• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.04a
• /
• pp.402-403
• /
• 2015

클라우드 컴퓨팅 환경에서는 사용자의 데이터를 수많은 분산서버를 이용하여 데이터를 암호화하여 저장한다. 이러한 클라우드 스토리지에 사용자의 수많은 데이터가 저장됨에 따라 클라우드 스토리지의 신뢰성에 문제가 발생하고 있다. 비신뢰적인 관리자 및 공직자로부터 클라우드 서버에 저장된 사용자의 데이터를 안전하게 저장하기 위한 다양한 암호 기술들이 계속해서 연구되고 있다. 하지만 기존의 데이터 암호 기술들은 클라우드 스토리지 상에서 여러 사용자 간의 데이터 공유 서비스에 적용하기 힘든 단점을 가지고 있다. 따라서 본 논문에서는 비신뢰적인 클라우드 스토리지를 고려하여 속성기반 암호로 암호화된 키를 재암호화하여 다른 사용자와 안전하고 효율적으로 공유할 수 있는 데이터 공유기법을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.722-725
• /
• 2015

분산 컴퓨팅 환경에서 다양한 데이터 서비스가 가능해지면서 대용량 데이터의 분산관리가 주요 이슈로 떠오르고 있다. 한편, 대용량 데이터의 다양한 이용 형태로부터 악의적인 공격자나 내부 사용자에 의한 보안 취약성 및 프라이버시 침해가 발생할 수 있다. 민감한 데이터들이 클라우드 서버 내에 저장되어 사용될 때, 외부 공격자나 내부 사용자의 미흡한 관리로 인한 데이터 유출 문제가 발생할 수 있다. 이를 해결하기 위해 데이터에 대한 암호화를 통해 관리가 가능하다. 하지만 기존의 단순한 암호화 방식은 클라우드 환경에 저장된 데이터의 접근 관리에 따른 문제점이 존재한다. 또한, 기존의 데이터 암호 기술들은 클라우드 스토리지 상에서 여러 사용자 간의 데이터 공유 서비스에 적용하기 힘든 단점을 가지고 있다. 따라서 본 논문에서는 속성기반 암호로 암호화된 키를 재암호화하여 다른 사용자와 안전하고 효율적으로 공유할 수 있는 데이터 공유기법을 제안한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.2
• /
• pp.27-35
• /
• 2011

Due to the advancement of IPTV technologies, Mobile IPTV service is needed to be supported for service and content protection. CAS is generally used in the IPTV service to protect service and content. However, the CAS is not efficient in the Mobile IPTV. The CAS needs too much bandwidth for Service Key update to the each subscriber. Moreover, the CAS is increasing computation burden for the service key refreshment in the key management server when the subscriber frequently changes of the IPTV service group. To solve the problems, we used hierarchical key structure based on pre-shared key that is securely stored into smart card or USIM and do not use the EMM for Service Key update. As a result, the proposed scheme decreases computation burden at the key management server and wireless bandwidth burden in the Mobile IPTV service.

• The KIPS Transactions:PartC
• /
• v.8C no.5
• /
• pp.517-524
• /
• 2001

There are cases that revoke the certification because of disclosure of private key, deprivation of qualification and the expiration of a term of validity based on PKI. So, a user have to confirm the public key whether valid or invalid in the certification. There are many method such as CRL, Delta-CRL, OCSP for the cert-validation of certification. But these method many problems which are overload traffic on network and the CRL server because of processing for cert-validation of certification. In this paper we proposed the realtime cert-validation of certification method which solved problems that are data integrity by different time between transmission and receiving for CRL, and overload traffic on network and the CRL server based on DARC.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.312-313
• /
• 2017

Internet of Things(IoT) is an intelligent technology and service in which all objects communicate with each other through various networks. Recently Internet of Things(IoT) is one of the fields that is attracting attention as the development of ICT industry. MQTT is a protocol which is safe using TLS or adopting light packet structure for effciency of memory and power using. In this paper, when TLS is used the process of encryption / decryption in the broker occurs. We propose an efficient MQTT protocol through centralized key management by adding authentication server.

• Journal of Korea Multimedia Society
• /
• v.10 no.3
• /
• pp.373-380
• /
• 2007

In this paper we propose a new efficient authentication protocol that reduces overheads of computation for digital signature generation/verification on mobile devices in the Personal Area Network (PAN). In particular, we focus on eliminating the traditional public key operations on mobile devices without any assistance of a signature server. Moreover, the proposed protocol provides a simplified procedure for certificate status management to alleviate communication and computational costs on mobile devices in the PAN.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.1
• /
• pp.68-75
• /
• 2013

Recently IPTV that transmits multimedia contents in real time through internet, cable TV net and satelite net gets the limelight. But IPTV service that gives service to users by various media has a problem of not supporting user certification fully. This paper suggests a certification model which prevents getting access permission of IPTV service by sending illegal certification information by adolescent through integrating mobile communication technique with RFID(Radio Frequency IDentification) technique which is a key technique of Ubiquitous environment. This model performs the process of adult certification by keeping synchronization with user's certificaiton information that is saved in data-base of certification server and contents server after getting the system of class categorization in contents server to overcome disadvantage of simple adult certification system that is popular in the existing internet. Also, it adapts double hash chain technique not to down load illegally contents without the permission of manager even if an adolescent gets manager's approval key.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1343-1354
• /
• 2018

OAuth 2.0 bearer token and JWT(JSON web token), current standard technologies for authentication and authorization, use the approach of sending fixed token repeatedly to server for authentication that they are subject to eavesdropping attack, thus they should be used in secure communication environment such as HTTPS. In OAuth 2.0 MAC token which was devised as an authentication scheme that can be used in non-secure communication environment, server issues shared secret key to authenticated client and the client uses it to compute MAC to prove the authenticity of request, but in this case server has to store and use the shared secret key to verify user's request. Therefore, it's hard to provide stateless authentication service. In this paper we present a randomized token authentication scheme which can provide stateless MAC token authentication without storing shared secret key in server side. To remove the use of HTTPS, we utilize secure communication using server certificate and simple signature-based login using client certificate together with the proposed randomized token authentication to achieve the fully stateless authentication service and we provide an implementation example.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.10d
• /
• pp.18-21
• /
• 2007

콘텐츠의 다양화로 인해 콘텐츠의 관리를 위해 CMS(contents Management System)가 다양하게 운영되고 있다. 현재 CMS들은 단지 소속회원들을 기반으로 DRM기술을 적용하여 콘텐츠 저작권을 보호하고 있다. 따라서 콘텐츠의 글로벌 사용이 제한되고 상호운용이 불가능하고 콘텐츠의 원천적 저작권보호가 불가능하다. 따라서 이 논문에서는 저작권 보호를 위하여 공개키 기반의 라이선스관리 모듈을 설계하였으며 이를 기반으로 콘텐트 암호화하는 패키저 모듈, 암호화된 콘텐트를 복호화하는 언 패키저 모듈, 콘텐트 공유서버 및 클라이언트 모듈을 설계하였다. 이기종간의 CMS는 트랜젝션 서버를 통해 통합 메타데이터를 공유하며 통합 CMS를 운영하여 다양한 콘텐츠를 다양한 CMS에서도 활용 가능하도록 제안하였으며 웹 콘텐츠 인증코드를 이용한 DRM 기술을 기반으로 콘텐츠 사용 제한 및 저작권 보호를 지원한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.6
• /
• pp.1443-1448
• /
• 2015

Most of access control systems for underground utility tunnel work through wired network between central system and the automatic switch control unit. However, there are several issues regarding the absence of network infrastructure and an outdoor reader in a relatively unique environment. To solve these issues we propose an authenticated key based smart phone control system for secure access to the underground utility tunnel and this scheme is anticipated providing us with crucial information about a systemic entrance history and effective management procedures of utility tunnel. In addition, the proposed scheme enables to access to secured control system in smart phone based bluetooth network and it provides information about systemic control and history management for the switch controls through smart phone applications.