• Journal of Communications and Networks
• /
• v.14 no.6
• /
• pp.606-613
• /
• 2012

In a smart grid environment, data for the usage and control of power are transmitted over an Internet protocol (IP)-based network. This data contains very sensitive information about the user or energy service provider (ESP); hence, measures must be taken to prevent data manipulation. Mutual authentication between devices, which can prevent impersonation attacks by verifying the counterpart's identity, is a necessary process for secure communication. However, it is difficult to apply existing signature-based authentication in a smart grid system because smart meters, a component of such systems, are resource-constrained devices. In this paper, we consider a smart meter and propose an efficient mutual authentication protocol. The proposed protocol uses a matrix-based homomorphic hash that can decrease the amount of computations in a smart meter. To prove this, we analyze the protocol's security and performance.

• The Journal of the Korea Contents Association
• /
• v.10 no.11
• /
• pp.251-261
• /
• 2010

The research examine countermeasures of community welfare center, total welfare service provider in the local, to establish of identity and revitalization in the rapidly changing social circumstances. It examine countermeasures of the community welfare center in institutional and practical environment of welfare environment. The community welfare center has to provide welfare service which is improvement the quality of life in local, to be as methodical casework facility and to solve the community matters throughout organized residents. Also, comparison with specific welfare center and similar welfare facilities, the community welfare center has to provide differentiation services from totally welfare services. Finally, in privatized and market economic welfare environment, the community welfare center has to have policy countermeasures strategies to survive in competition not only welfare service provider.

• Journal of KIISE:Computer Systems and Theory
• /
• v.32 no.3
• /
• pp.125-132
• /
• 2005

Wireless access always has to include the authentication of communication partners and the encryption of communication data in order to use secure M-Commerce services. However, wireless systems have limitations compared with the wired systems, so we need an efficient authentication and key exchange protocol considering these limitations. In this paper, we propose an efficient authentication and key exchange protocol for M-Commerce users using elliptic curve crypto systems. The proposed protocol reduces the computational load of mobile users because the wireless service provider accomplishes some parts of computations instead of the mobile user, and it uses the password-based authentication in wireless links. Also, it guarantees the anonymity of the mobile user not to reveal directly the real identity of the user to the M-Commerce host, and preserves the confidentiality of communication data between the M-Commerce host and the user not to know the contents of communication between them to others including the wireless service provider.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.9
• /
• pp.1730-1740
• /
• 2016

This paper introduces a guest identity provider system for eduroam which is a global Wi-Fi service targeting users enrolled in higher education and research institutions. Developed eduroam AND (AutheNtication Delegation) system enables users to create their eduroam user accounts and to access eduroam regardless of their locations. Users with no organizational eduroam account therefore can freely access eduroam using the system. A federated authentication model is implemented in the system, and thus the system has merits of having high accessibility, indirectly verifying users and organizations possible, saving management overhead. Status monitoring is essential because authentication request and response messages are routed by eduroam network. eduroam AND performs active monitoring to check service availability and visualizes the results, which increases operational and management efficiency. We leveraged open-source libraries to implement eduroam AND and run the system on KREONET (Korea REsearch Open NETwork). Lastly, we present implementation details and qualitively evaluate the system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.455-472
• /
• 2020

As a user in modern societies with the rapid growth of Internet environment and more complicated business flow processes in order to be effective at work and accomplish things on time when the manager of the company went for a business trip, he/she need to delegate his/her signing authorities to someone such that, the delegatee can act as a manager and sign a message on his/her behalf. In order to make the delegation process more secure and authentic, we proposed a secure and efficient identity-based proxy signcryption in cloud data sharing (SE-IDPSC-CS), which provides a secure privilege delegation mechanism for a person to delegate his/her signcryption privilege to his/her proxy agent. Our scheme allows the manager of the company to delegate his/her signcryption privilege to his/her proxy agent and the proxy agent can act as a manager and generate signcrypted messages on his/her behalf using special information called "proxy key". Then, the proxy agent uploads the signcrypted ciphertext to a cloud service provider (CSP) which can only be downloaded, decrypted and verified by an authorized user at any time from any place through the Internet. Finally, the security analysis and experiment result determine that the proposed scheme outperforms previous works in terms of functionalities and computational time.

• The Journal of the Korea Contents Association
• /
• v.13 no.6
• /
• pp.425-437
• /
• 2013

The object of this study is to determine and prioritize the factors that affect job satisfaction and job continuity intention of an important media content provider group - TV/radio announcers. In this study, the determinant factors are classified as "internal" factors (i.e. career motivation and identity as a member of an organization) and "external" factors such as reputation and prestige. A survey was conducted among active announcers in Korea, and 106 responded. The data was processed by multiple regression analysis. The result showed that organizational identity affected the job satisfaction and job continuity intention most, and perceived external prestige affected least. In conclusion, announcer's job satisfaction and job continuity intention have more meaningful relationship with internal factors than with external factors.

• International Journal of Computer Science & Network Security
• /
• v.24 no.3
• /
• pp.23-28
• /
• 2024

The multi-tenancy and high scalability of the cloud have inspired businesses and organizations across various sectors to adopt and deploy cloud computing. Cloud computing provides cost-effective, reliable, and convenient access to pooled resources, including storage, servers, and networking. Cloud service models, SaaS, PaaS, and IaaS, enable organizations, developers, and end users to access resources, develop and deploy applications, and provide access to pooled computing infrastructure. Despite the benefits, cloud service models are vulnerable to multiple security and privacy attacks and threats. The SaaS layer is on top of the PaaS, and the IaaS is the bottom layer of the model. The software is hosted by a platform offered as a service through an infrastructure provided by a cloud computing provider. The Hypertext Transfer Protocol (HTTP) delivers cloud-based apps through a web browser. The stateless nature of HTTP facilitates session hijacking and related attacks. The Open Web Applications Security Project identifies web apps' most critical security risks as SQL injections, cross-site scripting, sensitive data leakage, lack of functional access control, and broken authentication. The systematic literature review reveals that data security, application-level security, and authentication are the primary security threats in the SaaS model. The recommended solutions to enhance security in SaaS include Elliptic-curve cryptography and Identity-based encryption. Integration and security challenges in PaaS and IaaS can be effectively addressed using well-defined APIs, implementing Service Level Agreements (SLAs), and standard syntax for cloud provisioning.

• Architectural research
• /
• v.18 no.1
• /
• pp.21-29
• /
• 2016

Importance of FM has rapidly increased because of its growing business. However, due to lack of clarity and identity of FM in professional areas, standardization of FM became to be imperative in such a rapidly changing global business environment. Facility services are defined as the provision of support the primary activities of an organization, delivered by an internal or external provider. Majority of FM activities are services related to 'space and infrastructure' and 'people and organization' (CEN, 2011). The purpose of this study is to investigate definitions and characteristics of FM from both globally and domestic environment, by comparison with international or national standards, to identify quality management in FM and service characteristics of FM, to investigate the differences in service level elaboration in FM, and to suggest standard issues of quality management in FM service quality. This study examines contents of the European Standards in FM, Part 3 'Guidance on quality in Facility Management, especially for the process of QM standardized by CEN (2011) and explores undefined issues such as service level, measurement metrics according to service characteristics of FM. The European FM Standard guides the common process of QM in terms of requirements specification, service level elaboration, measurement metrics development although it does not specifically address various service levels, specific performance metrics and indicators.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.5
• /
• pp.1343-1356
• /
• 2013

Cloud computing has emerged as perhaps the hottest development in information technology at present. This new computing technology requires that the users ensure that their infrastructure is safety and that their data and applications are protected. In addition, the customer must ensure that the provider has taken the proper security measures to protect their information. In order to achieve fine-grained and flexible access control for cloud computing, a new construction of hierarchical attribute-based encryption(HABE) with Ciphertext-Policy is proposed in this paper. The proposed scheme inherits flexibility and delegation of hierarchical identity-based cryptography, and achieves scalability due to the hierarchical structure. The new scheme has constant size ciphertexts since it consists of two group elements. In addition, the security of the new construction is achieved in the standard model which avoids the potential defects in the existing works. Under the decision bilinear Diffie-Hellman exponent assumption, the proposed scheme is provable security against Chosen-plaintext Attack(CPA). Furthermore, we also show the proposed scheme can be transferred to a CCA(Chosen-ciphertext Attack) secure scheme.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.23
• /
• pp.291-320
• /
• 2004

Electronic transaction using electronic documents be carried without direct person to person meeting, there is the possibility to use other's identity illegally without notice and to verity authenticity of transaction. It is very hard to find out that the electronic documents on the process of submitting is forged documents or not and also has much difficulty in maintaining transmitting secret. Therefore, to solve such problems on electronic transactions, certification system with cryptography skill are inevitably necessary. Also there is needed legal base in the electronic document as functional equivalent of the paper document. Recently there are so many commercial certification service provider(CPS) such as Identrus, Bolero, TEDI but their establishment of CPS, certification process, guideline and so on are different each CPS. Therefore, this kind of situation can make user confuse. To introduce and develop the electronic certification in the international electronic commerce not domestic electronic commerce, it need to authorize and operate certification authority under the uniform regulation base. But, because the laws and guidelines that related to electronic certification system are different among the nations and international organizations, it need to compare laws and guidelines. In conclusion, the most important thing to resolve problems surrounded certification and develope certification system in the international electronic commerce make uniform rule of international electronic certification to recognize internationally from each nation or at least, need to harmony laws and guideline in each nations.