• Convergence Security Journal
• /
• v.12 no.1
• /
• pp.55-61
• /
• 2012

Owing to the development of wireless infrastructure and mobile communication technology, There is growing interest in smart phone using it. The resulting popularity of smart phone has increased the Mobile Malicious AP-related security threat and the access to the wireless AP(Access Point) using Wi-Fi. mobile AP mechanism is the use of a mobile device with Internet access such as 3G cellular service to serve as an Internet gateway or access point for other devices. Within the enterprise, the use of mobile AP mechanism made corporate information management difficult owing to use wireless system that is impossible to wire packet monitoring. In this thesis, we propose mobile AP mechanism-based mobile malicious AP detection and prevention mechanism in radius authentication server network. Detection approach detects mobile AP mechanism-based mobile malicious AP by sniffing the beacon frame and analyzing the difference between an authorized AP and a mobile AP mechanism-based mobile malicious AP detection.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.16 no.1
• /
• pp.101-108
• /
• 2021

This paper builds a real-time home security system based on the OneNet cloud platform to control the status of the house through a smartphone. The system consists of a local part and a cloud part. The local part has I/O devices, router and Raspberry Pi (RPi) that collects and monitors sensor data and sends the data to the cloud, and the Flask web server is implemented on a Rasberry Pi. When a user is at home, the user can access the Flask web server to obtain the data directly. The cloud part is OneNet in China Mobile, which provides remote access service. The hybrid App is designed to provide the interaction between users and the home security system in the smartphone, and the EDP and RTSP protocol is implemented to transmit data and video stream. Experimental results show that users can receive sensor data and warning text message through the smartphone and monitor, and control home status through OneNet cloud.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.10
• /
• pp.185-195
• /
• 2014

In this paper, we designed a role-based emergency medical information security system REMISS added the security concept to the existing emergency medical information system. Also we suggested a REMISS protocol based on HL7 for using the emergency medical information and the security information. The procedure of security consists of user authentication phase and role/permission assign phase in the REMISS. The REMISS can supply proper security service since the REMISS assign proper permissions to each users of emergency medical information system and allow the user to access the permitted emergency medical information by using security information of the REMISS. There are some advantages that REMISS can adapt to the changing of the role of each user by dynamic exchanging the security information and assigning permissions to each user.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.5
• /
• pp.81-90
• /
• 2003

Existing web-based system management software solutions show some limitations in time and space. Moreover, they possess such as shortcomings unreliable error message announcements and difficulties with real-time assistance suppers and emergency measures. In order to solve these deficiencies, Wireless Remote Control System was designed and implemented. Wireless Remote Control System is able to manage and monitor remote systems by using mobile communication devices for instantaneous control. The implementation of Wireless Remote Control System leads to these security Problems as well as solutions to aforementioned issues with existing web-based system management software solutions. Therefore, this paper has focused on the security matters related to Wireless Remote Control System. The designed security functions include mobile device user authentication and target system access control. For security verification of these security functions introduced CPN(Coloured Petri Nets) which is capable of expressing every possible state for each stage. And then in this paper was verified its security through PI(Place Invariant) based on CPN(Coloured Petri Nets). The CPN expression and analysis method of the proposed security function can also be a useful method for analyzing other services in the future.

• Convergence Security Journal
• /
• v.19 no.1
• /
• pp.103-110
• /
• 2019

Recently security related attacks occur in very diverse ways, aiming at people who operate the system rather than the system itself by exploiting vulnerabilities of the system. However, to the our best knowledge, there has been very few works to analyze and strategically to deal with the risks of social engineering attacks targeting people. In this paper, in order to access risks of social engineering attacks we analyze those attacks in terms of attack routes, attack means, attack steps, attack tools, attack goals. Then, with the purpose of accessing the organizational risks we consider the characteristics and environments of the organizations because the impacts of attacks on the organizations obviously depend on the characteristics and environments of the organizations. In addition, we analyze general attack risk assessment methods such as CVSS, CWSS, and OWASP Risk Rating Methodolog. Finally, we propose the risk access scheme of social engineering attacks for the organizations. The proposed scheme allows each organization to take its own proper actions to address social engineering attacks according to the changes of its environments.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.6
• /
• pp.9-17
• /
• 2021

In this paper, we propose a reversely using the "Man In The Middle Attack" attack technique as a way to introduce network security without changing the physical structure and configuration of the existing network, a Virtual Network Overlay is formed with only a single Ethernet Interface. Implementing In-line mode to protect the network from external attacks, we propose an integrated control method through a micro network security sensor and cloud service. As a result of the experiment, it was possible to implement a logical In-line mode by forming a Virtual Network Overlay with only a single Ethernet Interface, and to implement Network IDS/IPS, Anti-Virus, Network Access Control, Firewall, etc.,. It was possible to perform integrated monitor and control in the service. The proposed system in this paper is helpful for small and medium-sized enterprises that expect high-performance network security at low cost, and can provide a network security environment with safety and reliability in the field of IoT and embedded systems.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.05a
• /
• pp.233-236
• /
• 2008

Wire wireless integrated service of BcN(Broadband convergence Network) is expanding. Information Security issue is highlighted for opposing attack of getting information illegally on wire wireless network. The user of PKI(Public Key Infrastructure) cipher system among Information security technology receives various security services about authentication, confidentiality, integrity, non-repudiation and access control etc. A mobile client and server are loaded certificate and wireless internet cryptography module for trusted data send receive. And data sends receives to each other after certification process through validity check of certificate. Certificate and data security system is researched through PKI on wireless network environment and data security system in this paper.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.228-232
• /
• 2006

최근 활발히 개발 중인 보안운영체제의 핵심인 보안커널(security kernel)은 참조모니터(reference monitor)에서 주체(subject)가 객체(object)에 대한 실행(action) 권한을 판단함으로써 접근 제어를 실행한다. 보안운영체제의 대표적인 접근제어모델에는 다중레벨접근제어(MLS: Multi Level Security)모델과 역할기반접근제어(RBAC: Role Based Access Control) 모델 등이 있다. 리눅스 시스템에서 이러한 접근제어모델을 적용하기 위해서 접근 대상이 되는 객체들의 효과적인 분류가 요구된다. 본 논문에서는 리눅스 환경에서 효과적인 접근제어모델을 적용하기 위하여 객체들을 객체 클래스(class)와 유형(type)을 기준으로 분류 하였다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.4B
• /
• pp.592-598
• /
• 2010

A home network system is made up of subject of cyber attack from a variety factors of threatening, but also have security weakness in cases of hacking, vicious code, worm virus, DoS attack, tapping of communication network, and more. So, the necessity for a security protocol to protect user asset and personal information within a home network is gradually increasing. Thus, this paper designs and suggests a home network security protocol using user authentication and approach-control technology to prevent the threat by unauthorized users towards personal information and user asset in advance by providing the gradual authority to corresponding devices based on authorized information, after authorizing the users with a Public Key Certificate.

• The KIPS Transactions:PartC
• /
• v.10C no.3
• /
• pp.265-272
• /
• 2003

RBAC is an Access Control Mechanism for security administration of system resource and technique attracting in commercial fields because of reducing cost and complexity of security administration in large network. Many RBAC's research is progressive but several problems such as the delegation of role have been pointed out concerning the mechanism. It is necessary that a person's role delegate someone with reliability by reasons of a leave of absence, sick leave and the others. But the existing RBAC standards don't give definition of the delegation of roles. In this paper, we propose RBAC model that delegator can delegate subset of role and permission to a delegatee so that more efficient access control may be available.