• Journal of the Korea Society for Simulation
• /
• v.28 no.4
• /
• pp.67-74
• /
• 2019

As the market for Internet of Things (IoT) service grows, the security issue of the data from IoT devices becomes more important. In this paper, we implemented a cryptographic library for confidentiality of sensor data from Android Things based IoT services. The library made use of the SEED algorithm for encryption/decryption of data and we verified the library by implementing a service environment. With the library, the data is securely encrypted and stored in the database and the service environment is able to represent the current sensing status with the decrypted sensor data. The contribution of this work is in verifying the usability of SEED based encryption library by implementation in IoT sensor based service environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.1
• /
• pp.131-146
• /
• 2012

As one of the four basic technologies of IOT (Internet of Things), M2M technology whose advance could influence on the technology of Internet of Things has a rapid development. Mobile Payment is one of the most widespread applications in M2M. Due to applying wireless network in Mobile Payment, the security issues based on wireless network have to be solved. The technologies applied in solutions generally include two sorts, encryption mechanism and authentication mechanism, the focus in this paper is the authentication mechanism of Mobile Payment. In this paper, we consider that there are four vital things in the authentication mechanism of Mobile Payment: two-way authentication, re-authentication, roaming authentication and inside authentication. Two-way authentication is to make the mobile device and the center system trust each other, and two-way authentication is the foundation of the other three. Re-authentication is to re-establish the active communication after the mobile subscriber changes his point of attachment to the network. Inside authentication is to prevent the attacker from obtaining the privacy via attacking the mobile device if the attacker captures the mobile device. Roaming authentication is to prove the mobile subscriber's legitimate identity to the foreign agency when he roams into a foreign place, and roaming authentication can be regarded as the integration of the above three. After making a simulation of our proposed authentication mechanism and analyzing the existed schemes, we summarize that the authentication mechanism based on the mentioned above in this paper and the encryption mechanism establish the integrate security framework of Mobile Payment together. This makes the parties of Mobile Payment apply the services which Mobile Payment provides credibly.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2014.06a
• /
• pp.144-145
• /
• 2014

IoT (Internet of Things) is connected to all things Internet-based people and things, things and objects that communicate information between said intelligent technologies and services. Shipping each of a variety of devices that act independently from each other, but, it is actively interlock with each other is not easy practically days. Ship it within the means of communication, the communication between the ship, the communication between ship and shore configuration, SAN (Ship Area Network), RFID/USN, broadband communications, satellite communications and IT technology to a variety of marine environments for the safe navigation the ship's safety management system for the configuration you want to discuss the plan.

• International journal of advanced smart convergence
• /
• v.5 no.3
• /
• pp.27-31
• /
• 2016

High-tech industries in a state well enough to troubleshoot hacking information introduction a big barrier to delay the growth of the market related to IoT(Internet of Things) as is likely to be on the rise. This early on, security issues introduced in the solution, a comprehensive solution, including the institutional laws/precautions needed. Recent examples of frequent security threats while IoT is the biggest issue of introducing state-of-the-art industry information due to the vulnerable security hacking. This high-tech industries in order to bridge the information responsible for the target attribute, target range, and the protection of security and how to protect the subject, IoT environment (domestic industrial environment) considering the approach is needed. IoTs with health care and a wide variety of services, such as wearable devices emerge. This ensures that RFID/USN-based P2P/P2M/M2M connection is the implementation of the community. In this study, the issue on the high-tech industrial information and the vulnerable security issues of IoT are described.

• Journal of Korea Multimedia Society
• /
• v.18 no.12
• /
• pp.1483-1491
• /
• 2015

Applications of Internet of Things (IoT) supply various conveniences, however unsolved security problems such as personal privacy, data manipulation cause harm to persons, even nations and an limit the applicable areas of Internet of IoT technology. Therefore, study about secure and efficient security system on IoT are required. This paper proposes ID-based remote user authentication scheme in IoT environments. Proposed scheme provides untraceability of users by using different pseudonym identities in every session and reduces the number of variables. Our proposal is secure against inside attack, smart card loss attack, user impersonation attack, server masquerading attack, online/offline password guessing attack, and so on. Therefore, this can be applied to the lightweight IoT environments.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.473-474
• /
• 2014

Radio frequency identification system (RFID) is an automatic technology and aids machines or computers to identify objects, record metadata or control individual target through wireless waves. Connecting RFID reader to the terminal of Internet, the readers can identify, track and monitor the objects attached with tags globally, automatically, and in real time, if needed. This is the so-called Internet of Things (IOT). RFID is often seen as a prerequisite for the IOT. This paper surveys the technologies of RFID and IOT, discusses the applications and challenges of RFID technology used in IoT.

• Journal of Korea Multimedia Society
• /
• v.20 no.12
• /
• pp.1928-1939
• /
• 2017

Fog computing is another paradigm of the cloud computing, which extends the ubiquitous services to applications on many connected devices in the IoT (Internet of Things). In general, if we access a lot of IoT devices with existing cloud, we waste a huge amount of bandwidth and work efficiency becomes low. So we apply the paradigm called fog between IoT devices and cloud. The network architecture based on cloud and fog computing discloses the security and privacy issues according to mixed paradigm. There are so many security issues in many aspects. Moreover many IoT devices are connected at fog and they generate much data, therefore light and efficient security mechanism is needed. For example, with inappropriate encryption or authentication algorithm, it causes a huge bandwidth loss. In this paper, we consider issues related with data encryption and authentication mechanism in the network architecture for cloud and fog-based M2M (Machine to Machine) IoT services. This includes trusted encryption and authentication algorithm, and key generation method. The contribution of this paper is to provide efficient security mechanisms for the proposed service architecture. We implemented the envisaged conceptual security check mechanisms and verified their performance.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.12
• /
• pp.4739-4758
• /
• 2015

The IPv4 addressing scheme, which was proposed by IETF in 1981, provides 4.3 billion unique 32-bit IP addresses but has been fully exhausted in Feb, 2011. This exhaustion of unique IP addresses poses significant challenges to the addition of new devices to the Internet as well as offering new services. Internet of Things, which provides interconnected uniquely identifiable devices in the existing Internet infrastructure, will be greatly affected by the lack of unique IP addresses. In order to connect to the existing Internet infrastructure, every new device needs a uniquely identified IP address for communication. It has been estimated that by the year 2020 more than 30 billion devices would be connected to the Internet. In order to meet the challenge of such vast requirement of unique IP addresses, the devices in IoT will have to adopt IPv6, which is the latest version of Internet Protocol. IPv6 uses 128-bit IP addresses and offers 2¹²⁸ unique IP addresses. Therefore, it expands IPv4 and provides new features of end to end connections as well as new services. In this paper, the various challenges with respect to providing connectivity, security, mobility, etc., have been discussed and how IPv6 helps in meeting those challenges.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.17-28
• /
• 2019

6LoWPAN based on IEEE 802.15.4 is a realistic standard platform for various Internet of Things (IoT) applications. To bootstrap the LoWPAN (Low-power Wireless Personal Area Network), each device must perform 6LoWPAN-ND address registration to assign a unique IPv6 address. Without adequate security mechanisms, 6LoWPAN-ND is vulnerable to a variety of security attacks including corrupted node attacks. Several security mechanisms have been proposed as a supplement to the vulnerability, but the vulnerability exists because it relies solely on IEEE 802.15.4 hop-by-hop security. In this paper, we propose and analyze a vulnerability of 6LoWPAN-ND address registration and a new security mechanism suitable for preventing the attack of damaged node. It also shows that the proposed security mechanism is compatible with the Internet Engineering Task Force (IETF) standard and is more efficient than the mechanism proposed in the IETF 6 lo WG.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.12
• /
• pp.5654-5668
• /
• 2018

Driven by security and real-time demands of Internet of Things (IoT), the timing of fog computing and edge computing have gradually come into place. Gateways bear more nearby computing, storage, analysis and as an intelligent broker of the whole computing lifecycle in between local devices and the remote cloud. In fog computing, the edge broker requires X-aware capabilities that combines software programmability, stream processing, hardware optimization and various connectivity to deal with such as security, data abstraction, network latency, service classification and workload allocation strategy. The prosperous of Field Programmable Gate Array (FPGA) pushes the possibility of gateway capabilities further landed. In this paper, we propose a software-defined gateway (SDG) scheme for fog computing paradigm termed as Fog Computing Zero-Knowledge Gateway that strengthens data protection and resilience merits designed for industrial internet of things or highly privacy concerned hybrid cloud scenarios. It is a proxy for fog nodes and able to integrate with existing commodity gateways. The contribution is that it converts Privacy-Enhancing Technologies rules into provable statements without knowing original sensitive data and guarantees privacy rules applied to the sensitive data before being propagated while preventing potential leakage threats. Some logical functions can be offloaded to any programmable micro-controller embedded to achieve higher computing efficiency.