• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.3
• /
• pp.181-196
• /
• 2014

Cloud computer technology currently provides diverse services based on a comprehensive environment ranging from hardware to solution, network and service. While the target of services has been extended from institutions and corporations to personal infrastructure and issues were made about security problems involved with protection of private information, measures on additional security demands for such service characteristics are insufficient. This paper proposes a multi-session authentication technique based on the characteristics of SaaS (Software as a Service) among cloud services. With no reliable authentication authority, the proposed technique reinforced communication sessions by performing key agreement protocol safe against key exposure and multi-channel session authentication, providing high efficiency of performance through key renewal using optimzied key table. Each formed sessions have resistance against deprivation of individual confirmation and service authority. Suggested confirmation technique that uses these features is expected to provide safe computing service in clouding environment.

• The KIPS Transactions:PartD
• /
• v.12D no.1 s.97
• /
• pp.121-128
• /
• 2005

This paper describes the requested IP assignment and authentication problem for wireless internet service of visited ISP subscriber on GPRS network, and proposes to use RADIUS authentication and accounting server for these problems. In this paper, we also define signals between GGSN and RADIUS, and between RADIUS authentication server and accounting sever for IP management and wireless internet service.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.10a
• /
• pp.729-732
• /
• 2007

In this paper, we described about the home device authentication framework, certificate issuing process and home device authentication method. since the home device authentication scheme of the public key infrastructure would be more needed as the number of home device can participate in the home network increased, we described about the home device authentication system of the public key infrastructure. Moreover, we described about the construction method of CA adminstration interface for convenient CA administration.

• Journal of Communications and Networks
• /
• v.14 no.6
• /
• pp.606-613
• /
• 2012

In a smart grid environment, data for the usage and control of power are transmitted over an Internet protocol (IP)-based network. This data contains very sensitive information about the user or energy service provider (ESP); hence, measures must be taken to prevent data manipulation. Mutual authentication between devices, which can prevent impersonation attacks by verifying the counterpart's identity, is a necessary process for secure communication. However, it is difficult to apply existing signature-based authentication in a smart grid system because smart meters, a component of such systems, are resource-constrained devices. In this paper, we consider a smart meter and propose an efficient mutual authentication protocol. The proposed protocol uses a matrix-based homomorphic hash that can decrease the amount of computations in a smart meter. To prove this, we analyze the protocol's security and performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.1
• /
• pp.33-40
• /
• 2010

Recently, the spectrum scarcity is becoming a big issue because there are exponential growth of broadcasting and communication systems in the spectrum demand. Cognitive radio is a technology that is envisaged to solve the problems in wireless networks resulting from the limited available spectrum and the inefficiency in the spectrum usage by exploiting the existing wireless spectrum opportunistically. Kuroda et al. proposed a radio-independent authentication protocol for cognitive radio networks. This paper first shows the privacy weaknesses in the authentication protocol by Kuroda et al. and proposes a privacy aware authentication protocol to solve the weaknesses.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.15
• /
• pp.239-261
• /
• 2001

There are many kinds of risk in int'l trade by internet network, such as credit risk, mercantile risk, contingency risk, exchange risk, physical risk and the risk on internet network. Especially, risk management against credit risk and the risk on internet network are very important. The former is conventional but more important these days. The latter is a new risk that has been incurred owing to the int'l trade by internet network. The system of risk management against the former are firstly, to surely research credit of counterpart by internet, secondly, to certify the entity by password or fingerprint, thirdly, to pay the price under a letter of credit, fourthly, to use the system of int'l trade such as bolero, trade card, finally, to use the authority of electronic trade services. The system of risk management against the latter are firstly, to install the firewall on the own computer network, secondly, to entrust the management own computer network to the network security services firm, thirdly, to electronically communicate with counterpart through the certification authority, finally, to insure against the own network risk with the security insurance company.

• 제어로봇시스템학회:학술대회논문집
• /
• 2005.06a
• /
• pp.374-376
• /
• 2005

In this paper, we presented our implementation of 3DES and HMAC-MD5 processing functionality in Intel? IXP 2400 platform. It can be used as encryption and authentication engine for VPNs such as IPsec and SSL.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1436-1457
• /
• 2018

Secure routing services in Wireless Sensor Networks (WSNs) are essential, especially in mission critical fields such as the military and in medical applications. Additionally, they play a vital role in the current and future Internet of Things (IoT) services. Lightness and efficiency of a routing protocol are not the only requirements that guarantee success; security assurance also needs to be enforced. This paper proposes a Secure-Fuzzy Energy Aware Routing Protocol (S-FEAR) for WSNs. S-FEAR applies a security model to an existing energy efficient FEAR protocol. As part of this research, the S-FEAR protocol has been analyzed in terms of the communication and processing costs associated with building and applying this model, regardless of the security techniques used. Moreover, the Qualnet network simulator was used to implement both FEAR and S-FEAR after carefully selecting the following security techniques to achieve both authentication and data integrity: the Cipher Block Chaining-Message Authentication Code (CBC-MAC) and the Elliptic Curve Digital Signature Algorithm (ECDSA). The performance of both protocols was assessed in terms of complexity and energy consumption. The results reveal that achieving authentication and data integrity successfully excluded all attackers from the network topology regardless of the percentage of attackers. Consequently, the constructed topology is secure and thus, safe data transmission over the network is ensured. Simulation results show that using CBC-MAC for example, costs 0.00064% of network energy while ECDSA costs about 0.0091%. On the other hand, attacks cost the network about 4.7 times the cost of applying these techniques.

• Journal of KIISE:Information Networking
• /
• v.36 no.6
• /
• pp.545-551
• /
• 2009

In this paper, we propose the secure key management framework to connect USN with different network. Although connected USN with different network has no CA (Certificate Authority), it is important to use public key based cryptography system because this network consists of numerous devices. The proposed mechanisms focus on device authentication and public/private key management without existing PKI system of IP network. To solve no CA and certificate problems, the IDC (Identity Based Cryptography) concept is adopted in our proposed mechanism. To verify the possibility of realization, we make an effort to implement the proposed mechanisms to real system. In the test bed, both USN and PLC network are connected to IP network; and proposed mechanisms are implemented to PLC and sensor devices. Through this test using the proposed mechanism, we met the similar performance with symmetric algorithms on key generation and update process. Also, we confirmed possibility of connection between different network and device authentication.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.3
• /
• pp.920-925
• /
• 2010

A home network system is made up of home devices and wire and wireless network can not only be the subject of cyber attack from a variety factors of threatening, but also have security weakness in cases of hacking, vicious code, worm virus, DoS attack, tapping of communication network, and more. As a result, a variety of problems such as abuse of private life, and exposure and stealing of personal information arose. Therefore, the necessity for a security protocol to protect user asset and personal information within a home network is gradually increasing. Thus, this dissertation designs and suggests a home network security protocol using user authentication and approach-control technology to prevent the threat by unauthorized users towards personal information and user asset in advance by providing the gradual authority to corresponding devices based on authorized information, after authorizing the users with a Public Key Certificate.