• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.6
• /
• pp.2895-2921
• /
• 2018

Security has become one of the major concerns in mobile adhoc networks (MANETs). Data and voice communication amongst roaming battlefield entities (such as platoon of soldiers, inter-battlefield tanks and military aircrafts) served by MANETs throw several challenges. It requires complex securing strategy to address threats such as unauthorized network access, man in the middle attacks, denial of service etc., to provide highly reliable communication amongst the nodes. Intrusion Detection and Prevention System (IDPS) undoubtedly is a crucial ingredient to address these threats. IDPS in MANET is managed by Command Control Communication and Intelligence (C3I) system. It consists of networked computers in the tactical battle area that facilitates comprehensive situation awareness by the commanders for timely and optimum decision-making. Key issue in such IDPS mechanism is lack of Smart Learning Engine. We propose a novel behavioral based "Smart Multi-Instance Multi-Label Intrusion Detection and Prevention System (MIML-IDPS)" that follows a distributed and centralized architecture to support a Robust C3I System. This protocol is deployed in a virtually clustered non-uniform network topology with dynamic election of several virtual head nodes acting as a client Intrusion Detection agent connected to a centralized server IDPS located at Command and Control Center. Distributed virtual client nodes serve as the intelligent decision processing unit and centralized IDPS server act as a Smart MIML decision making unit. Simulation and experimental analysis shows the proposed protocol exhibits computational intelligence with counter attacks, efficient memory utilization, classification accuracy and decision convergence in securing C3I System in a Tactical Battlefield environment.

• Journal of Digital Convergence
• /
• v.10 no.2
• /
• pp.153-159
• /
• 2012

Now a days, U-healthcare comes into the spotlight as a new business model which combines RFID technology with medical service in the well-being era and IT popularization. U-healthcare service needs a method that can deals with hand-writing, overlap data, forgery and falsification of data, difference between information version that happen in medical process because of graft between RFID technology and u-healthcare. This paper proposes RFID based user certification protocol to protect user's privacy who gets medical service through U-healthcare. In the protocol, secret information of patient does the XOR with the secret key that is created in the hospital to reconsider the stability of security system of U-healthcare and user's data forgery and falsification and privacy and then saves it in the secret key field of patient in DB table. Also, it informs the case of illegal access to certification server and make it approved the access of u-healthcare service by differentiating whether u-healthcare is illegal or not.

• Journal of Broadcast Engineering
• /
• v.14 no.3
• /
• pp.280-287
• /
• 2009

An IPTV (Internet Protocol Television) technology is the new convergence technology of the telecommunication and broadcasting which provides various bidirectional TV services. To provide these services only to legal subscribers, mutual authentication between set-top box connected with TV set and the smart card owned by a subscriber is needed. In this paper, we propose an attribute-based mutual authentication scheme that only someone who is satisfied with some attributes, such as titles or departments, can access the contents provided by the IPTV service in an organization. We also show that the proposed scheme is secure. Our proposed scheme has a virtue that user can access various services, provided by an organization where he/she belongs to, according to their attributes with only one time registration. As far as we know, this is the first attribute-based authentication scheme which can be applied to any organizations in IPTV environments.

• The Journal of the Korea Contents Association
• /
• v.18 no.9
• /
• pp.141-148
• /
• 2018

Currently, the user authentication technology used by users to access multiple applications within an organization is being applied with ID/PW-based SSO technology. These user authentication methods have the fundamental disadvantages of ID/PW and SSO. This means that security vulnerabilities in ID/PW can lead to periodic changes in PWs and limits on the number of incorrect PW inputs, and SSO adds high cost of the SSO server, which centrally stores the authentication information, etc. There is also a fundamental vulnerability that allows others to freely use other people's applications when they leave the portal application screen with SSO. In this paper, we proposed an app-based 2-channel authentication scheme to fundamentally eliminate problems with existing ID/PW-based SSO user authentication technologies. To this end, it distributed centralized user authentication information that is stored on SSO server to each individual's smartphone. In addition, when users access a particular application, they are required to be authenticated through their own smartphone apps.

• Journal of Internet Computing and Services
• /
• v.12 no.2
• /
• pp.123-133
• /
• 2011

This paper introduces security problems on the video surveillance systems where the network cameras are equipped at remote places and isolated from the updated and secure environment and proposes a framework for a proxy server that is delegated to connect to network cameras by providing a secure connections from the clients. The server in the framework is deployed within a secure network, secretes the information for connection to cameras and authenticates the clients. Additionally, it provides a secure video service incorporating multi-level privileges for both images and clients through a encryption key distribution and management facility. Through an implementation of the server and a its deployment, it was proved that In this server implement to multi network camera and we confirm compare direct access to network camera equal video quality of service and it can be protection network camera. We expect that can be secure and integral management about traditional network camera through experimental result.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.9
• /
• pp.81-88
• /
• 2021

In this paper, we analyze the possibility of deregistration attack in 5G SNPN (Standalone Non-Public Network) based on 3GPP standard document. In the deregistraion attack, the attacker pretends to be a UE that is normally registered with AMF (Access and Mobility Management Function) and attempts to establish a spoofed RRC (Radio Resource Control) connection, causing AMF to deregister the existing UE. The existing deregistration attack attempts a spoofed RRC connection to the AMF in which the UE is registered. In addition, this paper analyzes whether deregistration attack is possible even when an attacker attempts to establish a spoofed RRC connection to a new AMF that is different from the registered AMF. When the 5G mobile communication network system is implemented by faithfully complying with the 3GPP standard, it is determined that a deregistration attack of a UE is impossible.

• 한국디지털정책학회:학술대회논문집
• /
• 2004.11a
• /
• pp.375-387
• /
• 2004

The paper presents an Integrated E-Community System (IECS) for management, decision and service, designed for the e-government project of Haishu District of Ningbo, Zhejiang, China. The project need is to promote the integration of management information and service information of communities, providing a unified platform on which different departments of the district government can share and exchange community information, government officers can analyze information and make decisions, and the outside users can access and request services. To meet the project need, the IECS consists of five parts: 1) The Central DataBase (CDB) that stores all information related with management, decision and service of communities: 2) Information Extracting Subsystem (IES) that provides functions of extracting data from data sources, transforming and loading them into the CDB for system administrators; 3) Information Management Subsystem (IMS) that provides functions of querying and sharing of information for government users, and functions of information maintenance, rights and log management for system administrators: 4) Intelligent Analysis Subsystem (IAS) that provides functions of extracting analysis related data from the CDB and loading them into the DW, and functions of multi-dimensional analysis and decision-making based on the DW and OLAP for government users; 5) Information Service Website (ISW) that provides functions of promulgating and collecting of information for government users and system administrators, and functions of browsing, querying and requesting of service information for outside users. The IECS supports management, decision and service of a government based on a unified data platform--the CDB, and ensures data security by providing different workplaces and rights for different users. In the real application, the system works well.

• Journal of Service Research and Studies
• /
• v.4 no.2
• /
• pp.21-35
• /
• 2014

The mobile environment which is based on the Internet is expanding the area of the web information systems. The mobile Internet is expanding mobile content and services due to the development of wireless network technology, the proliferation of smart terminal devices, and the emergence of a variety of mobile services platforms. A mobile web is to access to the Internet service using a mobile network or other wireless network using a smart phone or a mobile device. Recently, it is to increase the smart phone usage rapidly in the country, and many companies is entering the mobile market. There are increasing need for this operation plan of a mobile web information system. In this paper, we compared the COBIT, ITIL, the SLA, which are the International Information Systems operation standards, and the information system operation standards of Korea Information Security Agency. We analyzed the suitability of the mobile environment and information system operating instructions, and we compared mobile web, operating environments and the ITIL V3.

• The Journal of Korean Institute for Practical Engineering Education
• /
• v.2 no.1
• /
• pp.84-88
• /
• 2010

Recently, it is essential to have the system which can track down and identity the random object in the space in which security is a high priority. Due to the fact that we mentioned above, in this paper. We suggest the intelligent video surveillance system effective image-process-education in this paper. The experiment was conducted to check and track down the entering vehicle. And, Pan-Tilt-Zoom camera was used to obtain the enlarged image of the object while a vehicle was making stop in target area. As a result, the experiment has shown the data as following. When the object is in motion, success rate is 97.4%, while success rate is 91% when the object is motionless. By using the suggested system, effective image-process-education is should be achieved because the students who participate in the class can have simultaneous access to the system for real time image data and camera control.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.19 no.8
• /
• pp.1628-1639
• /
• 1994

In order to increase the utilization of the computing resources, universities connect a variety of computing resources such as mainframes, workstations, and personal computers via LAN. However, due to management and security reasons, most administrative applications are concentrated on mainframes which is the main cause of large work overload on mainframes for such applications as on-line course registration system where the entire student body must have access to the system during a short period of time. In this study, using a university system as the model and choosing on-line course registration system as the targeted distributed computing. APPC through IBM SNALU 6.2 link is proposed as the most appropriate means of distributed computing for the environment of the model university. In addition, the on-line course registration system is redesigned as client-server model where a mainframe serves as the file server responsible for file input and output and workstations becomes the client. Actual implementation and experiments have shown that the proposed distributed computing system yields a significant reduction in processing time.