• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1305-1311
• /
• 2016

The smart factory, a combination of ICT technology to the entire production process of a product, means can you intelligent factory is to achieve such reduction and process improvement of the production cost. To implement the smart factory, inevitably must have an internal equipment connections to the external network, this is by equipment which is operated by the existing closure network is exposed to the outside network, the security vulnerability so that gender is increased. In order to solve this problem, it is possible to apply security solutions that are used in normal environments. However, it is impossible to have just completely blocking security threats that can occur in a smart factory network. Further, considering the economic damage that can occur during security breach accident, which cannot be not a serious problem. Therefore, in this paper, a look to know the security measures that can be applied to smart factory, to introduce the main fusion security technology necessary to smart factory dedicated security gateway.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.101-114
• /
• 2011

As it seems like critical information leakages have been increasing due to industrial espionage and malicious internal users, the importance of introducing audit and log security technology is growing every now and then. In this paper, we suggest the session logging system for the company's internal control to meet the SOX legislation level, by monitoring and analyzing users behaviors connecting to the business-critical Operating System. The system proposed in this paper aims to monitor the user's illegal activities in the Operating System, and to present the clear evidence of purpose of those activities by detailed logs. For this purpose, we modified Operating System by adding multiple services suggested in this paper. These services utilize interfaces provided by the existing Operating System and add functions to control access and get logs. The system saves and manages session logs of users or administrators connected to the server with centralized log storage. And the system supports session log searching and lookup features required by SOX legislation for the company's internal controls with the level of computer forensics and logging technology.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.301-304
• /
• 2016

Cyber world constitute the infrastructure of the country and its people and control. Cyber attacks and leakage of personal information are being threatened damage to the national economy and national security. December 2014 had been cyber hacking attacks on Korea Hydro & Nuclear Power Nuclear cooling system design drawings of a spill, and Cheong Wa Dae website hacked, KBS stations occurred in cyber hacking accidents. As a result, ICT-based Protection Act, Promotion of Information and Communications Network Utilization and Information Act on Protection, etc., privacy laws are being enforced, personal information in the form of requirements from leading high-tech eoryeowoona is to prevent the attacks of armed hackers Internet information society It proposes positive measures to keep your personal information officer and laws.

• Journal of Communications and Networks
• /
• v.16 no.4
• /
• pp.363-370
• /
• 2014

Despite several years of intense research, the security and cryptography in wireless sensor networks still have a number of ongoing problems. This paper describes how identification (ID)-based node authentication can be used to solve the key agreement problem in a three-layer interaction. The scheme uses a novel security mechanism that considers the characteristics, architecture, and vulnerability of the sensors, and provides an ID-based node authentication that does not require expensive certificates. The scheme describes the routing process using a simple ID suitable for low power and ID exposure, and proposes an ID-based node authentication. This method achieves low-cost communications with an efficient protocol. Results from this study demonstrates that it improves routing performance under different node densities, and reduces the computational cost of key encryption and decryption.

• Journal of Communications and Networks
• /
• v.14 no.3
• /
• pp.310-318
• /
• 2012

Detecting intrusion attacks accurately and rapidly in wireless networks is one of the most challenging security problems. Intrusion attacks of various types can be detected by the change in traffic flow that they induce. Wireless industrial networks based on the wireless networks for industrial automation-process automation (WIA-PA) standard use a superframe to schedule network communications. We propose an intrusion detection system for WIA-PA networks. After modeling and analyzing traffic flow data by time-sequence techniques, we propose a data traffic prediction model based on autoregressive moving average (ARMA) using the time series data. The model can quickly and precisely predict network traffic. We initialized the model with data traffic measurements taken by a 16-channel analyzer. Test results show that our scheme can effectively detect intrusion attacks, improve the overall network performance, and prolong the network lifetime.

• Journal of Satellite, Information and Communications
• /
• v.12 no.4
• /
• pp.152-156
• /
• 2017

This paper introduces the concept of random security amplification to amplify security in a quantum key distribution system. It seems to provide security amplification using the relationship between quantum error correction and security. In addition;we show that random security amplification in terms of security amplification offers better security than using existing universal hash function. We explain how the universal hash function enhances security using the BB84 protocol, which is a typical example of QKD. Finally, the proposed random security amplification and the conventional scheme compare the security according to the key generation rate in the quantum QKD.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.6
• /
• pp.95-109
• /
• 2006

Elliptic Curve Cryptosystem (ECC) is suitable for resource-constrained devices such as smartcards, and sensor motes because of its short key size. This paper presents an efficient multi-scalar multiplication algorithm which is the main component of the verification procedure in Elliptic Curve Digital Signature Algorithm (ECDSA). The proposed algorithm can make use of a precomputed table of variable size and provides an optimal efficiency for that precomputed table. Furthermore, the given scalar is receded on-the-fly so that it can be merged with the main multiplication procedure. This can achieve more savings on memory than other receding algorithms. Through experiments, we have found that the optimal sizes of precomputed tables are 7 and 15 when uP+vQ is computed for u, v of 163 bits and 233 bits integers. This is shown by comparing the computation time taken by the proposed algorithm and other existing algorithms.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.1
• /
• pp.187-199
• /
• 2016

In this paper, we consider secure communications in multi-hop relaying systems, where multiple decode-and-forward (DF) relays are located at each individual hop and perform cooperative beamforming to improve physical layer security. In order to determine the cooperative relay beamformer at each hop, we propose an iterative beamformer update scheme using semidefinite relaxation and bisection techniques. Numerical results are presented to verify the secrecy rate performance of the proposed scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.3
• /
• pp.87-99
• /
• 2006

In this paper, we propose a method of conditional access control for encrypted SVC(scalable video coding) bitstream. The main purpose of the proposition is to provide a SVC suitable encryption algorithm and a efficient method for conditional access control using encrypted SVC bitstream. We analyzed requirements for conditional access control of a SVC bitstream. And based on the analysis, we proposed encryption algorithm suitable for SVC bitstream and a method of conditional access control of the encryped bitstream. The proposed conditional access control for encrypted SVC bitstream is performed by bitsream extraction and selective decryption. We verified the usefulness of the proposed method through experiments.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.6C
• /
• pp.893-900
• /
• 2004

While security traditionally has been an important issue in information systems, the problem of the greatest concern today is related to the availability of information and continuity of services. Since people and organizations now rely on distributed systems in accessing and processing critical services and mission, the availability of information and continuity of services are becoming more important. Therefore the importance of implementing systems that continue to function in the presence of security breaches cannot be overemphasized. One of the solutions to provide the availability and continuity of information system applications is introducing an intrusion tolerance system. Security mechanism and adaptation mechanism can ensure intrusion tolerance by protecting the application from accidental or malicious changes to the system and by adapting the application to the changing conditions. In this paper we propose an intrusion tolerance model that improves the developmental structure while assuring security level. We also design and implement an adaptive intrusion tolerance system to verify the efficiency of our model by integrating proper functions extracted from CORBA security modules.