• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.10a
• /
• pp.1003-1006
• /
• 2009

Recently, Ubiquitous computing technology is increasing necessity for object recognition and a location tracking technology to meet various applications. The location tracking technology is the fundamental to the Context-Aware of users in Ubiquitous environment and its efficiency has to be improved using IEEE 802.15.4 ZigBee used in current infra such as ubiquitous sensor network. But because the IEEE 802.15.4 ZigBee protocol has limitation to apply location tracking technology such as ToA and TDoA, Zone-based Location Tracking technology using RSSI is needed. In this paper suggests RSSI-based 802.15.4 ZigBee local positioning protocol to support a positioning tracking service in Ubiqutous environment. And Zone-based location tracking system is designed for actual the indoor location tracking service.

• Journal of Digital Convergence
• /
• v.17 no.2
• /
• pp.187-194
• /
• 2019

A security company has been proposed for various healthcare systems. However, there are improvements in order to achieve better efficiency and stability in the various protocols presented. The purpose of this paper is to provide cryptanalysis and solution on Vijayakumar et al.'s secure communication scheme for healthcare system using wearable devices. Especially, it is weak against denial of service attack and it does not provide integrity of the transmitted messages. Thereby, this paper proposes a new secure communication scheme to cope from the problems in Vijayakumar et al.'s scheme. It provides authentication and integrity, which could be the security solution against Vijayakumar et al.'s scheme. Furthermore, it also provides a good computational overhead compared to Vijayakumar et al.'s scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.29-43
• /
• 2019

In recent years, as the network traffic in the WSN(Wireless Sensor Network) has been increased by the growing number of IoT wireless devices, SDWSN(Software-Defined Wireless Sensor Network) and its security that aims a secure SDN(Software-Defined Networking) for efficiently managing network resources in WSN have received much attention. In this paper, we study on how to efficiently and securely design a PUF(Physical Unclonable Function)-assisted group key distribution scheme for the SDWSN environment. Recently, Huang et al. have designed a group key distribution scheme using the strengths of SDN and the physical security features of PUF. However, we observe that Huang et al.'s scheme has weak points that it does not only lack of authentication for the auxiliary controller but also it maintains the redundant synchronization information. In this paper, we securely design an authentication process of the auxiliary controller and improve the vulnerabilities of Huang et al.'s scheme by adding counter strings and random information but deleting the redundant synchronization information.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.613-628
• /
• 2019

In-Vehicle Infotainment provides navigation and various functions through the installation of the application. And infotainment is very important to control the entire vehicle by sending commands to the ECU. Infotainment supports a variety of wireless communication protocols to install and update applications. So Infotainment is becoming an attack surface through wireless communcation protocol for hacker's access. If malicious software is installed in infotainment, it can gain control of the vehicle and send a malicious purpose command to the ECU, affecting the life of the driver. Therefore, measures are needed to verify the security and reliability of infotainment software updates, and security requirements must be derived and verified. It must be developed in accordance with SDL to provide security and reliability, and systematic security requirements must be derived by applying threat modeling. Therefore, this paper conducts threat modeling to derive infotainment update security requirements. Also, the security requirements are mapped to the Common Criteria to provide criteria for updating infotainment software.

• Journal of Software Engineering Society
• /
• v.26 no.1
• /
• pp.1-16
• /
• 2013

Variable length information message is a communication protocol standard in order for computer network systems to provide efficient delivery of information. The variable length information messages were developed for varying and controlling details of information in accordance with message receiver's required information level or information access level. In the previous studies, data compressing techniques have been in use for information message optimization technologies in order to reduce physical sizes of information messages. In optimization technologies for information messages, accuracy of information is considered as the most important factor; therefore, only non-loss compression techniques are applied to the optimization technologies. However, the non-loss compression based information message optimization methods are not efficient in data compression, and these are limited to efficient delivery of information in wireless network environments that have constraint bandwidth. In this paper, we attempt to optimize information in the variable length information messages at message fields in order to reduce physical sizes of messages more efficiently. To demonstrate the efficiency of our approach, we conduct optimization experiments for variable length information messages.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.147-151
• /
• 2014

With the advent of tiny and inexpensive computer systems like Raspberry Pi, it has become possible to construct an experimental environment of MANETs (Mobile Ad hoc Networks) at a relatively low cost. In this paper, we implement a node of MANETs with a Raspberry Pi equipped with two 802.11 wireless LAN cards and dynamic routing software running on it. In an outdoor MANETs environment with moving mobile nodes automatically rebuilding broken routes, we conducted a real-time video streaming experiment over the MANET. The video stream is transmitted from a node with a video camera installed on it to another node through the route established dynamically. Each node is equipped with a display device, with which the current status of the node can be checked out. We also implemented software that automatically collects data stored in each node and analyzes the performance of the MANETs. Through this experiment, we could evaluate the performance of realistic video streaming service in a MANETs environment.

• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.93-99
• /
• 2017

Recently IoT(Internet of Things) service industry has grown very rapidly. In this paper, we investigated the changes in IoT service industry as well as new direction of human life in future global society. Under these changing market conditions, competition has been also changed into global and ecological competition. But compared to the platform initiatives and ecological strategies of global companies, Korean companies' vision of building ecosystems is still unclear. In addition, there is a need of internetworking between mobile and IoT services. IoT security Protocol has weakness of leaking out information from Gateway which connected wire and wireless communication. As such, we investigate the structure of IoT and AI service ecosystem in order to gain strategic implications and insights for the security industry in this paper.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.10a
• /
• pp.139-142
• /
• 2009

RFID(Radio Frequency IDentification) technology is an automatic identification method using radio frequencies between RFID reader which collects the information and tag which transmits the information. RFID technology develops passive RFID which transmit the only ID to active RFID which transmit the additional information such as sensing information. However, ISO/IEC 18000-7 as active RFID standard has a problem which cannot use multiple channel. To solve this problem, we use the 2.4GHz bandwidth technology and we propose the dynamic channel allocation method which can efficiently allot a channel. we show the operation of the dynamic channel allocation method through design and implement with CC2500DK of Taxas Instrument.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.1
• /
• pp.115-119
• /
• 2007

The IPv6 protocol provides the method to automatically generate an address of a node without additional operations of administrators, Before the generated address is used, the duplicate address detection (DAD) mechanism is required in order to verify the address. However, during the process of verification of the address, it is possible for a malicious node to send a message with the address which is identical with the generated address, so the address can be considered as previously used one; although the node properly generates an address, the address cannot be used. In this paper, we present a strong scheme to perform the DAD mechanism based on hash functions in IPv6 networks. Using this scheme, many nodes, which frequently join or separate from wireless networks in public domains like airports, terminals, and conference rooms, can effectively generate and verify an address more than the secure neighbor discovery (SEND) mechanism.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.3
• /
• pp.77-86
• /
• 2006

As a core technology in the ubiquitous environment, RFID (Radio Frequency Identification) technology takes an important role. RFID technology provides various information about objects or surrounding environment by attaching a small electronic tag on the object, thus, it means the remote control recognition technology. However, the problems which never happened before can be generated on the point of security and privacy due to the feature that RFID technology can recognize the object without any physical contact. In order to solve these problems, many studies for the RFID recognition technology are going on the progress. The currently running study is the secure communication channel between database and reader applying the recognition technology in the insecure communication channel between reader and tag. But, the purpose of this paper is to settle a privacy problem, which is insecurity of communication between database and reader channel by suggesting providing a user with authentication protocol in order to give information to an authorized entity.