• Proceedings of the Korea Information Processing Society Conference
• /
• 2006.05a
• /
• pp.1113-1116
• /
• 2006

Security in wireless sensor networks is very pressing especially when sensor nodes are deployed in hostile environments. To obtain security purposes, it is essential to be able to encrypt and authenticate messages sent amongst sensor nodes. Keys for encryption and authentication must be agreed upon by communicating nodes. Due to resource limitations and other unique features, obtaining such key agreement in wireless sensor network is extremely complex. Many key agreement schemes used in general networks, such as trusted server, Diffie-Hellman and public-key based schemes, are not suitable for wireless sensor networks [1], [2], [5], [7], [8]. In that situation, key pre-distribution scheme has been emerged and considered as the most appropriate scheme [2], [5], [7]. Based on that sense, we propose a new resource-optimal key pre-distribution scheme utilizing merits of the two existing key pre-distribution schemes [3], [4]. Our scheme exhibits the fascinating properties: substantial improvement in sensors' resource usage, rigorous guarantee of successfully deriving pairwise keys between any pair of nodes, greatly improved network resiliency against node capture attack. We also present a detailed analysis in terms of security and resource usage of the scheme.

• 한국정보통신설비학회:학술대회논문집
• /
• 2004.08a
• /
• pp.328-333
• /
• 2004

SK Telecom은 2000년 10월 세계 최초로 기존 IS-95A/B망에서 지원하였던 속도인 14.4Kbps나 56Kbps 보다 훨씬 빠른 최고 144Kbps로 무선인터넷이 가능한 CDMA2000 IX를 상용화 하였다. 또한, 2002년 1월에는 CDMA2000 IX보다 15배 이상 빠른 최대 2.4Mbps가 가능한 동기식 3세대 망인 CDMA2000 IxEV-DO를 세계 최초로 상용화 하였다. 이러한 초고속 무선 인터넷 서비스를 위해서 패킷 데이터 처리에 필수적인 PDSN(Packet Data Serving Node), HA(Home Agent), AAA(Authentication, Authorization and Accounting) 등의 노드들로 구성된 Packet Core Network(이하 PCN)이 도입되었으며, 이에 대한 운용 및 관리 방안이 중요한 issue로 등장하였다. 본 논문에서는 기존의 음성 서비스 관리를 위한 망관리 시스템(Network Management System)과는 다른 개념으로 관리되어야 할 패킷 서비스를 위한 NMS 구축 방안을 제시하고, 필수적인 관리 정보 및 서비스 관리를 위한 방향을 제시한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.605-608
• /
• 2010

An Ad-hoc network will operate properly and provide smooth communication when nodes cooperate mutually with each of them having equal authority. Although it is possible to form a network conisting only of authenticated nodes in order to ensure reliability, authentication by itself is not sufficient to remove malicious nodes and their activities jeopardizing the whole network. Detection and prevention of such activities are vital for maintaining a safe and reliable network, but research on this matter is relatively lacking. Hence a suggestion is made on how to detect and prevent malicious or uncooperative ones among the nodes forming a network by a relationship of mutual trust, thereby maintaining safety and stability of the network and improving its processing abilities

• The KIPS Transactions:PartC
• /
• v.11C no.3
• /
• pp.293-300
• /
• 2004

Ad hoc networks are groups of mobile hosts without any fixed infrastructure. Frequent changes in network topology owing to node mobility make these networks very difficult to manage. Therefore, enhancing the reliability of routing paths in ad hoc networks gets more important. In this paper, we propose a ZRP(Zone Routing Protocol)-based route discovery scheme that can not only reduce the total hops of routing path, but Improve security through authentications between two nodes. And to solve the problem in maintenance of routing paths owing to frequent changes of the network topology, we adopt a query control mechanism. The effectiveness of our scheme is shown by simulation methods.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.12
• /
• pp.2716-2723
• /
• 2010

An Ad-hoc network will operate properly and provide smooth communication when nodes cooperate mutually with each of them having equal authority. Although it is possible to form a network consisting only of authenticated nodes in order to ensure reliability, authentication by itself is not sufficient to remove malicious nodes and their activities jeopardizing the whole network. Detection and prevention of such activities are vital for maintaining a safe and reliable network, but research on this matter is relatively lacking. Hence a suggestion is made on how to detect and prevent malicious or uncooperative ones among the nodes forming a network by a relationship of mutual trust, thereby maintaining safety and stability of the network and improving its processing abilities

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.1-10
• /
• 2021

The Internet of things (IoT) is the main advancement in data processing and communication technologies. In IoT, intelligent devices play an exciting role in wireless communication. Although, sensor nodes are low-cost devices for communication and data gathering. However, sensor nodes are more vulnerable to different security threats because these nodes have continuous access to the internet. Therefore, the multiparty security credential-based key generation mechanism provides effective security against several attacks. The key generation-based methods are implemented at sensor nodes, edge nodes, and also at server nodes for secure communication. The main challenging issue in a collaborative key generation scheme is the extensive multiplication. When the number of parties increased the multiplications are more complex. Thus, the computational cost of batch key and multiparty key-based schemes is high. This paper presents a Secure Multipart Key Distribution scheme (SMKD) that provides secure communication among the nodes by generating a multiparty secure key for communication. In this paper, we provide node authentication and session key generation mechanism among mobile nodes, head nodes, and trusted servers. We analyzed the achievements of the SMKD scheme against SPPDA, PPDAS, and PFDA schemes. Thus, the simulation environment is established by employing an NS 2. Simulation results prove that the performance of SMKD is better in terms of communication cost, computational cost, and energy consumption.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.43-52
• /
• 2005

MIPv4 supports node mobility, manages MN's binding list and provides seamless communication through registration protocol. Since the registration protocol usually operating in the wireless environment involves authenticating MNs, it is a general approach to introduce the AAA infrastructure as key distribution center for the purpose of authentication. In this paper, we propose an efficient registration protocol with lightweight AAA based on domain key. Proposed protocol also withstands various replay attacks, and provides non-repudiation service for the accounts of the usage of the network service.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.12 s.354
• /
• pp.53-60
• /
• 2006

Handover of WiBro is based on 802.16e hard handover scheme. When PSS is handover, it is handover that confirm neighbor's cell condition and RAS ID in neighbor advertisement message. Serving RAS transmits HO-notification message to neighbor RAS. Transmiting HO-notification message to neighbor RAS, it occurs many signaling traffics. Also, When WiBro is handover, It occurs many packet loss. Therefore, user suffer service degradation. LPM handover is supporting seamless handover because it buffers data packets during handover. So It is proposed scheme that predicts is LPM handover and reserves target RAS with pre-authentication. These schemes occur many signaling traffics. In this paper, we propose PSS Movement Prediction to solve signaling traffic. Target RAS is decided by old data in history cache. When serving RAS receives HO-notification-RSP message to target RAS, target RAS inform to crossover node. And crossover node bicast data packet. If handover is over, target RAS forward data packet. Therefore, It reduces signaling traffics but increase handover success rate. When history cache success, It decrease about 48% total traffic. But When history cache fails, It increase about 6% total traffic

• The KIPS Transactions:PartC
• /
• v.19C no.2
• /
• pp.99-118
• /
• 2012

In PMIPv6-based network, mobile nodes can be made smaller and lighter because the network nodes perform the mobility management-related functions on behalf of the mobile nodes. The one of the protocols, Fast Handovers for Proxy Mobile IPv6(FPMIPv6)[1] has studied by the Internet Engineering Task Force(IETF). Since FPMIPv6 adopts the entities and the concepts of Fast Handovers for Mobile IPv6(FMIPv6) in Proxy Mobile IPv6(PMIPv6), it reduces the packet loss. Conventional scheme has proposed that it cooperated with an Authentication, Authorization and Accounting(AAA) infrastructure for authentication of a mobile node in PMIPv6, Despite the best efficiency, without begin secured of signaling messages, PMIPv6 is vulnerable to various security threats such as the DoS or redirect attAcks and it can not support global mobility between PMIPv. In this paper, we analyze Kang-Park & ESS-FH scheme, and then propose an Enhanced Security scheme for FPMIPv6(ESS-FP). Based on the CGA method and the pubilc key Cryptography, ESS-FP provides the strong key exchange and the key independence in addition to improving the weaknesses for FPMIPv6. The proposed scheme is formally verified based on Ban-logic, and its handover latency is analyzed and compared with that of Kang-Park scheme[3] & ESS-FH and this paper propose inter-domain fast handover sheme for PMIPv6 using proxy-based FMIPv6(FPMIPv6).

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.12
• /
• pp.131-139
• /
• 2022

In this paper, to verify the authenticity of UxNB that assists terrestrial base stations, the solutions for SI (System Information) security presented in 3GPP TR 33.809 are analyzed from the perspective of UxNB. According to the definition of 3GPP (Third Generation Partnership Project), UxNB is a base station mounted on a UAV (Unmanned Aerial Vehicle), is carried in the air by the UAV, and is a radio access node that provides a connection to the UE (User Equipment). Such solutions for SI security can be classified into hash based, MAC (Message Authentication Codes) based, and digital signature based, and a representative solution for each category is introduced one by one. From the perspective of verifying the authenticity of UxNB for each solution, we compare and analyze the solutions in terms of provisioning information and update, security information leakage of UxNB, and additionally required amount of computation and transmission. As a result of the analysis, the solution for verifying the authenticity of the UxNB should minimize the secret information to be stored in the UxNB, be stored in a secure place, and apply encryption when it is updated over the air. In addition, due to the properties of the low computing power of UxNB and the lack of power, it is necessary to minimize the amount of computation and transmission.