• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.11
• /
• pp.2230-2237
• /
• 2015

Inspired by the synchronization phenomena observed in the Nature, we propose an autonomous load balancing method for a wireless network. We model the load balancing problem of cells providing wireless access services as a synchronization problem in the Nature and design an algorithm for each cell to distribute loads in a self-determining way based on the load differences among its neighbor cells. Through simulations, we verify the feasibility of the proposed method in that cell loads can be balanced efficiently eve if cells make decision autonomously using their local information.

• Journal of Korea Multimedia Society
• /
• v.6 no.7
• /
• pp.1277-1285
• /
• 2003

In this paper, we present a conference key authentication mechanism by employing an algebraic method on IMT-2000 environment. To accomplish this, the symmetric balanced incomplete block design is applied for generating a conference key and then this key is distributed to participants. Through the technique for creation of a conference key and mutual authentications peformed based on identification information, a communication protocol is designed. The protocol proposed minimizes the communication complexity for generating a conference key. On a special case the complexity is O(equation omitted), where v is the number of participants. The security of the mechanism, which is a significant problem in construction of secure systems, can be assured since finding discrete logarithms is generally a hard problem.

• Journal of Internet Computing and Services
• /
• v.6 no.1
• /
• pp.13-25
• /
• 2005

Distributed Denial-of-Service(DDoS) attack prevent users from accessing services on the target network by spoofing its origin source address with a large volume of traffic. The objective of IP Traceback is to determine the real attack sources, as well as the full path taken by the attack packets. Existing IP Traceback methods can be categorized as proactive or reactive tracing. Existing PPM based tracing scheme(such as router node appending, sampling and edge sampling) insert traceback information in IP packet header for IP Traceback. But, these schemes did not provide enhanced performance in DDoS attack. In this paper, we propose a 'TTL based advanced Packet Marking' mechanism for IP Traceback. Proposed mechanism can detect and control DDoS traffic on router and can generate marked packet for reconstructing origin DDoS attack source, by which we can diminish network overload and enhance traceback performance.

• 한국정보통신설비학회:학술대회논문집
• /
• 2007.08a
• /
• pp.142-146
• /
• 2007

Digital Rights Management (DRM) technology has been widely used for protecting the digital contents over the recent years. But the digital contents protected by DRM are vulnerable to various video memory capture programs when DRM packaged contents are decrypted on the consumers' multimedia devices. To make up for this kind of DRM security holes the Forensic Marking (FM) technology is being deployed into the content protection area. Most leading DRM companies as well as big electronics companies like Thomson and Philips already have commercial FM solutions. Forensic Marking technology uses the digital watermarking to insert the user information such as user id, content playing time and etc. into the decrypted and decoded content at the playback time on the consumer devices. When the content containing watermarked user information (Forensic Mark) is illegally captured and distributed over the Internet, the FM detection system takes out the inserted FM from the illegal contents and informs contents service providers of the illegal hacker's information. In this paper the requirements and test conditions are discussed for the commercial Forensic Marking systems.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.2
• /
• pp.317-322
• /
• 2013

Personal information is defined information related to users' privacy data. It can be verified information through social security number, image, and means relating to individual can verify. Such personal information is in accordance with the privacy act in law for the collection and usage in enterprises and institutions. However, it can be induced privacy problem when it is exposed information without attention. This user's inadvertent disclosure of personal information has occurred due to social engineering and intelligent cyber-crime occurred in order to solve these problems. A variety of protection solutions for personal information have been developed. Web privacy filtering firewall and solutions related with server have been developed among developed many solutions, web privacy filtering and firewall solutions is proposed in this paper.

• Journal of Internet Computing and Services
• /
• v.2 no.5
• /
• pp.41-47
• /
• 2001

This paper deals with an EJB-based database agent(component) used to define workflow processes, which is a core function of the e-Chautauqua workflow management system that is an on-going research product. We describe about how to design and implement the EJB-based DB agent that is deployed on EJB server as a component. The agent is located between the build-time clients and the database system, and manages database accesses, such as retrieves and stores, from the workflow definition components. Through the EJB technology, we are able to accomplish a stable database agent that can be characterized by the distributed object management, reliable recovery mechanism from system failovers, reliable large-scale transaction management, and the security functions.

• Journal of KIISE:Computer Systems and Theory
• /
• v.36 no.4
• /
• pp.304-310
• /
• 2009

Due to widely use of internet, a lot of users frequently access into remote server in distributed computing environment. However, transmitting the information using vulnerable channel without authentication security system can be exposed to replay attack, offline password attack, and impersonation attack. According to this possibility, there is research about authentication protocol to prevent these hostile attacks using smart card. In this paper, we analyze vulnerability of user authentication system based on password and propose modified user authentication system.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.8 no.2
• /
• pp.250-256
• /
• 2007

Role-based Access Control (RBAC) model appears to be the most appropriate technique for access control to minimize the errors likely to occur in managing users and network resources. In this paper, we introduced the Work-concept RBAC model that is the result of the Work concept imported to the role based access control model. Using our extended access control model a user could select a work which is more abstract and more inclusive concept than role to do his work. Additionally even if the user has an authority through selecting a work, if a user has no relation to his assigned job, it will be automatically prohibited.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.2
• /
• pp.361-365
• /
• 2005

Proxy signature schemes which allows original signer to delegate proxy signer to sign message on its behalf have a considerable amount of interest from researchers since Mambo[1] and have found many practical applications such as distributed network, Grid computing and electronic commerce. Araki[6] extended them to multi-level proxy signature. But it could not satisfy some security requirement. In this paper we propose a protocol to delegate signing right to another entity for multi-level proxy signature. Our protocol do not require secure channel and guarantee that nobody is able to repudiate delegation or acceptance of signing right, it is impossible for anyone to generate signature except designed and original signer can withdraw the delegation before expiration if it is necessary.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.12
• /
• pp.2649-2656
• /
• 2012

Today, many enterprises have invested heavily for the part of information security in order to protect the internal critical information assets and the business agility. However, there is a big problem that big budget and too many manpower are needed to set the internal corporate network up to the same high level of defense for all of part. On the distributed enterprise networks in this paper, a defense model for effective and rapid response on the IP spoofing attack was designed to protect the enterprise network through the exchange of information between the trust hosts when an attacker attacked any target system using other trusted host.