DEN standardized in DMTF(Distributed Management Task Force).