• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.6
• /
• pp.1320-1326
• /
• 2011

National institutions on the importance of information security is being recognized, information security laws are being discussed in Congress 3.4 DDoS incident and Nonghyup hacking, etc. However, National Assembly Secretariat when the results of the Information Security Consulting has been assessed very low 61.2 points, evaluation of hardware and software in secure areas were vulnerable. This paper, the legislative support agencies National Assembly and National Assembly Secretariat on the network and computer systems, and managerial, technical and physical security elements are analyzed for the status. And network should have the legislative support agencies and system for the physical network separation, DDoS attack response, Virus attack response, hacking attacks response, and Cyber Emergency Response Team/Coordination Center for Cyber infringing design and research through the confidentiality, integrity, availability, access control, authentication and security analysis is based on the evaluation criteria. Through this study, the legislative support agencies to strengthen the security of data and security laws enacted to provide the basis for.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.9
• /
• pp.1955-1964
• /
• 2011

With fast deployment of high-speed networks and various online services, the demand for massive content distribution is also growing fast. An approach that is increasingly visible in communication research community and in industry domain is peer-to-peer (P2P) networks. The P2P swarming technique enables a content distribution system to achieve higher throughput, avoid server or network overload, and be more resilient to failure and traffic fluctuation. Moreover, as a P2P-based architecture pushed the computing and bandwidth cost toward the network edge, it allows scalability to support a large number of subscribers on a global scale, while imposing little demand for equipment on the content providers. However, the P2P swarming burdens message exchange overheads on the system. In this paper, we propose a new protocol which provides confidentiality, authentication, integrity, and access control to P2P swarming. We implemented a prototype of our protocol on Android smart phone platform. We believe our approach can be straightforwardly adapted to existing commercial P2P content distribution systems with modest modifications to current implementations.

• The KIPS Transactions:PartD
• /
• v.10D no.3
• /
• pp.559-566
• /
• 2003

As cell phone and PDA have been in common use recently, there is a growing tendency to utilize the mobile terminals for M-Commerce. The information security and the receipt of e-trade are very important to support reliable digital transactions in wireless environment as in wired environment. Even though some work such as WML digital signature and WPKI has been studied for M-Commerce, there are several problems on the aspects of the functional limitation of the mobile terminals and the unsecure data transformation of WAP gateway. In this study we have designed and implemented a prototype system of issuing and verifying the electronic receipt that guarantees authentication, data integrity and non-repudiation for secure mobile e-commerce. Moreover, we have enhanced the system performance by letting the trusted independent server verify and manage the electronic receipt.

• The KIPS Transactions:PartC
• /
• v.11C no.2
• /
• pp.163-170
• /
• 2004

The additional mechanism Is required to set up a secure connection among the communication subjects in the internet environment. Each entity should transfer and receive the encrypted and hashed data to guarantee the data integrity. Also, the mutual authentication procedure should be processed using a secure communication protocol. The SSL/TLS is a protocol which creates the secure communication channel among the communication subjects and sends/receives a data. Although the OpenSSL which implements the TLS is using by many developers and its stability and performance are proved, it has a difficulty in using because of its large size. So, this Paper designs and implements the secure communication which the users can use easily by modification works of OpenSSL library API. We proved the real application results using the DRM client/server case which supports a secure communication using the implemented API.

• Journal of the Korea Computer Industry Society
• /
• v.2 no.10
• /
• pp.1269-1284
• /
• 2001

The Secure Sockets Layer is a protocol for encryption TCP/IP traffic that provides confidentiality, authentication and data integrity. Also the SSL is intended to provide the widely applicable connection-oriented mechanism which is applicable for various application-layer, for Internet client/server communication security. SSL, designed by Netscape is supported by all clients' browsers and server supporting security services. Now the version of SSL is 3.0. The first official TLS vl.0 specification was released by IETF Transport Layer Security working group in January 1999. As the version of SSL has had upgraded, a lot of vulnerabilities were revealed. SSL and TLS generate the private key with parameters exchange method in handshake protocol, a lot of attacks may be caused on this exchange mechanism, also the same thing may be come about in record protocol. In this paper, we analyze SSL protocol, compare the difference between TLS and SSL protocol, and suggest what developers should pay attention to implementation.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.11
• /
• pp.6849-6855
• /
• 2014

Recently, with the increasing use of smart phones, security issues, such as safety and reliability of the use of the Android application has become a topic to provide services in various forms. An Android application is performed using several important files in the form of an apk file. On the other hand, they may be subject to unauthorized use, such as the loss of rights and privileges due to the insertion of malicious source code of these apk files. This paper examines the Android environment to study ways to define the threats related to the unauthorized use of the application source code, and based on the results of the analysis, to prevent unauthorized use of the application source code. In this paper, a system is provided using a third body to prevent and detect applications that have been counterfeited or forged illegally and installed on Android devices. The application provides services to existing systems that are configured with only the service server that provides users and applications general, This paper proposes the use of a trusted third party for user registration and to verify the integrity of the application, add an institution, and provide a safe application.

• Journal of KIISE:Databases
• /
• v.36 no.5
• /
• pp.352-365
• /
• 2009

Recently, data access control policies have not been applied for authorized or unauthorized persons properly and information leakage incidents have occurred due to database security vulnerabilities. In the traditional database access control methods, administrators grant permissions for accessing database objects to users. However, these methods couldn't be applied for diverse access control policies to the database. In addition, another database security method which uses data encryption is difficult to utilize data indexing. Thus, this paper proposes an enhanced database access control system via a packet analysis method between client and database server in network to apply diverse security policies. The proposed security system can be applied the applications with access control policies related to specific factors such as date, time, SQL string, the number of result data and etc. And it also assures integrity via a public key certificate and MAC (Message Authentication Code) to prevent modification of user information and query sentences.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.4
• /
• pp.769-776
• /
• 2016

TELNET is vulnerable to network attack because it was designed without considering security. SSL/TLS and SSH are used to solve this problem. However it needs additional secure protocol and has no backward compatibility with existing TELNET in this way. In this paper, we have suggested STELNET(Secured Telnet) which supports security functionalities internally so that has a backward compatibility. STELNET supports a backward compatibility with existing TELNET through option negotiation. On STELNET, A client authenticates server by a certificate or digital signature generated by using ECDSA. After server is authenticated, two hosts generate a session key by ECDH algorithm. And then by using the key, they encrypt data with AES and generate HMAC by using SHA-256. After then they transmit encrypted data and generated HMAC. In conclusion, STELNET which has a backward compatibility with existing TELNET defends MITM(Man-In-The-Middle) attack and supports security functionalities ensuring confidentiality and integrity of transmitted data.

• The Journal of the Korea Contents Association
• /
• v.8 no.4
• /
• pp.10-16
• /
• 2008

Quantity of encrypted data that transmitted through the network are increasing by development of encipherment technology. We have many problems; it is caused by technical development and service increase of user requests. It is necessary that create a many encryption key in one web application system. As a result, service quality comes to be low because of increased network traffic and system overload. There must be a system. That should be improved in secure service quality to process data. This paper describes a new approach for design and implementation of distributed encryption key processing for web application system. In this paper, it is based on distributed encipherment key, for the purpose of confidentially, integrity and authentication. It can prevent system degradation from server's data bottleneck and can improve service quality. For distributed encipherment system, we use java object activation technology. It can service while some distributed server are fail.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.849-858
• /
• 2013

In today's mobile computing environment, there are many threats, such as device loss or theft, malware, to the sensitive information stored on end user device. To prevent disclosure of information, encryption and authentication method are properly adjusted to the device. In cryptographic file systems, CBC mode of operation has been commonly used. It requires an IV need not be secret, but must be unpredictable and protect integrity of the IV. In this paper, we propose file system-level encryption mechanism with HSM that satisfy the requirement of the IV and improve the performance. Moreover, Design and experimental results prove the efficiency of our proposed method.