• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.111-117
• /
• 2004

In distributed-computing environments, there is a strong demand for the authentication and the access control of distributed-shared resources. I have presented role-based access control (RBAC) concept that is in the spotlight recently. RBAC model shows the standardized access control of complicated organization's resources. In RBAC, senior role has junior role's permission by virtue of role hierarchy. But, junior role cannot perform the permission, which is granted to the senior or other role groups. Inheritances of permissions in role hierarchies are static. In order to tackle this problem, I propose a dynamic role assignment, which classified into passive role assignment and active role assignment, and design dynamic role assignment protocol and implement role assignment server.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.1
• /
• pp.89-95
• /
• 2016

In this paper, we propose a locker system that can remotely control and manage locker. The main features of the proposed system are follows. First, connect the locker with server and then open the locker after passing through the certification process in server. Second, locker manager can more systematically manage a locker by using locker management system based on smart phone. Third, provide an instant locker for temporary using lockers to increase the ease of use. Fourth, unlike traditional analog locker, can support better security by using authentication process and log data. Performance evaluation is performed via simulation by making the dummy model. The results of performance evaluation show the proposed system can support efficiently the locker management.

• Journal of IKEEE
• /
• v.22 no.3
• /
• pp.723-728
• /
• 2018

This paper proposes a signal detection method for IoT door lock system which is a new application field of VLC (Visible Light Communication). This paper describes the signal detection technique for user recognition that needs to be overcome in order to apply VLC to door lock system which has a demand for new technology due to security issue. This system has security and high signal detection characteristics because it uses existing infrastructure to communicate with visible light. In order to detect the signal using FFT, the signal of the user who accesses the authentication channel based on the pilot signal is detected, and the performance of the false alarm probability and detection probability is shown in the channel model.

• Journal of Korea Multimedia Society
• /
• v.10 no.3
• /
• pp.325-334
• /
• 2007

In order to increase the promotion of multimedia processing techniques in MPEG standard, MPEG Multimedia Middleware (M3W) which supports middleware interface for multimedia processing is set up. In this paper, multimedia protection and management service interfaces based on MPEG Multimedia Middleware (M3W) are introduced. The service interfaces are based on component models of M3W and support normative IPMP messages. The proposed interfaces are composed of Tool interfaces and Trust management interfaces: Tool interfaces provide the functionality supporting terminal and tool based on the governed decoder model and Trust management interfaces provide the supporting functionality such as license managing and authentication required in DRM devices. As an application of the proposed interfaces, a JAVA based player simulator is shown. The proposed interfaces can be easily implemented under various device and application environments as an ISO/IEC 23004-2 standard middleware platform.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.181-192
• /
• 2017

Internet of Things includes the whole process of collected information generated from a variety of objects, as well as analyzing and sharing it, and providing useful information services to people. This study seeks ways to improve security and safety in the areas of service security technology, ID management technology and service access control, all of which take place in the IoT environment. We have implemented the services that can design and issue C&C (Certificate and Capability) service token authentication, which is based on a public key, to improve the service security. In addition, we suggest LCRS (Left Child-Right Sibling) resource model management for the efficient control of resources when generating the resource services from the data collected from node devices. We also implemented an IoT services platform to manage URL security of the resource services and perform access control for services.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.1
• /
• pp.536-551
• /
• 2017

With the advancement and deployment of leading-edge telecommunication technologies for sensing and collecting, computing related information, Cloud of Things (CoTs) has emerged as a typical application platform that is envisioned to revolutionize the daily activities of human society, such as intelligent transportation, modern logistics, food safety, environmental monitoring, etc. To avoid any possible malicious attack and resource abuse, employing hash functions is widely recognized as one of the most effective approaches for CoTs to achieve message integrity and data authentication. The Whirlpool hash function has served as part of the joint ISO/IEC 10118-3 International Standard by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). In this paper, we propose an effective differential fault analysis on Whirlpool in the byte-oriented random fault model. The mathematical analysis and experimental results show that 8 random faults on average are required to obtain the current 512-bit message input of whirlpool and the secret key of HMAC-Whirlpool. Our work demonstrates that Whirlpool and HMAC-Whirlpool are both vulnerable to the single byte differential fault analysis. It provides a new reference for the security analysis of the same structure of the hash functions in the CoTs.

• Journal of KIISE:Information Networking
• /
• v.29 no.6
• /
• pp.654-662
• /
• 2002

As the Internet technology becomes a major information infrastructure, an emerging problem is the tremendous increase of malicious computer intrusions. The present Intrusion Detection System (IDS) serves a useful purpose for detecting such intrusions, but the current situation requires more active response mechanism other than simple detection. This paper describes a multi-agent based tracing system against the intruders when the system is attacked. The focus of the study lies on the secure communication mechanism for the agent message communication. We have extended parameters on the KQML protocol, and apt)lied the public key encryption approach, The limitation might be the requirements of two-way authentication for every communication through the broker agent. This model ma)r not improve the efficiency, but it provides a concrete secure communication. Also this is one important factor to protect the agent and the tracing server during the tracing process.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.9
• /
• pp.91-101
• /
• 2012

Key exchange protocols are essential for building a secure communication channel over an insecure open network. In particular, password-based key exchange protocols are designed to work when user authentication is done via the use of passwords. But, passwords are easy for human beings to remember, but are low entropy and thus are subject to dictionary attacks. Recently, Zhao and Gu proposed a new server-aided protocol for password-based key exchange. Zhao and Gu's protocol was claimed to be provably secure in a formal adversarial model which captures the notion of leakage of ephemeral secret keys. In this paper, we mount a replay attack on Zhao and Gu's protocol and thereby show that unlike the claim of provable security, the protocol is not secure against leakage of ephemeral secret keys. Our result implies that Zhao and Gu's proof of security for the protocol is invalid.

• Journal of Arbitration Studies
• /
• v.12 no.2
• /
• pp.185-220
• /
• 2003

Korean Government is increasingly focusing on the Northeast Asia Business and Logistics Hub strategy to create a competitive advantage. A key element of this strategy is creating or leveraging distribution and logistics hubs that act as centres for distribution in Northeast Asia. A Northeast Asian e-Hub Policy is required for business hub and logistics hub in the Northeastern Asia. An e-Hub is an integrated, sophisticated set of e-Biz, information and e-trade facilities and services that provides access to a marketplace and exchangee the e-trade data. To study the e-Hub policy, Pan Asian e-Commerce Alliance, Korea-Japan e-Trade Hub project, and ASEM e-Trade project are considered. E-trade via cyberspace may need new methods of dispute resolution to reduce transaction costs for small value-related disputes and to erect structures that work well across national boundaries. Voluntary Mediation Councils and cyber tribunals should be encouraged by governmental sectors to continue developing private sector mechanisms to resolve e-trade disputes. Government-sponsored online cross-border dispute resolution systems may be also be useful to complement these private sector approaches. E-trade in Northeast Asia results in disputes owing to the incompleteness of e-trade law in the countries. These disputes contain disputes regarding e-trade model, central title registry, authentication body. To resolve these disputes in the Northeast Asia, a variety of electronic alternative dispute resolution bodies must be organized under cooperation of Korea, Japan, China. This study deals with the e-ADR construction in the Northeast Asia to resolve the disputes in the e-trade and to activate the e-trade in the Northeast Asia.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.44 no.4 s.316
• /
• pp.36-44
• /
• 2007

In this paper, we implement the speech & face recognition system to support various ubiquitous sensor network application services such as switch control, authentication, etc. using wireless audio and image interface. The proposed system is consist of the H/W with audio and image sensor and S/W such as speech recognition algorithm using psychoacoustic model, face recognition algorithm using PCA (Principal Components Analysis) and LDPC (Low Density Parity Check). The proposed speech and face recognition systems are inserted in a HOST PC to use the sensor energy effectively. And improve the accuracy of speech and face recognition, we implement a FEC (Forward Error Correction) system Also, we optimized the simulation coefficient and test environment to effectively remove the wireless channel noises and correcting wireless channel errors. As a result, when the distance that between audio sensor and the source of voice is less then 1.5m FAR and FRR are 0.126% and 7.5% respectively. The face recognition algorithm step is limited 2 times, GAR and FAR are 98.5% and 0.036%.