• Smart Media Journal
• /
• v.11 no.3
• /
• pp.39-53
• /
• 2022

Cloud of Things (CoT) can provide IoT applications with unlimited storage functions and processing power supported by cloud services. However, in a centralized cloud of things, it can create a single point of failure that can lead to bottleneck problems, outages of the CoT network. In this paper, to solve the problem of centralized cloud of things and interoperate between different service domains, we propose an IoT service interoperability system using distributed fog computing and blockchain technology. Distributed fog is used to provide real-time data processing and services in fog systems located at a geographically close distance to IoT devices, and to enable service interoperability between each fog using smart contracts and distributed ledgers of the blockchain. The proposed system provides services within a region close to the distributed fog entrusted with the service from the cloud, and it is possible to access the services of other fogs without going through the cloud even between fogs. In addition, by sharing a service right token issuance information between the cloud and fog nodes using a blockchain network, the integrity of the token can be guaranteed and reliable service interoperability between fog nodes can be performed.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.16 no.1
• /
• pp.24-32
• /
• 2023

The current Private 5G use procedure goes through the step of application examination, use and usage inspection, and can be divided in to application, examination step as a procedure before frequency allocation, and use, usage inspection step as a procedure after frequency allocation. Various types of documents are required to apply for a Private 5G, and due to the document screening process and radio station inspection for using Private 5G frequencies, the procedure for Private 5G applicants to use Private 5G is complicated and takes a considerable amount of time. In this paper, we proposed Frequency Allocation Process for Private 5G using a blockchain platform, which is fast and simplified than the current procedure. Through the use of a blockchain platform and NFT (Non-Fungible Token), reliability and integrity of the data required in the frequency allocation process were secured, and security of frequency usage information was maintained and a reliable Private 5G frequency allocation process was established. Also by applying the RPA system that minimizes human intervention, fairness was secured in the process of allocating Private 5G. Finally, the frequency allocation process of Private 5G based on the Ethereum blockchain was performed though a simulation.

• Journal of Internet of Things and Convergence
• /
• v.9 no.1
• /
• pp.33-39
• /
• 2023

As the number of people with chronic diseases increases due to an aging society, it is urgent to prevent and manage their diseases. Although biometric authentication methods and Telemedicine Systems have been introduced to solve these problems, it is difficult to solve the security problem of medical information and personal authentication. Since smart healthcare includes personal medical information of subjects, the security of personal information is the most important field. Therefore, in this paper, we tried to propose a Telemedicine System using a smart wearable device ECG in the form of a wristband and face personal authentication in a private blockchain environment. This system targets various medical personnel and patients with chronic diseases in all regions, and uses a private blockchain that can increase data integrity and transparency, ECG and face authentication that are difficult to forge and alter and have high personal identification to provide a system with high security and reliability. composed. Through this, it is intended to contribute to increasing the efficiency of chronic disease management by focusing on disease prevention and health management for patients with chronic diseases at home.

• Journal of Internet Computing and Services
• /
• v.24 no.6
• /
• pp.137-144
• /
• 2023

Cyberattack technology is evolving to an unpredictable degree, and it is a situation that can happen 'at any time' rather than 'someday'. Infrastructure that is becoming hyper-connected and global due to cloud computing and the Internet of Things is an environment where cyberattacks can be more damaging than ever, and cyberattacks are still ongoing. Even if damage occurs due to external influences such as cyberattacks or natural disasters, intelligent self-recovery must evolve from a cyber resilience perspective to minimize downtime of cyber assets (OS, WEB, WAS, DB). In this paper, we propose an intelligent self-recovery technology to ensure sustainable cyber resilience when cyber assets fail to function properly due to a cyberattack. The original and updated history of cyber assets is managed in real-time using timeslot design and snapshot backup technology. It is necessary to secure technology that can automatically detect damage situations in conjunction with a commercialized file integrity monitoring program and minimize downtime of cyber assets by analyzing the correlation of backup data to damaged files on an intelligent basis to self-recover to an optimal state. In the future, we plan to research a pilot system that applies the unique functions of self-recovery technology and an operating model that can learn and analyze self-recovery strategies appropriate for cyber assets in damaged states.

• Convergence Security Journal
• /
• v.24 no.1
• /
• pp.51-57
• /
• 2024

Although industrial control systems (ICSs) recently keep evolving with the introduction of Industrial IoT converging information technology (IT) and operational technology (OT), it also leads to a variety of threats and vulnerabilities, which was not experienced in the past ICS with no connection to the external network. Since various control command messages are sent to field devices of the ICS for the purpose of monitoring and controlling the operational processes, it is required to guarantee the message integrity as well as control center authentication. In case of the conventional message integrity codes and signature schemes based on symmetric keys and public keys, respectively, they are not suitable considering the asymmetry between the control center and field devices. Especially, compromised node attacks can be mounted against the symmetric-key-based schemes. In this paper, we propose message authentication scheme based on double hash chains constructed from cryptographic hash function without introducing other primitives, and then propose extension scheme using Merkle tree for multiple uses of the double hash chains. It is shown that the proposed scheme is much more efficient in computational complexity than other conventional schemes.

• Informatization Policy
• /
• v.29 no.1
• /
• pp.24-37
• /
• 2022

Amid rapid changes in the ICT environment attributed to the 4th Industrial Revolution, the development of information & communication technology, and COVID-19, the existing internet developed without considering security, mobility, manageability, QoS, etc. As a result, the structure of the internet has become complicated, and problems such as security, stability, and reliability vulnerabilities continue to occur. In addition, there is a demand for a new concept of the internet that can provide stability and reliability resulting from digital transformation-geared advanced technologies such as artificial intelligence and IoT. Therefore, in order to suggest a way of implementing the Korean future internet that can strengthen cybersecurity, this study suggests the direction and strategy for promoting the future internet that is suitable for the Korean cyber environment through analyzing important key factors in the implementation of the future internet and evaluating the trend and suitability of domestic & foreign research related to future internet. The importance of key factors in the implementation of the future internet proceeds in the order of security, integrity, availability, stability, and confidentiality. Currently, future internet projects are being studied in various ways around the world. Among numerous projects, Bright Internet most adequately satisfies the key elements of future internet implementation and was evaluated as the most suitable technology for Korea's cyber environment. Technical issues as well as strategic and legal issues must be considered in order to promote the Bright Internet as the frontrunner Korean future internet. As for technical issues, it is necessary to adopt SAVA IPv6-NID in selecting the Bright Internet as the standard of Korean future internet and integrated data management at the data center level, and then establish a cooperative system between different countries. As for strategic issues, a secure management system and establishment of institution are needed. Lastly, in the case of legal issues, the requirement of GDPR, which includes compliance with domestic laws such as Korea's revised Data 3 Act, must be fulfilled.

• Journal of KIISE:Computing Practices and Letters
• /
• v.12 no.3
• /
• pp.192-207
• /
• 2006

Today, the SSL protocol has been used as core part in various computing environments or security systems. But, the SSL protocol has several problems, because of the rigidity on operating. First, SSL protocol brings considerable burden to the CPU utilization so that performance of the security service in encryption transaction is lowered because it encrypts all data which is transferred between a server and a client. Second, SSL protocol can be vulnerable for cryptanalysis due to the key in fixed algorithm being used. Third, it is difficult to add and use another new cryptography algorithms. Finally. it is difficult for developers to learn use cryptography API(Application Program Interface) for the SSL protocol. Hence, we need to cover these problems, and, at the same time, we need the secure and comfortable method to operate the SSL protocol and to handle the efficient data. In this paper, we propose the SSL component which is designed and implemented using CBD(Component Based Development) concept to satisfy these requirements. The SSL component provides not only data encryption services like the SSL protocol but also convenient APIs for the developer unfamiliar with security. Further, the SSL component can improve the productivity and give reduce development cost. Because the SSL component can be reused. Also, in case of that new algorithms are added or algorithms are changed, it Is compatible and easy to interlock. SSL Component works the SSL protocol service in application layer. First of all, we take out the requirements, and then, we design and implement the SSL Component, confidentiality and integrity component, which support the SSL component, dependently. These all mentioned components are implemented by EJB, it can provide the efficient data handling when data is encrypted/decrypted by choosing the data. Also, it improves the usability by choosing data and mechanism as user intend. In conclusion, as we test and evaluate these component, SSL component is more usable and efficient than existing SSL protocol, because the increase rate of processing time for SSL component is lower that SSL protocol's.

• KIPS Transactions on Software and Data Engineering
• /
• v.2 no.9
• /
• pp.595-602
• /
• 2013

WiFi fingerprinting is well known as an effective localization technique used for indoor environments. However, this technique requires a large amount of pre-built fingerprint maps over the entire space. Moreover, due to environmental changes, these maps have to be newly built or updated periodically by experts. As a way to avoid this problem, crowd-sourced fingerprint mapping attracts many interests from researchers. This approach supports many volunteer users to share their WiFi fingerprints collected at a specific environment. Therefore, crowd-sourced fingerprinting can automatically update fingerprint maps up-to-date. In most previous systems, however, individual users were asked to enter their positions manually to build their local fingerprint maps. Moreover, the systems do not have any principled mechanism to keep fingerprint maps clean by detecting and filtering out erroneous fingerprints collected from multiple users. In this paper, we present the design of a crowd-sourced fingerprint mapping and localization(CMAL) system. The proposed system can not only automatically build and/or update WiFi fingerprint maps from fingerprint collections provided by multiple smartphone users, but also simultaneously track their positions using the up-to-date maps. The CMAL system consists of multiple clients to work on individual smartphones to collect fingerprints and a central server to maintain a database of fingerprint maps. Each client contains a particle filter-based WiFi SLAM engine, tracking the smartphone user's position and building each local fingerprint map. The server of our system adopts a Gaussian interpolation-based error filtering algorithm to maintain the integrity of fingerprint maps. Through various experiments, we show the high performance of our system.