• Journal of Internet Computing and Services
• /
• v.8 no.4
• /
• pp.81-91
• /
• 2007

Binding update for the routing optimization in MIPv6 can make the involved nodes vulnerable to various attacks. Therefore, secure binding update becomes an important research issue in MIPv6, and several protocols have been proposed for this purpose. In this paper, we compare several existing binding update protocols such as RR, SUCV and OMIPv6 and analyze the vulnerability of nodes to the possible attacks and drawbacks of address management and scalability and overhead of encryption operations. Then, we suggest the design requirements for the secure binding update and propose an advanced protocol based on the design principle. Through the analysis, we show that our protocol can achieve a higher level of security against the various attacks and enable better management of address, provide the location privacy and reduce the computational overhead of mobile nodes with constraint computational power.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.5
• /
• pp.1744-1765
• /
• 2014

A client stores data in the cloud and uses remote data checking (RDC) schemes to check the integrity of the data. The client can detect the corruption of the data using RDC schemes. Recently, robust RDC schemes have integrated forward error-correcting codes (FECs) to ensure the integrity of data while enabling dynamic update operations. Thus, minor data corruption can be recovered by FECs, whereas major data corruption can be detected by spot-checking techniques. However, this requires high communication overhead for dynamic update, because a small update may require the client to download an entire file. The Variable Length Constraint Group (VLCG) scheme overcomes this disadvantage by downloading the RS-encoded parity data for update instead of the entire file. Despite this, it needs to download all the parity data for any minor update. In this paper, we propose an improved RDC scheme in which the communication overhead can be reduced by downloading only a part of the parity data for update while simultaneously ensuring the integrity of the data. Efficiency and security analysis show that the proposed scheme enhances efficiency without any security degradation.

• Journal of Information Technology Applications and Management
• /
• v.26 no.3
• /
• pp.135-157
• /
• 2019

Information technology has economic, social and cultural impacts is closely linked to our lives. This information technology is becoming a key to the change of human civilization through connecting people and objects on the earth. In addition, future information technology is becoming more intelligent and personalized with the development of computing technology, and due to the rapid development of alcohol, environment without time and space constraint is realized, Is spreading. Since existing portable storage media are made of physical form, there is a limit to usage due to the risk of loss and limitation of capacity. Cloud services can overcome these limitations. Due to the problems of existing storage media, it is possible to overcome the limitations of storing, managing and reusing information through cloud services. Despite the large number of cloud service users, the existing research has focused mainly on the concept of cloud service and the effect of introduction on the companies. This study aims to conduct a study on individual characteristics that affect the degree of cloud use. We will conduct research on the causes of IT knowledge, personal perception of security, convenience, innovation, economical trust, and platform dependency affecting the intention to use the cloud. These results show that the variables affecting individual 's use of cloud service are influenced by individuals, and this study can be used as a basic data for individuals to use cloud service.

• Convergence Security Journal
• /
• v.10 no.1
• /
• pp.55-61
• /
• 2010

It is of great practical interest to deciding when to stop testing a software system in development phase and transfer it to the user. This decision problem called an optimal release policies. In this paper, because of the possibility of introducing new faults when correcting or modifying the software, we were researched release comparative policies which based on infinite failure NHPP model and types of interval failure times. The policies which minimize a total average software cost of development and maintenance under the constraint of satisfying a software reliability requirement can optimal software release times. In a numerical example, applied data which were patterns, if intensity function constant or increasing, decreasing, estimated software optimal release time.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.3
• /
• pp.55-67
• /
• 2008

The user has to subscribe to the library so that user use the library service. User has to register at that in order to use of the nearby another library. Moreover, service such as the inter-library loan and returning my loan book to other library in which the mutual cooperation between the library is needed necessity. But it services due to the constraint condition because of the administrative or technical problems. In this paper excludes the administrative element. The web service model is forming the cluster based on the mutual cooperation between the technologically adjacent public library and provides the technologically necessary single sign-on (SSO) in order to support the additional service. The single sign-on of the library which is concluded by this model using the security information exchange standard (Security Assertion Markup Language : SAML), it is processed by XML base. In using this model, the loan information is confirmed in the attribution in return service library and the model can utilize for the return of loan book in other library. It designs the single sign-on about it.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.5
• /
• pp.2732-2753
• /
• 2019

With the application of wireless sensor networks in the fields of ecological observation, defense military, architecture and urban management etc., the security problem is becoming more and more serious. Characteristics and constraint conditions of wireless sensor networks such as computing power, storage space and battery have brought huge challenges to protection research. Inspired by the danger theory in biological immune system, this paper proposes an intrusion detection model for wireless sensor networks. The model abstracts expressions of antigens and antibodies in wireless sensor networks, defines meanings and functions of danger signals and danger areas, and expounds the process of intrusion detection based on the danger theory. The model realizes the distributed deployment, and there is no need to arrange an instance at each sensor node. In addition, sensor nodes trigger danger signals according to their own environmental information, and do not need to communicate with other nodes, which saves resources. When danger is perceived, the model acquires the global knowledge through node cooperation, and can perform more accurate real-time intrusion detection. In this paper, the performance of the model is analyzed including complexity and efficiency, and experimental results show that the model has good detection performance and reduces energy consumption.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.3
• /
• pp.33-44
• /
• 2001

E-commerce has various advantages such as saving the cost and no constraint on time and space, unlike real-world commerce. On the other hand, e-commerce has some important issues to solve since the commerce is conducted on the cyberspace. The issues are a mutual confidence of parties participating in the commerce as well as a method of payments. On early days, electronic cash was designed using blind digital signature to protect the personal information from being exposed and to provide the perfect anonymity for user. In this paper, a new blind signature scheme based on Feige-Fiat-Shamir digital signature is proposed, which is very efficient compared with the other schemes in terms of the computational complexity. Also, a traceable Electronic Cash System which is based on the proposed blind digital signature is designed, which has a nice feature of identifying the spender in case of using the money illegally.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.5
• /
• pp.39-48
• /
• 2016

One of the major trends of automotive networking architecture is the introduction of automotive Ethernet. Ethernet is already used in single automotive applications (e.g. to connect high-data-rate sources as video cameras), it is expected that the ongoing standardization at IEEE (IEEE802.3bw - 100BASE-T1, respectively IEEE P802.3bp - 1000BASE-T1) will lead to a much broader adoption in future. Those applications will not be limited to simple point-to-point connections, but may affect Electric/Electronic(EE) Architectures as a whole. It is agreed that IP based traffic via Ethernet could be secured by application of well-established IP security protocols (e.g., IPSec, TLS) combined with additional components like, e.g., automotive firewall or IDS. In the case of safety and real-time related applications on resource constraint devices, the IP based communication is not the favorite option to be used with complicated and performance demanding TLS or IPSec. Those applications will be foreseeable incorporate Layer-2 based communication protocols as, e.g., currently standardized at IEEE[13]. The present paper reflects the state-of-the-art communication concepts with respect to security and identifies architectural challenges and potential solutions for future Ethernet Switch-based EE-Architectures. It also gives an overview and provide insights into the ongoing security relevant standardization activities concerning automotive Ethernet. Furthermore, the properties of non-automotive Ethernet security mechanisms as, e.g., IEEE 802.1AE aka. MACsec or 802.1X Port-based Network Access Control, will be evaluated and the applicability for automotive applications will be assessed.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.5
• /
• pp.1070-1075
• /
• 2013

In this research, we describe a security robot system and ongoing research results to control human's wrong direction in order to forbid human to enter security zone. Proposed robot system surveils a security area with equipped laserscanner sensor usually. When it detect walking human who is for the area, robot calculates his velocity vector, plans own path to forestall and interrupts him who want to head restricted area and starts to move along the estimated trajectory. The walking human is assumed to be a point-object and projected onto an scanning plane to form a geometrical constraint equation that provides position data of the human based on the kinematics of the mobile robot. While moving the robot continues these processes for adapting change of situation. After arriving at an opposite position human's walking direction, the robot advises him not to be headed more and change his course. The experimental results of estimating and tracking of the human in the wrong direction with the mobile robot are presented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.2
• /
• pp.69-80
• /
• 2003

Verifiable encryption is an encryption technique with which one can verify what has been encrypted even if one can not decrypt the ciphertext. This technique can be used in fair exchange to convince the counterpart of his or her receiving an item by presenting an encrypted form in advance. In this paper, a method that can guarantee the payment atomicity is proposed by applying verifiable encryption to an electronic cash system based on the representation problem. With the new method, the process of dispute settlement is improved in the fact that the trusted third party do not have to interact with the bank to resolve disputes. This method is also flexible in a sense that clients and shops can request for dispute settlement regardless of any deadline constraint. However, additional proof is necessary to apply verifiable encryption during payment. We discuss the security and the atomicity of our method, and compare ours with others.