• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.827-838
• /
• 2018

Since 2014, ease of regulations on financial institutions expanded the mobile payment market based on simple authentication, and this resulted in the emergence of various simple payment services. Although several security solutions have been used to mitigate possible security threats to payment applications, there are vulnerabilities which can still be found due to the structure in which the security solution is applied to the payment service. In this paper, we analyze the payment application and security solution from the process perspective, and prove through experimentation that verification functions of security solutions can be bypassed without detailed analysis of each security function, but by simply manipulating the verification result value. Finally, we propose methods to mitigate the bypass method presented in this paper from three different perspectives, and thereby contribute to the improvement of security level of the payment service.

• Proceedings of the KIEE Conference
• /
• 2007.04a
• /
• pp.163-165
• /
• 2007

Recently, the security requirements of the embedded system which were not considered when the embedded system is independently deployed are being increased because the embedded system is connected to an internet. The connection to the internet of embedded system is the meaning that it is exposed to the various kinds of external attack and can be a victim to these attacks in anytime. Particularly, it is trend that the user-related information is stored into the personal terminals and/or electrical appliances such as PDA, home gateway for home network, settop boxes and so on. So it is needed the security mechanism which protects the user information from the malicious accesses. Accordingly, the coverage of the system security is being expanded from the general server to the embedded system. And it is not enough that the embedded system supports only its inherent functions and it becomes the essential element to provide the security function to the embedded system. This paper applies the RBAC(role-based access control) function to the embedded linux OS and tries to strengthen the security of the embedded linux OS. RBAC is implemented as a loadable kernel module with LSM(Linux Security Module) security framework for user's flexibility.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.209-215
• /
• 2020

The environment of the Internet provides an efficient communication of the things which are connected. While internet and online service provide us many valuable benefits, online services offered and accessed remotely through internet also exposes us to many different types of security threats. Most security threats were just related to information leakage and the loss of authentication on client-server environment. In 2016, Ahmed et al. proposed an efficient lightweight remote user authentication protocol. However, Kang et al. show that it's scheme still unstable and inefficient. It cannot resist offline identity guessing attack and cannot provide session key confirmation property. Moreover, there is some risk of biometric information's recognition error. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in device. In addition, our proposed scheme should provide not only security, but also efficiency since we only use hash function and XOR operation.

• Journal of Korea Multimedia Society
• /
• v.10 no.8
• /
• pp.1052-1059
• /
• 2007

Network security system used in the large scale network composes individual security system which protects only own domain. Problems of individual security system are not to protect the backbone network and to be hard to cope with in real-time. In this paper we proposed a security system which includes security function at the router, and the access point, which exist at the backbone network, to solve the problems. This security system sends the alert messages to an integrated security management system after detecting intrusions. The integrated security management system releases confrontation plan to each suity system. Thus the systematic and immediate confrontation is possible. We analyzed function verification and efficiency by using the security system and the integrated security management system suggested in this paper. We confirmed this integrated security management system has a possibility of a systematic and immediate confrontation.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.57 no.4
• /
• pp.567-575
• /
• 2008

Transient security assessment(TSA) is becoming an essential requirement not only for security monitoring but also for stabilizing control of power systems under new electricity environments. It has already been pointed out that fast transient stability study is an important part for monitoring and controlling system security. In this paper, we discuss an energy function method for stabilizing control of transiently unstable systems by introducing generator tripping system to enhance the transient stability of power systems. The stabilization with less tripped power can be obtained by tripping the generators faster than out-of-synchronism relay. Fast transient stability assessment based on the state estimation and direct transient energy function method is an important part of the stabilizing scheme. It is possible to stabilize the transiently unstable system by tripping less generators before the action of out-of-synchronism relay, especially when a group of generator are going to be out-of-synchronism. Moreover, the amount of generator output needed for tripping can be decided by Transient Energy Function(TEF) method. The main contribution of this paper is on the stabilizing scheme which can be running in the Wide Area Control System.

• Journal of Korea Multimedia Society
• /
• v.18 no.5
• /
• pp.631-640
• /
• 2015

Recently CCTV system is installed widely purpose to enhanced physical security, gathering criminal evidence and management of facilities. In spite of supporting strong management function, CCTV system has weak security function. Therefore high security management function is required. Generally it's not easy to control the devices under NAT using a NMS(Network Management System). So we design and implement alive check algorithm of CCTV devices under NAT using DVRNS address resolution and TCP session check. We evaluated and analyzed of developed system on real environment which includes about 100 DVRs under NAT. As a result of test, it showed that device alive check and DVRNS address resolution were well performed without any error.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.4
• /
• pp.2237-2253
• /
• 2017

For the existing security problem based on Fuzzy Vault algorithm, we propose a cancelable fingerprint template encryption scheme in this paper. The main idea is to firstly construct an irreversible transformation function, and then apply the function to transform the original template and template information is stored after conversion. Experimental results show it effectively prevents the attack from fingerprint template data and improves security of the system by using minutiae descriptor to encrypt abscissa of the vault. The experiment uses public FVC2004 fingerprint database to test, result shows that although the recognition rate of the proposed algorithm is slightly lower than the original program, but the improved algorithm security and complexity are better, and therefore the proposed algorithm is feasible in general.

• Convergence Security Journal
• /
• v.6 no.4
• /
• pp.1-9
• /
• 2006

With role-based access control, access decisions are based on the roles that individual users have as part of an organization. In this paper, we propose a new RBAC model that a user delegate a permission to another user with function-unit for practical organization. A function-unit delegation is more safe than existing delegations on RBAC model. And FuRBAC model has a authentication to supervise security problems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.6
• /
• pp.105-110
• /
• 2005

The linearized polynomial fan be regarded as a generalization of the identity function so that the inverse of the linearized polynomial is a generalization of e inverse function. Since the inverse function has so many good cryptographic properties, the inverse of the linearized polynomial is also a candidate of good Boolean functions. In particular, a construction method of vector resilient functions with high algebraic degree was proposed at Crypto 2001. But the analysis about the algebraic degree of the inverse of the linearized Polynomial. Hence we correct the inexact result and give the exact maximal algebraic degree.

• Journal of information and communication convergence engineering
• /
• v.22 no.2
• /
• pp.98-108
• /
• 2024

Scrypt is a password-based key derivation function proposed by Colin Percival in 2009 that has a memory-hard structure. Scrypt has been intentionally designed with a memory-intensive structure to make password cracking using ASICs, GPUs, and similar hardware more difficult. However, in this study, we thoroughly analyzed the operation of Scrypt and proposed strategies to maximize computational parallelism in GPU environments. Through these optimizations, we achieved an outstanding performance improvement of 8284.4% compared with traditional CPU-based Scrypt computations. Moreover, the GPU-optimized implementation presented in this paper outperforms the simple GPU-based Scrypt processing by a significant margin, providing a performance improvement of 204.84% in the RTX3090. These results demonstrate the effectiveness of our proposed approach in harnessing the computational power of GPUs and achieving remarkable performance gains in Scrypt calculations. Our proposed implementation is the first GPU implementation of Scrypt, demonstrating the ability to efficiently crack Scrypt.