• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.12 no.2
• /
• pp.155-161
• /
• 2019

Currently, numerous companies and institutes provide services using the Internet, and establish and operate Information Systems to manage them efficiently and reliably. The Information System implies the possibility of losing the ability to provide normal services due to a disaster or disability. It is preparing for this by utilizing a disaster recovery system. However, existing disaster recovery systems cannot perform normal recovery if files for system recovery are corrupted. In this paper, we proposed a system that can verify the integrity of the system recovery file and proceed with recovery by utilizing hyper-ledger fabric blockchain. The PBFT consensus algorithm is used to generate the blocks and is performed by the leader node of the blockchain network. In the event of failure, verify the integrity of the recovery file by comparing the hash value of the recovery file with the hash value in the blockchain and proceed with recovery. For the evaluation of proposed techniques, a comparative analysis was conducted based on four items: existing system recovery techniques and data consistency, able to data retention, recovery file integrity, and using the proposed technique, the amount of traffic generated was analyzed to determine whether it was actually applicable.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.49 no.1
• /
• pp.29-38
• /
• 2012

Due to the rapid development of network environment and wireless communication technology, the distribution of digital video has made easily and the importance of the protection for digital video has been increased. This paper proposes the digital video encryption system based on multiple chaos maps for MPEG-2 video encoding process. The proposed method generates secret hash key of having 128-bit characteristics from hash chain using Tent map as a basic block and generates $8{\times}8$ lattice cipher by applying this hash key to Logistic map and Henon map. The method can reduce the encryption overhead by doing selective XOR operations between $8{\times}8$ lattice cipher and some coefficient of low frequency in DCT block and it provides simple and randomness characteristic because it uses the architecture of combining chaos maps. Experimental results show that PSNR of the proposed method is less than or equal to 12 dB with respect to encrypted video, the time change ratio, compression ratio of the proposed method are 2%, 0.4%, respectively so that it provides good performance in visual security and can be applied in real time.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.4
• /
• pp.83-92
• /
• 2005

D-OCSP-KIS proposed by Koga and Sakurai not only reduces the number or OCSP Responder's certificate but also criers the certificate status validation about OCSP Responder to the client. Therefore, D-OCSP-KIS is an effective method that can reduce the communication cost, computational time and storage consumption in client, but it has some problems. In case an attacker accidentally acquires an OCSP Responder's session private key in a time period (e.g., one day), she can disguise as the OCSP Responder in the time period unless the OCSP Responder recognizes. She can offer the wrong response to the client using the hash value intercepted. And the server and user on I-commerce can have a serious confusion and damage. And the computation and releasing of hash chain can be a load to CA. Thus, we propose a method detecting immediately the exposure of an OCSP Responder's session private key and the abuse of hash value in D-OCSP-KIS.

• Journal of KIISE:Information Networking
• /
• v.28 no.3
• /
• pp.309-320
• /
• 2001

This paper deals with security issues in a mobile agent system, especially protecting agent data from malicious agent servers. For this purpose, one-time key generation system, OKGS in short, is proposed. In OKGS, we integrate notions of a one-way hash function and a coupler. One-way function plays a major role in ensuring confidentiality and integrity of agent data. And the notion of a coupler is used to establish inter-relationship among consecutive encryption keys for agent data, i.e. all agent keys form a unidirectional chain. With these two features of OKGS, therefore, only the agent owner, who creates the agent bearing data, can decrypt and protect all the agent data which are gathered in the itinerary.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.6C
• /
• pp.651-657
• /
• 2006

This paper propose the technique for the execution authentication of digital signature with TTS(traceable trust server) to guarantee the safe execution of mobile agents. That is to say, it is focused on improving the processing speed of systems and the traffic of network which are problems in the existing studies. The digital signature is used to guarantee the efficient and safe execution and the integrity of mobile agents. The certificate of it is chained with synthesis function, cryptographic algorithm based on public key, and hash function. And white hosts can be protected against the threat of being used maliciously. Then, we prove the efficiency of system overhead and the traffic of network by the analysis. In case the certificate chain of a digital signature is used, the safe execution of mobile agents can be protected against attackers that wish to insert a newly created certificate after cutting off the chain after striking space key 2 times.

• Journal of Internet Computing and Services
• /
• v.21 no.2
• /
• pp.81-90
• /
• 2020

The purpose of this study is to study how to apply block-chain technology to prevent data forgery and alteration in the defense sector of AI(Artificial intelligence). AI is a technology for predicting big data by clustering or classifying it by applying various machine learning methodologies, and military powers including the U.S. have reached the completion stage of technology. If data-based AI's data forgery and modulation occurs, the processing process of the data, even if it is perfect, could be the biggest enemy risk factor, and the falsification and modification of the data can be too easy in the form of hacking. Unexpected attacks could occur if data used by weaponized AI is hacked and manipulated by North Korea. Therefore, a technology that prevents data from being falsified and altered is essential for the use of AI. It is expected that data forgery prevention will solve the problem by applying block-chain, a technology that does not damage data, unless more than half of the connected computers agree, even if a single computer is hacked by a distributed storage of encrypted data as a function of seawater.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.3
• /
• pp.69-77
• /
• 2015

MANET is composed of only the mobile nodes have a limited transmission range. The dynamic topology by the frequent movement of nodes makes routing difficult and is also cause exposed to security vulnerabilities. In this paper, we propose the security routing technique consisted of mechanism of two steps in order to respond effectively to attack by the modification of the routing information and transmit secure data. The hierarchical structure is used and the authentication node that issues the key of the nodes within each cluster is elected in this proposed method. The authentication node manages key issues and issued information for encrypting the routing information from the source node. The reliability value for each node is managed to routing trust table in order to secure data transmission. In the first step, the route discovery is performed using this after the routing information is encrypted using the key issued by the authentication node. In the second step, the average reliability value of the node in the found path is calculated. And the safety of the data transmission is improved after the average reliability value selects the highest path. The improved performance of the proposed method in this paper was confirmed through comparative experiments with CBSR and SEER. It was confirmed a better performance in the transmission delay, the amount of the control packet, and the packet transmission success ratio.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.2
• /
• pp.786-799
• /
• 2018

Recently, NFV has attracted attention as a next-generation network virtualization technology for hardware -independent and efficient utilization of resources. NFV is a technology that not only virtualize computing, server, storage, network resources based on cloud computing but also connect Multi-Tenant of VNFs, a software network function. Therefore, it is possible to reduce the cost for constructing a physical network and to construct a logical network quickly by using NFV. However, in NFV, when a new VNF is added to a running Tenant, authentication between VNFs is not performed. Because of this problem, it is impossible to identify the presence of Fake-VNF in the tenant. Such a problem can cause an access from malicious attacker to one of VNFs in tenant as well as other VNFs in the tenant, disabling the NFV environment. In this paper, we propose Auto-configurable Security Mechanism in NFV including authentication between tenant-internal VNFs, and enforcement mechanism of security policy for traffic control between VNFs. This proposal not only authenticate identification of VNF when the VNF is registered, but also apply the security policy automatically to prevent malicious behavior in the tenant. Therefore, we can establish an independent communication channel for VNFs and guarantee a secure NFV environment.

• Journal of KIISE:Computer Systems and Theory
• /
• v.31 no.1_2
• /
• pp.118-124
• /
• 2004

In this paper we propose a method for authenticating the application that is to be downloaded or updated in smart cards. Previous works have some drawbacks such as having a long verification delay or requiring a large amount of primary/secondary storage. We propose an efficient parameterized scheme by using the hash chain technique where the secondary storage requirement and verification delay of updating the application are O(k) and O(k＋n/k), respectively. Moreover, both the first storage requirement and verification delay of downloading the application are O(1).

• Proceedings of the Korea Contents Association Conference
• /
• 2005.05a
• /
• pp.91-96
• /
• 2005

Recetly, the term Personal Public Key Infrastructure (PKI) was introduced to supprot reliable and authenticated service in a Personal Area Network (PAN). However, traditional public key signature schemes and certificate status management are not suitable for a PAN environment since mobile devices that constitute the PAN have limited computing capability. In this paper, we propose a new scheme that efficiently provides signature generation and certificate status management for mobile devices. Based on hash chain technique, we intend to reduce computational overhead on signature generation, and further, to minimize communication overhead for managing certificate status.