• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.5C
• /
• pp.410-419
• /
• 2012

This paper proposes a secure and efficient anonymous authentication scheme for health information push service based on indoor location in hospital. The proposed scheme has the following benefits: (1)It is just based on a secure one-way hash function for avoiding complex computations for both health care operations users and health care centers. (2)It does not require sensitive verification table which may cause health care centers to become an attractive target for numerous attacks(e.g., insertion attacks and stolen-verifier attacks), (3)It provides higher security level (e.g., secure mutual authentication and key establishment, confidential communication, user's privacy, simple key management, and session key independence). As result, the proposed scheme is very suitable for various location-based medical information service environments using lightweight-device(e.g., smartphone) because of very low computation overload on the part of both health care operations users and health care centers.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.04a
• /
• pp.874-876
• /
• 2002

의무분리 정책의 목적은 정보의 무결성을 필요로 하는 연산들을 여러 역할이나 사용자에게 분산시킴으로써 조직 내에서 관리하는 정보의 무결성 침해 가능성을 최소화하는 것이며, 이는 기업 환경에서 중요한 보안 요구사항이다. 역할기반 접근제어는 응용에 따라 보호 객체들에 대한 역할들로 분류하여 단순한 권한 관리를 제공하며 ,의무분리 정책을 시행하기에 적합하여 기존의 강제적 접근제어나 임의적 접근제어에 대한 대안으로 의무분리와 관련하여 다양한 기법들이 제시되었다. 그러나 역할 수준의 의무분리는 역할에 할당된 과업들을 상호 배타적인 작업의 수행에 관련되지 않은 과업도 모두 배제시키게 되어 과업 실행의 유연성이 떨어지게 되므로 상호 배타적인 작인을 수행하는 과업들에 할당된 최소의 권한을 배제시키는 것이 합리적이다. 본 논문은 기업 환경에 적합한 과업-역할기반 접근제어 모델을 기초로 하여 과업의 특성에 따라 분류된 유형별로 과업 수준의 동적 의무분리를 적용하는 기법을 제시한다. 특히 실제 사용자가 병렬적으로 수행하는 워크플로우와 다중 세션 환경에서 상호 배타적인 과업들과 과업 인스턴스들에도 적용이 가능만 세션기반의 동적 의무분리 기법을 제시한다 이때 기존의 동일 사용자에 의한 동적 의무분리 적용을 공모가 가능한 사용자들에 의해 생성된 다중 세션들간의 동적 의무분리를 제시함으로써 의무분리의 목적을 만족시킨다.

• Journal of Convergence for Information Technology
• /
• v.9 no.6
• /
• pp.13-18
• /
• 2019

This paper proposes efficient and secure two-way authentication protocol for binding update messages between mobile devices and home agents / correspondent nodes in IoT and Mobile IPv6 (MIPv6) environments with limited computing power and resources. Based on the MIPv6 message exchange, the proposed protocol satisfies both the authentication and the public key exchange optimized for both sides of the communication with minimum modification. In the future, we will carry out a performance analysis study by implementing the proposed protocol in detail.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.10 no.2
• /
• pp.79-92
• /
• 2000

기업환경에서 정보의 무결성은 중요한 보안 요구사항이다 의무분리 정책의 목적은 정보의 무결성을 필요로 하는 연산들을 여러 역할이나 사용자에게 분산시킴으로써 조직 내에서 관리하는 무결성 침해 가능성을 최소화하는 것이며 이것은 상업적 응용분야에서 중요하다. 전통적인 임의적 접근제어와 강제적 접근제어 정책의 대안인 역할 기반의 접근제어 기법은 응용에 따라 보호 객체들에 대한 접근을 역할들로 분류하여 단순한 권한 관리를 제공하며 의무분리 정책을 시행하기에 적합하다. 본 논문에서는 역할 기반의 접근제어에서 기존의 의무분리 안전성 조건의 취약성을 보완하여 응용 프로그램의 실행단위인 클래스에 기반한 개선된 동적 의무분리 기법을 제안하고 상호 배타적인 부트랜잭션들을 포함하고 있는 중첩-트랜잭션을 대상으로 이를 적용한다. 또한 여러 작업들이 동시에 실행되는 환경에서 감염된 트로이언 목마에 의해 발생될수 있는 정보의 유출 문제를 해결하고자 작업간 정보의 비밀성을 보장하는 동적의무분리 모델을 제시한다. 제안한 모델은 기존의 무결성 보장을 위해 제시되었던 Clark-Wilson 모델과 다른 의무분리 모델에 비해 관리가 용이하며, 동적으로 유지 관리되어야 하는 데이터의 양이 적고 객체 접근 확인 절차가 단순하여 구현방법이 용이한 장점이 있다 그리고 기존 의무분리 모델에서 고려되지 않은 병렬 수행 환경에서 작업 사이의 정보 유출 문제를 해결한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.3
• /
• pp.737-744
• /
• 2010

The use of RFID recently tends to increase and is expected to expand all over the industry and life. However, RFID is much vulnerable to the malign threats such as eavesdropping, replay attack, spoofing attack, location tracking in the process of authentication. In particular, it is difficult to apply authentication protocol used in the other previous system to low-priced RFID tag. After all, this paper suggests the scheme of efficient authentication protocol for RFID privacy protection. Compared to the previous scheme, suggested scheme reinforces the checking process of transmission data and is secure from eavesdropping and spoofing attack. It minimizes the operation work of the tag and is very useful to apply to the low-priced tag. It also has the merit to confirm the efficiency of communication by reducing the communication rounds.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.10
• /
• pp.121-129
• /
• 2011

In wireless sensor networks, a compromised sensor node can inject false data during data aggregation. Existing solutions of securing data aggregation require high communication cost in securing data aggregation. In this paper, we propose a monitoring-based secure data aggregation protocol that minimizes communication cost of identifying the location of false data injection attacks. The main idea is that when monitoring nodes find an injected false data, their reporting messages along with Message Authentication Codes (MACs) are summarized in a single message before sending it to the Base Station (BS). Then the BS identifies the attacking node. The simulation shows that energy consumption of the proposed protocol with short and normal concatenations of MACs are 45% and 36% lower than that of an existing protocol, respectively.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.23 no.6
• /
• pp.61-67
• /
• 2023

The rise of 5G and the proliferation of smart devices have underscored the significance of multi-access edge computing (MEC). Amidst this trend, interest in effectively processing computation-intensive and latency-sensitive applications has increased. This study investigated a novel task offloading strategy considering the probabilistic MEC environment to address these challenges. Initially, we considered the frequency of dynamic task requests and the unstable conditions of wireless channels to propose a method for minimizing vehicle power consumption and latency. Subsequently, our research delved into a deep reinforcement learning (DRL) based offloading technique, offering a way to achieve equilibrium between local computation and offloading transmission power. We analyzed the power consumption and queuing latency of vehicles using the deep deterministic policy gradient (DDPG) and deep Q-network (DQN) techniques. Finally, we derived and validated the optimal performance enhancement strategy in a vehicle based MEC environment.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.45 no.2
• /
• pp.1-9
• /
• 2008

As the security requirements of mobile phones have been increasing, there have been extensive researches using one biometric feature (e.g., an iris, a fingerprint, or a face image) for authentication. Due to the limitation of uni-modal biometrics, we propose a method that combines face and iris images in order to improve accuracy in mobile environments. This paper presents four advantages and contributions over previous research. First, in order to capture both face and iris image at fast speed and simultaneously, we use a built-in conventional mega pixel camera in mobile phone, which is revised to capture the NIR (Near-InfraRed) face and iris image. Second, in order to increase the authentication accuracy of face and iris, we propose a score level fusion method based on SVM (Support Vector Machine). Third, to reduce the classification complexities of SVM and intra-variation of face and iris data, we normalize the input face and iris data, respectively. For face, a NIR illuminator and NIR passing filter on camera are used to reduce the illumination variance caused by environmental visible lighting and the consequent saturated region in face by the NIR illuminator is normalized by low processing logarithmic algorithm considering mobile phone. For iris, image transform into polar coordinate and iris code shifting are used for obtaining robust identification accuracy irrespective of image capturing condition. Fourth, to increase the processing speed on mobile phone, we use integer based face and iris authentication algorithms. Experimental results were tested with face and iris images by mega-pixel camera of mobile phone. It showed that the authentication accuracy using SVM was better than those of uni-modal (face or iris), SUM, MAX, NIN and weighted SUM rules.