• 제목/요약/키워드: Information secure service

검색결과 859건 처리시간 0.045초

안전한 통신 서비스를 제공하는 향상된 SSL(Secure Socket Layer) 기반 정보보호 시스템의 설계 (The Design Of Improved Information Security System based on SSL(Secure Socket Layer) For Providing Secure Communication Services)

  • 유성진
    • 한국통신학회논문지
    • /
    • 제25권9A호
    • /
    • pp.1387-1394
    • /
    • 2000
  • SSL 프로토콜은 최근 네트워크 시스템에서 광범위하게 사용되는 메카니즘중의 하나이다. 본 논문에서는 SSL 프로토콜을 기반으로 향상된 정보보호 메커니즘을 설계하였다. 여기에서는 네가지 중요한 정보보호 서비스를 제공한다. 첫번째는 SSL에서 제공하는 인증서를 이용한 인증서비스이고, 두번째는 DES 암호 알고리즘을 이용한 메시지 암호화 서비스이다. 세번째는 해쉬 알고리즘을 이용한 메시지의 무결성 서비스이고 네번째는 부인봉쇄 정보 서비스이다. 그러므로, 정보는 본 논문에서 특별히 설계된 부인봉쇄 서비스를 이용한 정보보호 메커니즘을 통해 안전하게 전송된다.

  • PDF

A Study on secure authentication system using integrated authentication service

  • Lee, Hyung-Su
    • 한국컴퓨터정보학회논문지
    • /
    • 제22권2호
    • /
    • pp.59-63
    • /
    • 2017
  • Recently, Certificate has been loosed 100 times in a four years as Phising or hacking. The service that use certificate in financial services occurs practical and secure issues. Therefore, the Korea government abolished the mandatory system used in the certificate service. However, they did not provide a replacing method for a certificate. And is not to fill the gaps of the certificate with one time password or secure card. Therefore this paper is propose the alternative method with total authentication service, that is lead the more secure electronic commercial.

안전한 P2P 정보보호 서비스를 위한 키 분배 프로토콜에 관한 연구 (A Study on the Key Distribution Protocol for Secure P2P information Security Service)

  • 이준석
    • 산업융합연구
    • /
    • 제6권1호
    • /
    • pp.57-72
    • /
    • 2008
  • In this study, general outline of P2P(peer to peer) application was analyzed dealing with security attacks and threats on the P2P environment. Information security service was studied to provide secure P2P service under the information threats. This study proposes two methods to provide secure information security service. One is a method to use personal firewall software on the peer. The other is a method to use key distribution protocol for confidentiality and integrity.

  • PDF

Secure Communication Schemes over ISO/IEEE 11073-20601 for Smart Healthcare Service

  • Kim, Sang Kon;Kim, Tae Kon
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제16권7호
    • /
    • pp.2225-2238
    • /
    • 2022
  • For advanced healthcare services, a variety of agents should maintain reliable connections with the manager and communicate personal health and medical information. The ISO/IEEE 11073 standards provide convenient interoperability and the optimized exchange protocol (OEP) supports efficient communication for devices. However, the standard does not specify secure communication, and sensitive personal information is easily exposed through attacks. Malicious attacks may lead to the worst results owing to service errors, service suspension, and deliberate delays. All possible attacks on the communication are analyzed in detail, and the damage is specifically identified. In this study, novel secure communication schemes over the 20601 OEP are proposed by introducing an authentication process while maintaining compatibility with existing devices. The agent performs a secure association with the manager for mutual authentication. However, communication with mutual authentication is not completely free from attacks. Message encryption schemes are proposed for concrete security. The authentication process and secure communication schemes between the secure registered agent (SRA) and the secure registered manager (SRM) are implemented and verified. The experimental analysis shows that the complexities of the SRA and SRM are not significantly different from those of the existing agent and manager.

QoS Guaranteed Secure Network Service Realization using Global User Management Framework (GUMF);Service Security Model for Privacy

  • Choi, Byeong-Cheol;Kim, Kwang-Sik;Seo, Dong-Il
    • 제어로봇시스템학회:학술대회논문집
    • /
    • 제어로봇시스템학회 2005년도 ICCAS
    • /
    • pp.1586-1589
    • /
    • 2005
  • GUMF (Global User Management Framework) that is proposed in this research can be applied to next generation network such as BcN (Broadband convergence Network), it is QoS guaranteed security framework for user that can solve present Internet's security vulnerability. GUMF offers anonymity for user of service and use the user's real-name or ID for management of service and it is technology that can realize secure QoS. GUMF needs management framework, UMS (User Management System), VNC (Virtual Network Controller) etc. UMS consists of root UMS in country dimension and Local UMS in each site dimension. VNC is network security equipment including VPN, QoS and security functions etc., and it achieves the QoSS (Quality of Security Service) and CLS(Communication Level Switching) functions. GUMF can offer safety in bandwidth consumption attacks such as worm propagation and DoS/DDoS, IP spoofing attack, and current most attack such as abusing of private information because it can offer the different QoS guaranteed network according to user's grades. User's grades are divided by 4 levels from Level 0 to Level 3, and user's security service level is decided according to level of the private information. Level 3 users that offer bio-information can receive secure network service that privacy is guaranteed. Therefore, GUMF that is proposed in this research can offer profit model to ISP and NSP, and can be utilized by strategy for secure u-Korea realization.

  • PDF

SSL(Secure Socket Layer) 기반에서 향상된 정보보호 메커니즘의 설계 (The Design of Improved Information Security Mechanism based on SSL(Secure Socket Layer))

  • 최성;유성진;김성열;정일용
    • 한국정보처리학회:학술대회논문집
    • /
    • 한국정보처리학회 2000년도 제13회 춘계학술대회 및 임시총회 학술발표 논문집
    • /
    • pp.318-323
    • /
    • 2000
  • SSL 프로토콜은 최근 네트워크 시스템에서 광범위 하게 사용되는 메카니즘중의 하나이다. 본 논문에서는 SSL 프로토콜을 기반으로 향상된 정보보호 메커니즘을 설계하였다. 여기에서는 네가지 중요한 정보보호 서비스를 제공한다. 첫번째는 SSL에서 제공하는 인증서를 이용한 인증서비스이고, 두번째는 DES 암호 알고리즘을 이용한 메시지 암호화 서비스이다. 세번째는 해쉬 알고리즘을 이용한 메시지의 무결성 서비스이고 네번째는 부인봉쇄 정보 서비스이다. 그러므로, 정보는 본 논문에서 특별히 설계된 부인봉쇄 서비스를 이용한 정보보호 메커니즘을 통해 안전하게 전송된다.

  • PDF

A Secure Location-Based Service Reservation Protocol in Pervasive Computing Environment

  • Konidala M. Divyan;Kim, Kwangjo
    • 한국정보보호학회:학술대회논문집
    • /
    • 한국정보보호학회 2003년도 동계학술대회
    • /
    • pp.669-685
    • /
    • 2003
  • Nowadays mobile phones and PDAs are part and parcel of our lives. By carrying a portable mobile device with us all the time we are already living in partial Pervasive Computing Environment (PCE) that is waiting to be exploited very soon. One of the advantages of pervasive computing is that it strongly supports the deployment of Location-Based Service(s) (LBSs). In PCE, there would be many competitive service providers (SPs) trying to sell different or similar LBSs to users. In order to reserve a particular service, it becomes very difficult for a low-computing and resource-poor mobile device to handle many such SPs at a time, and to identify and securely communicate with only genuine ones. Our paper establishes a convincing trust model through which secure job delegation is accomplished. Secure Job delegation and cost effective cryptographic techniques largely help in reducing the burden on the mobile device to securely communicate with trusted SPs. Our protocol also provides users privacy protection, replay protection, entity authentication, and message authentication, integrity, and confidentiality. This paper explains our protocol by suggesting one of the LBSs namely“Secure Automated Taxi Calling Service”.

  • PDF

적응적 서비스 모드에 기반한 이동보안멀티캐스트 구조 및 프로토콜에 관한 연구 (A Study of Secure Mobile Multicast Architecture and Protocol based on Adaptive Service Mode)

  • 안재영;구자범;박세현;이재일
    • 정보보호학회논문지
    • /
    • 제12권2호
    • /
    • pp.153-172
    • /
    • 2002
  • 본 논문은 이동환경에서 다수의 이동 단말을 대상으로 안전하고 효율적인 멀티캐스트 실현하는 이동보안멀티캐스트 구조 및 프로토콜을 제안하고자 한다. 제안된 이동보안멀티캐스트 구조 및 프로토콜은 이동 단말의 움직임에 따라 적응적으로 이동보안멀티캐스트 서비스를 제공해 줌으로써, 전송지연을 낮추고 키갱신 횟수를 줄임과 동시에 이동 단말의 이동으로 인한 서비스 끊김 및 데이터 손실을 방지하여 이동보안멀티캐스트 서비스의 QoS를 높였다.

핀테크의 보안 고려사항에 대한 연구 (A Study on the FinTech : The consideration of the Security)

  • 이유진;장범환;이영숙
    • 디지털산업정보학회논문지
    • /
    • 제12권3호
    • /
    • pp.111-123
    • /
    • 2016
  • Recently, mobile devices have been widely used. Therefore, the service users want that are not constrained by time and space. Among them, electronic payment services, mobile finance service is enjoying a tremendous popularity. The FinTech is the result of the fusion of finance and ICT(Information & Communication Technology). Security experts is pointed the FinTech security risk. New technology and Innovative FinTech services are even available, Insecure FinTech services is insignificant. In this paper we were surveyed market and product trends of FinTech and analyzed the threats about FinTech. Also, we analyzed the security considerations for FinTech using a questionnaire. As a result, users considers secure payment process and privacy. Therefore, we proposed security considerations for each vulnerability. So, we must be resolved of security technology and policy issues. If establishing a secure payment process and the unclear legal issue is resolved, FinTech service will provide a secure financial services to the user.

SPKI/SDSI 인증서를 이용한 Jini 기반의 안전한 이벤트 서비스 설계 및 구현 (Design and implementation of Jini-based secure event service using SPKI/SDSI certificate)

  • 박희만;김인수;이영록;이형효;노봉남
    • 정보보호학회논문지
    • /
    • 제16권5호
    • /
    • pp.3-13
    • /
    • 2006
  • 컴퓨팅 기기들이 점점 산재되고, 기기들의 이동성 또한 증가되면서, 동기적이고 직접적인 점대점 통신 모델은 여러 형태의 분산 컴퓨팅 환경에 적용하기에 적합하지 않다. 이벤트 서비스와 같은 간접통신 모델을 이용하면, 분산 환경에서의 응용들 사이의 결합도를 감소시키고 많은 정적인 요구들을 제거할 수 있는 이점이 있다. 본 논문에서는 신뢰할 수 있는 유비쿼터스 환경을 만들기 위해 Jini 기반의 안전한 이벤트 서비스를 설계하고 구현한다. 구현된 이벤트 서비스는 내용기반의 검색이 가능하고, 정당한 권한을 지닌 제공자와 소비자만이 이벤트를 주고받을 수 있도록 한다. 이벤트 서비스에 인증과 인가기능을 제공하기 위해 SPKI/SDSI 인증서를 이용하고, 이벤트 제공자와 소비자의 분리, 이동기기의 연결 끊김 지원, 내용기반의 검색을 위해 Jini의 자바스페이스를 확장하여 구현한다.