• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.10
• /
• pp.2750-2759
• /
• 2009

In this paper, we analyze vulnerabilities in a remote authentication protocol using smartcards which was proposed by Bindu et al. and propose an improved scheme. The proposed scheme can prevent from restricted replay attack and denial of service attack by replacing time stamp with random number. In addition, this protocol can guarantee user anonymity by transmitting encrypted user's ID using AES cipher algorithm. The computational load in our protocol is decreased by removing heavy exponentiation operations and user efficiency is enhanced due to addition of password change phase in which a user can freely change his password. Furthermore, we really implement the proposed authentication protocol using a STM smartcard and authentication server. Then we prove the correctness and effectiveness of the proposed remote authentication system.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.1
• /
• pp.89-95
• /
• 2016

In this paper, we propose a locker system that can remotely control and manage locker. The main features of the proposed system are follows. First, connect the locker with server and then open the locker after passing through the certification process in server. Second, locker manager can more systematically manage a locker by using locker management system based on smart phone. Third, provide an instant locker for temporary using lockers to increase the ease of use. Fourth, unlike traditional analog locker, can support better security by using authentication process and log data. Performance evaluation is performed via simulation by making the dummy model. The results of performance evaluation show the proposed system can support efficiently the locker management.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.725-734
• /
• 2016

SCADA(Supervisory Control and Data Acquisition) system is widely used for remote monitoring and control throughout the domestic industry. Due to a recent breach of security on SCADA systems, such as Stuxnet, the need of correctly established secure certification of a control system is growing. Currently, EDSA-CRT (Embedded Device Security Assurance-Communication Robustness Test), which tests the ability to provide core services properly in a normal/abnormal network protocol, is only focused on the testing of IP-based protocols such as IP, ARP, TCP, etc. Thus, in this paper, we propose test requirements for DNP3 protocol based on EDSA-CRT. Our analysis show that the specific test cases provide plentiful evidences that DNP3 should follow based on its functional requirements. As a result, we propose 33 specific test case for DNP3 protocol.

• Journal of Digital Convergence
• /
• v.12 no.3
• /
• pp.237-242
• /
• 2014

Recently, wind energy is expanding to combination of computing to forecast of wind power generation as well as intelligent of wind powerturbine. Wind power is rise and fall depending on weather conditions and difficult to predict the output for efficient power production. Wind power is need to reliably linked technology in order to efficient power generation. In this paper, distributed power generation forecasts to enhance the predicted and actual power generation in order to minimize the difference between the power of distributed power short-term prediction model is designed. The proposed model for prediction of short-term combining the physical models and statistical models were produced in a physical model of the predicted value predicted by the lattice points within the branch prediction to extract the value of a physical model by applying the estimated value of a statistical model for estimating power generation final gas phase produces a predicted value. Also, the proposed model in real-time National Weather Service forecast for medium-term and real-time observations used as input data to perform the short-term prediction models.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.477-480
• /
• 2010

This paper develops a sensor gateway for using Internet for traffic flow control and remote monitoring, it suggest the required protocol with authentication and encryption. The traffic Surveillance and Control System is an important service to the ITS(Intelligent Transportation System). The traffic surveillance and control system's TCP / IP and the Internet network using is may cause damage means accessing from unauthorized users, Subsequent authentication and encryption of data is essential.

• Smart Media Journal
• /
• v.7 no.4
• /
• pp.52-60
• /
• 2018

Energy Management System(EMS) of Microgrid(MG) collects and analyzes data from devices in the microgrid to provide information to operators, users and other systems. In the middle of the process, it is required to securely provide information through both wired and wireless communication networks. In this paper, we design and implement a module that provides encryption and decryption, key management, key distribution, and message authentication functions, thus enabling the development of a system which is safe from the exposure and modulation of data potentially occurrable during data transmission between RTU(Remote Terminal Unit) and EMS. Our method can increase the efficiency of connection and key management for RTU by connecting a virtual device(VD) to RTU.

• Journal of Convergence for Information Technology
• /
• v.8 no.6
• /
• pp.129-134
• /
• 2018

This is about the CCTV hacking which is one of the recently emerging privacy-spilling crime. Recently, the usage of CCTV is being increased, and Black Hat Hackers spill the individual's privacy by hacking it. However, That crime is being increased. However, most users rarely fulfill the security management, and the government's measures are insufficient. Therfore, this research report implies some security technologies including user authentication protocols such as SSH Tunneling and Media Encryption Algorithm. and recently developed technologies including Wookyeong Information Technology's SecuWatcher for CCTV, Norma's CCTV Care App, and MarkAny's Password SAFERTM for CCTV.

• Journal of Digital Convergence
• /
• v.17 no.2
• /
• pp.171-176
• /
• 2019

In modern times, many IoT products are being used as all things and devices are connected to the Internet and IoT products become easily accessible through the network. For the convenience of users, IoT products can be remotely operated automatically without manual operation. Various research and development are underway to improve the convenience of users by using IoT products. However, since only the convenience of the users is pursued, in terms of security, there is a serious problem that exposes the user's personal information. This paper has proposed a method to apply $moir{\acute{e}}$ technology to IoT products in order to improve the performance of security, and a method to increase the safety of IoT products using user face authentication based on shadow $moir{\acute{e}}$ as a $moir{\acute{e}}$ phenomenon method, and the projection $moir{\acute{e}}$. When comparing the existing IoT products and IoT products applied with $moir{\acute{e}}$ technology, IoT products applied with $moir{\acute{e}}$ technology are safer in terms of security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.2
• /
• pp.45-58
• /
• 2001

There are relatively many research results of the validation of the cryptography. But few researches on the validation of cryptography implementations were accomplished. However, developer\`s misunderstanding the crypto-algorithm or a mistake in implementation of the crypto-a1gorithm leads to lose reliability of security products. Therefore, as validation of the crypto-algorithm itself also validation of the implementation is important. The major objective of this paper is to propose Security Products Validation Tool. Our tool validates implementation of the public key algorithm (RSA. KCDSA) and hash algorithm (SHA-1, HAS-170). The validation process is composed of several items and our tool performs validation teats for conformance to related standard.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1057-1068
• /
• 2012

According to advance on vehicle technology, many kinds of ECU(Electronic Control Unit) are equipped inside the vehicle. In-vehicle communication among ECUs is performed through CAN(Controller Area Networks). CAN have high reliability. However, it has many vulnerabilities because there is not any security mechanism for CAN. Recently, many papers proposed attacks of in-vehicle communication by using these vulnerabilities. In this paper, we propose an wireless attack model using a mobile radio communication network. We propose a secure authentication mechanism for in-vehicle network communication that assure confidentiality and integrity of data packets and also protect in-vehicle communication from the replay attack.