• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.11a
• /
• pp.1177-1179
• /
• 2010

RFID는 태그가 부착된 사물의 정보를 무선통신을 통해 인식하는 기술로써 바코드를 대체하는 등 다양한 영역으로 응용 범위가 확대되고 있다. 따라서 각 응용에 필요한 보안 문제도 중요시 되고 있다. 본 논문에서는 지금까지 RFID시스템의 보안 취약성을 해결하기 위해 제안된 많은 인증 프로토콜들 중 한국정보통신기술협회에서 제정한 잠정표준인 "수동형 RFID 보안태그와 리더의 인증 및 데이터 보호 프로토콜"에 대하여 프라이버시 침해, 위치추적, 비동기화 공격 가능 및 전방향 안전성을 만족하지 못하는 등의 보안 취약점이 있음을 보이고, 이에 대한 분석을 하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.789-792
• /
• 2011

RFID(Radio Frequency Identification) 시스템은 비접촉식 무선 인식 기술로 유통 및 물류, 환경, 교통, 보안 분야 등 산업 전반에 걸쳐 다양하게 활용되고 있다. 그러나 태그의 정보가 전송과정에서 무선특성에 따른 과도한 정보 노출과 사용자의 위치정보 추적 등 심각한 프라이버시 침해를 유발시킨다. 본 논문에서는 해쉬된 ID 와 스트림 암호 알고리즘을 이용한 OTP 를 활용하여 리더와 태그간 상호인증을 제공하는 프로토콜을 제안한다. 제안된 프로토콜의 OTP 생성에 사용된 NLM-128 알고리즘은 $2^{128}$ 비도 수준(Security level)을 갖는 스트림 암호로써, 안전성 및 구현 용이성 등의 특징을 가지며 RFID/USN 등의 저전력, 제한된 메모리 및 컴퓨팅 사양에서 적용하기 용이한 알고리즘이다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.392-393
• /
• 2022

In relation to the creation of an avatar that will become the main character in the metaverse environment, we design a system that automatically determines the shape of the avatar according to the situation and location by adjusting the details between immersion and privacy. In this study, as a way to control immersion in various virtual environments of the metaverse environment, we derive the hypothesis that immersion is determined by how detailed the original object is expressed. We conduct research that can adaptively control the expression information of avatars.

• Journal of Legislation Research
• /
• no.41
• /
• pp.303-335
• /
• 2011

The rapid changes in telecommunications have exercised an important influence on the telecommunications law system, including the protection of the privacy. It was a decisive assignment that telecommunications law protected the confidentiality of privacy. But in new digitalized telecommunications circumstance, every steps of the conveyance of the individual informations should be protected, in particular by telecommunications carriers as a subject of the protection of information. EU Privacy Directive in 2003 and the amendment of Communications Act in U. S. A. in 1996 have reflected the necessity of the privacy from a new point of view. In Korea, "Protection of Privacy Act" has been established as general law as to the protection of privacy and "Electronic Communications Net-work Act" and "Location Data Act" have been functioned as special law in telecommunications, and these laws have developed the legal systems about the protection of privacy in telecommunications. Such a legal system could be affirmatively evaluated. But the regulations should be reformed in a way that corresponds to the detailed types of the privacy and it should be devised a method, that the consent of users could be fulfilled practically.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.71-82
• /
• 2011

The RFID system provides undeniable advantages so that it is used for various application. However recent RFID system is vulnerable to some attacks as eavesdropping, replay attack, message hijacking, and tag tampering, because the messages are transmitted through the wireless channel and the tags are cheap. Above attacks cause the tag and reader impersonation, denial of service by invalidating tag, and the location tracking concerning bearer of tags, A lot of RFID authentication protocol bas been proposed to solve the vulnerability. Since Weis, Sanna, Rivest, and Engel, proposed the bash-based RFID authentication protocol, many researchers have improved hash-based authentication protocol and recent bash-based authentication protocols provide security and desirable privacy. However, it remains open problem to reduce the tag identification time as long as privacy and security are still guaranteed. Here we propose a new protocol in which the tags generate the message depending on the state of previous communitions between tag and reader. In consequence, our protocol allows a server to identify a tag in a reasonable amount of time while ensuring security and privacy, To be specific, we reduced the time for the server to identify a tag when the last session finished abnormally by at least 50% compared with other bash-based schemes that ensure levels of security and privacy similar to ours.

• Journal of Science and Technology Studies
• /
• v.16 no.2
• /
• pp.1-31
• /
• 2016

This essay examines the recent proliferation of location-based services (LBS) within the context the expansion of the technologies of remote identification, monitoring, and tracking. Following the spatial turn in the social sciences, this essay aims to analyze LBS as a surveillance technology that can re-shape the spatial configuration of its users and their identity. The analytic focus of this essay is on LBS within the global information infrastructure, and it utilizes key LBS examples in the US and South Korea. First, as a way to discuss the technical possibilities of LBS for spatial coordination and surveillance, this essay investigates its technical architecture in terms of information flow. It then discusses the issue of privacy in LBS by analyzing some of its key legal and regulatory issues. The combination of the global information infrastructure with location-related technologies has enabled LBS companies to expand the scope of surveillance over the ever-increasing computer-mediated activities, prompting heated discussions over whether LBS is capturing "Every Moment in Your Life." This essay concludes with a discussion on how location technologies have provided a key platform for the rise of surveillance capitalism through the creation of what Marc $Aug{\acute{e}}$ called a "non-place," a place where the identified self is constituted by LBS.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.5
• /
• pp.165-172
• /
• 2013

Convergence is increasingly prevalent in the IT world which generally refers to the combination of two or more different technologies in a single device. Especially, the spectrum scarcity is becoming a big issue because there are exponential growth of broadcasting and communication systems in the spectrum demand. Cognitive radio (CR) is a convergence technology that is envisaged to solve the problems in wireless networks resulting from the limited available spectrum and the inefficiency in the spectrum usage by exploiting the existing wireless spectrum opportunistically. However, the very process of convergence is likely to expose significant security issues due to the merging of what have been separate services and technologies and also as a result of the introduction of new technologies. The main purpose of this research is focused on devising an adaptive security framework based on carousel for CR networks as a distinct telecommunication convergence application, which are still at the stage of being developed and standardized with the lack of security concerns. The framework uses a secure credential, named as carousel, initialized with the location related information from objects position, which is used to design security mechanisms for supporting privacy and various securities based on it. The proposed adaptive security framework could be used as a security building block for the CR network standards and various convergence applications.

• Journal of Internet Computing and Services
• /
• v.18 no.5
• /
• pp.31-38
• /
• 2017

Recently with the rapid development of LBS (Location-based Services) technology, approaches of protecting user's location have gained tremendous attentions. For using LBS, users need to forward their real locations to LBS server. However, if the user sends his/her real location to LBS server, the server will have the all the information about user in LBS. Moreover, if the user opens it to LBS server for a long time, the trajectory of user may be released. In this paper, we propose GTC (Grid-based Trajectory Cloaking) method to address the privacy issue. Different from existing approaches, firstly the GTC method sets the predicting trajectory and divides the map into $2^n*2^n$ grid. After that we will generate cloaking regions according to user's desired privacy level. Finally the user sends them to LBS server randomly. The GTC method can make the cost of process less than sequential trajectory k-anonymity. Because of confusing the departure and destination, LBS server could not know the user's trajectory any more. Thus, we significantly improve the privacy level. evaluation results further verify the effectiveness and efficiency of our GTC method.

• KIPS Transactions on Computer and Communication Systems
• /
• v.3 no.5
• /
• pp.141-150
• /
• 2014

In recent years, because of the development of ubiquitous technology in healthcare research is actively progress. Especially, healthcare service area is change to home for the elderly or patients from hospital. The technology to identify residents in a home is crucial for smart home application services. However, existing researches for resident identification have several problems. In this case, residents are needed to attach of various sensors on their body. Also relating private life, it is difficult to apply to resident's environment. In this paper, we used constraint-free sensor and unconscious sensor to solve these problems and we limited using of sensor and indoor environment in the way of working economical price systems. The way of multi-resident identification using only these limited sensors, we selected elements of personal identifications and suggested the methods in giving the weight to apply these elements to systems. And we designed the SABA mechanism to tract their location and identify the residents. It mechanism can distinguish residents through the sensors located each space and can finally identify them by using the records of their behaviors occurred before. And we applied the mechanism designed for applications to approve this location tracking system. We verified to the location tracking system performance according to the scenario.

• The Journal of Information Systems
• /
• v.21 no.2
• /
• pp.73-96
• /
• 2012

With emergence of smart technologies(e.g., smartphones), Location-Based Services(LBS) are expected to provide more enhanced values utilizing consumers' personal information than other smart services. However, in contrast to existing smartphone applications, LBS could raised severe consumer's privacy concerns because of rapidly changing information sensitive to consumers. In this context, the purpose of this study is to explore relationships among privacy concerns reduction, trust and intention to use LBS by examining the effect of precedence factors(social presence, reputation, mobile literacy, ability of information control) of privacy concern reduction. In addition, the study investigates the role of personal innovation as a moderating effect between privacy concern reduction and intention to use LBS. The results showed that the proposed precedence factors of privacy concerns with a exception of Mobile Literacy had a positive impact on privacy concerns reduction that then positively affected trust and intention to use LBS. In addition, the relationship between trust and intention to use LBS was significantly supported. Finally, personal innovation as a moderating effect significantly influenced the relationship between privacy concern reduction and intention to use LBS. This study is expected to be a reference for a subsequent study about the spread of LBS application of smartphone. Also, the finding of this study is meaningful for helping service direction to firms providing LBS.