• The KIPS Transactions:PartC
• /
• v.12C no.5 s.101
• /
• pp.623-632
• /
• 2005

In ad-hoc network, there is no fixed infrastructure such as base stations or mobile switching centers. The security of ad-hoc network is more vulnerable than traditional networks because of the basic characteristics of ad-hoc network, and current muting protocols for ad-hoc networks allow many different types of attacks by malicious nodes. Malicious nodes can disrupt the correct functioning of a routing protocol by modifying routing information, by fabricating false routing information and by impersonating other nodes. We propose a routing suity mechanism based on one-time digital signature. In our proposal, we use one-time digital signatures based on one-way hash functions in order to limit or prevent attacks of malicious nodes. For the purpose of generating and keeping a large number of public key sets, we derive multiple sets of the keys from hash chains by repeated hashing of the public key elements in the first set. After that, each node publishes its own public keys, broadcasts routing message including one-time digital signature during route discovery and route setup. This mechanism provides authentication and message integrity and prevents attacks from malicious nodes. Simulation results indicate that our mechanism increases the routing overhead in a highly mobile environment, but provides great security in the route discovery process and increases the network efficiency.

• Journal of the Korea Convergence Society
• /
• v.8 no.8
• /
• pp.41-49
• /
• 2017

The 'NIST Framework and Road Map for Smart Grid Interoperability Standards' proposes an architecture framework to secure the direction of development and standard interoperability of smart grid and provides a list of identified standard, standard cyber security strategies, and certification framework. In particular, SEP 2.0 and OpenADR 2.0 are the examples. SEP 2.0 and OpenADR 2.0 can functionally link HEMS and Smart Grid, but interoperability standards between the two protocols are not planned in above document. The OpenADR Alliance also announced that work is underway to define mapping tables for interoperability between OpenADR 2.0 and SEP 2.0, but no information is yet available. Therefore, In this paper, in developing energy efficiency improvement HEMS, we propose a mapping model that supports syntactic and semantic founded interoperability between SEP 2.0 and OpenADR 2.0b for ICT grid convergence based on the standard specification document of each protocol and confirmed through an example of the semantic mapping function based on the demand response service scenario.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.10
• /
• pp.661-667
• /
• 2018

Recently, the smart home market is growing due to the development of wireless communication technology and sensor devices, and various devices are being utilized. Such an IoT environment collects various vast amount of device information for intelligent services, receives services based on user information, controls various devices, and provides communication between different types of devices. However, with this growth, various security threats are occurring in the smart home environment. In fact, Proofpoint and HP warned about the cases of damage in a smart home environment and the severity of security vulnerabilities, and cases of infringement in various environments were announced. Therefore, in this paper, we have studied secure mutual authentication method between smart nodes used in smart home to solve security problems that may occur in smart home environment. In the case of the proposed thesis, security evaluations are performed using random numbers and frequently updated session keys and secret keys for well-known vulnerabilities that can occur in IoT environments and sensor devices such as sniffing, spoofing, device mutual authentication, And safety. In addition, it is confirmed that it is superior in security and key management through comparison with existing smart home security protocol.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.12
• /
• pp.7292-7301
• /
• 2014

With the development of IT Info-Communications technology, the vehicle with a combination of wireless-communication technology has resulted in significant research into the convergence of the component of existing traffic with information, electronics and communication technology. Intelligent Vehicle Communication is a Machine-to-Machine (M2M) concept of the Vehicle-to-Vehicle. The Vehicle-to-Infrastructure communication consists of safety and the ease of transportation. Security technologies must precede the effective Intelligent Vehicle Communication Structure, unlike the existing internet environment, where high-speed vehicle communication is with the security threats of a wireless communication environment and can receive unusual vehicle messages. In this paper, the Vehicle Identification number between the V2I and the secure message communication protocol was proposed using hash functions and a time stamp, and the validity of the vehicle was assessed. The proposed system was the performance evaluation section compared to the conventional technique at a rate VPKI aspect showed an approximate 44% reduction. The safety, including authentication, confidentiality, and privacy threats, were analyzed.

• Journal of KIISE:Computing Practices and Letters
• /
• v.15 no.10
• /
• pp.752-760
• /
• 2009

Emerging peer-to-peer systems benefit from the large amount of resources provided by many peers. However, many peer-to-peer systems or applications suffer from malicious peers and it is not guaranteed that peers are always online. Micropayment systems are accounting and charging mechanism for buying services, so we can apply them to solve these problems. In the past the majority of micropayment system uses a centralized broker but the problem with most existing micropayment system is a heavy load on the broker. For instance, when an owner of the coin is offline, the broker delegates the owner and handles payment messages. It occurs frequently because of characteristic of peer-to-peer system and is another load of the broker. In this paper we introduce DPay, a peer-to-peer micropayment system that uses distributed hash table (DHT) for storing encrypted payment messages and increases scalability and reduces the load of broker by removing downtime protocol. We show the idea of real-time double spending detection in DPay and report the results of several evaluations in order to compare DPay and other payment scheme. In simulation result, the load of broker in DPay is reduced by 30% on average of other previous payment scheme. We expect that DPay can apply various peer-to-peer systems because it provides a real-time double spending detection and stores more secure payment messages.

• Journal of KIISE:Information Networking
• /
• v.29 no.5
• /
• pp.583-594
• /
• 2002

Assuring the security of group communications such as tole-conference and software distribution requires a common group key be shared among the legal members in a secure manner. Especially for large groups with frequent membership change, efficient rekey mechanism is essential for scalability. One of the most popular ways to provide sealable rekey is to partition the group into several subgroups. In this paper, we propose a two-layered key management scheme which combines DEP and CBT, a protocol in which subgroup manager cannot access the multicast data and another that has a multi-core, respectively. We also select sub-group key management protocols suitable for our structure and design new rekey protocols to exclude the subgroup managers from the multicast data. Compared to previous protocols based on CBT, our scheme provides forward secrecy, backward secrecy and scalability. This would reduce the number of encryption and decryption for a rekey message and would improve the efficiency number of rekey messages and the amount of information related to group members that group managers must maintain compared to DEP.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.49 no.12
• /
• pp.156-163
• /
• 2012

Recently, Information Hiding Technology are becoming increasingly demanding in the field of international security, military and medical image This paper proposes data hiding technique utilizing parity checker for gray level image. many researches have been adopted LSB substitution and XOR operation in the field of steganography for the low complexity, high embedding capacity and high image quality. But, LSB substitution methods are not secure through it's naive mechanism even though it achieves high embedding capacity. Proposed method replaces LSB of each pixel with XOR(between the parity check bit of other 7 MSBs and 1 Secret bit) within one pixel. As a result, stego-image(that is, steganogram) doesn't result in high image degradation. Eavesdropper couldn't easily detect the message embedding. This approach is applying the concept of symmetric-key encryption protocol onto steganography. Furthermore, 1bit of symmetric-key is generated by the self-reference of each pixel. Proposed method provide more 25% embedding rate against existing XOR operation-based methods and show the effect of the reversal rate of LSB about 2% improvement.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.573-586
• /
• 2016

With the adoption of cloud computing, the number of companies that take advantage of cloud computing has increased. Additionally, various of existing service providers have moved their service onto the cloud and provided user with various cloud-based service. The management of user authentication and authorization in cloud-based service technology has become an important issue. This paper introduce a new technique for providing authentication and authorization with other inter-cloud IAM (Identity and Access Management). It is an essential and easy method for data sharing and communication between other cloud users. The proposed system uses the credentials of a user that has already joined an organization who would like to use other cloud services. When users of a cloud provider try to obtain access to the data of another cloud provider, part of credentials from IAM server will be forwarded to the cloud provider. Before the transaction, Access Agreement must be set for granting access to the resource of other Organization. a user can access the resource of other organization based on the control access configuration of the system. Using the above method, we could provide an effective and secure authentication system on the cloud.

• Fire Science and Engineering
• /
• v.34 no.3
• /
• pp.134-140
• /
• 2020

Nuclear power plants (NPPs) in Korea are required to be maintained using a defense in-depth approach to prevent leakage of radioactive substances outside the plant and allow safe shutdown in the event of a fire. Periodic testing must be conducted to ensure that the fire protection facilities perform as required by the laws for various nuclear reactor types. In June 2017, for the first time in Korea, a nuclear plant, Kori Unit 1, was permanently shut down. It was prepared for decommissioning in accordance with the fire protection regulations imposed by the regulatory body. However, a standard protocol is necessary for systematically establishing the fire protection program for decommissioning of NPPs in the future. Therefore, the nuclear legal systems of countries with many operating nuclear power plants, such as the United States, Japan, Canada, and various European countries, were reviewed and guidelines for establishing a fire protection program for decommissioning NPPs was suggested; the fire protection requirements stated by Reg Guide 1.191 (Decommissioning fire protection program for NPPs during decommissioning and permanent shutdown) were used as a model. Suggestions for establishing legal regulations to optimize fire protection programs and secure basic technology for decommissioning NPPs were also made.

• Journal of KIISE:Information Networking
• /
• v.30 no.4
• /
• pp.474-483
• /
• 2003

The secret sharing is the basic concept of the threshold cryptosystem and has an important position in the modern cryptography. At 1995, Jarecki proposed the proactive secret sharing to be a solution of existing the mobile adversary and also proposed the share renewal scheme for (k, n) threshold scheme. For n participants in the protocol, his method needs O($n^2$) modular exponentiation per one participant. It is very high computational cost and is not fit for the scalable cryptosystem. In this paper, we propose the efficient share renewal scheme that need only O(n) modular exponentiation per participant. And we prove our scheme is secure if less that ${\frac}\frac{1}{2}n-1$ adversaries exist and they static adversary.