• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.3
• /
• pp.81-90
• /
• 2018

Due to the dramatic advancement of IoT (Internet of Things), it is expected that tens of billions of IoT devices will be connected by the year 2024. Furthermore, as IoT technologies evolves, the security management in IoT platforms has become a critical issue. For example, there are interworking problems between heterogeneous IoT platforms caused by differences from communication protocols, security policies, etc. in each platform. In addition, unsecured interworking can cause major security issues including the information leakage. In this paper, in order to solve these problems, a security interworking architecture is proposed and implemented in both FIWARE and oneM2M, which are representative IoT platforms. First, the security architecture of FIWARE is analyzed and implemented, and then the security framework based on OAuth 2.0 is developed on Mobius platform. Finally, in order to validate the proposed security interworking architecture, a LED (Light-Emitting Diode) example, where the LED is controlled by only authorized users, is developed. The proposed architecture can be extended to the diverse IoT platforms and devices.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.4
• /
• pp.752-757
• /
• 2016

Machine to Machine (M2M) communications is communications between a business application and devices via a communication network without any direct human interaction. The aim of our research is to connect any M2M device with an M2M AS (Application server) through an IMS (IP Multimedia Subsystem) Network Core using a M2M Gateway, in order to develop an M2M Horizontal Services Platform over IMS. An IP Multimedia Subsystem (IMS) is an architectural framework defined by the wireless standards body of the 3rd Generation Partnership Project (3GPP) for delivering IP multimedia services to mobile users. This paper shows the design and implementation of a Horizontal M2M Network Services Platform over an IP Multimedia Subsystem (IMS) using the Message Session Relay Protocol (MSRP). We summarize the protocols and architectures that formed the basis for the creation of our architecture. We provide a detailed description of our architecture design, describing the call flow of the proposed architecture and the entities operating in each process. We also describe the design and implementation process detailing the different tools used, explaining the selection of each component and its importance; also how we designed and implemented the M2M gateway, M2M Application Server, Open IMS Core, business application and M2M devices.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.1
• /
• pp.115-125
• /
• 2011

Cryptographic hash functions are also called one-way functions and they ensure the integrity of communication data and command by detecting or blocking forgery. Also hash functions can be used with other security protocols for signature, authentication, and key distribution. The SHA-1 was widely used until it was found to be cryptographically broken by Wang, et. al, 2005. For this reason, NIST launched the SHA-3 competition in November 2007 to develop new secure hash function by 2012. Many SHA-3 hash functions were proposed and currently in review process. To choose new SHA-3 hash function among the proposed hash functions, there have been many efforts to analyze the cryptographic secureness, hardware/software characteristics on each proposed one. However there are few research efforts on the SHA-3 from the point of power consumption, which is a crucial metric on hardware module. In this paper, we analyze the power consumption characteristics of the SHA-3 hash functions when they are made in the form of ASIC hardware module. Also we propose power efficient hardware architecture on Luffa, which is strong candidate as a new SHA-3 hash function. Our proposed low power architecture for Luffa achieves 10% less power consumption than previous Luffa hardware architecture.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.5B
• /
• pp.475-488
• /
• 2003

To prevent performance degradation of TCP due to packet losses in the smooth handoff by the route optimization extension of Mobile IP protocol, a buffering of packets at a base station is needed. A buffering of packets at a base station recovers those packets dropped during handoff by forwarding buffered packets at the old base station to the mobile user. But, when the mobile user moves to a congested base station in a new foreign subnetwork, those buffered packets forwarded by the old base station are dropped and TCP transmission performance of a mobile user in the congested base station degrades due to increased congestion by those forwarded burst packets. In this paper, considering the general case that a mobile user moves to a congested base station, we analyze the influence of packet buffering on TCP performance according to handoff arrival distribution for Drop-tail and RED (Random Early Detection) buffer management schemes. Simulation results show that RED scheme can reduce the congestion increased by those forwarded burst packets comparing Drop-Tail, but RED scheme cannot avoid Global Synchronization due to forwarded burst packets by the old base station and new buffer management scheme to avoid it is needed in Mobile IP based networks.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.5B
• /
• pp.512-521
• /
• 2003

In this paper, we introduce our experience of the design and implementation of mobile collaboration system(MCS) that support people using mobile devices to participate in cooperative session. There are considerable differences between desktop PC and mobile devices like PDA in processing ability, resolution of display and color degree. In the case of mobile devices, they use different processors and different operating system and they have even differences in ability of executing application. The mobile collaborative system based on T.120 protocol of ITU-T standard compromised of mobile collaboration server, mobile collaboration client, session node and application. We also define the session node in desktop PC in which session control block and communication block runs. This node provide functions of session control block and communication block to mobile collaboration clients and so lighten load of clients. The mobile collaboration server provides information of candidates for session node, session and user to mobile collaboration client. And this server support clients to configure their own session node and manage sessions. Only the mobile collaboration client module and applications including APE are executed in a mobile device when user using mobile devices would like to participate in cooperative session. We implemented mobile collaboration client and applications with JAVA to support platform independency.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.4A
• /
• pp.369-379
• /
• 2011

During the routing process between nodes on the CR(Cognitive Radio) network conducting for efficient use of limited frequency resources, spectrum handover process due to the appearance of the PU occupies most of the routing latency, and also decreases the reliability of the path. In this paper, a cooperative routing protocol in a multi-channel environment is proposed. The source node broadcasts a message with available channel lists and probability of PU appearance during its route guidance. The intermediate nodes re-transmit the message, received from the source node, and update and maintain the information, status table of the path. The destination node determines the optimal path and sends a reply message to the selected path after it receives the messages from the intermediate nodes. The average probability of the PU appearance and the average time of the PU appearance are updated while transferring data. During data transmission the channel with the lowest probability of appearance of the PU is selected dynamically and if a PU appears on the current channel partial repairment is performed. It is examined that reliability of the selected path considerably is improved and the routing cost is reduced significantly compared to traditional routing methods.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.2
• /
• pp.27-40
• /
• 2016

This paper aims to analyze the business types of 237 IoT based smart home companies in the world (launched during 1999~2014) which got global investment last few years. For this, the previous literatures trying to analze technology and service types of smart home are searched and the typology of the platform is discussed. Based on it, this research conceptualizes an analysis framework that includes three areas of smart home like home automation, home security, and energy efficiency with the three platform types like product, software, and service. This study concludes that the development of business type for IoT based smart home ecosystem is from the product to software and it can be a platform or not. In current status, there are a few platforms of product and software, but in the device management (16%) and thermostat (11%), companies are persuing more platform like. It is difficult to find the service platform in overall areas, for application based service has a few attractions in the investment market due to the lack of cloud infrastructure and data analytics. The following three are the implication to domestic market: 1) More active offering of API and SDK, 2) more active introduction of wireless Intenet network protocols, and 3) more active interoperability efforts and alliance activities are needed.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.5
• /
• pp.121-133
• /
• 2013

Defect-free transfer service on the Next-generation wireless network extensive roaming mobile node (MN) to provide efficient mobility management has become very important. MIPv6(Mobility IPv6) is one of mobility management scheme proposed by IETF(Internet Engineering Task Force), and IPv6-based mobility management techniques have been developed in various forms. One of each management techniques, IPv6-based mobility management techniques for PMIPv6 (MIPv6) system to improve the performance of a variety of F-PMIPv6 (Fast Handover for Proxy MIPv6) is proposed. However, the F-PMIPv6 is cannot be excellent than PMIPv6 in all scenarios. Therefor, to select a proper mobility management scheme between PMIPv6 and F-PMIPv6 becomes an interesting issue, for its potenrials in enhancing the capacity and scalability of the system. In this paper, we develop an analytical model to analyze the applicability of PMIPv6 and F-PMIPv6. Based on this model, we design an Secure Smart Mobility Support(SSM) scheme that selects the better alternative between PMIPv6 and F-PMIPv6 for a user according to its changing mobility and service characteristics. When F-PMIPv6 is adopted, SSM chooses the best mobility anchor point and regional size to optimize the system performance. Numerical results illustrate the impact of some key parameters on the applicability of PMIPv6 and F-PMIPv6. Finally, SSM has proven even better result than PMIPv6 and F-PMIPv6.

• Journal of Digital Convergence
• /
• v.18 no.3
• /
• pp.163-169
• /
• 2020

A smart key has been used in a variety of embedded environments and there also have been attacks from a remote place by amplifying signals at a location of a user. Existing studies on defence techniques suggest multiple sensors and hash functions to improve authentication speed; these, however, increase the electricity usage and the probability of type 1 error. For these reasons, I suggest an embedded security controller based on client authentication and user movement information improving the authentication method between a controller and a host device. I applied encryption algorithm to the suggested model for communication using an Arduino board, GPS, and Bluetooth and performed authentication through path analysis utilizing user movement information for the authentication. I found that the change in usability was nonsignificant when performing actions using the suggested model by evaluating the time to encode and decode. The embedded security controller in the model can be applied to the system of a remote controller for a two-wheeled vehicle or a mobile and stationary host device; in the process of studying, I found that encryption and decryption could take less then 100ms. The later study may deal with protocols to speed up the data communication including encryption and decryption and the path data management.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2002.11a
• /
• pp.701-705
• /
• 2002

This paper describes implementation of IPv6-IPv4 transition toolbox named as 6TALK(IPv6 TrAansLator of Krv6) and some scenarios using 6TALK which enables IPv6 island to connect other IPv6 island or IPv4 island seamlessly. 6TALK implements some transition mechanisms suggested in NGTrans Working Group of IETF. Those mechanisms are composed of basic mechanism, tunneling, and applied mechanism such as DSTM. 6TALK provides functions which enable IPv6 network at the edge of existing network to communicate with IPv4 network by using these transition mechanisms. As major transition mechanisms in 6TALK we adopt NAT-PT/SIIT and DSTM/DSTM options and as implementation environment we use Linux Kernel 2.4.18 and Netfilter framework. Software modules implemented in Linux kernel was ported to hardware box using Motorola MPC 8260 processor. The transition mechanisms used in 6TALK are the ones predicted to be used in initial transition step to IPv6.