• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.14 no.1
• /
• pp.98-103
• /
• 2021

In this study, we propose a group communication technique that guarantees security and expandability by configuring a network consisting of IoT terminals equipped with security functions. As the number of devices participating in the network increases, network resources are proportionally reduced, and adding a security function to the IoT device increases the delay time due to encryption in the IoT device. If the error rate that occurs in the network increases, network resources are quickly consumed due to retransmission. Therefore, IoT terminals are grouped to ensure scalability while supporting security, reducing the consumption of network resources even when the number of participating nodes increases, thus ensuring scalability. For the future implementation, the encryption method used in IoT terminals considered the standard of IEEE802.5.4, and the standardization trend was investigated and classified. The proposed method applies IoT devices that provide security functions of the IEEE802.5.4 standard to the group communication base to ensure reliability and scalability. In the performance evaluation, the effectiveness of the proposed method was confirmed by comparing the delay times when grouping IoT devices with security functions through simulation.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.8 no.1
• /
• pp.51-58
• /
• 2015

Internet of Thing is a collection of various technical components, and the interworking among heterogeneous devices, networks, applications is expected to be accelerated through the openness of IoT platform. For this reason, many technical and administrative security threats will occur in IoT environments. In this paper, authentication methods of recent researches are analyzed for safe IoT services, and new mutual authentication protocol is proposed to provide more secure communication. The proposed protocol prevents an impersonation as malicious gateway or illegal device providing mutual authentication between gateway and IoT device. The performance analysis and evaluation of proposed authentication protocol are performed.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.66 no.12
• /
• pp.1879-1888
• /
• 2017

The Internet of Things (IoT) environment has been gradually approaching reality, and although it provides great convenience, security threats are increasing accordingly. For the IoT environment to settle safely, careful consideration of information security is necessary. Although many security measures in the design and development stages of IoT products have been studied thus far, apart from them, the establishment of systems and countermeasures for post management after the launch of IoT products is also very important. In the present paper, a technical and policy post-security management framework is proposed to provide secure IoT environments. The proposed framework defines the concrete response procedures of individual entities such as users, manufacturers, and competent authorities in the case of the occurrence of security flaws after launching IoT products, and performs appropriate measures such as software updates and recalls based on an assessment of the risk of security flaws.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.04a
• /
• pp.457-458
• /
• 2017

최근 다양한 IT 제품의 발달로 사물 간 필요한 정보를 교환하는 IoT환경이 발전 하고 있다. IoT 디바이스는 특정 사용자만 접근 가능하도록 보호된 네트워크의 필요성이 증가하고 있다. IoT 디바이스들이 안전하게 통신하기 위해서는 무엇보다 안전한 인증체계가 확립되어야 하지만 저전력, 저사양 기기들에 그대로 사용하기에는 어려움이 따른다. 이에 본 논문은 OAuth 프로토콜을 이용하여 IoT환경에서 안전한 사용자 인증을 연구하였다.

• Journal of Information Processing Systems
• /
• v.20 no.1
• /
• pp.116-130
• /
• 2024

In the Internet-of-Things (IoT) or blockchain-based network systems, secure keys may be stored in individual devices; thus, individual devices should protect data by performing secure operations on the data transmitted and received over networks. Typically, secure functions, such as a physical unclonable function (PUF) and fully homomorphic encryption (FHE), are useful for generating safe keys and distributing data in a network. However, to provide these functions in embedded devices for IoT or blockchain systems, proper inspection is required for designing and implementing embedded system-on-chip (SoC) modules through overhead and performance analysis. In this paper, a virtual platform (SoC VP) was developed that includes a secure key generation module with a PUF and FHE. The SoC VP platform was implemented using SystemC, which enables the execution and verification of various aspects of the secure key generation module at the electronic system level and analyzes the system-level execution time, memory footprint, and performance, such as randomness and uniqueness. We experimentally verified the secure key generation module, and estimated the execution of the PUF key and FHE encryption based on the unit time of each module.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.3
• /
• pp.13-19
• /
• 2016

The PSK (Pre-shared Secret Key) based method is appropriate for the IoT environment consisting of lightweight devices since this method requires less computing time and energy than the method to configure the session key based on the public key algorithm. A fundamental prerequisite for the PSK based method is that PSK should have been configured between the communication entities safely in advance. However, in case of a small sensor or actuator, no input and output interface such as keyboard and monitor required for configuration exists, so it is more difficult to configure PSK for such lightweight devices safely in the IoT environment than the previous Internet devices. Especially, normal users lack expertise in security so they face difficulty in configuration. Therefore, the default value configured at the time of manufacturing at factories is used or the device installer configures PSK in most cases. In such case, it is a matter for consideration whether all installers and manufacturers can be trusted or not. In order to solve such problem, this paper proposes a secure bootstrapping scheme, which utilizes the NFC (Near Field Communication) as an OOB (Out-Of-Band) channel, for lightweight devices with limited resources.

• Journal of Internet of Things and Convergence
• /
• v.2 no.2
• /
• pp.15-20
• /
• 2016

MicroSoft Windows 10 IoT version, released in August 2015, successfully drew consumer interest by introducing the familiar Windows into the IoT market, and enabled an easier system construction of IoT web servers. Meanwhile, overdiagnosis has recently emerged as a controversy in medical society. Establishment of communication between IoT servers and medical devices will send treatment results to users and activate communication between hospitals, greatly reducing this problem. The IoT server, with its limited resources, utilizes lightweight protocols that do not generate traffic and are easy to use. This paper proposes IoT networks which will enable medical devices to easily provide ubiquitous environments to their users, through utilization of the lightweight Simple Service Discovery Protocol (SSDP) and the secure Extensible Messaging and Presence Protocol (XMPP).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.955-963
• /
• 2022

The Internet of Things (IoT), combined with various technologies, is rapidly becoming an integral part of our daily life. While it is rapidly taking root in society, security considerations are relatively insufficient, making it a major target for cyber attacks. Since all devices in the IoT environment are connected to the Internet and are closely used in daily life, the damage caused by cyber attacks is also serious. Therefore, encryption communication using a network security protocol must be considered for a service in a more secure IoT environment. A representative network security protocol includes TLS (Transport Layer Protocol) defined by the IETF. This paper analyzes the performance measurement results for TLS version 1.2 and version 1.3 in an IoT device open platform environment to predict the load of TLS, a representative network security protocol, in IoT devices with limited resource characteristics. In addition, by analyzing the performance of each major cryptographic algorithm in version 1.3, we intend to present a standard for setting appropriate network security protocol properties according to IoT device specifications.

• Journal of Information Processing Systems
• /
• v.16 no.4
• /
• pp.975-990
• /
• 2020

Nowadays, the Internet of Things (IoT) network, is increasingly becoming a ubiquitous connectivity between different advanced applications such as smart cities, smart homes, smart grids, and many others. The emerging network of smart devices and objects enables people to make smart decisions through machine to machine (M2M) communication. Most real-world security and IoT-related challenges are vulnerable to various attacks that pose numerous security and privacy challenges. Therefore, IoT offers efficient and effective solutions. intrusion detection system (IDS) is a solution to address security and privacy challenges with detecting different IoT attacks. To develop an attack detection and a stable network, this paper's main objective is to provide a comprehensive overview of existing intrusion detections system for IoT environment, cyber-security threats challenges, and transparent problems and concerns are analyzed and discussed. In this paper, we propose software-defined IDS based distributed cloud architecture, that provides a secure IoT environment. Experimental evaluation of proposed architecture shows that it has better detection and accuracy than traditional methods.

• Journal of Convergence for Information Technology
• /
• v.10 no.7
• /
• pp.7-13
• /
• 2020

IoT which is the core IT of the 4^th industrial revolution, is providing various services from users in the conversion with other industries. The IoT convergence technology is leading the communication paradigm of communication environment in accordance with the increase of convenience for users. However, it is urgently needed to establish the security measures for the rapidly-developing IoT convergence technology. As IoT is closely related to digital ethics and personal information protection, other industries should establish the measures for coping with threatening elements in accordance with the introduction of IoT. In case when security incidents occur, there could be diverse problems such as information leakage, damage to image, monetary loss, and casualty. Thus, this paper suggests a certificate management technique for safe control over access in IoT-based Cloud convergence environment. This thesis designed the device/user registration, message communication protocol, and device renewal/management technique. On top of performing the analysis on safety in accordance with attack technique and vulnerability, in the results of conducting the evaluation of efficiency compared to the existing PKI-based certificate management technique, it showed about 32% decreased value.