• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.11
• /
• pp.51-56
• /
• 2016

In this paper, we propose an Arduino-based plant monitoring system. The proposed system is based on the Arduino platform, using an environmental sensor and a pressure sensor for measuring temperature, humidity and illuminance in order to monitor the state of the environment and the facilities of the plant. Monitoring data are transmitted to a ZigBee coordinator connected to a server through a radio frequency transceiver. When using a pressure sensor and the environment sensor data stored on the host server, checking the pressure in the environment of the plant and equipment is intended to report any alarm status to the administrator. Using a grid line-based key distribution scheme, the authentication node dynamically generates a data key to protect the monitoring information. Applying a ZigBee wireless sensor network does not require additional wiring for the actual implementation of a plant monitoring system. Possible working-environment monitoring of an efficient plant can help analyze the cause of any failure by backtracking the working environment when a failure occurs. In addition, it is easy to expand or add a sensor function using the Arduino platform and an expansion board.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.6
• /
• pp.333-340
• /
• 2014

Despite the security weakness of reusing passwords, many Internet users are likely to use a single ID and password on various sites to avoid the inconvenience of remembering multiple credentials. This paper proposes a scheme for securely storing, retrieving, and updating randomly chosen (ID, password) pairs by using smart cards as secure and portable storages. The scheme makes a user free from remembering her (ID, password) pairs for Internet accesses. By splitting and scattering the (ID, password) pairs of a user across the user's smart card memory and a remote server's storage, it can protect the logon credentials even from the theft or loss of the smart card. Also, a user, if deemed necessary, can issue and let the server to delete all information belonging to the user. Hence even an attacker who cracked the smart card memory would not be able to obtain any (ID, password) pair of the victim thereafter. The scheme requires a user to input a site information and pass-phrase to her smart card to obtain the logon credentials, but it should be an acceptable overhead considering the benefits of not remembering the freely chosen (ID, password) pairs at all.

• The KIPS Transactions:PartC
• /
• v.10C no.5
• /
• pp.565-574
• /
• 2003

This paper implements an intrusion detection message exchange protocol library (IDMEPL) for SDMS-RTIR, which Korea Information Security Agency (KISA) has developed to hierarchically detect and respond to network vulnerability scan attacks. The IDMEPL, based on the IDMEF and the IAP of the IDWG, enables SDMS-RTIR to interact with other intrusion detection systems (IDS) in realtime, and supports the TLS protocol to prevent security threats in exchanging messages between its server and its agents. Especially, with the protocol selection stage, the IDMEPL can support various protocols such as the IDXP besides the IAP. Furthermore, it can allow for agents to choose an appropriate security protocol for their own network, achieving security stronger than mutual authentication. With the IDMEPL, SDMS-RTIR can receive massive intrusion detection messages from heterogeneous IDSes in large-scale networks and analyze them.

• Journal of Digital Contents Society
• /
• v.12 no.2
• /
• pp.165-176
• /
• 2011

Recently, digital rights management (DRM) related researches are widely spreading with prosperity of IT industries. The DRM technology protects proprietor of copyright by preventing mischanneling and illegal copy. In this paper, we propose a new DRM model that has an enhanced and efficient protocol based on certificate using smart card. The proposed model overcomes weaknesses of WCDRM model and has following additional advantages: first, copy protection is enhanced by hiding user's specific information from attacker by storing the information within smart card; second, server load for contents encryption is reduced by making clear protocols among author, distributer, certificate authority, and users; third, offline user authentication is guaranteed by combining partial secret values in media players and smart card. Exposure of core information also is minimized by storing them in smart card. In addition, we show that the proposed system is more secure than WCDRM model by comparing various factors of anonymous attackers.

• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.1480-1484
• /
• 2003

This paper presents the design and development of network for housing estate security system. The system can cover up to 961 houses which can be up to 1,200 meters long transfer rate of 9,600 bps. This system uses checking and warning the abnormal situation. More over this system has ability to control switch on/off the electrical equipment in the house via AC line control system. The system consists of 4 parts. The first part is a security system of each house using MCS-51 microcontroller as a central processing unit scan 32 sensors and control 8 appliances and send alarm. The MCS-51 microcontroller received control signal via telephone used DTMF circuit. The second part is distributed two levels master/slave network implementing after RS-485 serial communication standard. The protocol its base on the OSI (Open Systems Interconnection) 7 layers protocol model design focus on speed, reliability and security of data that is transferred. The network security using encrypt by DES algorithm, message sequence, time stamp checking and authentication system when user to access and when connect new device to this system. Flow control in system is Poll/Select and Stop-and-Wait method. The third part is central server that using microcomputer which its main function are storing event data into database and can check history event. The final part is internet system which users can access their own homes via the Internet. This web service is based on a combination of SOAP, HTTP and TCP/IP protocols. Messages are exchanged using XML format [6]. In order to save the number of IP address, the system uses 1 IP address for the whole village in which all homes and appliance in this village are addressed using internal identification numbers. This proposed system gives the data transfer accuracy over 99.8% and maximum polling time is 1,120 ms.

• Convergence Security Journal
• /
• v.3 no.2
• /
• pp.1-10
• /
• 2003

In the distributed-computing environment, applications or users have to share resources and communicate with each other in order to perform their jobs more efficiently. In this case, it is important to keep resources and information integrity from the unexpected use by the unauthorized user. Therefore, there is a steady increase in need for a reasonable way to authentication and access control of distributed-shared resources. In RBAC, there are role hierarchies in which a higher case role can perform permissions of a lower case role. No vise versa. Actually, however, it is necessary for a lower case role to perform a higher case role's permission, which is not allowed to a lower case role basically. In this paper, we will propose a permission delegation method, which is a permission delegation server, and a permission delegation protocols with the secret key system. As the result of a permission delegation, junior roles can perform senior role's permissions or senior role itself on the exceptional condition in a dedicated interval.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.9
• /
• pp.1955-1964
• /
• 2011

With fast deployment of high-speed networks and various online services, the demand for massive content distribution is also growing fast. An approach that is increasingly visible in communication research community and in industry domain is peer-to-peer (P2P) networks. The P2P swarming technique enables a content distribution system to achieve higher throughput, avoid server or network overload, and be more resilient to failure and traffic fluctuation. Moreover, as a P2P-based architecture pushed the computing and bandwidth cost toward the network edge, it allows scalability to support a large number of subscribers on a global scale, while imposing little demand for equipment on the content providers. However, the P2P swarming burdens message exchange overheads on the system. In this paper, we propose a new protocol which provides confidentiality, authentication, integrity, and access control to P2P swarming. We implemented a prototype of our protocol on Android smart phone platform. We believe our approach can be straightforwardly adapted to existing commercial P2P content distribution systems with modest modifications to current implementations.

• The KIPS Transactions:PartD
• /
• v.10D no.3
• /
• pp.559-566
• /
• 2003

As cell phone and PDA have been in common use recently, there is a growing tendency to utilize the mobile terminals for M-Commerce. The information security and the receipt of e-trade are very important to support reliable digital transactions in wireless environment as in wired environment. Even though some work such as WML digital signature and WPKI has been studied for M-Commerce, there are several problems on the aspects of the functional limitation of the mobile terminals and the unsecure data transformation of WAP gateway. In this study we have designed and implemented a prototype system of issuing and verifying the electronic receipt that guarantees authentication, data integrity and non-repudiation for secure mobile e-commerce. Moreover, we have enhanced the system performance by letting the trusted independent server verify and manage the electronic receipt.

• The KIPS Transactions:PartC
• /
• v.11C no.2
• /
• pp.163-170
• /
• 2004

The additional mechanism Is required to set up a secure connection among the communication subjects in the internet environment. Each entity should transfer and receive the encrypted and hashed data to guarantee the data integrity. Also, the mutual authentication procedure should be processed using a secure communication protocol. The SSL/TLS is a protocol which creates the secure communication channel among the communication subjects and sends/receives a data. Although the OpenSSL which implements the TLS is using by many developers and its stability and performance are proved, it has a difficulty in using because of its large size. So, this Paper designs and implements the secure communication which the users can use easily by modification works of OpenSSL library API. We proved the real application results using the DRM client/server case which supports a secure communication using the implemented API.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.11
• /
• pp.6849-6855
• /
• 2014

Recently, with the increasing use of smart phones, security issues, such as safety and reliability of the use of the Android application has become a topic to provide services in various forms. An Android application is performed using several important files in the form of an apk file. On the other hand, they may be subject to unauthorized use, such as the loss of rights and privileges due to the insertion of malicious source code of these apk files. This paper examines the Android environment to study ways to define the threats related to the unauthorized use of the application source code, and based on the results of the analysis, to prevent unauthorized use of the application source code. In this paper, a system is provided using a third body to prevent and detect applications that have been counterfeited or forged illegally and installed on Android devices. The application provides services to existing systems that are configured with only the service server that provides users and applications general, This paper proposes the use of a trusted third party for user registration and to verify the integrity of the application, add an institution, and provide a safe application.