• IEMEK Journal of Embedded Systems and Applications
• /
• 제1권2호
• /
• pp.56-63
• /
• 2006

In this paper, we propose the integrated security management framework supporting the trust for the ubiquitous environments. The proposed framework provides the gathering and analysis of the security related information including the location of mobile device and then dynamically configures the security policy and adopts them. More specially, it supports the authentication and delegation service to support the trusted security management for the ubiquitous networks. This system also provides the visible management tools to give the convenient view for network administrator.

• Review of KIISC
• /
• 제7권2호
• /
• pp.15-34
• /
• 1997

분산 시스템 환경은 다수의 컴퓨터가 네트워크에 연결되어 있고, 다양한 사용자가 공통적으로 접근할 수 있기 때문에 심각한 보안 문제를 안고 있다. 본 논문은 개방형 분산 시스템 환경에서 각종 위협에 대응할 수 있는 인증 메커니즘에 관하여 다룬다. 기본적인 위협 요소, 인증 요구조건 및 서비스를 검토하고 관련된 메커니즘들을 조사 분석함으로써 분산 시스템의 응용에서 암호학적인증 메커니즘의 설계 기준을 마련할 수 있을 것이다. 본 논문에서는 Kerberos, X.509, SPX 및 SESAME 인증 메커니즘을 실체 인증의 개념적 관점에서 분석하였다.

• Proceedings of the Korean Information Science Society Conference
• /
• 한국정보과학회 2001년도 가을 학술발표논문집 Vol.28 No.2 (1)
• /
• pp.364-366
• /
• 2001

Sun Microsystems에 의해서 개발된 Jini 네트워킹 기술은 자바 프로그램밍 언어를 기반으로 하여 분산환경을 만드는데 좋은 아키텍쳐를 제공한다. 그러나 현재의 자바 security solution 만으로는 분산환경에서의 보안 요구사항을 충족시키기에 충분하지 않다. 이를 해결하기 위한 여러 방법들이 있지만, 대부분이 centralized computing을 기반으로 하여 분산환경에는 맞지 않다. 이 논문에서는 PKDA(Public key based Kerberos for Distributed Authentication)를 사용하여 Jini의 security를 확장함으로써 분산환경에서의 security 요구사항을 충족시킬 수 있음을 보인다.

• Proceedings of the KAIS Fall Conference
• /
• 한국산학기술학회 2003년도 Proceeding
• /
• pp.211-215
• /
• 2003

Network security should be first considered in a distributed computing environment with frequent information interchange through internet. Clear classification is needed for information users should protect and for information open outside. Basically proper encrypted database system should be constructed for information security, and security policy should be planned for each site. This paper describes access control, user authentication, and User Security and Encryption technology for the construction of database security system from network users. We propose model of network encrypted database security system for combining these elements through the analysis of operational and technological elements. Systematic combination of operational and technological elements with proposed model can construct encrypted database security system secured from unauthorized users in distributed computing environment.

• The Journal of the Korea Contents Association
• /
• 제8권4호
• /
• pp.10-16
• /
• 2008

Quantity of encrypted data that transmitted through the network are increasing by development of encipherment technology. We have many problems; it is caused by technical development and service increase of user requests. It is necessary that create a many encryption key in one web application system. As a result, service quality comes to be low because of increased network traffic and system overload. There must be a system. That should be improved in secure service quality to process data. This paper describes a new approach for design and implementation of distributed encryption key processing for web application system. In this paper, it is based on distributed encipherment key, for the purpose of confidentially, integrity and authentication. It can prevent system degradation from server's data bottleneck and can improve service quality. For distributed encipherment system, we use java object activation technology. It can service while some distributed server are fail.

• Journal of the Korea Convergence Society
• /
• 제10권12호
• /
• pp.23-28
• /
• 2019

Cloud services are services developed to serve a wider variety of users in different fields. However, although cloud services are designed to reflect the needs of different users, a variety of security damages resulting from them are increasing and technologies are needed to address them. This paper proposes a user signature management model that prevents third parties from exploiting the user's signature in a heterogeneous cloud The proposed model strengthens the functionality of the intermediate devices that make up the hierarchical cloud while also managing the signature information of the partitioned user. As a result of the performance assessment, the proposed model not only distributed user signature management, but also improved efficiency by 8.5% on average because intermediate devices distributed user signature processing, and reduced the user's signature latency by 13.3% on average when performing user authentication processing. On average, the overhead generated by intermediate devices processing a user's signature was 10.1 percent lower than that of conventional techniques.

• Genomics & Informatics
• /
• 제7권1호
• /
• pp.32-37
• /
• 2009

The quality assurance (QA) is of utmost importance in biobanks when archived biomaterials are distributed to biomedical researchers. For sample authentication and cross-contamination detection, the two fundamental elements of QA, STR genotyping is usually utilized. However, the incorporated number of STR markers is highly redundant for biobanking purposes, resulting in time and cost inefficiency. An index to measure the cross-contamination detection capability of an STR marker, the mixture probability (MP), was developed. MP as well as other forensic parameters for STR markers was validated using STR genotyping data on 2328 normal Koreans with the commercial AmpFlSTR kit. For Koreans, 7 STR marker (D2S1338, FGA, D18S51, D8S1179, D13S317, D21S11, vWA) set was sufficient to provide discrimination power of ${\sim}10^{-10}$ and cross-contamination detection probability of ${sim}1$. Interestingly, similar marker sets were obtained from African Americans, Caucasian Americans, and Hispanic Americans under the same level of discrimination power. Only a small subset of commonly used STR markers is sufficient for QA purposes in biobanks. A procedure for selecting optimal STR markers is outlined using STR genotyping results from normal Korean population.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• 제11권1호
• /
• pp.206-215
• /
• 2007

Ad-Hoc network technology is a mobile internet technology of the future that will be used widely not only in Mobile Network but also in Wireless Personal Area Network (WPAN) and Ubiquitous Network For this to occur, distributed routing protocol design, loop prevention for link information reduction in overhead for control messages and route restoration algorithm must be improved or complemented. Security techniques that can guarantee safe com-munication between Ad-Hot nodes net also be provided. This study proposes and evaluates a new authentication mechanism for MANET. The mechanism segregates the roles of certification authority to keep with the dynamic mobility of nodes and handle rapid and random topological changes with minimal over-head. That is, this model is characterized by its high expandability that allows the network to perform authentication service without the influence of joining and leaving nodes. The efficiency and security of this concept was evaluated through simulation.

• Journal of the Korea Convergence Society
• /
• 제12권5호
• /
• pp.9-16
• /
• 2021

Due to the prolonged infectious disease of COVID-19 worldwide, there are various security threats due to network attacks on Internet of Things devices that are vulnerable to telecommuting. Initially, users of Internet of Things devices were exploited for vulnerabilities in Remote Desktop Protocol, spear phishing and APT attacks. Since then, the technology of network attacks has gradually evolved, exploiting the simple service discovery protocol of Internet of Things devices, and DRDoS attacks have continued to increase. Existing SSDPs are accessible to unauthorized devices on the network, resulting in problems with information disclosure and amplification attacks on SSDP servers. To compensate for the problem with the authentication procedure of existing SSDPs, we propose a hash-based SSDP that encrypts server-specific information with hash and adds authentication fields to both Notify and M-Search message packets to determine whether an authorized IoT device is present.

• Convergence Security Journal
• /
• 제16권7호
• /
• pp.31-39
• /
• 2016

The biometrics information is very useful by the convenience of ownership and using. but the risk of crime of malicious re-uses and infringement of personal privacy exist because the biometrics information is impossible to change typically when the illegal interception occurred from others. therefore the importance of security on stored management of biometrics information has been increased steadily. the existing biometric authentication system has been stored only encrypted complete template at a single storage place. In this paper, we designed the Distributed Stored of Multiple Split bio_Template System that a template is divided in different ways by each user and stored in other storage places from personal information to relieve user's anxiety about the saved template and illegally leaked through restored only template to authenticate and then delete.