• 한국컴퓨터정보학회논문지
• /
• 제28권3호
• /
• pp.59-65
• /
• 2023

다양한 분야에서 블록체인을 적용한 연구가 활발하게 증가함에 따라 블록체인의 사용자를 증명하는 개인키의 관리가 중요하게 되었다. 개인키를 분실하게 되면 본인의 모든 데이터에 대한 권한을 잃게 된다. 이에 대한 문제점을 해결하고자 기존에는 블록체인 지갑, 부분 정보를 이용한 개인키 복구, 분산 저장을 통한 개인키의 복구 등을 제안하였다. 본 논문에서는 Shamir's Secrete Sharing(SSS) 스킴과 생체정보를 이용하여 안전한 개인키의 백업 및 복구 방안을 제안하고 이에 대한 안전성을 메시지 교환시의 견고성, 재생공격, 중간자 공격 및 위변조 공격에 대해 평가한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권12호
• /
• pp.4725-4747
• /
• 2020

Software defined networking (SDN) is considered to be one of the most promising paradigms in the future. To solve the scalability and performance problem that a single and centralized controller suffers from, the distributed multi-controller architecture is adopted, thus forms multi-domain SDN. In a multi-domain SDN network, it is of great importance to ensure a reliable control plane. In this paper, we focus on the reliability problem of multi-domain SDN against controller failure from perspectives of backup controller deployment and controller replication. We firstly propose a placement algorithm for backup controllers, which considers both the reliability and the cost factors. Then a controller replication mechanism based on shared data storage is proposed to solve the inconsistency between the active and standby controllers. We also propose a shared data storage layout method that considers both reliability and performance. Besides, a fault recovery and repair process is designed based on the controller backup and shared data storage mechanism. Simulations show that our approach can recover and repair controller failure. Evaluation results also show that the proposed backup controller placement approach is more effective than other methods.

• 정보처리학회논문지C
• /
• 제16C권3호
• /
• pp.335-346
• /
• 2009

정보통신이 발달함에 따라서 모바일 환경은 주된 통신 환경으로 자리잡았다. 모바일 환경은 유선환경 보다 개방된 네트워크 특성으로 인하여, 서비스를 이용함에 따라 사용자의 개인정보에 대한 스니핑이나 피싱, 불법 단말기의 사용으로 개인정보가 노출 될 수 있다. 따라서 신뢰 컴퓨팅을 표준화 하고 있는 TCG(Trusted Computing Group)는 모바일 환경의 보안을 위해 하드웨어 기반의 보안 모듈인 MTM(Mobile Trusted Module)을 제안하였다. MTM은 플랫폼에 임베디드되어 사용자 프라이버시와 플랫폼 무결성을 보호하고 물리적으로 안전하지만 강한 보안 기능을 제공하는 만큼 비밀 데이터를 다른 곳으로 이전할 때 보안적인 접근이 요구된다. 본 논문에서는 TCG 보안 기술과 함께 암호키 이전 방안에 대해서 살펴보고, 키 백업과 복구를 적용한 안전한 암호키 이전 방안을 제안한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권4호
• /
• pp.1911-1930
• /
• 2017

Overlay routing has emerged as a promising approach to improve reliability and efficiency of the Internet. The key to overlay routing is the placement and maintenance of the overlay infrastructure, especially, the selection and placement of key relay nodes. Spurred by the observation that a few relay nodes with high betweenness centrality can provide more optimal routes for a large number of node pairs, we propose a resilient routing overlay network construction method by introducing Super-Relay nodes. In detail, we present the K-Minimum Spanning Tree with Super-Relay nodes algorithm (SR-KMST), in which we focus on the selection and connection of Super-Relay nodes to optimize the routing quality in a resilient and scalable manner. For the simultaneous path failures between the default physical path and the overlay backup path, we also address the selection of recovery path. The objective is to select a proper one-hop recovery path with minimum cost in path probing and measurement. Simulations based on a real ISP network and a synthetic Internet topology show that our approach can provide high-quality overlay routing service, while achieving good robustness.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권9호
• /
• pp.4023-4043
• /
• 2016

Network virtualization has been regarded as a core attribute of the Future Internet. In a network virtualization environment (NVE), multiple heterogeneous virtual networks can coexist on a shared substrate network. Thus, a substrate network failure may affect multiple virtual networks. In this case, it is increasingly critical to provide survivability for the virtual networks against the substrate network failures. Previous research focused on mechanisms that ensure the resilience of the virtual network. However, the resource efficiency is still important to make the mapping scheme practical. In this paper, we study the survivable virtual network embedding mechanisms against substrate link and node failure from the perspective of improving the resource efficiency. For substrate link survivability, we propose a load-balancing and re-configuration strategy to improve the acceptance ratio and bandwidth utilization ratio. For substrate node survivability, we develop a minimum cost heuristic based on a divided network model and a backup resource cost model, which can both satisfy the location constraints of virtual node and increase the sharing degree of the backup resources. Simulations are conducted to evaluate the performance of the solutions. The proposed load balancing and re-configuration strategy for substrate link survivability outperforms other approaches in terms of acceptance ratio and bandwidth utilization ratio. And the proposed minimum cost heuristic for substrate node survivability gets a good performance in term of acceptance ratio.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제16권3호
• /
• pp.861-876
• /
• 2022

Cryptoassets such as Bitcoin and Ethereum are widely traded around the world. Cryptocurrencies are also transferred between investors. Cryptocurrency has become a new and attractive means of remittance. Thus, blockchain-based smart contracts also attract attention when central banks design digital currencies. However, it has been discovered that a significant amount of cryptoassets on blockchain are lost or stranded for a variety of reasons, including the loss of the private key or the owner's death. To address this issue, we propose a method for recoverable transactions that would replace the traditional transaction by allowing cryptoassets to be sent to a backup account address after a deadline has passed. We provide the computational workload required for our method by analyzing the prototype. The method proposed in this paper can be considered as a good model for digital currency design, including central bank digital currency (CBDC).

• 해양환경안전학회지
• /
• 제27권3호
• /
• pp.429-438
• /
• 2021

The mandatory installation of the ECDIS (Electronic Chart Display and Information System) became an important navigational equipment for navigation officer. In addition, ECDIS is a key component of the ship's digitalization in conjunction with various navigational equipment. Meanwhile, cyber-attacks emerge as a new threat along with digitalization. Damage caused by cyber-attacks is also reported in the shipping sector, and IMO recommends that cybersecurity guidelines be developed and included in International Security Management (ISM). This study analyzed the cybersecurity hazards of ECDIS, where various navigational equipment are connected. To this end, Importance-Performance Analysis (IPA) was conducted on navigation officer using ECDIS. As a result, the development of technologies for cyber-attack detection and prevention should be priority. In addition, policies related to 'Hardware and Software upgrade', 'network access control', and 'data backup and recovery' were analyzed as contents to be maintained. This paper is significant in deriving risk factors from the perspective of ECDIS users and analyzing their priorities, and it is necessary to analyze various cyber-attacks that may occur on ships in the future.

• 한국통신학회논문지
• /
• 제28권7B호
• /
• pp.605-619
• /
• 2003

주기억장치 DBMS(MMDBMS)는 디스크가 아닌 주기억장치를 주요 저장 매체로서 사용하므로 고속의 처리를 요구하는 다양한 데이터베이스 응용을 효과적으로 지원한다. 본 논문에서는 차세대 MMDBMS Tachyon의 인덱스 관리자 개발에 관하여 논의한다. 최근 하드웨어의 급격한 발전으로 인하여 주기억장치 액세스 속도와 CPU의 처리 속도의 차는 점점 커지고 있다. 따라서 CPU 내에 있는 캐쉬(cache)의 존재를 충분히 활용하는 자료 구조 및 알고리즘을 고안함으로써 MMDBMS의 성능을 크게 개선시킬 수 있다. 본 논문에서는 Tachyon를 위한 캐쉬-인지 인덱스 관리자의 개발 중에 경험한 실질적인 구현 이슈들을 언급하고, 이들에 대한 해결 방안을 제시한다. 본 논문에서 다루는 주요 이슈들은 (1) 캐쉬(cache)의 효과적인 사용, (2)인덱스 엔트리 및 인덱스 노드의 집약적 표현(compact representation). (3) 가변 길이 키(variable-length key)의 지원, (4) 다중 애트리뷰트 키(multiple-attribute key)의 지원, (5) 중복키(duplicated key)의 지원. (6) 인덱스를 위한 시스템 카탈로그의 정의. (7) 외부 API(application programming interface)의 정의. (8) 효과적인 동시성 제어 방안. (9) 효율적인 백업 및 회복 방안 등이다. 또한, 다양한 실험을 통한 성능 분석을 통하여 제안된 인덱스 관리자의 우수성을 규명한다.