• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.4
• /
• pp.677-684
• /
• 2017

Smart devices are used in a variety of industries, because applications for them are easy to develop and portable. However, industrial equipment can cause security problems for information and accidents when controlling the actuator of the equipment at a remote location. In this paper, we studied methods of solving these problems and the advantages of applying smart control systems to industrial equipment. We propose a manual manipulation method using queries and a smart control access procedure for controlling equipment using a smart device. In addition, we propose a data transmission method employing multiple encryption protocols and a user authentication method using unique information from the smart device and Q & A as the communication data protection and user authentication methods, respectively. In order to evaluate its performance, an operation test of the smart control system and user authentication comparison experiment were performed. In order to understand the advantages of applying the smart control system to the equipment, we conducted a comparative experiment with a teach pendant and evaluated its reaction time in case of error.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.4B
• /
• pp.377-386
• /
• 2009

IPTV technology for providing multimedia content with high-speed is the network which combines existing network, multimedia and internet technology etc. But internet, broadcasting and web technologies which is now being used is not optimized to IPTV because the security problem between user who gets content service through mobile units and content server is not guaranteed. This paper proposes user certification mechanism between mobile device and content server to receive the service which the user for the content chooses by mobile device safely. The proposed mechanism uses the random number which user creates and certification token for preventing illegal user who uses other's service that already paid. Also the proposed protocol encrypts the delicate data like user's information or profile using shared-key between java card attached on user's mobile device and grant sewer and then prevents reply attack which happens often in wireless section and man-in-the-middle attack by MAC.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.2
• /
• pp.229-236
• /
• 2019

IOT middleware is required to play a pivotal role in interpreting, managing, and controlling data information of Internet devices (sensors, etc.). In particular, the root industry has different process flows for different industries, and there are various data processing requirements for each company. Therefore, a general purpose IOT middleware is needed to accommodate this. The IOT middleware structure proposed by this paper is a plug-in that can be used as an engine part for middleware basic processes such as communication, data collection, processing and service linkage, We propose a flexible and effective smart process for root industry. In addition, we propose a method to strengthen prevention and security against tampering, deodorization, etc. through encryption of network data between middleware plug - in and related service layer. We propose a system that will be developed as an IOT middleware platform that is specialized in the root industry so that it can be extended in various network protocols such as MQTT, COAP, XAMP.

• Journal of Convergence for Information Technology
• /
• v.9 no.10
• /
• pp.9-15
• /
• 2019

Recently, in the field of next-generation e-commerce and finance, interest in blockchain-based technologies such as Bitcoin and Ethereum is great. Although the security of blockchain technology is known to be secure, hacking incidents / accidents related to cryptocurrencies are being issued. The main causes were vulnerabilities in the external environment, such as taking over login sessions on cryptocurrency wallets, exposing private keys due to malware infection, and using simple passwords. However, private key management recommends general methods such as utilizing a dedicated application or local backup and physical archiving through document printing. In this paper, we propose a white box password-based private key protection scheme. As a result of safety and performance analysis, we strengthened the security against vulnerability of private key exposure and proved the processing efficiency of existing protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.6
• /
• pp.71-80
• /
• 2002

To provide the confidentiality of messages transmitted over the network, the use of cryptographic system is increasing gradually and the hybrid cryptosystem, which combines the advantages of the symmetric cryptosystem and the public key cryptosystem is widely used. In this paper, we proposes a new hybrid cryptosystem capable of providing implicit authentication for the sender of the ciphertext by means of the 1-pass key distribution protocol that offers implicit key authentication, hash function and symmetric cryptosystem. Also, we describe some examples such as the Diffie-Hellman based system and the Nyberg-Ruppel based system. The proposed hybrid cryptosystem is an efficient more than general public key cryptosystems in the aspect of computation work and provides implicit authentication for the sender without additional increase of the communication overhead.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1283-1292
• /
• 2012

As delivery services market has grown the damage cases are also continuously increased. When using delivery services, Customers would not be compensated in any way. Perhaps worse, losing a cargo would create a great deal of trouble. Because the lack of evidence, they takes a lot of time to clarify who is responsible. To prevent these things, we must create, collect, maintain and confirm. In this paper, we introduce new delivery system with a trusted third party for non-repudiation services. Moreover, in damage case, we show that the proposed system is efficient and provide non-repudiation. Using sending and receiving codes, the proposed system identifies a responsible subject with quickness and clearness.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.5
• /
• pp.701-708
• /
• 2021

In this paper, I investigate the performances of the discovery and the message transmission of the DDS (Data Distribution Service) included the security function. The DDS serves the communication protocol, a publication- subscription method, for the real-time communication in the distributed system. The publication-subscription method is used in the various area in terms of defence, traffic and medical due to the strength such as a performance, scailability and availability. Nowadays, many communication standard has included and re-defined the security function to prepare from dramatically increased a threat of the security, the DDS also publishes the standard included the security function. But it had been not researched that the effect of increased a overhead for legacy systems due to the using of the security DDS function. The experimental results show that the comparative performance of legacy DDS and security DDS in terms of the discovery and the message transmission.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.737-750
• /
• 2022

The demands of Unmanned Aerial Vehicles (UAVs) are growing very rapidly with the era of the 4th industrial revolution. As the technology of the UAV improved with the development of artificial intelligence and semiconductor technology, it began to be used in various civilian fields such as hobbies, bridge inspections, etc from being used for special purposes such as military use. MAVLink (Macro Air Vehicle Link), which started as an open source project, is the most widely used communication protocol between UAV and ground control station. However, MAVLink does not include any security features such as encryption/decryption mechanism, so it is vulnerable to various security threats. Therefore, in this study, the block cipher is implemented in UAV to ensure confidentiality, and the results of the encryption and decryption performance evaluation in the UAV according to various implementation methods are analyzed. In addition, we proposed the security requirements in accordance with Common Criteria, which is an international recognized ISO standard.

• The Journal of the Convergence on Culture Technology
• /
• v.9 no.4
• /
• pp.699-706
• /
• 2023

Recently, the 4 generation industry revolution is developed with advanced and combined with a variety of new technologies. Conventional healthcare system is applied with IoT application. It provides many advantages with mobility and swift data transfers to patient and doctor. In despite of these kinds of advantages, it occurred security issues between basic devices and protocols in their applications. Especially, internet of things have restricted and limited resources such as small memory capacity, low capability of computing power, etc. Therefore, we can not utilize conventional mechanism. In this paper, we analyzed attacks and vulnerability in terms of security issues. To analyze security structure, features, demands and requirements, we solve the methods to be reduced security issues.

• Journal of the Korean Society for information Management
• /
• v.19 no.1
• /
• pp.23-46
• /
• 2002

With explosively increasing digital contents, library and Information center should have a new role between knowledge providers and knowledge users as information brokering organization. Electronic transaction system should be required for performing this brokering service since economic value is added to information and knowledge in information society. The developments and changes around library are keeping up with increasing building digital library and digitalizing printed sources. With the rapidly changing circumstances, the Internet is currently witnessing an explosive growth. By serving as a virtual information resource. the Internet can dramatically change the way business is conducted and Information is provided. However because of features o( the Internet like openness and information sharing, it has fundamental vulnerabilities in security issues. For Instance, disclosure of private information and line eavesdropping such as password, banking account, transaction data on network and so on are primary obstruction factors to activation of digital contents delivery on network. For high network security and authentication, this paper looks at smart card technologies and proposes multi-authentication protocol based on smart card on open network, implements and analyzes it.