• Journal of KIISE:Information Networking
• /
• v.37 no.3
• /
• pp.187-197
• /
• 2010

The fusion stream of recent broadcasting and communication make multimedia content served in the area of broadcasting into IPTV service which transmits it through high-speed internet, cable TV net and satellite net in realtime. However, as the digital broadcasting service is extended to various media, the security of IPTV service content provided to users by service provider is not fully supported by CAS(Conditional Access System) provided by existing broadcasting system. This paper proposes interactive certification protocol which can efficiently distinguish the receiving-qualification of user between Set-Top Box and Smart Card which are parts of configurations for IPTV system. The proposed protocol uses hash function to make Set-Top Box transmit receiving-qualification about the channel fee which user pays more properly than existing protocol. Also, the proposed protocol uses session key generated between receiver and smart card through inter certification process and encrypts EMM not the service to be used by anyone illegally.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.107-109
• /
• 2022

This paper proposes a new security system to detect cyber-attacks based on message authentication in a in-vehicle network. In the in-vehicle network, when a sending node transmits messages in a broadcast manner, it only uses a message identifier, rather than a node's identifier. It leads to a problem not identifying the source. In the proposed system, the sending node generates a message authentication code (MAC) using a cryptographic hash function to the control data and transmits it with the control data. When generating the MAC for each message, a multidimensional chaotic map is applied to increase the randomness of the result. The receiving node compares its MAC generated from the control data in the received message with the MAC of the received message to detect whether the message transmitted from the sending node is forged or not. We evaluate the performance of the proposed system by using CANoe and CAPL (Communication Access Programming Language). Our system shows a 100% of detection rate against cyber-attacks injected.

• Journal of Korean Society of Disaster and Security
• /
• v.6 no.3
• /
• pp.9-17
• /
• 2013

Geospatial information data came recently in use to build the location-based service in various fields. These data were shown via a 2-D map in the past but now can be viewed as a 3-D map due to the dramatic evolution of IT technology, thus improving efficiency and raising practicality to a greater extent by providing a more realistic visualization of the field. In addition, many previous GIS applications have been provided under desktop environment, limiting access from remote sites and reducing its approachability for less experienced users. The latest trend offers service with web-based environment, providing efficient sharing of data to all users, both unknown and specific internal users. Therefore, real-time information sensors that have been installed on steep slopes are to be integrated with 3-D geospatial information in this study. It is also to be developed with web-based environment to improve usage and access. There are three steps taken to establish this system: firstly, a 3-D GIS database and 3-D terrain with higher resolution aerial photos and DEM (Digital Elevation Model) have been built; secondly, a system architecture was proposed to integrate real-time sensor information data with 3D Web-based GIS; thirdly, the system has been constructed for Gangwon Province as a test bed to verify the applicability.

• Journal of Advanced Navigation Technology
• /
• v.11 no.3
• /
• pp.259-265
• /
• 2007

Systematic components for implementing ubiquitous computing, for example, electronic devices, electric home appliances, and controllers, etc, are consist of not only circuits but also softwares expected to do some special system-controlling functions, and these softwares used to be called like as embedded software. Because embedded software is a core component controlling systems, the codes or control flows should be protected from being opened to the public or modified. Embedded software security can be divided into 2 parts: first is the unauthorized access to development site and embedded software, second is the unauthorized disclosure or modification. And this research is related to the first aspect of them.This paper proposes some security check requirements related to embedded software development site by analyzing the ALC_DVS.1 of the ISO/IEC 15408 and Base Practices (BPs) of the ISO/IEC 21827. By applying this research, we expect to protect unauthorized modification of embedded software indirectly.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.647-656
• /
• 2020

Recently, there has been an increasing number of cases in which important data (personal information, technology, etc.) of national and public institutions are leaked to the outside world. Surveys show that the largest cause of such leakage accidents is "insiders." Insiders of organization with the most authority can cause more damage than technology leaks caused by external attacks due to the organization. This is due to the characteristics of insiders who have relatively easy access to the organization's major assets. This study aims to present an optimized property selection model for detecting such abnormalities through supervised learning algorithms among machine learning techniques using actual data such as CrossNet data transfer system transmission log, e-mail transmission log, and personnel information, which safely transmits data between separate areas (security area and non-security area) of the business network and the Internet network.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.7
• /
• pp.2512-2529
• /
• 2015

Wireless mesh networks (WMNs) provide an efficient and flexible method to the field of wireless networking, but also bring many security issues. A mesh point may lose all of its available links during its movement. Thus, the mesh point needs to handover to a new mesh point in order to obtain access to the network again. For multi-domain WMNs, we proposed a new ID-based signcryption scheme and accordingly present a novel ID-based handover protocol for mesh points. The mutual authentication and key establishment of two mesh points which belong to different trust domains can be achieved by using a single one-round message exchange during the authentication phase. The authentication server is not involved in our handover authentication protocol so that mutual authentication can be completed directly by the mesh points. Meanwhile, the data transmitted between the two mesh points can be carried by the authentication messages. Moreover, there are no restrictions on the PKG system parameters in our proposed multi-domain ID-based signcryption scheme so our handover scheme can be easily applied to real WMNs circumstances. Security of the signcryption scheme is proved in the random oracle model. It shows that our protocol satisfies the basic security requirements and is resistant to existing attacks based on the security of the signcryption. The analysis of the performance demonstrates that the protocol is efficient and suitable for the multi-domain WMNs environment.

• Journal of Digital Convergence
• /
• v.13 no.5
• /
• pp.169-176
• /
• 2015

Virtual Private Network is a method which can use as a private network using private line. The quality of security of virtual private network is influenced by security auditability, cryptographic support, user data protection, access control, etc., and efficiency is influenced by throughput, latency, the number of cession, etc. In this paper, we constructed a evaluation model based on CC(ISO/IEC 15408) and the quality evaluation standard ISO/IEC 25000 series to evaluate the quality level about efficiency with security performance of virtual private network. We think that this study will contribute to construct the system which can evaluate the quality of virtual private network based on CC and ISO quality evaluation standard.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.10
• /
• pp.3138-3147
• /
• 2000

EC(Electronic Commerce) which is cone the virtual space through Internet, has the advantage of time and space. On the contrary, it also has weak point like security probelm because anybody can easily access to the system due to open network attribute of Internet. Theretore, we need the solutions that protect the EC security problem for safe and useful EC activity. One of these solution is the implemonlation of a strong cipher algorithm. YK2(YoungKu Kang) cipher algorithm proposed in this paper is advantage for the EC security and it overcomes the limit of the current 6/1 bits block cipher algorithm using 128 bits key length for input, output, encryption key and 32 rounds. Moreover, it is degigned for the increase of time complexity and probability calculation by adapting more complex design for key scheduling regarded as one of the important element effected to enciyption.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.235-247
• /
• 2021

Today, the cloud computing has become a major demand of many organizations. The major reason behind this expansion is due to its cloud's sharing infrastructure with higher computing efficiency, lower cost and higher fle3xibility. But, still the security is being a hurdle that blocks the success of the cloud computing platform. Therefore, a novel Multi-tenant Decentralized Information Flow Control (MT-DIFC) model is introduced in this research work. The proposed system will encapsulate four types of entities: (1) The central authority (CA), (2) The encryption proxy (EP), (3) Cloud server CS and (4) Multi-tenant Cloud virtual machines. Our contribution resides within the encryption proxy (EP). Initially, the trust level of all the users within each of the cloud is computed using the proposed two-stage trust computational model, wherein the user is categorized bas primary and secondary users. The primary and secondary users vary based on the application and data owner's preference. Based on the computed trust level, the access privilege is provided to the cloud users. In EP, the cipher text information flow security strategy is implemented using the blowfish encryption model. For the data encryption as well as decryption, the key generation is the crucial as well as the challenging part. In this research work, a new optimal key generation is carried out within the blowfish encryption Algorithm. In the blowfish encryption Algorithm, both the data encryption as well as decryption is accomplishment using the newly proposed optimal key. The proposed optimal key has been selected using a new Self Improved Cat and Mouse Based Optimizer (SI-CMBO), which has been an advanced version of the standard Cat and Mouse Based Optimizer. The proposed model is validated in terms of encryption time, decryption time, KPA attacks as well.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.2
• /
• pp.53-64
• /
• 2005

Previous secure routing protocols for wireless sensor networks assume that a sink is static. In many cases, however, a sink operated by man or vehicle is moving. A mobile sink creates a lot of technical problems such as reconfiguration of routing path exposure of sink location. and selection of secure access point node, which are not considered by many previous researches. In this paper, we propose a new secure routing scheme for solving such problems using hi-directional hash chain and delegation nodes of grid structure. This scheme provides a secure routing path and prevents attacker from recognizing the location of a mobile sink in sensor networks. This new method reduces the resource requirements compared to the cashed routing schemes. Simulation results also show that the system is secure and efficient enough.