• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.849-858
• /
• 2013

In today's mobile computing environment, there are many threats, such as device loss or theft, malware, to the sensitive information stored on end user device. To prevent disclosure of information, encryption and authentication method are properly adjusted to the device. In cryptographic file systems, CBC mode of operation has been commonly used. It requires an IV need not be secret, but must be unpredictable and protect integrity of the IV. In this paper, we propose file system-level encryption mechanism with HSM that satisfy the requirement of the IV and improve the performance. Moreover, Design and experimental results prove the efficiency of our proposed method.

• Journal of KIISE:Information Networking
• /
• v.33 no.2
• /
• pp.131-138
• /
• 2006

To achieve security in wireless sensor networks(WSN), it is important to be able to encrypt and authenticate messages sent among sensor nodes. Due to resource constraints, many key agreement schemes used in general networks such as Diffie-Hellman and public-key based schemes are not suitable for wireless sensor networks. The current pre-distribution of secret keys uses q-composite random key and it randomly allocates keys. But there exists high probability not to be public-key among sensor nodes and it is not efficient to find public-key because of the problem for time and energy consumption. To remove problems in pre-distribution of secret keys, we propose a new cryptographic key management protocol, which is based on the clustering scheme but does not depend on probabilistic key. The protocol can increase efficiency to manage keys because, before distributing keys in bootstrap, using public-key shared among nodes can remove processes to send or to receive key among sensors. Also, to find outcompromised nodes safely on network, it selves safety problem by applying a function of lightweight attack-detection mechanism.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.8B
• /
• pp.947-953
• /
• 2011

These days, a consistent and fatal attack attribute toward a database has proportionally evolved in the similar development form to that of security policy. Because of access control-based defensive techniques regarding information created in closed networks and attacks on a limited access pathway, cases of infringement of many systems and databases based on accumulated and learned attack patterns from the past are increasing. Therefore, the paper aims to separate attack information by its types based on a virtual infringement pattern system loaded with dualistic VM in order to ensure stability to limited certification and authority to access, to propose a system that blocks infringement through the intensive management of infringement pattern concerning attack networks, and to improve the mechanism for implementing a test that defends the final database, the optimal defensive techniques, and the security policies, through research.

• The Journal of the Korea Contents Association
• /
• v.9 no.9
• /
• pp.9-17
• /
• 2009

RFID (Radio Frequency Identification) is a next generation technology that will replace barcode. RFID can identify an object by reading ID inside a RFID tag using radio frequency. However, because a RFID tag replies its unique ID to the request of any reader through wireless communication, it is vulnerable to attacks on security or privacy through wiretapping or an illegal reader's request. The RFID authentication protocol has been studied actively in order to solve security and privacy problems, and is used also in tag search. Recently, as the number of tags is increasing in RFTD systems and the cost of data collection is also rising, the importance of effective tag search is increasing. This study proposed an efficient search method that solved through ta9 group the problem of large volume of database computation in Miyako Ohkubo's hash chain mechanism, which meets requirements for security and privacy protection. When we searched first the group of tags with access rate of 5 or higher in a database with 100,000 records, search time decreased by around 30%.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.5
• /
• pp.9-17
• /
• 2019

As the IoT environment becomes more popular, the safety of the M2M environment, which establishes the communication environment between objects and objects without human intervention, becomes important. Due to the nature of the wireless communication environment, there is a possibility of exposure to security threats in various aspects such as data exposure, falsification, tampering, deletion and privacy, and secure communication security technology is considered as an important requirement. In this paper, we propose a new method for group key generation and exchange using trap hash collision hash in existing 'M2M communication environment' using hash collision, And a mechanism for confirming the authentication of the device and the gateway after the group key is generated. The proposed method has attack resistance such as spoofing attack, meson attack, and retransmission attack in the group communication section by using the specificity of the collision message and collision hash, and is a technique for proving safety against vulnerability of hash collision.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.3-12
• /
• 2004

Secure operating system is a special operating system that integrates some security functions(i.e. access control, user authentication, audit-trail and etc.) with normal operating system in order to protect system from various attacks. But it doesn't consider my security of network traffic. To guarantee the security of the whole system, network traffic must be protected by a certain way and IPsec is a representative technology for network security. However, it requires administrator's carefulness in managing security policies and the key management mechanism is very heavy as well as complicated. Moreover, it doesn't have a suitable framework for delivery of security information for access control mechanism. So we propose a simple trusted channel mechanism for secure communication between secure operating systems. It provides confidentiality md authentication for network traffic and ability to deliver security information. It is implemented at the kernellevel of IP layer and the simplicity of the mechanism can minimize the overhead of trusted channel processing.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.6
• /
• pp.47-58
• /
• 2002

The access control techniques, which can control unauthorized members to access to multicast service, have not been studied very often while there are a lot of on-going study on secure multicast architecture, multicast key distribution and sender authentication scheme have been studied. Multi level access control scheme in multicast can be used in a remote secure conference or to provide graduated multimedia services to each customers. In fact, multicast network has its own virtual networks according to different security levels. However, Early schemes are not effective when it protects unauthorized access in multi-access network environment. Furthermore this scheme does not provide us with hierarchical access control mechanism. This paper, therefore, proposes hierarchical access control scheme to provide the effectiveness in network layer by security level comparison. And we also suggests hierarchical key distribution scheme for multi level access control in application layer and effective hierarchical key renewal scheme in dynamic multicast environment which is easy to join and leaving the multicast group.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1069-1080
• /
• 2022

Zero trust, which means never trust anything before verifying it, is emerging as a hot issue in security field. After authenticating users, zero trust establishes network boundaries so that only networks in the trusted range can be accessed. This concept is also consistent with the concept of SDP, which performs pre-verification and creates a network boundary with a dynamic firewall so that clients can access only as many as they have permission to connect. Therefore, we recommend the SDP model as an example of how zero trust can be achieved in a zero trust architecture. In this paper, we point out the areas where SDP needs to be modified for zero trust and suggest ways to overcome them. In addition, we propose an onboarding method, which is one of the processes for becoming an SDP entity, and present performance measurement results.

• Journal of Advanced Navigation Technology
• /
• v.27 no.2
• /
• pp.228-234
• /
• 2023

As the increasing demand for high-quality software, there is huge requiring for quality certification of international standards, industrial functional safety (IEC 61508), automotive (ISO 26262), embedded software guidelines for weapon systems, etc., in the industry. Software companies are very difficult to systematically acquire the quality certification in terms of cost and manpower of Startup, venture small-sized companies. For their companies one test case automatic generation is considered as a core technique to evaluate or improve software quality. This paper proposes a test case automatic generation method based on the design decision table for system and software design verification. We apply the proposed method with OMG's standard techniques of metamodel and model transformation for automatically generating test cases. To do this, we design the metamodels of design decision table (Model) and test case document (Text) and define model transformation to automatically generate test cases, which will expect to easily work MC/DC coverage.

• Journal of the Korean Applied Science and Technology
• /
• v.36 no.4
• /
• pp.1208-1218
• /
• 2019

The study is on the cosmetic solubilizing power of organic plant surfactants. The blended high purity polyglyceryl-10 oleate and polyglyceryl-10 stearate mixtures were synthesized using organically certified raw materials to develop surfactants having excellent solubilizing power. The mixture is called "Solubil ORG-1300". The appearance of this material is a pale yellowish paste, with a specific odor. The specific gravity was 1.12 and it was high purity that acid value was 0.072±0.1. The HLB value of this natural surfactant was averaged = 15.1 and calculated through the Griffin equation. Mechanically it is explained how organic surfactant are available with fragrance and oils. The solubilizing test was determined by eye evaluation method through the dissolving performance test for the two oils and measured the transmittance at 890 nm using a UV spectrophotometer to measure the transparency. The results showed that the concentration of surfactant needed to make Bergamot oil available requires approximately more 2 times. It was also found that the concentration of surfactant needed to make the tocoperyl acetate available was about 8 times higher. Experiments on the solubility resulting from pH changes showed stabilized usable solubilizing power even in acidic areas of pH=3.5, neutral areas of pH=7.2, and alkaline areas of pH=1.5. Experiments on the solubility according to pH variation showed good solubility stabilized in acidic areas of pH=3.5, neutral areas of pH=7.2, and alkaline areas of pH=11.5. As an application of cosmetics, the company successfully developed a prescription for moisturizing activity based on these results, it is expected that a wide range of applications will be available for skin care, baby lotion, sensitivity or atopic skin cosmetics.