• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.21 no.2
• /
• pp.15-26
• /
• 2021

Recently, as the introduction of cloud, mobile, and IoT has become active, there is a growing need for technology development that can supplement the limitations of traditional security solutions based on fixed perimeters such as firewalls and Network Access Control (NAC). In response to this, SDP (Software Defined Perimeter) has recently emerged as a new base technology. Unlike existing security technologies, SDP can sets security boundaries (install Gateway S/W) regardless of the location of the protected resources (servers, IoT gateways, etc.) and neutralize most of the network-based hacking attacks that are becoming increasingly sofiscated. In particular, SDP is regarded as a security technology suitable for the cloud and IoT fields. In this study, a new access control system was proposed by combining SDP and hash tree-based large-scale data high-speed signature technology. Through the process authentication function using large-scale data high-speed signature technology, it prevents the threat of unknown malware intruding into the endpoint in advance, and implements a kernel-level security technology that makes it impossible for user-level attacks during the backup and recovery of major data. As a result, endpoint security, which is a weak part of SDP, has been strengthened. The proposed system was developed as a prototype, and the performance test was completed through a test of an authorized testing agency (TTA V&V Test). The SDP-based access control solution is a technology with high potential that can be used in smart car security.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.05a
• /
• pp.125-128
• /
• 2011

This paper describes an efficient hardware implementation of HIGHT block cipher algorithm, which was approved as standard of cryptographic algorithm by KATS(Korean Agency for Technology and Standards) and ISO/IEC. The HIGHT algorithm, which is suitable for ubiquitous computing devices such as a sensor in USN or a RFID tag, encrypts a 64-bit data block with a 128-bit cipher key to make a 64-bit cipher text, and vice versa. For area-efficient and low-power implementation, we optimize round transform block and key scheduler to share hardware resources for encryption and decryption. The HIGHT64 core synthesized using a $0.35-{\mu}m$ CMOS cell library consists of 3,226 gates, and the estimated throughput is 150-Mbps with 80-MHz@2.5-V clock.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.8
• /
• pp.1741-1748
• /
• 2005

In this paper, we describe VLSI design and performance evaluation of OCB-AES crytographic algorithm that simulataneously provides privacy and authenticity. The OCB-AES crytographic algorithm sovles the problems such as long operation time and large hardware of conventional crytographic system, because the conventional system must implement the privancy and authenticity sequentially with seqarated algorithms and hardware. The OCB-AES processor with area-efficient modular offset generator and tag generator is designed using IDEC Samsung 0.35um standard cell library and consists of about 55,700 gates. Its cipher rate is about 930Mbps and the number of clock cycles needed to generate the 128-bit tags for authenticity and integrity is (m+2)${\times}$(Nr+1), where m and Nr represent the number of block for message and number of rounds for AES encryption, respectively. The OCB-AES processor can be applicable to soft cryptographic IP of IEEE 802.11i wireless LAN and Mobile SoC.

• The Journal of Korean Institute of Information Technology
• /
• v.16 no.12
• /
• pp.57-68
• /
• 2018

A system to prevent disasters by collecting and analyzing environmental information such as road surface sedimentation, sinkholes, collapse risk of bridges, temperature and humidity around tram station is continuously monitored by monitoring the condition of road surface when constructing tram which is one of the urban railways. In this paper, we propose a wireless network security management system for tram roads based on LPWA that can recognize risk factors of road surface, bridge and tram station of tram in advance and prevent risk. The proposed system consists of a sensor node that detects the state of the tram road surface, a gateway that collects sensor information, and a safety management system that monitors the safety and environmental conditions of the tram road surface, and applies the low power long distance communication technology. As a result of comparing the proposed system with the LTE system in the field test, it was confirmed that there is no significant difference between the sensor information value and the critical alarm level in the monitoring system.

• Journal of Advanced Marine Engineering and Technology
• /
• v.39 no.7
• /
• pp.744-753
• /
• 2015

This paper presents the results of research on developing marine unified communications to provide VoIP service based on marine satellites. With the recent popularity of smart-phones and other mobile devices, the demand for Internet-based wired and wireless unified technology has been growing in marine environments, and increasing interest is being directed to VoIP products and service models with high price competitiveness and the ability to deliver a variety of services. In this regard, this research designed three instruments, developed their unit modules, and verified their performances. These three instruments included the following: (1) a marine VoIP module equipped with an analogue gateway that can be linked to the existing devices used in vessels, which is more than 80% smaller than that of a land system; (2) a text/voice/video engine for marine satellite communications that runs on technology that minimizes communication data usage, which is a core technology for a marine VoIP service; and (3) a unified communication service that can support multilateral cloud-based message conversations, telephone number-based call functions, and voice/video calling between a private space in a ship and shore.