• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.59-67
• /
• 2003

PMI(Privilege Management Infrastructure) certificates as well as Public-Key certificates must be validated before being used. Validation for a PMI certificate requires PMI certificate path validation, and PKC(Public-Key Certificate) path validations for each entity in the PMI certificate path. This validation work is quite complex and burdened to PMI certificate verifiers. Therefore, this paper suggests a delegated PMI certificate validation that uses specialized validation server, and defines a validation protocol which is used between validation server and client.

• Journal of Digital Convergence
• /
• v.12 no.9
• /
• pp.219-223
• /
• 2014

In line with the advanced wireless communication technology, M2M (Machine-to-Machine) communication has drawn attention in industry. M2M communication features are installed and operated in the fields where human accessibility is highly limited such as disaster, safety, construction, health and welfare, climate, environment, logistics, culture, defense, medical care, agriculture and stockbreeding. In M2M communication, machine replaces people for automatic communication and countermeasures as part of unmanned information management and machine operation. Wireless M2M inter-device communication is likely to be exposed to intruders' attacks, causing security issues, which warrants proper security measures including cross-authentication of whether devices are legitimate. Therefore, research on multiple security protocols has been conducted. The present study applied SessionKey, HashFunction and Nonce to address security issues in M2M communication and proposed a safe protocol with reinforced security properties. Notably, unlike most previous studies arguing for the security of certain protocols based on mathematical theorem proving, the present study used the formal verification with Casper/FDR to prove the safety of the proposed protocol. In short, the proposed protocol was found to be safe and secure.

• Review of KIISC
• /
• v.10 no.4
• /
• pp.11-21
• /
• 2000

본 논문에서는 PKI(Public Key Infrastructure)의 주요 응용 프로토콜 중에서, 인증서를 발급하고 인증서를 전달하는 절차, 인증기관간의 믿음을 확장하기 위한 상호 인증과 관련된 절차, 인증기관이 인증서를 발급 받는 최종개체의 공개키에 대응되는 개인키를 소유하고 있음을 증명하는 개인키 소유 증명(POP: Proof Of Propession)절차, 인증기관의 암호키 생신을 위한 절차 등과 같은 인증서에 대한 관리 프로토콜(CMP: Certificate Management Protocol)에 대하여 중점적으로 논의 하고자 한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.06a
• /
• pp.103-104
• /
• 2007

• Proceedings of the Korea Multimedia Society Conference
• /
• 2003.05b
• /
• pp.27-31
• /
• 2003

본 논문은 그름 멤버들간의 안전한 통신을 위한 그룹키 관리(Group key management)에 대한 새로운 방법을 제안한다. 제안된 방식은 선형 셀룰러 오토마타를 이용해서 생성된 involution 특성을 갖는 기본 암호 프리미티브를 이용하여 비밀 공유키를 생성한다. 제안된 방식은 공모에 대한 위협을 근본적으로 방지할 수 있는 특징을 가지고 있다.

• Journal of Chest Surgery
• /
• v.49 no.6
• /
• pp.427-434
• /
• 2016

Background: Recent studies have demonstrated the benefits of off-pump coronary bypass grafting over the on-pump technique in patients with chronic kidney disease (CKD). To further reduce the risk of acute kidney injury and the need for renal replacement therapy, even in patients undergoing off-pump coronary artery bypass grafting, we adopted protocol-based perioperative management for patients with CKD. Methods: From December 2012 to March 2015, 265 patients underwent isolated off-pump coronary artery bypass grafting. To analyze renal function in a stable condition, we excluded 12 dialysis-dependent end stage renal failure and 10 emergency or urgent cases. Among the remaining 243 patients, 208 patients had normal kidney function (normal group), and 35 patients had CKD (CKD group). Minimizing contrast exposure, ensuring adequate hydration, using strict drug dosage adjustment, and optimizing hemodynamic status were key elements of the protocol for the CKD group. Results: The risk of acute kidney injury was about ${\times}3$ higher in the CKD group than in the normal group (p=0.01). Estimated glomerular filtration rates and serum creatinine levels deteriorated until the third postoperative day in the CKD group. However, by adopting protocol-based perioperative management, this transient renal dysfunction recovered to preoperative levels by the fifth postoperative day without requiring renal replacement therapy in all cases. Conclusion: Off-pump coronary bypass surgery combined with this protocol-based perioperative management strategy in patients with non-dialysis-dependent CKD could mostly be performed without renal replacement therapy.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.3 no.4
• /
• pp.207-217
• /
• 2008

A novel scheme is presented for Traffic Encryption Key (TEK) rekeying with low communication overhead for an Internet Protocol television (IPTV) conditional access system over Data-Over-Cable Service Interface Specifications (DOCSIS) 3.0. The proposed scheme utilizes the DOCSIS system synchronization for periodic TEK rekeying instead of a conventional TEK rekeying negotiation process. Analysis shows that the communication overhead is only 0.012 Kbps when TEK rekeying frequency is 1 second.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2012.05a
• /
• pp.89-92
• /
• 2012

Wireless Mesh Network expanded the capability of the conventional wireless networking by allowing the nodes to operate in proactive mode, reactive mode or the combination of both, the hybrid mode in the multi-hopping nature. By doing so, the links between the nodes become much more robust and reliable because of the number of paths to reach a destination node from a source node can be more than 1 and do not need to rely on the access point (AP) alone to relay the messages. As there may be many possible ways to form an end-to-end link between 2 nodes, the routing security becomes another main concern of the 802.11s protocol. Besides its reliance on the 802.11i for the security measures, 802.11s also includes some new features such as the Mesh Temporal Key (MTK) and the Simultaneous Authentication of Equals (SAE). The authentication and key management (AKM) process of 802.11s were observed in this paper.

• Journal of the Korean Society of Safety
• /
• v.25 no.6
• /
• pp.203-209
• /
• 2010

A compact ANSI/EIA 709.1 protocol analyzer system suited for maintenance of LonWorks network for safety management of underground facilities was developed and tested. The hardware is based on the TMS320LF2406A embedded system, and the software was designed using Visual C++6.0 under Windows XP environment. Connected to the LonWorks network the developed protocol analyzer decodes the raw packets and pass them to the master PC through USB port. Then on the PC the packets are processed and analyzed in various aspects and the key features that are essential to the maintenance of LonWorks network installed at underground facilities are displayed in a user-friendly format. Performance of the developed protocol analyzer was evaluated through a series of experiments, by measuring the speed of packet analysis and the error rate. The protocol analyzer proved to work reliably even under the increased bandwidth. However, more comprehensive tests under various underground environmental conditions are desired.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.2
• /
• pp.55-69
• /
• 2010

This article proposed the authentication protocol for peer-to-peer resource sharing community. The proposed protocol does not require a priori information for generating and exchanging authentication key. Also this protocol can provide the delicate access control by allowing the user(authenticator) to assign the trust level to the authentication supplicant, which can be used to decide if the resource providing node will accept the resource sharing request from a resource requesting node. Trust Relationship Chaining provides the environment where trust levels (included in the trust table) of nodes in the resource sharing community are propagated among nodes when trust tables are exchanged between two nodes engaged in mutual authentication process and authentication refresh so that any two nodes which are not directly mutual-authenticated can assign the trust level each other for the access control for resource sharing. In the proposed protocol a node can implements the authentication refresh continuously to verify the effectiveness of authentication after mutual authentication so that the authentication of new node or authentication revocation(effectiveness cancellation) of the departed node can be propagated to the all the nodes in RSC and eventually safe resource sharing community is configured.