• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.5
• /
• pp.581-591
• /
• 2016

RFID(Radio Frequency IDentification) is a key technology in ubiquitous computing and is expected to be employed in more fields in the near future. Nevertheless, the RFID system is vulnerable to attacks by eavesdropping or altering of the messages transmitted in wireless channels. In 2013, Oh et al. proposed a mutual authentication protocol between a tag and a reader in RFID systems. Their protocol is designed to resist location tracking for privacy protection. However, all tags and readers use only one network-wide key in their protocol and tags are usually vulnerable to physical attacks. We found that their protocol is still vulnerable to tag/reader impersonation attacks and location tracking if an attacker obtains the network-wide key from a tag. In this paper, we propose a security improved authentication protocol for privacy protection in RFID systems. In addition, we demonstrate that the proposed scheme is efficient in terms of computation and communication costs.

• The Journal of the Korea Contents Association
• /
• v.5 no.2
• /
• pp.95-105
• /
• 2005

As a research on PKI is being very popular, the study relating to certificate status validation is being grown with aim to reduce an overhead of the protocol and to provide an efficient operation. The OCSP of the standard protocol related to the study enables applications to determine the revocation state of an identified certificate. However, the OCSP server can not service millions of certificate status validation requests from clients in a second on E-commerce because of the computational time for signature and verification. So, we propose the Real-time Certificate Status Validation Protocol(RCSVP) that has smaller computational time than OCSP. RCSVP server reduce the computational time of certificate status validation using hash function and common secret value. Also RCSVP client does not need the computational time of certificate verification to acquire the public key from an identified certificate. Therefore, the proposed protocol enables server to response millions of certificate status validation requests from clients in a second on E-commerce.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.1
• /
• pp.51-61
• /
• 2011

A smartphone is a mobile phone that offers more advanced computing ability and connectivity than a contemporary basic feature phone. Unlike feature phone, a smartphone allows the user to install and run more advanced applications based on a specific platform. Smartphones run complete operating system software providing a platform for application developers. A smartphone will become the default computing method for many point activities in the not-too-distant future, such as e-mail, online shopping, gaming, and even video entertainment. For smartphone that contains sensitive information and access the Internet, security is a major issue. In the 1980s, security issues were hardly noticed; however, security is a major issue for users today, which includes smart phones. Because security is much more difficult to address once deployment and implementation are underway, it should be considered from the beginning. Recently our government recognized the importance of smartphone security and published several safety tips for using the smartphone. However, theses tips are user-oriented measures. Maintaining the security of a smartphone involves the active participation of the user. Although it is a important users understand and take full advantage of the facilities afforded by smarphone, it is more important developers distribute the secure smartphone application through the market. In this paper we describe some scenarios in which user is invaded his/her privacy by smartphone stolen, lost, misplaced or infected with virus. Then we suggest the security considerations for securing smartphone applications in respect with developers. We also suggest the methods applying domestic encryption algorithms such as SEED, HIGHT and ARIA in developing secure applications. This suggested security considerations may be used by developers as well as users (especially organizations) interested in enhancing security to related security incidents for current and future use of smartphones.

• Journal of Internet Computing and Services
• /
• v.17 no.2
• /
• pp.77-85
• /
• 2016

Internet cookie technology is designed for solving unreliable problem of HTTP's inherent property and notifying user's previous activity to web site's server, so it is useful to provide suitable service for individual user. However, the cookie techniques are becoming more sophisticated such as the third cookie and super cookie. And its included information is applied for advertisement and target marketing strategy, so the problem occurs that user's personal information is collected excessively. However, our law does not recognize the internet cookie as personal information so user cannot know where own internet cookie is stored and applicable. Therefore, in this paper, we explain the internet cookie technology, the privacy invasion and right to be forgotten for solving problem due to the internet cookie. And we analysis the relationship between the information of internet cookie and personal information, and then present the improvement requirement on the law and technology to use internet cookie securely and conveniently.

• Journal of Korean Society of Transportation
• /
• v.35 no.5
• /
• pp.375-384
• /
• 2017

The aim of this study is to develop evaluation indicators for parking environment in residential areas. Recently, lots of local governments in korea are implementing projects for parking environment improvement. However, there are no indicators for parking environment evaluation except for the rate of parking supply by registered cars. So, it is really difficult to prioritize projects and monitor the result of projects. Therefore, this study presents six indicators for parking environment evaluation and its weights using AHP through the survey. The result of this study proposed the assessment model for parking environment based on indicators and it was found that actual data in Incheon can be simulated in reality. And this result also is expected to help monitoring and selecting projects.

• Proceedings of the Korean Vacuum Society Conference
• /
• 2011.02a
• /
• pp.304-304
• /
• 2011

We investigated the effect of different spin direction of anti-ferromagnetic layer on the magnetic properties of ferromagnetic layer in Fe-NiO and Fe-CoO bi-layer systems. For Fe-NiO system, we prepared the clean MgO(001) surface half-covered with 20 nm Ag films as a substrate for magnetic layers. Then we grew NiO wedge layers on the substrate, and added 8 monolayer(ML) Fe layers on the wedge layer. We examined magnetic properties of the bi-layer system using the surface magnetic optical Kerr effect(SMOKE) and X-ray magnetic linear dichroism(XMLD). From SMOKE measurement we observed the coercivity enhancement due to the set-up of anti-ferromagnetic order of NiO films in both of the Fe/NiO/MgO(001) and Fe/NiO/Ag/MgO(001) system. The most remarkable results in our observation is that the coercivity enhancement of Fe/NiO/Ag/MgO(001) is much larger than that of Fe/NiO/MgO(001). XMLD experiments confirmed the out-of-plane spin direction of NiO layers in Fe/NiO/MgO(001) and in-plane spin-direction of NiO layers in Fe/NiO/Ag/MgO(001), and we concluded that the origin of large enhancement of coercivity is due to the strong parallel coupling between Fe layers and NiO layers. We also confirmed that this strong parallel coupling maintained across the thin Ag layer inserted between Fe and NiO layers. For Fe-CoO system, we prepared Fe/CoO/Ag(001) and Fe/CoO/MnO(001) systems and observed much larger coercivity enhancement in Fe/CoO/Ag(001).

• Journal of Internet Computing and Services
• /
• v.17 no.3
• /
• pp.1-10
• /
• 2016

Information and network technology become the rapid development, so various online services supplied by multimedia systems are provided through the Internet. Because of intrinsic open characteristic on Internet, network systems need to provide the data protection and the secure authentication. So various researchers including Das, An, and Li&Hwang proposed the biometric-based user authentication scheme but they has some security weakness. To solve their problem, Li et al. proposed new scheme using fuzzy extraction, but it is weak on off-line password attack, authentication without biometrics, denial-of-service and insider attack. So, we proposed security enhanced user authentication scheme with key agreement to address the security problem of authentication schemes.

• Journal of Information Management
• /
• v.38 no.1
• /
• pp.121-139
• /
• 2007

The advance of science and technology becomes the nerves of the development of economy and industry of our future in the regional level as well as in the national and international level. In Korea, it has been more than 10 years since local governments launched, and they are strategically fostering their specialized regional industries. Both the central government and the regional governments prepare and execute policies to foster specialized regional industries. Though there are many kinds of methods to analyze the outcomes of science and technology of region, in this paper, we measure the outcomes of science and technology of region by applying an informetric analysis on the SCIE papers and USPA patents. To seek for the regional speciality, we analyze the total national outcomes and the regional outcomes of S&T activities in Korea.

• Journal of Internet Computing and Services
• /
• v.9 no.2
• /
• pp.83-88
• /
• 2008

Session initiation protocol (SIP) is an application-layer prolocol to initiate and control multimedia client session. When client ask to use a SIP service, they need to be authenticated in order to get service from the server. Authentication in a SIP application is the process in which a client agent present credentials to another SIP element to establish a session or be granted access to the network service. In 2005, Yang et al. proposed a key exchange and authentication scheme for use in SIP applications, which is based on the Diffie-Hellman protocol. But, Yang et al.'s scheme is not suitable for the hardware-limited client and severs, since it requires the protocol participant to perform significant amount of computations (i.e., four modular exponentiations). Based on this observation. Huang and Wei have recently proposed a new efficient key exchange and authentication scheme thor improves on Yang et al.'s scheme. As for security, Huang and Wei claimed, among others, that their scheme is resistant to offline dictionary attacks. However, the claim turned out to be untrue. In this paper, we show thor Huang and Wei's key exchange and authentication scheme is vulnerable to on offline dictionary attack and forward secrecy.

• Proceedings of the Korean Institute Of Construction Engineering and Management
• /
• autumn
• /
• pp.395-400
• /
• 2001

In construction projects, it is very important to evaluate the performance of works in comparison with the cost and schedule plans. So, on the first of July, 2000, the Ministry of Construction and Transportation announced the EVMS will be applied in public sector soon. However there are still many arguments about how to establish the Performance Measurement Baseline(PMB) and how to evaluate the progress with accuracy. And many people confuse the meaning of EVMS with that of cost and schedule management. So, the purpose of this research is to propose the new useful methods to set up the PMB and to assess the exact progress in consideration of cost, schedule, and float time for successful implementation of EVMS.