• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.3 no.4
• /
• pp.313-318
• /
• 2002

The Integration of agent technology and security technology is needed to many application areas like electronic commerce. This paper suggests a model of extended multi-agent engine which supports privacy, integrity, authentication and non-repudiation on agent communication. Each agent which is developed with the agent engine is composed of agent engine layer and agent application layer. We describe and use the concepts self-to-self messages, secure communication channel, and distinction of KQML messages in agent application layer and messages in agent engine layer. The suggested agent engine provides an agent communication language which is extended to enable secure communication between agents without any modifications or restrictions to content layer and message layer of KQML. Also, in the model of our multi-agent engine, secure communication is expressed and processed transparently on the agent communication language.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.2
• /
• pp.119-126
• /
• 2012

Local monitoring is an effective technique in securing data of wireless sensor networks. Existing solutions require high communication cost for detecting false data and this results in a network lifetime being shortened. This paper proposes novel techniques of monitoring based secure data aggregation and filtering false data in wireless sensor networks. The aim is to reduce energy consumption in securing data aggregation. An aggregator and its monitoring node perform data aggregation in a 60o sextant cluster. By checking Message Authentication Codes (MAC), aggregation data will be dropped by a forward aggregator if data aggregated by the aggregator and data monitored by the monitoring node are inconsistent. The simulation shows that the proposed protocol can reduce the amount of average energy consumption about 64% when comparing with the Data Aggregation and Authentication protocol (DAA)[1]. Additionally, the network lifetime of the proposed protocol is 283% longer than that of DAA without any decline in data integrity.

• Journal of Positioning, Navigation, and Timing
• /
• v.8 no.2
• /
• pp.79-85
• /
• 2019

The mission tasks of polar exploration utilizing unmanned systems such as glacier monitoring, ecosystem research, and inland exploration have been expanded. To facilitate unmanned exploration mission tasks, precise and robust navigation systems are required. However, limitations on the utilization of satellite navigation system are present due to satellite orbital characteristics at the polar region located in a high latitude. The orbital inclination of global positioning system (GPS), which was developed to be utilized in mid-latitude sites, was designed at $55^{\circ}$. This means that as the user is located in higher latitudes, the satellite visibility and vertical precision become worse. In addition, the use of satellite-based wide-area augmentation system (SBAS) is also limited in higher latitude regions than the maximum latitude of signal reception by stationary satellites, which is $70^{\circ}$. This study proposes a local-area augmentation system that additionally utilizes Global Navigation Satellite System (GLONASS) considering satellite navigation system environment in Polar Regions. The orbital inclination of GLONASS is $64.8^{\circ}$, which is suitable in order to ensure satellite visibility in high-latitude regions. In contrast, GLONASS has different system operation elements such as configuration elements of navigation message and update cycle and has a statistically different signal error level around 4 m, which is larger than that of GPS. Thus, such system characteristics must be taken into consideration to ensure data integrity and monitor GLONASS signal fault. This study took GLONASS system characteristics and performance into consideration to improve previously developed fault detection algorithm in the local-area augmentation system based on GPS. In addition, real GNSS observation data were acquired from the receivers installed at the Antarctic King Sejong Station to analyze positioning accuracy and calculate test statistics of the fault monitors. Finally, this study analyzed the satellite visibility of GPS/GLONASS-based local-area augmentation system in Polar Regions and conducted performance evaluations through simulations.

• Journal of Navigation and Port Research
• /
• v.38 no.4
• /
• pp.391-397
• /
• 2014

Wide Area Differential GNSS(WA-DGNSS) was developed in order to improve the accuracy and integrity performance of GNSS. In this paper, overall structure of Pseudolite-Based Augmentation System(PBAS) and experimental methods which enables the post-processing test with commercial receiver will be described. For generating augmenting message, GPS measurement collected from five NDGPS reference stations were processed by reference station S/W and master station S/W. The accuracy of augmenting message was tested by comparing SP3, IONEX data. In the test, RF signal of user was collected and correction data were generated. After that, RF signal was broadcasted with pseudolite signal. Test was conducted using three commercial receiver and the performance was compared with MSAS and standalone user. From the position output of each receiver, it was shown that improved position was obtained by applying augmenting message.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.1
• /
• pp.136-141
• /
• 2006

The IEEE 802.1x can be using various user authentication mechanisms: One-Time Password, Certificate-Based TLS, Challenge/Response and Keberos through EAP(Extended Authentication Protocol). But, IEEE 802.1x also has vulnerabilities about the DoS, the session hijacking and the Man in the Middle attack due to the absence of AP authentication. In this paper, we propose a WLAN secure system which can offer a safety secure communication and a user authentications by intensified the vulnerability of spoofing and DoS attacks. The suppose system offers a safe secure communication because it offers sending message of integrity service and also it prevents DoS attack at authentication initial phase.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.3
• /
• pp.872-885
• /
• 2015

The rapid increase of smart mobile devices and mobile applications has led to explosive growth of data traffic in cellular network. Offloading data traffic becomes one of the most urgent technical problems. Recent work has proposed to exploit opportunistic communications to offload cellular traffic for mobile data dissemination services, especially for accepting large delayed data. The basic idea is to deliver the data to only part of subscribers (called target-nodes) via the cellular network, and allow target-nodes to disseminate the data through opportunistic communications. Human mobility shows temporal and spatial characteristics and predictability, which can be used as effective guidance efficient opportunistic communication. Therefore, based on the regularity of human mobility we propose NodeRank algorithm which uses the encounter characteristics between nodes to choose target nodes. Different from the existing work which only using encounter frequency, NodeRank algorithm combined the contact time and inter-contact time meanwhile to ensure integrity and availability of message delivery. The simulation results based on real-world mobility traces show the performance advantages of NodeRank in offloading efficiency and network redundant copies.

• Journal of KIISE
• /
• v.41 no.11
• /
• pp.885-891
• /
• 2014

A hash function is an essential cryptographic algorithm primitive that is used to provide integrity to many applications such as message authentication codes and digital signatures. In this paper, we introduce a concept and test method for a Cryptographic Algorithm Validation Program (CAVP). Also, we design an SHA-3 CAVP program and implement an SHA-3 algorithm in 16bit-UICC. Finally, we compare the efficiency of SHA-3 with SHA-2 and evaluate the exellence of the SHA-3 algorithm.

• Journal of Korea Multimedia Society
• /
• v.20 no.12
• /
• pp.1928-1939
• /
• 2017

Fog computing is another paradigm of the cloud computing, which extends the ubiquitous services to applications on many connected devices in the IoT (Internet of Things). In general, if we access a lot of IoT devices with existing cloud, we waste a huge amount of bandwidth and work efficiency becomes low. So we apply the paradigm called fog between IoT devices and cloud. The network architecture based on cloud and fog computing discloses the security and privacy issues according to mixed paradigm. There are so many security issues in many aspects. Moreover many IoT devices are connected at fog and they generate much data, therefore light and efficient security mechanism is needed. For example, with inappropriate encryption or authentication algorithm, it causes a huge bandwidth loss. In this paper, we consider issues related with data encryption and authentication mechanism in the network architecture for cloud and fog-based M2M (Machine to Machine) IoT services. This includes trusted encryption and authentication algorithm, and key generation method. The contribution of this paper is to provide efficient security mechanisms for the proposed service architecture. We implemented the envisaged conceptual security check mechanisms and verified their performance.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2002.05d
• /
• pp.941-946
• /
• 2002

지문인식 시스템이 네트워크 기반에서 서버 매칭 형식으로 운영될 경우 클라이언트 매칭과는 달리 데이터의 전송과정에 많은 취약성이 존재한다. 지문인식은 휴대의 불편함이 없고, 분실이나 도난의 위험성도 없으며, 추측이 거의 불가능하므로 높은 안전성을 제공하는 장점을 가지고 있다. 그러나 지문데이터는 한 번 도난을 당하거나 네트워크 상에서 전송 도중 공격자를 통해 도청이 된다면 그 사용자는 앞으로 지문인식을 이용할 수 없다는 단점이 존재한다. 이에 대하여 전송 포맷 기술과 전송 데이터 보안의 표준화가 이루어지고 있다. 따라서 본 논문에서는 클라이언트에서 추출한 지문 특징점 데이터를 매칭을 위해 서버로 데이터를 전송할 경우 무결성의 적합성을 검증하기 위한 도구를 구현하였다. 신분위장 및 재전송 공격들의 위협으로부터 안전한 사용자 신분 확인을 보장하기 위해서 전송되는 지문 데이터의 인중, 무결성, 기밀성이 요구되며, 이를 위해 지문 데이터의 MAC(Message Authentication Code)과 암호화 기법을 이용하였다. 이때 전송 데이터의 기밀성을 위해서 Triple-DES와 SEED 암호 알고리즘을 사용하였고 무결성을 위해 MD5와 SHA-1 해쉬 함수를 사용하였다. 클라이언트에서 데이터를 전송할 때 두 가지의 지문데이터를 전송하는 실험을 통하여 결과를 비교하였다. 첫째, 변조된 지문데이터를 전송하였을 경우 데이터가 변조되었음을 알려주는 결과를 보여준다. 둘째, 변조되지 않은 지문데이터를 전송하였을 경우 이 데이터는 변조되었다는 메시지를 출력함으로써 무결성 검증 실험은 이루어진다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.11
• /
• pp.2459-2464
• /
• 2009

In sensor network there are no nodes or servers that are exclusively responsible for packet forwarding and routing. Instead, sensor nodes participating in network communications perform these activities. Thus, they are vulnerable to the alteration and forgery of message in the process of packet forwarding and routing. To solve this problem, a security to ensure authentication and integrity of routing and forwarding messages should be required. To do this, we propose the hash chain-based digital signature model where it takes less time to compute in generating and verifying the digital signature model, unlike he public key-based digital signature model, and verify if this model is proper by comparing computation times between tow models.