• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.10a
• /
• pp.866-870
• /
• 2009

Mobile Health (M-Health) system is a recent term for medical and public health practice supported by mobile devices, such as mobile phones, PDAs, and other wireless devices. Mobile Health system has been successfully establishing at few general hospital in Korea. However, to use diverse devices manufactured by various company cause inoperability, and lack of security disappoints customers often. Although the outstanding health environment, most of hospitals are unavailable to share electronic patient records due to lack of standard protocol to handle the interoperability each other. Health Level 7 (HL7) is the best solution for the problem. In this paper, we will analyse a current M-Health service in terms of security and mobile device, and suggest iPhone for the best device against hospital environment. Also, for keep confidentiality of health information and patient privacy, enhanced security mechanism is introduced. As a consequence, interoperable standard, and most appropriate device for supporting staffs and M-Health performance, and enhanced securirty mechanism will be integrated in order to propose improved M-health model.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.10a
• /
• pp.1030-1034
• /
• 2009

IPv6 and Ubiquitous Healthcare Environment (UHE) has become a main stream of the next generation technologies. IPv6 is designed in many ways with enhanced features such as a routing, mobility, scalability, QOS and security as a replacement of IPv4. Also, UHE is developed to provide patients with convenience and efficient healthcare services using the remote home healthcare system. However, IPv4 currently used as an Internet protocol does not have enough capability to fully support UHE. It may result in a restricted implementation of UHE. As a result, research on IPv6 implementations in UHE is increasingly becoming an issue within the healthcare industry. IPv6 has enhanced features to implement the remote healthcare system such as Neighbour Discovery process and address auto-configuration. In this paper, a basic of IPv6 and UHE will be firstly introduced and secondly, benefits brought by IPv6 in UHE will be discussed. In addition, security issues in IPv6 will be analysed to conclude this paper.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.4
• /
• pp.691-699
• /
• 2009

Recently, the ERO protocol has been adopted as a standard to protect the routing optimization mode introduced by MIPv6. This protocol uses the public key cryptography and the early binding update method to improve the Return Routeability protocol while optimizing both security and performance. On the other hand, though various security approaches including the ERO protocol have been proposed for MIPv6, they lack formal verification. Especially, to our best knowledge, there is no formal analysis on the ERO protocol. In order to provide a good example for formal analysis on MIPv6 security protocols, this paper verifies the correctness of the ERO protocol through BAN-logic. For this goal, BAN-logic is extended to consider the address tests on the mobile nodes's CoA and HoA. It is expected that the analysis presented in this paper will be useful for the formal verifications on the security protocols related to MIPv6.

• Journal of Internet Computing and Services
• /
• v.17 no.3
• /
• pp.1-10
• /
• 2016

Information and network technology become the rapid development, so various online services supplied by multimedia systems are provided through the Internet. Because of intrinsic open characteristic on Internet, network systems need to provide the data protection and the secure authentication. So various researchers including Das, An, and Li&Hwang proposed the biometric-based user authentication scheme but they has some security weakness. To solve their problem, Li et al. proposed new scheme using fuzzy extraction, but it is weak on off-line password attack, authentication without biometrics, denial-of-service and insider attack. So, we proposed security enhanced user authentication scheme with key agreement to address the security problem of authentication schemes.

• The KIPS Transactions:PartC
• /
• v.16C no.3
• /
• pp.407-416
• /
• 2009

Recently, various application services in wireless sensor networks are more considered than before, and thus reliable and secure communication of sensor network is turning out as one of essential issues. This paper studies such communication in IEEE 802.15.4 based sensor network. We present IMHRS (IEEE 802.15.4 MAC-based Hybrid hop-by-hop Reliability Scheme) employing EHHR (Enhanced Hop-by-Hop Reliability), which uses Hop-cache and Hop-ack and ALC (Adaptive Link Control), which considers link status and packet type. Also, by selecting security suite depending on network and application type, energy efficiency is considered based on HAS (Hybrid Adaptive Security) Framework. The presented schemes are evaluated by simulations and experiments. Besides, the prototype system is developed and tested to show the potential efficiency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.2
• /
• pp.13-25
• /
• 2011

Biometric-based authentication can provide strong security guarantee about the identity of users. However, security of biometric data is particularly important as the compromise of the data will be permanent. The fuzzy fingerprint vault system is one of the most popular solutions for protecting the fingerprint template stored in the database. Recently, however, this system is very susceptible to a correlation attack that finds the real minutiae using multiple fingerprint vaults enrolled for different applications. To solve this problem, we propose a robust fuzzy fingerprint vault system against the correlation attack. In this paper, we add chaff minutiae based on the relative information of minutiae such as direction, coordinate instead of adding randomly. Also, our proposed approach allow to add multiple chaff minutiae within tolerance box for enhanced security level. Experimental results show that the proposed approach can protect the correlation attack and achieve enhanced verification accuracy.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.11
• /
• pp.248-255
• /
• 2016

The amount and diversity of information is increasing, as is the information integration connecting data among the related institutions. In the defense field, DTAQ, which is in charge of the quality of military supplies, is attempting to collect and analyze the information which is related with it. In addition, the object of information integration is to expand civil data as well as defense data. There are many ways to integrate data in various environments. In the defense field, which needs enhanced security, it is necessary to establish and apply the information integration methods which are enhanced with more security. In this study, the framework and architecture of information integration was designed by considering task requirements and security conditions. As a result of example application of this framework for information systems to the selected 4 institutions, it was confirmed that the task can be performed through data connections. From the study result, integration architecture which can be applied securely in defense field was suggested. The data accumulated by using this framework with strengthened security are expected to be utilized for the quality improvement of military supplies.

• Journal of information and communication convergence engineering
• /
• v.1 no.4
• /
• pp.183-188
• /
• 2003

The $4^{th}$ generation mobile communications, through several radio access networks such as WLAN, Bluetooth, UMTS, GPRS, CDMA 1X, and IMT-2000 in the same area offering different type of coverage, will support interactive multimedia services in additions to wider bandwidths, higher bit rates, and service portability. Regardless of various radio access networks, they will also support robust security mechanisms, as well as seamless mobility and common authentication. In this paper, we give an overview of WLAN security and examine its security problems. We also explain the enhanced security schemes, such as port-based authentication, EAP, and IEEE 802.1X. For secure wireless communications, several possible security solutions are offered and evaluated in various respects to improve WLAN security. This paper will make a contribution to provide more secure wireless communications to cellular operators embracing WLAN technology as a means to generate new revenues based on data services.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.2 no.2
• /
• pp.118-122
• /
• 2007

The previous security system was PCI way which has many difficulties for PC novices to use. Moreover the security programs in use are mostly unverified ones as they are using cracks, and are exposed to attacks such as hackers and viruses. Therefore this thesis describes to design the security system of Twofish cryptographic algorithm using USB, which it can be used in general-purpose computers and users can handle it with ease. Users can easily use the security system by using this USB and it is applicable to various security systems that Twofish cryptographic algorithm used in the security system by having variable key length. Also the efficiency of the system can be enhanced as it can perform both encryption and decryption and it has a benefit of downsizing hardware.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.42 no.2
• /
• pp.36-48
• /
• 2019

As the importance of Knowledge Management System (KMS) in the military increases, Republic of Korea Army (ROK Army) developed Army Knowledge Portal. Although the members in the military are encouraged to use the portal, few members currently use it. This study was conducted to find variables to predict the user's intention to use the portal, which contributes to activating the use of Army Knowledge Portal in the army. On the basis of Technology Acceptance Model (TAM), ten variables such as perceived ease of use, general information security awareness, information security awareness, expectation for external rewards, expectation for relationships, sense of self-worth, attitude toward compliance with security policy, attitude toward knowledge sharing, intention of non-combat knowledge sharing, and intention of combat knowledge sharing were considered as independent variables. 105 participants on active duty who currently use or have experience to use the portal participated in this study. The results indicated that general information security awareness and information security awareness increases compliance with the information security policy. In addition, the attitude toward knowledge sharing is enhanced by expectations for relationship and sense of self-worth. Based on the results, the authors propose the need for policy alternatives to reinforce the reward system and security policy, which activates the use of Knowledge Portal Service for ROK Army.