• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.4
• /
• pp.13-23
• /
• 2017

In order to protect personal information and important information (confidential information, sales information, user information, etc.) in the internal network, companies and organizations apply encryption to the Server-To-Server or Server-To-Client communication section, And are experiencing difficulties due to the increasing number of known attacks and intelligent security attacks. In order to apply the existing S / W encryption technology, it is necessary to modify the application. In the financial sector, "Comprehensive Measures to Prevent the Recurrence of Personal Information Leakage in the Domestic Financial Sector" has been issued, and standard guidelines for financial computing security have been laid out, and it is required to expand the whole area of encryption to the internal network. In addition, even in environments such as U-Health and Smart Grid, which are based on the Internet of Things (IoT) environment, which is increasingly used, security requirements for each collection gateway and secure transmission of the transmitted and received data The requirements of the secure channel for the use of the standard are specified in the standard. Therefore, in this paper, we propose a secure encryption algorithm through mutual authentication and grouping for each node through H / W based Network Control Server (NCS) applicable to internal system and IoT environment provided by enterprises and organizations. We propose a protocol design that can set the channel.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.04a
• /
• pp.457-458
• /
• 2017

최근 다양한 IT 제품의 발달로 사물 간 필요한 정보를 교환하는 IoT환경이 발전 하고 있다. IoT 디바이스는 특정 사용자만 접근 가능하도록 보호된 네트워크의 필요성이 증가하고 있다. IoT 디바이스들이 안전하게 통신하기 위해서는 무엇보다 안전한 인증체계가 확립되어야 하지만 저전력, 저사양 기기들에 그대로 사용하기에는 어려움이 따른다. 이에 본 논문은 OAuth 프로토콜을 이용하여 IoT환경에서 안전한 사용자 인증을 연구하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.513-515
• /
• 2014

IoT 디바이스의 범위와 서비스 시장의 확산과 함께, 스마트홈 환경에서 사용되는 디바이스의 종류도 점점 증가하고 있다. 이에 따라 IoT 디바이스의 제어 및 관리의 관점에서 사용자 도용, 불법적인 접근 같이 다양한 보안 위협도 고려해야 한다. 이러한 위협으로 인해 스마트홈 내 디바이스 간의 신뢰적인 인증이 필수적으로 갖춰야할 요구사항이 되었다. 즉, 스마트홈 내에서 유효한 권한을 가진 디바이스의 접근만을 허용하여 안전한 서비스를 제공해야 한다. 본 논문에서는 스마트홈 네트워크 환경에서 IoT 디바이스 간 신뢰적으로 통신할 수 있도록, 댁내 인증서 기반의 디바이스 등록 및 인증서 발급 절차와 디바이스 인증 및 서비스 제공 절차를 통한 IoT 디바이스 상호 인증 방안을 제안한다.

• Journal of Digital Convergence
• /
• v.14 no.10
• /
• pp.295-302
• /
• 2016

Many countries, especially ICT powers, are supporting IoT-based technology at a national level and this technology is actively being researched in the businesses and research institutes in an aim to develop technology and create an ecosystem. Roads in the Seoul city are building public facilities based on IoT to provide various services and conveniences for the users. However, for the full-fledged introduction and development of IoT, there are many cases where infringement on security and privacy and threat for life and safety happen. Also, as the IoT environment includes various environment technologies such as the existing sensor network, heterogeneous communication network, and devices optimized for the IoT environment, it inherits the existing security threat and various attack techniques. This paper researches the attribute based encryption technology for safe communication in the IoT environment. The data collected from the device is transmitted utilizing the attribute based encryption and by designing the key generation protocol, grades and authorities for the device and users are identified to transmit safe messages.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.1
• /
• pp.35-41
• /
• 2016

Internet of Things (IoT) services are widely used in appliances of daily life and industries. IoT services also provide various conveniences to users and are expected to affect value added of all industries and national competitiveness. However, a variety of security threats are increased in IoT environments and lowers reliability of IoT devices and services that make some obstacles for commercialization. The attacks arising in IoT environments are making industrial and normal life accidents unlike existing information leak and monetary damages, and can expand damage scale of leakage of personal information and privacy more than existing them. To solve these problems, we design a session key based access control scheme for secure communications in IoT environments. The proposed scheme reinforces message security by generating session key between device and access control network system. We analyzed the stability of the proposed access scheme in terms of data forgery and corruption, unauthorized access, information disclosure, privacy violations, and denial of service attacks. And we also evaluated the proposed scheme in terms of permission settings, privacy indemnity, data confidentiality and integrity, authentication, and access control.

• International Journal of Computer Science & Network Security
• /
• v.24 no.6
• /
• pp.67-76
• /
• 2024

The Internet of Things (IoT) has revolutionized communication and device operation, but it has also brought significant security challenges. IoT networks are structured into four levels: devices, networks, applications, and services, each with specific security considerations. Personal Area Networks (PANs), Local Area Networks (LANs), and Wide Area Networks (WANs) are the three types of IoT networks, each with unique security requirements. Communication protocols such as Wi-Fi and Bluetooth, commonly used in IoT networks, are susceptible to vulnerabilities and require additional security measures. Apart from physical security, authentication, encryption, software vulnerabilities, DoS attacks, data privacy, and supply chain security pose significant challenges. Ensuring the security of IoT devices and the data they exchange is crucial. This paper utilizes the Random Forest Algorithm from machine learning to detect anomalous data in IoT devices. The dataset consists of environmental data (temperature and humidity) collected from IoT sensors in Oman. The Random Forest Algorithm is implemented and trained using Python, and the accuracy and results of the model are discussed, demonstrating the effectiveness of Random Forest for detecting IoT device data anomalies.

• Journal of Digital Convergence
• /
• v.15 no.5
• /
• pp.235-240
• /
• 2017

Recently, Internet of things have been applied to various fields and are becoming common in our everyday life. Everything in our daily lives is networked, interacting with each other and giving us more useful effects. In this paper, we implemented an algorithm that can illuminate the LED lighting to the authorized person 's place in the network environment connected with the authentication device only once with the user authentication. User authentication in one building User authenticated through a single user search for the location of the user's lab stored in the database using the certified information and LED lights up to the lab where the user works. Through this, unnecessary energy is generated because people do not pass frequently.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.04a
• /
• pp.262-265
• /
• 2017

IoT 환경에서 사용되는 프로토콜 중 IETF의 CoRE 워킹 그룹에서 채택한 IoT 프로토콜 CoAP가 표준으로 사용되고 있으며 IoT 인증 프로토콜에 대한 연구도 활발하게 이루어지고 있다. CoAP 프로토콜은 저전력, 저용량 메모리 등의 제한된 환경에서 IoT 센서 디바이스들 간의 통신을 지원한다. CoAP 프로토콜은 안전성을 제공하기 위해 DTLS와 함께 사용되는데, 점점 경량화 되어가는 IoT 환경에서 오버헤드가 존재하는 DTLS에 대해 개선되어야 할 사항들이 존재한다. 이를 개선하기 위해 DTLS의 문제점을 해결하기 위한 여러 연구들이 진행되고 있으며, 본 논문에서는 LESS 인증기법을 분석하고 이를 기반으로 보다 향상된 효율성을 제공하는 기법을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.855-858
• /
• 2015

최근 IoT에 대한 관심이 증가되면서 IoT 환경에서 다양한 서비스가 개발되고 있다. IoT를 통해 사물에 센서 혹은 액츄에이터 등 다양한 IT기술을 적용하여 사람과 사물, 공간이 통신을 하게 된다. IoT는 다양한 산업 분야에 적용되고 있으며 우리 생활과 밀접한 영역인 스마트 홈 분야에서도 시장 활성화가 진행되고 있다. 하지만 스마트 홈 환경에서는 인증되지 않은 사용자와 스마트 디바이스를 통한 해킹 및 악성코드 감염 등 다양한 보안 위협이 발생하게 된다. 이를 해결하기 위해 본 논문에서는 IoT 환경에 적합하도록 효율적이며 사용자, 스마트 홈을 연결하는 홈 게이트웨이, 스마트 홈 내의 스마트 디바이스 간 상호 인증을 제공하는 안전하고 효율적인 상호 인증 기법을 제안한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.859-870
• /
• 2020

The MQTT-SN (Message Queuing Telemetry Transport-Sensor Network) protocol is a message transmission protocol used in a sensor-based Internet of Things (IoT) environment. This MQTT-SN protocol is a publish-subscribe model with a broker in the middle of message transmission, and each IoT device sends and receives messages through an intermediary when delivering messages. However, the MQTT-SN protocol does not provide security-related functions such as message security, mutual authentication, access control, and broker security. Accordingly, various security problems have recently occurred, and a situation in which security is required has emerged. In this paper, we review the security requirements of MQTT-SN once again, and propose a modified protocol that improves security while satisfying the constraints in the environment where the resource of IoT to which this protocol is applied is limited. Unlike the existing protocol, the security field and authentication server have been added to satisfy the security requirements. In addition, the proposed protocol is actually implemented and tested, and the proposed protocol is evaluated for practical use in terms of energy consumption.