• The Journal of the Korea Contents Association
• /
• v.6 no.12
• /
• pp.169-176
• /
• 2006

Since home network system is usually set up based on the built-in system inside home at the time of construction, it has a difficulty in being compatible with new devices after construction. In this paper, we propose DBS(Dynamic Binding System) that can make links effectively among the devices located in inside and outside of home networks. Implementation of the DBS is based on the ZigBee's binding in WPAN(Wireless Personal Area Network). For this research, we constructed the system consisting of home server that contains proxy server and location server, devices inside home in which tinyOS is embedded, and mobile device that is an emulator. The communication inside home is done by IEEE 802.15.4 protocol and the communication between servers and mobile devices outside home is done by TCP/IP protocol. Regardless of device's address format, the DBS facilitates a link among the devices located inside and outside of home networks. And, introducing a new device into home network can be recognized easily by exchanging messages between devices.

• The KIPS Transactions:PartA
• /
• v.13A no.2 s.99
• /
• pp.111-122
• /
• 2006

As VOD service over the Internet becomes popular, a large sealable VOD system in P2P streaming environment has become increasing important. In this paper, we propose a new proxy caching scheme, called P2Proxy, to replace the traditional proxy with a sealable P2P proxy in P2P streaming environment. In the proposed scheme, each client in a group stores a different part of the stream from a server into its local buffer and then uses a group of clients as a proxy. Each client receives the request stream from other clients as long as the parts of the stream are available in the client group. The only missing parts of the stream which are not in the client group are directly received from the server. We represent the caching process between clients in a group and a server and then describe a group creation process. This paper proposes the directory structure to share the caching information among clients. By using the directory information, we minimize message exchange overload for a stream caching and playing. We also propose a recovery method for failures about the irregular behavior of P2P clients. In this paper, we evaluate the performance of our proposed scheme and compare the performance with the existing P2P streaming systems.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.48 no.3
• /
• pp.41-49
• /
• 2011

In this paper, we propose an open protocol to be employed between a smart meter concentrator and a metering data collection server, and also evaluate its performance. Legacy concentrators performs the connection establishment and data gathering operations with DLMS/COSEM protocol standards. However, we note that there are no standardized protocols between the concentrator and the collection server, which inevitably conduces each commercial smart metering system to have its own proprietary protocol. In order to solve this problem, we propose an open protocol - Smart Meter Concentrator Control Protocol(SMCCP) by extending the existing standard protocol(DLMS/COSEM). The SMCCP can provide the proxy mode to enable efficient transmission between the concentrator and the data collection server. It also can support the relay mode to enable a direct communication between the data collection server and each far end smart meter. We also implement an emulator system and a protocol analyzer to provide its operation. In addition, we evaluate the session holding time and the link usage ratio in both relay and proxy modes with OMNET++ simulator.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.8B
• /
• pp.730-737
• /
• 2003

In this paper, we present an efficient authentication proxy for IEEE 802.1x systems based on the port-based access control mechanism. An IEEE 802.1x system consists of PC supplicants, a bridge with authentication client functions, and an authentication server. For the network security and user authentication purposes, a supplicant who wants to access Internet should be authorized to access the bridge port using the Extended Authentication Protocol (EAP) over LAN. The frame of EAP over LAN is then relayed to the authentication server by the bridge. After several transactions between the supplicant and the server via the bridge, the supplicant may be either authorized or not. Noting that the transactions between the relaying bridge and the server will be increased as the number of supplicants grows in public networks, we propose a scheme for reducing the transactions by employing an authentication proxy function at the bridge. The proxy is allowed to cache the supplicant's user ID and password during his first transaction with the server. For the next authentication procedure of the same supplicant, the proxy function of the bridge handles the authentication transactions using its cache on behalf of the authentication server. Since the main authentication server handles only the first authentication transaction of each supplicant, the processing load of the server can be reduced. Also, the authentication transaction delay experienced by a supplicant can be decreased compared with the conventional 802.1x system.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.1
• /
• pp.77-82
• /
• 2016

Recently, an IoT(Internet of Things) application communication protocol is standardizing for connectivity between every things on Internet. In this paper, we design and implement an indoor resource control service using IETF (Internet Engineering Task Force) CoAP (Constrained Application Protocol) based on Web. We present an indoor resource control architecture based on Web included functionalities of proxy and RD (Resource Directory) in a web server. Developed indoor resource control service supports to register low-powered and small-scale IoT nodes to web server using CoAP. This service allows users to control the indoor resources through a web browser using Web proxy with functionality of HTTP-CoAP converting.

• The Journal of the Korea Contents Association
• /
• v.10 no.1
• /
• pp.46-58
• /
• 2010

The user valence of VoIP services with SIP protocol is increasing rapidly because of cheap communication cost and its conveniency. But attacker can easily modify the packet contents of SIP protocol as SIP header is transmitted by using UDP methods in text form. The reason is that SIP protocols does not provide an authentication function on the transmission session. Therefore, existing SIP protocol is very weak on SIP Packet Flooding attack etc. In order to solve like this kinds of SIP vulnerabilities, we used SIP status codes under the monitoring module for detecting SIP Flooding attacks and additionally proposed an advanced protocol where the authentication and security function is strengthened about SIP packet. We managed SIP session spontaneously in order to strengthen security with SIP authentication function and to solve the vulnerability of SIP protocol. The proposed mechanism can securely send SIP packet to solves the security vulnerability with minimum traffic transmission. Also service delay in SIP proxy servers will be minimized to solve the overload problem on SIP proxy server.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.5C
• /
• pp.523-531
• /
• 2003

Java applets are downloaded from web server through internet and executed in Java Virtual Machine of clients'browser. Before execution of java applets, JVM checks bytecode program with bytecode verifier and performs runtime tests with interpreter. However, these tests will not protect against undesirable runtime behavior of java applets, such as denial of service attack, email forging attack, URL spoofing attack, or annoying sound attack. In order to protect malicious applets, a technique used in this paper is java bytecode modification. This technique is used to restrict applet behavior or insert code appropriate to profiling or other monitoring efforts. Java byte modification is divided into two general forms, class-level modification involving subclassing non-final classes and method-level modification used when control over objects from final classes or interface. This paper showed that malicious applets are controlled by java bytecode modification using proxy server. This implementation does not require any changes in the web sever, JVM or web browser.

• Journal of Internet Computing and Services
• /
• v.13 no.1
• /
• pp.15-25
• /
• 2012

Mobile IPv6 (MIPv6) is a host-based protocol supporting global mobility while Proxy Mobile IPv6 (PMIPv6) is a network-based protocol supporting localized mobility. This paper makes its focus on how to reduce the longer delay and extra cost arising from the combination of authentication, authorization and accounting (AAA) and PMIPv6 further. Firstly, a novel authentication scheme (Proxy-AAA) is proposed, which supports fast handover mode and forwarding mode between different local mobility anchors (LMAs). Secondly, a cost analysis model is established based on Proxy-AAA. From the theoretical analysis, it could be noted that the cost is affected by average arrival rate and residence time.

• Journal of the Korea Convergence Society
• /
• v.2 no.4
• /
• pp.9-14
• /
• 2011

Phishing is an attack to theft an user's identity by masquerading the user or the device. The number of phishing victims are sharply increased due to wide spread use of smart phones and messenger programs. Smart phones can operate various wi-fi based apps besides typical voice call and SMS functions. Generally, the messenger program such as Kakao Talk or Nate On is consisted of client and server functions. Thus, the authentication between the client and the server is essential to communicate securely. In this paper, we propose the messenger authentication protocol safe against smart phone phishing. To protect communications among clients, the proposed method provides message encryption and authentication functions.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.06d
• /
• pp.321-326
• /
• 2007

그리드 컴퓨팅은 지리적으로 분산되어 있고 보안상으로 분리되어 있는 기관들 사이의 자원들을 공유하여 협동 작업을 가능하게 하는 대규모 가상 컴퓨팅 환경이다. 다양한 모바일 기기들의 출현으로 인하여 전통적인 그리드 컴퓨팅 환경에 모바일 개념이 도입되어 모바일 그리드 환경이 나타나게 되었다. 모바일 그리드 환경에서 우선 고려해야 할 것은 모바일 기기의 고유한 특성으로 인해 발생하는 제약사항들이다. 본 논문에서 고려하는 환경에서는 이런 제약사항들은 다소 해결이 가능하다. 본 논문에서 제안한 적응적 작업처리 기법은 모바일 그리드 컴퓨팅 환경에서 모바일 기기가 자원 이용자 역할 뿐만 아니라 자원 제공자 역할도 수행할 수 있다. 또한, 결함 포용적인 프록시 서버 역할을 하는 모바일 라우터를 두어서 전체적인 작업 수행에 있어 안정성과 신뢰성을 제공한다.