• 대한전자공학회논문지TC
• /
• 제43권11호
• /
• pp.168-174
• /
• 2006

본 논문에서는 IMS(IP Multimedia Subsystem)기반의 이동통신망에서 IPv4를 기반으로하는 UA(User Agent)와 IPv6를 기반으로 하는 UA간 통신을 위한 구조를 제안하고 이를 검증하기 위해 IMS 프로토콜 변환기를 설계하고 구현한다. 이를 위하여 IPv4/IPv6간의 이전 시나리오를 정리하고 분석하였고 분석된 결과를 바탕으로 이전의 필수 요소인 프로토콜 변환기를 제시하였다. 제시된 IMS 프로토콜 변환기는 IMS-ALG(IP Multimedia Subsystem - Application Level Gateway)기능과 TrGW(Translation Gateway)의 기능들로 구성되었고 이들 구성요소를 구현하고 실험을 통하여 이들의 적합성을 검증하였다.

• 한국멀티미디어학회논문지
• /
• 제19권7호
• /
• pp.1159-1165
• /
• 2016

Traffic violations such as moving while the traffic lights are red have come from a simple omission to a premeditated act. The traffic control center cannot timely monitor all the cameras installed on the roads to trace and pursue those traffic violators. Modern vehicles are equipped and controlled by several sensors in order to support monitoring and reporting those kind of behaviors which some time end up in severe causalities. However, such applications within the vehicle environment need to provide security guaranties. In this paper, we address the limitation of previous work and present a secure and privacy preserving protocol for traffic violation reporting system in vehicular cloud environment which enables the vehicles to report the traffic violators, thus the roadside clouds collect those information which can be used as evidence to pursue the traffic violators. Particularly, we provide the unlinkability security property within the proposed protocol which also offers lightweight computational overhead compared to previous protocol. We consider the concept of conditional privacy preserving authentication without pairing operations to provide security and privacy for the reporting vehicles.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2014년도 추계학술발표대회
• /
• pp.516-519
• /
• 2014

Cloud computing is an up-and-coming paradigm shift transforming computing models from a technology to a utility. However, security concerns related to privacy, confidentiality and trust are among the issues that threaten the wide deployment of cloud computing. With the advancement of ubiquitous mobile-based clients, the ubiquity of the model suggests a higher integration in our day to day life and this leads to a rise in security issues. To strengthen the access control of cloud resources, most organizations are acquiring Identity Management Systems (IDM). This paper presents one of the most popular IDM systems, specifically OAuth, working in the scope of Mobile Cloud Computing which has many weaknesses in its protocol flow. OAuth is a Delegated Authorization protocol, and not an Authentication protocol and this is where the problem lies. This could lead to very poor security decisions around authentication when the basic OAuth flow is adhered to. OAuth provides an access token to a client, so that it can access a protected resource, based on the permission of the resource owner. Many researchers have opted to implement OpenlD alongside OAuth so as to solve this problem. But OpenlD similarly has several security flows. This paper presents scenarios of how insecure implementations of OAuth can be abused maliciously. We incorporate an authentication protocol to verify the identities before authorization is carried out.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제18권3호
• /
• pp.720-737
• /
• 2024

Private set intersection cardinality (PSI-CA) is a typical problem in the field of secure multi-party computation, which enables two parties calculate the cardinality of intersection securely without revealing any information about their sets. And it is suitable for private data protection scenarios where only the cardinality of the set intersection needs to be calculated. However, most of the currently available PSI-CA protocols only meet the security under the semi-honest model and can't resist the malicious behaviors of participants. To solve the problems above, by the application of the variant of Elgamal cryptography and Bloom filter, we propose an efficient PSI-CA protocol with high security. We also present two new operations on Bloom filter called IBF and BIBF, which could further enhance the safety of private data. Using zero-knowledge proof to ensure the safety under malicious adversary model. Moreover, in order to minimize the error in the results caused by the false positive problem, we use Garbled Bloom Filter and key-value pair packing creatively and present an improved PSI-CA protocol. Through experimental comparison with several existing representative protocols, our protocol runs with linear time complexity and more excellent characters, which is more suitable for practical application scenarios.

• 한국통신학회논문지
• /
• 제38B권11호
• /
• pp.895-901
• /
• 2013

본 논문에서는 USN 기반 다중 프로토콜 게이트웨이 미들웨어의 설계를 제안한다. 제안된 다중 프로토콜 게이트웨이 미들웨어는 송신 메시지 형식을 정의하고, UART를 사용하여 MCU 외부 응용 프로그램에 연결을 위하여 USN 모듈 인터페이스 프로토콜을 사용하였다. 이 경우, 게이트웨이는 설정정보와 함께 지그비 모듈과의 통신 상태를 확인하고, 지그비 시리얼 PDU 형식을 설정한다. 제안된 다중 프로토콜 게이트웨이 미들웨어 실험 결과, 전력제어 및 통신제어 실험을 통해 재생 중계 장치를 사용하는 게이트웨이보다 다중 프로토콜 게이트웨이를 사용하는 통합 프로토콜 게이트웨이의 효율성을 입증하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권2호
• /
• pp.978-1002
• /
• 2019

With the rapid development of the Internet of Things, the problem of privacy protection has been paid great attention. Recently, Nikooghadam et al. pointed out that Kumari et al.'s protocol can neither resist off-line guessing attack nor preserve user anonymity. Moreover, the authors also proposed an authentication supportive session initial protocol, claiming to resist various vulnerability attacks. Unfortunately, this paper proves that the authentication protocols of Kumari et al. and Nikooghadam et al. have neither the ability to preserve perfect forward secrecy nor the ability to resist key-compromise impersonation attack. In order to remedy such flaws in their protocols, we design a lightweight authentication protocol using elliptic curve cryptography. By way of informal security analysis, it is shown that the proposed protocol can both resist a variety of attacks and provide more security. Afterward, it is also proved that the protocol is resistant against active and passive attacks under Dolev-Yao model by means of Burrows-Abadi-Needham logic (BAN-Logic), and fulfills mutual authentication using Automated Validation of Internet Security Protocols and Applications (AVISPA) software. Subsequently, we compare the protocol with the related scheme in terms of computational complexity and security. The comparative analytics witness that the proposed protocol is more suitable for practical application scenarios.

• 한국정보통신학회:학술대회논문집
• /
• 한국해양정보통신학회 2004년도 춘계종합학술대회
• /
• pp.748-751
• /
• 2004

본 논문에서는 눈부신 속도로 발전하는 무선 인터넷 시장에서 무선중계 보안 시스템 설계 시 고려되어지는 단말기의 제약사항을 극복하기 위한 여러 가지 방법들 중에서 응용 계층에서 지원되어지는 방법을 논의하고자 한다. 현재 무선 인터넷 프로토콜은 단말기의 제약 사항 즉, 제한된 처리능력, 작은 메모리, 낮은 대역폭, 배터리 시간 둥으로 인하여 유선과 같은 정보보호 수준을 제공하지 못한다. 이를 해결하기 위한 방안이 현재까지도 진행 중이고, 표준화 작업 중에 있다. 이러한 무선 인터넷 프로토콜로는 WAP포럼의 WAP(Wireless Application Protocol), Microsoft사의 ME(Mobile Explore) 또 일본 도코모사의 i-mode가 있다. 현재 전 세계적으로 가장 널리 알려진 WAP을 살펴보며, 버전 2.0에서 제시된 응용 계층 전자 서명, 암복호화 함수에 대하여 논의한다. 또한 무선 인터넷 보안에서 빼놓을 수 없는 보안 프로토콜과 그 기반이 될 수 있는 무선 PKI를 간단히 살펴보고, 이와 관련하여 응용 계층에서 전자서명, 암복호화가 무선 PKI와 전송계층 보안 프로토콜에 주는 의미를 논의하고자 한다.

• Journal of information and communication convergence engineering
• /
• 제12권2호
• /
• pp.104-108
• /
• 2014

The field of body sensor networks has attracted interest of many researchers due to its potential to revolutionize medicine. These sensors are usually implanted inside the human body and communicate among themselves. In the process of receiving, processing, or transmitting data, these devices produce heat. This heat damages the tissues surrounding the devices in the case of prolonged exposure. In this paper, to reduce this damages, we have improved and evaluated two protocols-the least temperature routing protocol and adaptive least temperature routing protocol-by implementing clustering as well as a leadership rotation algorithm. We used Castalia to simulate a basic body area network cluster composed of 6 nodes. A throughput application was used to simulate all the nodes sending data to one sink node. Simulations results shows that improved communication protocol with leadership rotation algorithm significantly reduce the energy consumption as compared to a scheme without leadership rotation algorithm.

• Journal of Electrical Engineering and information Science
• /
• 제2권5호
• /
• pp.89-99
• /
• 1997

The application for real-time database systems must satisfy timing constraints. Typically the timing constraints are expressed in the form of deadlines which are represented by priorities to e used by schedulers. In any real-time applications, since the system maintains sensitive information to be shared by multiple users with different levels of security clearance, security is another important requirement. As more advanced database systems are being used in applications that need to support timeliness while managing sensitive information, protocols that satisfy both requirements need to be developed. In this appear, we proposed a new priority-driven secure multiversion locking (PSMVL) protocol for real-time secure database systems. The schedules produced by PSMVL are proven to e one-copy serializable. We have also shown tat the protocol eliminates covert channels and priority inversions. The details of the protocol, including the compatibility matrix and the version selection algorithms are presented. the results of the performance comparisons of our protocol with other protocols are described.

• 제어로봇시스템학회:학술대회논문집
• /
• 제어로봇시스템학회 2001년도 ICCAS
• /
• pp.52.3-52
• /
• 2001

There are some problems to implement a realtime network system with Ethernet because the MAC(Medium Access Control) of Ethernet uses a CSMA/CD protocol, which introduces unexpected delays. In this paper, we designed a method to solve problems due to the Ethernet MAC. This method introduces a pseudo-MAC in application layer to support the real-time feature. So the presented method doesn´t need any modifications of protocols such as UDP/IP/MAC. The presented pseudo-MAC is based on both a token passing protocol and a publisher-subscriber protocol. The suggested realtime protocol is implemented and tested practically in a local area network. The proposed real-time network consists of a token controller node and general nodes.