• Journal of Korea Multimedia Society
• /
• v.12 no.9
• /
• pp.1323-1332
• /
• 2009

In this paper, we analyze security weakness of 4-Way Handshake in IEEE 802.11i and propose fast and secure 2-Way Handshake mechanism. Compute PTK(Pairwise Transient Key) using sequence number instead of random numbers in order to protect Replay attack and DoS attack. Also, proposed 2-Way Handshake mechanism can mutual authenticate between mobile station and access point and derive PTK using modified Re-association Request and Re-association Response frames. And, compare with others which are fast and secure Handoff mechanisms.

• Proceedings of the Korean Information Science Society Conference
• /
• 2011.06a
• /
• pp.112-115
• /
• 2011

Healthcare is one of the biggest industries that consume IT Infrastructure as a necessity. A reliable reach to secure private information is the essential goal. Most of the healthcare organizations either have their own custom solutions developed or third part CRM software tailored to their needs. This culture satisfies the usability internal to the organization but lacks the ability to provide public access to the users or even to take a step ahead and collaborate with like minded institutes for research and potential growth. Emergence of cloud computing has provided us the opportunity to take a step ahead and build applications available to users on a secure platform, with ability to scale the resources depending on the requirements. The effective use of hybrid and community cloud can create rock solid foundations for healthcare IT Infrastructure. These cloud deployment models not only caters the present needs of healthcare IT Infrastructure but also opens the possibilities to build applications and provide secure and reliable access beyond the limits of organizational boundaries.

• Journal of information and communication convergence engineering
• /
• v.1 no.4
• /
• pp.183-188
• /
• 2003

The $4^{th}$ generation mobile communications, through several radio access networks such as WLAN, Bluetooth, UMTS, GPRS, CDMA 1X, and IMT-2000 in the same area offering different type of coverage, will support interactive multimedia services in additions to wider bandwidths, higher bit rates, and service portability. Regardless of various radio access networks, they will also support robust security mechanisms, as well as seamless mobility and common authentication. In this paper, we give an overview of WLAN security and examine its security problems. We also explain the enhanced security schemes, such as port-based authentication, EAP, and IEEE 802.1X. For secure wireless communications, several possible security solutions are offered and evaluated in various respects to improve WLAN security. This paper will make a contribution to provide more secure wireless communications to cellular operators embracing WLAN technology as a means to generate new revenues based on data services.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.844-847
• /
• 2011

Wireless mesh network (WMN) is a type of mobile ad-hoc network consists of wireless router, mobile clients and gateway which connects the network with the Internet. To provide security in the network it is required to encrypt the message sent among the communicating nodes in such way so that only legitimate user can retrieve the original data. Several security mechanisms have been proposed so far to enhance the security of WMN. However, there still exists a need for a comprehensive mechanism to prevent attacks in data communication. Considering the characteristic of mesh network, in this paper we proposed a public key cryptography based security architecture to establish a secure key agreement among communicating nodes in mesh network. The proposed security architecture consists of two major sections: client data protection and network data protection. Client data protection deals with the mutual authentication between the client and the access router and provide client to access router encryption for data confidentiality using standard IEEE 802.11i protocol. On the other hand, network data protection ensures encrypted routing and data transfer in the multi hop backbone network. For the network data protection, we used the pre-distributed public key to form a secure backbone infrastructure.

• Journal of Internet Computing and Services
• /
• v.12 no.2
• /
• pp.123-133
• /
• 2011

This paper introduces security problems on the video surveillance systems where the network cameras are equipped at remote places and isolated from the updated and secure environment and proposes a framework for a proxy server that is delegated to connect to network cameras by providing a secure connections from the clients. The server in the framework is deployed within a secure network, secretes the information for connection to cameras and authenticates the clients. Additionally, it provides a secure video service incorporating multi-level privileges for both images and clients through a encryption key distribution and management facility. Through an implementation of the server and a its deployment, it was proved that In this server implement to multi network camera and we confirm compare direct access to network camera equal video quality of service and it can be protection network camera. We expect that can be secure and integral management about traditional network camera through experimental result.

• Journal of Multimedia Information System
• /
• v.1 no.1
• /
• pp.23-43
• /
• 2014

With the rapidity of the development on electronic technology, various mobile devices are produced to make human life more convenient. The user is always in constant search of middle with ease of deployment. Therefore, the development of infrastructure and application with ubiquitous nature gets a growing keen interest. Recently, the number of pervasive network services is expanding into ubiquitous computing environment. To get desired services, user presents personal details about this identity, location and private information. The information transmitted and the services provided in pervasive computing environments (PCEs) are exposed to eavesdropping and various attacks. Therefore, the need to protect this environment from illegal accesses has become extremely urgent. In this paper, we propose an anonymous authentication and access control scheme to secure the interaction between mobile users and services in PCEs. The proposed scheme integrates a biometric authentication in PKI model. The proposed authentication aims to secure access remote in PCE for guaranteeing reliability and availability. Our authentication concept can offer pervasive network service users convenience and security.

• Journal of Internet Computing and Services
• /
• v.9 no.4
• /
• pp.69-77
• /
• 2008

I propose adding users’Media Access Control (MAC) addresses to standard X.509 certificates to provide more secure authentication. The MAC address can be added by the issuing Certification Authority (CA) to the "extensions" section of the X.509 certificate. I demonstrate that when two users with MAC address information on their digital certificates communicate, the MAC address on the first user’s certificate can be easily verified by the second user. In this way, security can be improved without markedly degrading system performance and the level of initial trust between participants in virtual communities will be improved.

• IEIE Transactions on Smart Processing and Computing
• /
• v.2 no.3
• /
• pp.176-187
• /
• 2013

Message replay, malicious Access Point (AP) associations and Denial of Service (DoS) attacks are the major threats in Wireless LANs. These threats are possible due to a lack of proper authentication and insecure message communications between wireless devices. Current wireless authentication & key exchange (AKE) schemes and security protocols (WEP, WPA and IEEE 802.11i) are not sufficient against these threats. This paper presents a novel Secure WLAN Authentication Scheme (SWAS). The scheme introduces the delegation concept of mobile authentication in WLANs, and provides mutual authentication to all parties (Wireless Station, Access Point and Authentication Server). The messages involved in the process serve both authentication and key refreshing purposes. The scheme enhances the security by protecting the messages through cryptographic techniques and reduces the DoS impact. The results showed that cryptographic techniques do not result in extra latencies in authentication. The scheme also reduces the communication cost and network overhead.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.60 no.2
• /
• pp.416-422
• /
• 2011

Smart grid is the next generation intelligent power grid that combines the existing electric power infrastructure and information infrastructure. It can optimize the energy efficiency in both directions, suppliers and power consumers to exchange information in real time. In smart grid environments, with existing network security threats due to the smart grid characteristics, there are additional security threats. In this paper, we propose a security mechanism that provides mutual authentication and key agreement between a remote user and the device. The proposed mechanism has some advantages that provides secure mutual authentication and key agreement and secure against a replay attack and impersonation attacks.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.3
• /
• pp.87-98
• /
• 2009

This paper discuss secure information flow analysis and its visualization. Information leak is defined as existence of information flow from variables which have user's private informations to variables that anyone can access. Secure information flow analysis has been made to decide of whether the information leak is or not. There are many researches for secure information flow analysis concerning high level programming languages. But actually, programs that user executes don't have program source code represented in high level programming language. Thus there is need for analysis of program represented in low level language. More to analysis, visualization of analysis is very important. So, this paper discuss visualization of secure information flow analysis. In this paper, Mini x86 Assembly Language which is subset of x86 assembly language is defined and secure information flow analysis of program is proposed. In addition, this paper defines transfer function that is used for analysis and shows how to visualize control flow graph.