• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.11A
• /
• pp.1085-1091
• /
• 2006

For an experiment in this paper, designed test bed to secure confidentiality of data and safe transmission that Mobile node exchanges in Mobile network. And, For IPsec use that support basically in MIPv6, modeling and experimented IKEv2 protocol that is used for reliable authentication key management and distribution between End Point. When Mobile node handoff in Mobile network, analyzed effect that authentication key re-exchange and limited bandwidth that happen often get in key exchange. And studied about Performance and latency about authentication setting and exchange process that use multi interface. To conclusion, when Mobile node transmits using IPSec, re-authentication of key confirmed that re-setting by limit of bandwidth that existent Mobile network has can be impossible. According to other result, proposed MN's multi interface is expected to minimise key exchange latency by hand-off when transmit IPSec.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.11B
• /
• pp.979-986
• /
• 2006

DSTM is one of the 1Pv6/IPv4 transition mechanisms using IPv4-in-IPv6 tunneling for communication between IPv6 node with dual stack and Ipv4-only node. In DSTM, the DSTM server using the DHCPv6 is vulnerable to DoS attacks which can exhaust the IPv4 address pool. In this paper, an authentication model using a HRAA (Human Recognition Address Allocation) scheme was proposed to protect DHCP server against DoS attacks. The proposed authentication model in DSTM that uses an image file for verification is effective because only human can respond to the challenge for authenticated address allocation. The proposed model can be used anytime and anywhere in a DSTM domain, and is secure against DoS attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.3
• /
• pp.563-577
• /
• 2018

In order to support secure communication in VANET(Vehicular Ad hoc Network), messages exchanged between vehicles or between vehicle and infrastructure must be authenticated. In this paper, we propose a hierarchical anonymous authentication system for VANET. The proposed system model reduces the overhead of PKG, which is a problem of previous system, by generating private keys hierarchically, thereby enhancing practicality. We also propose a two-level hierarchical identity-based signature(TLHIBS) scheme without pairings so that improve efficiency. The proposed scheme protects the privacy of the vehicle by satisfying conditional privacy and supports batch verification so that efficiently verifies multiple signatures. Finally, The security of the proposed scheme is proved in the random oracle model by reducing the discrete logarithm problem(DLP) whereas the security proof of the previous ID-based signatures for VANET was incomplete.

• The Journal of the Korea Contents Association
• /
• v.18 no.6
• /
• pp.434-442
• /
• 2018

Recently, the threat to the security and damage of important data leaked by devices of intranet infected by malicious code through the Internet have been increasing. Therefore, the partitioned intranet model that blocks access to the server for business use by implementing authentication of devices connected to the intranet is required. For this, logical net partition with the VDI(Virtual Desktop Infrastructure) method is no information exchange between physical devices connected to the intranet and the virtual device so that it could prevent data leakage and improve security but it is vulnerable to the attack to expose internal data, which has access to the server for business connecting a nonregistered device into the intranet. In order to protect the server for business, we suggest a blockchain based network partition model applying blockchain technology to VDI. It contributes to decrease in threat to expose internal data by improving not only capability to verify forgery of devices, which is the vulnerability of the VDI based logical net partition, but also the integrity of the devices.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.48 no.3
• /
• pp.76-81
• /
• 2011

Intrusion prevention systems (IPS) are important solution about solved problems for inside system security or outsider attacks. When introduce this system, first consideration item is secured rather than multiple function. Colored Petri Nets (CPNs) used that in order to secured verification for user authentication function of intrusion prevention system security model. CPNs is a graphical modeling language suitable for modeling distributed, concurrent, deterministic or non-deterministic systems with synchronous. Like these CPNs was expressed every possible state and occurrence graph. Secured of IPS security model was verified because expression every state using CPN tool and as a result of analyzing the occurrence graph was without a loop or interruption.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37C no.11
• /
• pp.1027-1035
• /
• 2012

Recently, the smart phone including web and mobile service based on the reliability and extendability of cloud computing is receiving huge attention. However, most of current cloud services provide just an application service for synchronizing data between mobile entity and server. Business model developed by communication companies have problems with interoperability. This paper proposes a new service security authentication model to efficiently manage smart phone users using different business models between smartphones and to keep the reliability and extendability of cloud computing. Proposed model authenticates for smart phone users to stay with in the unified communication with smart phone user's identity and access control to effectively use the current cloud computing system.

• Journal of KIISE:Computer Systems and Theory
• /
• v.32 no.10
• /
• pp.512-519
• /
• 2005

E-BLP security model considers the reliability of the processes that are real subjects in systems. This paper deals with the implementation of the E-BLP model for secure embedded systems. Implemented EBSM(E-BLP Based Security Module) consists of three components: identification and authentication, access control and BRC(Dynamic Reliability Check) that checks the process behavior dynamically. Access Control of EBSM ensures unreliable processes not to access the sensitive objects and the DRC detects the buffer overflow attack by normal user. Besides, the performance overhead of the embedded system applying the EBSM is introduced.

• Journal of KIISE:Information Networking
• /
• v.32 no.6
• /
• pp.659-667
• /
• 2005

A Mobile Ad Hoc Network(MANET) is a multi hop wireless network with no prepared base stations or centralized administrations, where flocks of peer systems gather and compose a network. Each node operates as a normal end system in public networks. In addition to it, a MANET node is required to work as a router to forward traffic from a source or intermediate node to others. Each node operates as a normal end system in public networks, and further a MANET node work as a router to forward traffic from a source or intermediate node to the next node via routing path. Applications of MANET are extensively wide, such as battle field or any unwired place; however, these are exposed to critical problems related to network management, node's capability, and security because of frequent and dynamic changes in network topology, absence of centralized controls, restricted usage on network resources, and vulnerability oi mobile nodes which results from the special MANET's character, shared wireless media. These problems induce MANET to be weak from security attacks from eavesdropping to DoS. To guarantee secure authentication is the main part of security service In MANET because networks without secure authentication are exposed to exterior attacks. In this paper, a multistage authentication strategy based on CGSR is proposed to guarantee that only genuine and veritable nodes participate in communications. The proposed authentication model is composed of key manager, cluster head and common nodes. The cluster head is elected from secure nodes, and key manager is elected from cluster heads. The cluster head will verify other common nodes within its cluster range in MANET. Especially, ID of each node is used on communication, which allows digital signature and blocks non repudiation. For performance evaluation, attacks against node authentication are analyzed. Based on security parameters, strategies to resolve these attacks are drawn up.

• Proceedings of the IEEK Conference
• /
• 2007.07a
• /
• pp.189-190
• /
• 2007

We propose an efficient internetworking model for fast handover between UMTS and WLAN networks. Mobility anchor (MA) is provided at the boundary between GGSN and PDG, under the 3GPP-proposed internetworking reference model. Such MA can enable authentication and session initialization before L2 handover of the mobile terminal, so that seamless and fast vertical handover could be possible.

• Journal of Digital Convergence
• /
• v.18 no.7
• /
• pp.123-133
• /
• 2020

The aim of this study is to scrutinize acceptance intentions of Korean users and influences of information security related factors on mobile payment services based on biometric authentication methods, like finger print authentication or face recognition authentication, by focusing on ApplePay. Unlike previous studies on user acceptance of mobile payment which lack considerations on information security related factors, this study employs the UTAUT with detailed information security factors to create a research model and PLS(Partial Least Squares) method to analyze the model. Based on the analysis, gaining trust on service through company's efforts on information protection, personal characteristics and trust on applied security technologies are important factors to Korean users along with social awareness and service infrastructures. The result of this study would be helpful to companies or organizations, which provide biometric-based mobile payment services, to understand needs of Korean consumers. Based on this study, further analysis is expected to find impacts of user experiences on same company's or competitors' products to acceptance intentions.