• The KIPS Transactions:PartC
• /
• v.11C no.1
• /
• pp.31-38
• /
• 2004

In mobile agent environments, migration of an agent occurs continuously due to the mobility of agents. So cascaded delegation can occur among places for delegating the privilege to execute the agent. Because the existing delegation scheme considers only the delegation between two places that participate in migration of an agent, it does not support secure cascaded delegation. In this paper, we propose a cascaded delegation scheme that provides agents with secure cascaded delegation in mobile agent environments. Depending on the trust-relationship among places, the proposed scheme achieves the goal by nesting each delegation token or by nesting only initial token signed by creator of the agent within the signed part of the next immediate delegation token. And we prove that the proposed scheme is secure against the attack of replaying a message and the attack of substituting a delegation token.

• The KIPS Transactions:PartD
• /
• v.14D no.4 s.114
• /
• pp.373-380
• /
• 2007

Ubiquitous electronic commerce can offer anytime, anywhere access to network and exchange convenient informations between individual and group, or between group and group. To use secure ubiquitous electronic commerce, it is essential for users to have digital signature with the properties of integrity and authentication. The digital signature for ubiquitous networks is required neither a trusted group manager, nor a setup procedure, nor a revocation procedure etc. because ubiquitous networks can construct or deconstruct groups anytime, anwhere as occasion demands. Therefore, this paper proposes a threshold ring signature as digital signature for secure ubiquitous electronic commerce using the ring signature without forgery (integrity) and the (n,t) ring signature solving the problem cannot prove the fact which a message is signed by other signer. Thus the proposed threshold ring signature is ubiquitous group signature for the next generation.

• Journal of Korea Society of Industrial Information Systems
• /
• v.13 no.5
• /
• pp.168-177
• /
• 2008

The code propagation is one of the most important technic for software update in wireless sensor networks. This paper presents a new scheme for code propagation using network coding. The proposed code propagation method roughly shows 20$\sim$25% performance improvement according to network environments in terms of the number of data exchange compared with the previously proposed pipelining scheme. As a result, we can efficiently perform the software update from the viewpoint of speed, energy, and network congestion when the proposed code propagation system is applied. In addition, the proposed system solves the overhearing problems of network coding such as the loss of original messages and decoding error using the predefined message. Therefore, our system allows a software update system to exchange reliable data in wireless sensor networks.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.11
• /
• pp.3176-3182
• /
• 2009

The PBNM on MANET is being researched to ensure the reliability and efficiency between mobile nodes. Therefore, it is essential to determine the cluster effectively which will perceive the movements of nodes and distribute the policies. In PBNM mechanism, to determine the node cluster for PDP and manage PEP nodes, Active PDP Discovery Protocol is proposed as a mechanism which is more efficient than preexistent techniques. While k-hop cluster selects the PEP nodes which PDP node manages, Active PDP Discovery actively selects the PDP node among the moving PEP node. This method prevents orphan nodes that are not connected to PDP and reduces continual broadcasting messages. This paper implements Active PDP Discovery which determines cluster in the real networks and analyzes its capability, expanding COPS-PR to detect the movement of nodes and adding MNL to PDP node.

• Journal of Internet Computing and Services
• /
• v.16 no.2
• /
• pp.7-17
• /
• 2015

To provide scalability, wireless sensor network has cluster-based architecture. Wireless sensor network can be implemented based on the IEEE 802.15.4 which is exploited in 2.4GHz ISM frequency band. Since this frequency band is used for various data communication, network status of wireless sensor networks frequently changes according to wireless environment. Thus, wireless channel selection to avoid reduction of transmission efficiency is required. This paper estimates network status using the information that a cluster-head collects in a cluster. Through objective function with throughput, RSSI level and reliability as input parameters, this paper proposes proper wireless channel selection. Simulation results show that the proposed method maintains transmission efficiency even though network status changes.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.4
• /
• pp.692-699
• /
• 2015

Evarything as a Service (XaaS) is a software, platform, infra distribution method which provide users with necessary modules, not entire modules, as a service. To efficiently and securely operate services such as XaaS, it is needed to solve various Internet problems like network congestion, weak security and so on. Future Internet technologies are provided to solve such problems. Specially, named data networking architecture (NDN) proposes that network nodes cache transmitted data, and then they send the cached data if receiving request messages for the cached data. So NDN can efficiently diffuse excessive request messages transmitted toward original contents providers. However, when receiving contents through NDN, receivers can not confirm the practical providers because the practical providers can be different from original contents providers. Hence, it is requested for receivers to verify the received contents and such a verification process can cause service delay of XaaS. In this paper, we improve a content verification scheme of NDN to enhance the performance of services such as XaaS.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.3
• /
• pp.35-45
• /
• 2013

MANET has a weak point because it allows access from not only legal nodes but also illegal nodes. Most of the MANET researches had been focused on attack on routing path or packet forwarding. Nevertheless, there are insuffcient studies on a comprehensive approach to detect various attacks on malicious nodes at packet forwarding processes. In this paper, we propose a technique, named DTecBC (detection technique of malicious node behaviors based on collaboration), which can handle more effciently various types of malicious node attacks on MANET environment. The DTecBC is designed to detect malicious nodes by communication between neighboring nodes, and manage malicious nodes using a maintain table. OPNET tool was used to compare with Watchdog, CONFIDANT, SRRPPnT for verifying effectiveness of our approach. As a result, DTecBC detects various behaviors of malicious nodes more effectively than other techniques.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.4
• /
• pp.593-605
• /
• 2014

In this paper, we propose the efficient HW/SW co-design method of light-weight cryptography such as HIGHT, PRESENT and PRINTcipher using GEZEL. At first the symmetric cryptographic algorithms were designed using the GEZEL language which is efficiently used for HW/SW co-design. And for the improvement of performance the HW optimization theory such as unfolding, retiming and so forth were adapted to the cryptographic HW module conducted by FSMD. Also, the operation modes of those algorithms were implemented using C language in 8051 microprocessor, it can be compatible to various platforms. For providing reliable communication between HW/SW and preventing the time delay the improved handshake protocol was chosen for enhancing the performance of the connection between HW/SW. The improved protocol can process the communication-core and cryptography-core on the HW in parallel so that the messages can be transmitted to SW after HW operation and received from SW during encryption operation.

• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.113-120
• /
• 2006

A node of mobile IPv6 moving foreign networks needs authentication process to support right services against from security threat. AAA is a trust infrastructure that authenticates, authorizes, and accounts nodes receiving a network service. And Mobile IPv6 Working Group recommends use of AAA infrastructure to authenticate mobile nodes. Event though AAA infrastructure provides strong authentication functions, it should exchange a lot of messages to authenticate mobile nodes every movement. The exchange of lots of messages causes latency and it is interfered with realization of real-time communication. This paper proposes an authentication method of improved speed using hash value of mobile node to reduce authentication latency. Directly after movement, a mobile node applying a Proposed method uses extended existing security authentication for a while and deletes the establishment latency of new security authentication. Performance evaluation of a proposed method verifies the efficiency through the analysis of cost comparison with other methods. The conclusion of performance evaluation is that the proposed method gets more 25% performance improvement than a general method when a mobile node moves another subnet.

• Convergence Security Journal
• /
• v.13 no.6
• /
• pp.35-41
• /
• 2013

What is an alternative to medical information security of medical information more secure preservation and safety of various types of security threats should be taken, starting from the software design. Interspersed with medical information systems medical information to be able to integrate the real-time exchange of medical information must be reliable data communication. The software architecture design of medical information systems and sharing of medical information security issues and communication phase allows the user to identify the requirements reflected in the software design. Software framework design, message standard design, design a web-based inter-process communication procedures, access control algorithm design, architecture, writing descriptions, evaluation of various will procedure the establishing architecture. The initial decision is a software architecture design, development, testing, maintenance, ongoing impact. In addition, the project will be based on the decision in detail. Medical information security method based on the design software architecture of today's medical information security has become an important task of the framework will be able to provide.