• Journal of Digital Contents Society
• /
• v.10 no.1
• /
• pp.87-96
• /
• 2009

Digital Broadcast Service is being very popular and the delivery mechanism for digital broadcast content through IP network has progressed constantly, due to the advance of video and audio compression and network technologies. From these trends, in Korea, the commercial IPTV service starts in this year after the law related to IPTV is enacted last year. Since IPTV service, which integrates broadcast and communication services, can give an infrastructure for fusion of communication and interactive multimedia data service, IPTV service is attractive. Recently, by the advent of various wireless connection technologies and the mobile devices of high capability, Mobile IPTV, which has an advantage of not only IPTV but also mobile TV, has gained much interest. In this paper, we review a necessary ingredient for Mobile IPTV in the next generation wired/wireless convergence network environment which consists of heterogeneous wireless access networks. In addition, we propose the scheme for user mobility and service session mobility management using RTSP protocol and introduce the service gateway concept to guarantee the extension of IPTV service platform.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.47 no.6
• /
• pp.49-57
• /
• 2010

In the near future IPTV services will be emerged the various types through Internet, but IMS based IPTV service is one of the very attractive IPTV services. This paper describes the interconnecting architectures of Web based IPTV contents provider to IMS(IP Multimedia System) network and describes the three difference architectures as method to find its IP address. One is the architecture using DNS or HSS to find IP address of Web based IPTV contents provider and connecting gateway function to I-CSCF in IMS. The other is the architecture connecting gateway AS to ISC interface of S-CSCF in IMS. This paper describes the characteristics of traffic generating due to interconnect the Web contents provider, and the traffic model of each architectures. The proposed each architecture is emulated the session establishment delay characteristics in CoD service of IPTV by the simulation. This paper shows that the architecture connecting gateway AS to ISC interface of S-CSCF is the excellent method compare to other two methods in view of the session establishment delay.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.12
• /
• pp.85-92
• /
• 2010

There is an authentication method for participants with an encrypted ID and password as a symmetric-key in multilateral video conferencing. It is hard to manage when the security-keys makes many while the transportation processing for the encryption and decryption get complicated when the video conferencing involves a number of participants and the third party as an attackers to gain unauthorized symmetric-key to access video conference which makes a problem less secrecy. This study suggests three ways to enhance security in video conference: first, we present PKI-based X.509 certificate for authenticating the participants of multilateral conferencing and we suggest to encode and decode the video conference media data using a secrecy key created by each of the conference participants; second, a more secured multilateral video conferencing can be expected in a group communication by using the participants secrecy key in creating and distributing group keys, where the group key will be renewed whenever there is change in the group member; and finally, we suggest to encode the RTP payload of the media data before transmission.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.1
• /
• pp.77-87
• /
• 2008

Recently, many hash-based authentication protocols were presented to guarantee mutual authentication between tag and DB in RFID system. To be suitable for distributed DB environment, one generally uses fixed constant value as a tag ID. However, some existing protocols have security flaws or heavy computational loads in DB in order to search a tag ID. We propose a secure authentication protocol which is suitable for distributed DB environment by using unchangeable tag ID. The storage method of pre-synchronized information in DB at previous session is core idea of our proposal which gives low-cost ID search of DB at next session. In normal synchronization state, our protocol only requires 3 hash operations in tag and DB respectively.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.4
• /
• pp.127-138
• /
• 2006

The IPSec is a basic security mechanism of the IPv6 protocol, which can guarantee an integrity and confidentiality of data that transmit between two corresponding hosts. Also, both data and communication subjects can be authenticated using the IPSec mechanism. However, it is difficult that the IPSec mechanism protects major important network from attacks which transmit mass abnormal IPSec traffic in session-configuration or communication phases. In this paper, we present a design of the security system that can effectively detect and defeat abnormal IPSec traffic, which is encrypted by the ESP extension header, using the IPSec Session and Configuration table without any decryption. This security system is closely based on a multi-tier attack mitigation mechanism which is based on network bandwidth management and aims to counteract DDoS attacks and DoS effects of worm activity.

• Journal of KIISE:Computer Systems and Theory
• /
• v.26 no.8
• /
• pp.918-929
• /
• 1999

동기식 스트림 암호통신 방식을 사용하는 암호통신에서는 암/복호화 과정 수행시 암호통신 과정에서 발생하는 사이클슬립으로 인해 키수열의 동기이탈 현상이 발생되고 이로 인해 오복호된 데이타를 얻게된다. 이러한 위험성을 감소하기 위한 방안으로 현재까지 암호문에 동기신호와 세션키를 주기적으로 삽입하여 동기를 이루는 주기적인 동기암호 통신방식을 사용하여 왔다. 본 논문에서는 CDMA(Cellular Division Multiple Access) 이동망에서 데이타서비스를 제공할 때 사용되는 점대점 프로토콜의 주소영역의 특성을 이용하여 단위 측정시간 동안 측정된 주소비트 정보와 플래그 패턴의 수신률을 이용하여 문턱 값보다 작은경우 동기신호와 세션키를 전송하는 비주기적인 동기방식을 사용하므로써 종래의 주기적인 동기방식으로 인한 전송효율성 저하와 주기적인 상이한 세션키 발생 및 다음 주기까지의 동기이탈 상태의 지속으로 인한 오류확산 등의 단점을 해결하였다. 제안된 알고리즘을 링크계층의 점대점 프로토콜(Point to Point Protocol)을 사용하는 CDMA 이동망에서 동기식 스트림 암호 통신방식에 적용시 동기이탈율 10-7의 환경에서 주기가 1sec인 주기적인 동기방식에서 요구되는 6.45x107비트에 비해 3.84x105비트가 소요됨으로써 전송율측면에서의 성능향상과 오복호율과 오복호 데이타 비트측면에서 성능향상을 얻었다. Abstract In the cipher system using the synchronous stream cipher system, encryption / decryption cause the synchronization loss (of key arrangement) by cycle slip, then it makes incorrect decrypted data. To lessen the risk, we have used a periodic synchronous cipher system which achieve synchronization at fixed timesteps by inserting synchronization signal and session key. In this paper, we solved the problem(fault) like the transfer efficiency drops by a periodic synchronous method, the periodic generations of different session key, and the incorrectness increases by continuing synchronization loss in next time step. They are achieved by the transfer of a non-periodic synchronous signal which carries synchronous signal and session key when it is less than the threshold value, analyzing the address field of point-to-point protocol, using the receiving rate of address bits information and flag patterns in the decision duration, in providing data services by CDMA mobile network. When the proposed algorithm is applied to the synchronous stream cipher system using point-to-point protocol, which is used data link level in CDMA mobile network, it has advanced the result in Rerror and Derror and in transmission rate, by the use of 3.84$\times$105bits, not 6.45$\times$107bits required in periodic synchronous method, having lsec time step, in slip rate 10-7.

• Journal of KIISE:Information Networking
• /
• v.31 no.5
• /
• pp.501-510
• /
• 2004

While the Internet keeps its permeation into every aspect of human life, two things stand out. One is the requirement for high quality of services to support multimedia data service.'The other is the desire for ubiquitous network connection. Combining the two things makes the Internet possible in supporting multimedia communications for nomadic users on the locomotion. To support QoS communication for mobile users by applying RSVP to Mobile IP, RSVP Tunnel, which specifies building separately a RSVP session between the home agent and the foreign agent, was proposed. However, the RSVP Tunnel method breeds bandwidth overhead and association problems in tunnel because of duplicated RSVP messages use. To resolve these problems, in this paper, we propose the new encapsulation method, the RSVP-in-IP Encapsulation (RIPE) that can support QoS guaranteed service efficicntly in Mobile IP networks. The proposed method supports RSVP mobility to Mobile If tunneling mechanism efficiently without any additional session as the RSVP Tunnel scheme. Moreover it removes the critical problems of bandwidth overhead in a tunnel and association by duplicated messages. We compared the performance of our proposed scheme with RSVP Tunnel scheme in term of mean delay, mean data rate and bandwidth overhead in tunnel.

• Journal of Internet Computing and Services
• /
• v.14 no.1
• /
• pp.53-62
• /
• 2013

It is common among users to have multiple computing devices as well as to access their files or do work at different locations. To achieve file consistency as well as mobility in this scenario, an efficient approach for workspace synchronization should be used. However, file synchronization alone cannot guarantee the mobility of work environment which allows activities to be resumed at any place and time. This paper proposes a ubiquitous synchronization approach which provides cloud-based access to a user's workspace. Efficient synchronization is achieved by combining session monitoring with file system management. Experimental results show that the proposed mechanism outperforms Cloud Master-replica Synchronization in terms of number of I/O operations, CPU utilization, as well as the average and maximum latencies in responding to client requests.

• Convergence Security Journal
• /
• v.16 no.5
• /
• pp.41-48
• /
• 2016

In this paper we propose a new method of security visualization, VisFlow, using traffic flows to solve the problems of existing traffic flows based visualization techniques that were a loss of end-to-end semantics of communication, reflection problem by symmetrical address coordinates space, and intuitive loss problem in mass of traffic. VisFlow, a simple and effective security visualization interface, can do a real-time analysis and monitoring the situation in the managed network with visualizing a variety of network behavior not seen in the individual traffic data that can be shaped into patterns. This is a way to increase the intuitiveness and usability by identifying the role of nodes and by visualizing the highlighted or simplified information based on their importance in 2D/3D space. In addition, it monitor the network security situation as a way to increase the informational effectively using the asymmetrical connecting line based on IP addresses between pairs of nodes. Administrator can do a real-time analysis and monitoring the situation in the managed network using VisFlow, it makes to effectively investigate the massive traffic data and is easy to intuitively understand the entire network situation.

• The KIPS Transactions:PartC
• /
• v.14C no.6
• /
• pp.471-474
• /
• 2007

In this paper, we propose a variant of Diffie-Hellman key exchange protocol to provide pre-computable session key and to give another version of Diffie-Hellman key exchange protocol that might be useful in designing more sophisticated cryptographic protocols. We prove the security of the key exchange protocol by reducing DH key exchange protocol to ours.