• Journal of the Korea Convergence Society
• /
• v.9 no.12
• /
• pp.61-68
• /
• 2018

As the smartphone and mobile environment develop, the time and space constraints for individual work performance are disappearing. Companies can reduce costs and expand their business quickly through cloud computing. As the use of various cloud expands, the boundaries of users, data, and applications are disappearing. Traditional security approaches based on boundaries (Perimeter) are losing their utility in the cloud environment. This paper describes the limitations of existing network access control (NAC) in a cloud environment and suggests network security technology that complements it. The study explains the SDP and combines SDP(Software Defined Perimeter) to overcome the limitations of NAC, while at the same time explaining its role as a new framework for supporting the cloud environment. The new framework proposed in this paper suggests a software-based network security solution that supports physical and software parts, providing identity-based access control, encrypted segment management, and dynamic policy management, not IP-based.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.729-738
• /
• 2019

In this paper, we propose two-way authentication protocol between unmanned systems in tactical wireless networks in which long distance communications are not guaranteed due to a poor channel conditions. It is assumed that every unmanned systems have same random data set before they put into combat. The proposed protocol generates authentication code(AC) using random data that causes hash collision. The requester for authentication encrypts the materials such as their identifier, time-stamp, authentication code with the secret key. After then the requester transmits the encrypted message to the receiver. The receiver authenticates the requester by verifying the authentication code included in the request message. The performance analysis of the proposed protocol shows that it guarantees the security for various attack scenarios and efficiency in terms of communication overhead and computational cost. Furthermore, we analyzed the effect of the parameter values of the proposed protocol on the performance and suggest appropriate parameter value selection guide according to the level of security requirement.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.719-728
• /
• 2019

Recently, there has been a growing market for shared mobility businesses that share 'transport' such as cars and bikes, and many operators offer a variety of services. However, if the fare can not be charged normally because of security vulnerability, the operator can not continue the business. So there should be no security loopholes. However, there is a lack of awareness and research on shared mobility security. In this paper, we analyzed security vulnerabilities exposed in application log of shared bike service in Korea. We could easily obtain the password of the bike lock and the encryption key of the AES-128 algorithm through the log, and confirmed the data generation process for unlocking using software reverse engineering. It is shown that the service can be used without charge with a success rate of 100%. This implies that the importance of security in shared mobility business and new security measures are needed.

• The Korean Journal of Archival Studies
• /
• no.52
• /
• pp.277-313
• /
• 2017

With the enactment of regulations on confidential records management, the management of confidential records has become more important than ever. However, there remains no management method in the field of records management that takes the feature and values of confidential records into consideration. For this, this study processed electronically confidential records managed in a non-electronic environment. In addition, we developed a system that will allow public institutions to manage confidential records independently, that will prevent loss of information because of loss of or damage to the confidential records, and that can be used conveniently in the digital security environment of authorized users to establish a foundation for commercial management. In this study, we analyzed the system configuration requirements according to the international standard for the records management of a confidential records management system and system-related issues such as system design based on the analyzed requirements, system security and encryption, and metadata, the overall process of establishing and outputting secret management records and standard management.

• Convergence Security Journal
• /
• v.18 no.5_2
• /
• pp.21-27
• /
• 2018

Most of the Internet users in Korea are issued certificates and use them for various tasks. For this reason, it is recommended that accredited certification authorities and security related companies and use public certificates on USB memory and portable storage devices rather than on the user's desktop. Despite these efforts, the hacking of the certificate has been continuously occurring and the financial damage has been continuing. Also, for security reasons, our military has disabled USB to general military users. Therefore, this study proposes a two-factor method using the unique information of the USB memory and the PC which is owned by the user, and suggests a method of managing the private key file secure to the general user. Furthermore, it will be applied to national defense to contribute to the prevention of important data and prevention of access by unauthorized persons.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.4
• /
• pp.37-48
• /
• 1999

Current encryption methods have been applied to secure communication using discrete chaotic system whose output is a noise-like signal which differs from the conventional encryption methods that employ algebra and number theory[1-2] We propose an optical encryption method that transforms the primary pattern into the image pattern of discrete chaotic function first a primary pattern is encoded using permutation algorithm, In the proposed system we suggest the permutation algorithm using the output of key steam generator and its security level is analyzed. In this paper we worked out problem of the application about few discrete chaos function through a permutation algorithm and enhanced the security level. Experimental results with image signal demonstrate the proper of the implemented optical encryption system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.31-45
• /
• 2004

Public Key Infrastructure(PKI) provides a strong authentication. Privilege Management Infrastructure(PMI) as a new technology can provide user's attribute information. The main function of PMI is to give more specified authority and role to user. To authenticate net and role, we have used digital signature. Role Based Access Control(RBAC) is implemented by digital signature. RBAC provides some flexibility for security management. NEIS(National Education Information System) can not always provide satisfied quality of security management. The main idea of the proposed RNEIS(Roll Based NEIS) is that user's role is stored in AC, access control decisions are driven by authentication policy and role. Security manager enables user to refer to the role stored in user's AC, admits access control and suggests DB encryption by digital signature.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.1
• /
• pp.67-75
• /
• 2008

RFID(Radio Frequency Identification) system is an automated identification system that consists of tags and readers. They communicate with each other by RF signal. As a reader can identify many tags in contactless manner using RF signal, RFID system is expected to do a new technology to substitute a bar-code system. But RFID system creates new threats to the security and privacy of individuals, Because tags and readers communicate with each other in insecure channel using RF signal. So many people are trying to study various manners to solve privacy problems against attacks, but it is difficult to apply to RFID system based on low-cost Gen2. Therefore, We will propose a new encryption scheme using matrix based on Gen2 in RFID system in paper, and We will analyze our encryption scheme in view of the security and efficiency through a simulation and investigate application environments to use our encryption scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.2
• /
• pp.33-43
• /
• 2006

In order to provide the efficient personalized services, the organizations and the companies collect and manage the personal information. However, there have been increasing privacy concerns since the personal information might be misused and spread over in public by the database administrators or the information users. Even in the systems in which organizations or companies control access to personal information according to their access policy in order to protect personal information, it is not easy to fully reflect the information subjects' intention on the access control to their own Personal information. This paper proposes a policy-based access control mechanism for the personal information which prevents unauthorized information users from illegally accessing the personal information and enables the information subjects to control access over their own information. In the proposed mechanism, the individuals' personal information which is encrypted with different keys is stored into the directory repository. For the access control, information subjects set up their own access control policy for their personal information and the policies are used to provide legal information users with the access keys.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.47-58
• /
• 2011

Recently, there are several technologies for protecting information in the lightweight device, One of them, the AES[1] algorithm and CRT mode, is used for numerous services(e,g, OMA DRM, VoIP, IPTV) as encryption technique for preserving confidentiality. Although it is possible that the AES algorithm CRT mode can parallel process transmitting data, IPTV Set-top Box or Mobile Device that uses these streaming service has limited computation-ability. So optimizing crypto algorithm and enhancing its efficiency for those environment have become an important issue. In this paper, we propose implementation method that can improve efficiency of the AES-CRT Mode by improving algorithm logics. Moreover, we prove the performance of our proposal on the mobile device which has limited capability.