• Proceedings of the Korea Information Processing Society Conference
• /
• 2000.10b
• /
• pp.1079-1082
• /
• 2000

인터넷에서 호스트의 이동성을 지원해주기 위한 프로토콜인 Mobile IP 의 가장 근 문제점의 하나는 Triangle Routing Problem이며 이를 해결하기 위한 방안으로서 Route Optimization이 있다. 그러나, 이 방식은 Route Optimization 을 위해서 기존의 인터넷 호스트, 즉 Correspondent Node 가 Binding Cache를 유지하고, Encapsulation의 기능을 가져야 하고, Home Agent와 Security Association을 갖도록 변경이 불가피하다. 본 논문에서는 기존 인터넷 호스트에서의 변경을 필요로 하지 않는 새로운 Route Optimization 방안인 Backward-Compatible Route Optimization을 제시한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.10 no.2
• /
• pp.43-54
• /
• 2000

C. Gamage 등은 M. Mambo 의 대리 서명 방시과 Y. Zheng의 signcryption 방식을 이용하여 사용자가 상대 적으로 계산 능력이 뛰어난 서버에 의존하여 암호화 및 서명을 생성할 수 있는 proxy-signcryption 방식을 제안하였다 그러나 그들이 제안한 방식을 실제 응용에 적용할 경우 사용자가 proxy agent를 대신하여 정당한 proxy-signcryption을 생성할 수 있을 뿐만아니라 자신이 전송한 메시지에 대해 부인하는 경우 리를 판단할 수 없으므로 proxy agent를 보호 할 수 없다는 문제점이 있다 따라서 본 논문에서는 대리인 보호형 대리 서명 방식과 N. Asokan 의 S3(Server Supported Signnatures)를 이용하여 proxy agent를 보호할 수 있고 송신자 부인 봉쇄를 제공하여 실제 응용에 적용할 수 있는 proxy-signcryption 방식을 제안하고자 한다. 또한 본 논문에서 제안하는 proxy-signcryption 방식은 한국형 디지털 서명 표준안인 KCDSA(Korean Certificate-based Digital Signature Algorithm)를 이용한다.

• Journal of Electrical Engineering and Technology
• /
• v.12 no.5
• /
• pp.2051-2066
• /
• 2017

This paper deals with reconfigurable secured mobile systems where the reconfigurability has the potential of providing a required adaptability to change the system requirements. The reconfiguration scenario is presented as a run-time automatic operation which allows security mechanisms and the addition-removal-update of software tasks. In particular, there is a definite requirement for filtering and intrusion detection mechanisms that will use fewer resources and also that will improve the security on the secured mobile devices. Filtering methods are used to control incoming traffic and messages, whereas, detection methods are used to detect malware events. Nevertheless, when different reconfiguration scenarios are applied at run-time, new security threats will be emerged against those systems which need to support multiple security objectives: Confidentiality, integrity and availability. We propose in this paper a new approach that efficiently detects threats after reconfigurable scenarios and which is based on filtering and intrusion detection methods. The paper's contribution is applied to Android where the evaluation results demonstrate the effectiveness of the proposed middleware in order to detect the malicious events on reconfigurable secured mobile systems and the feasibility of running and executing such a system with the proposed solutions.

• Convergence Security Journal
• /
• v.8 no.4
• /
• pp.167-179
• /
• 2008

As ubiquitous technology develops, there are many studies to provide various contents proper to users through a mobile device. However, there is a limit of information provision due to a small user interface of a mobile device. This study proposes a system that can solve a problem and provide an intelligent agent model appropriate to a mobile environment and job information positively that an individual user is interested. It is composed of a personalization engine to monitor users' behavior patterns and a learning algorithm to provide information to a mobile device. Analysis shows that preferred job items are different by sex, age and education, while a region affects job searching significantly.

• Journal of KIISE:Information Networking
• /
• v.34 no.1
• /
• pp.41-47
• /
• 2007

The Hierarchical Mobile IPv6 (HMIPv6) has been proposed to accommodate frequent mobility of the Mobile Node and to reduce the signaling load. A Mobility Anchor Point is a router located in a network visited by the Mobile Node. The Mobile Node uses the Mobile Anchor Point as a local Home Agent. The absence of any protections between Mobile Node and Mobile Anchor Point may lead to malicious Mobile Nodes impersonating other legitimate ones or impersonating a Mobile Anchor Point. In this paper, we propose a mechanism of the secure Mobile Anther Point discovery in HMIPv6. The performance analysis and the numerical results presented in this paper show that our proposal has superior performance to other methods.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2001.06a
• /
• pp.492-495
• /
• 2001

다양한 네트워크 시스템이 구축됨에 따라 시스템 해킹 사례도 비례해서 증가하고 있다. 점차 분산화, 자동화, 에이전트화되고 있는 공격 기법에 대하여, 본 논문에서는 최근 네트워크를 통하여 이루어지는 시스템 공격 기법을 살펴보고 그 동향을 분석한다. 그리고, 이를 효과적으로 대응하고 방어할 수 있는 새로운 개념인 능동 보안(Active Security)의 개념을 살펴보고, 핵심 기술인 이동 에이전트의 도입 및 적용에 대하여 논의한다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.56-59
• /
• 2001

본 논문에서는 이동 에이전트 시스템의 특징을 살펴보고, 현재 다양한 네트워크 기술에 응용되고 있는 Java 기술을 적용한 이동 에이전트 시스템을 비교·분석하였다. 이를 기반으로 안전한 이동 에이전트 시스템 구현을 위한 이동 에이전트 시스템 구현 스택(MASIS)을 제안하고 각 계층별 시큐리티 요구사항에 대하여 논의한다.

• Convergence Security Journal
• /
• v.4 no.3
• /
• pp.47-55
• /
• 2004

Currently used to manage a whole bunch of networks is the Client/Server Network Management Technique in which a central manager system supports a number of managed ones. Unfortunately it has a big drawback: wasting network resources, most of all bandwidth, which is mainly caused by too much traffic between the central manager system and the managed ones. In a way to overcome this weak point, we have designed a new type of system, a Configuration Management System (CMS), based on code mobility which has been used in distributed network management systems. In this thesis we have compared the CMS with the currently used network management system, identified class to make Mobile Code, and analyzed the techniques of other network management systems in order to verify the validity of the new system.

• Journal of KIISE:Information Networking
• /
• v.28 no.3
• /
• pp.309-320
• /
• 2001

This paper deals with security issues in a mobile agent system, especially protecting agent data from malicious agent servers. For this purpose, one-time key generation system, OKGS in short, is proposed. In OKGS, we integrate notions of a one-way hash function and a coupler. One-way function plays a major role in ensuring confidentiality and integrity of agent data. And the notion of a coupler is used to establish inter-relationship among consecutive encryption keys for agent data, i.e. all agent keys form a unidirectional chain. With these two features of OKGS, therefore, only the agent owner, who creates the agent bearing data, can decrypt and protect all the agent data which are gathered in the itinerary.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.5
• /
• pp.115-124
• /
• 2005

We propose a new binding update(BU) protocol between mobile node(CN) and correspondent node(CN) for the purpose of preventing redirect attacks and DoS attacks observed from the existing BU protocols and enhancing the efficiency of the BU protocol. Home agent plays a role of both authentication server validating BU message and session key distribution center for MN and CN. Also propose the stateless Diffie-Hellman key agreement based on cryptographically generated address (CGA). Suity of our proposed Protocol is analyzed and compared with other protocols. The proposed protocol is more efficient than previous schemes in terms of the number of message flows and computation overhead and is secure against both redirect and DoS attacks.