• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.445-446
• /
• 2021

Union file system is a technology that can be used as a single file system by integrating various files and directories. It has the advantage of maintaining the source file/directory used for integration, so it is used in many applications like container platform. When using the union file system, the user accesses the write-able layer, to which the security technology provided by the operating system can be applied. However, there is a disadvantage in that it is difficult to apply a separate security technology to the source file and directory used to create the union file system. In this study, we intend to propose an access control mechanism to deny security threats to source file/directory that may occur when using the union file system. In order to verify the effectiveness of the access control mechanism, it was confirmed that the access control mechanism proposed in this study can protect the source file/directory while maintaining the advantages of the union file system.

• Electronics and Telecommunications Trends
• /
• v.14 no.6 s.60
• /
• pp.51-63
• /
• 1999

IPSEC (Internet Protocol Security) is a network layer security protocol that is designed to support secure TCP/IP environment over the Internet considering flexibility, scalability, and interoperability. IPSEC primarily supports security among hosts rather than users unlike the other security protocols. Recently, IPSEC is emphasized as one of the important security infrastructures in the NGI (Next Generation Internet). It also has suitable features to implement VPN (Virtual Private Network) efficiently and its application areas are expected to grow rapidly. In this paper, the basic concepts and related standard documents of IPSEC will be introduced.

• Convergence Security Journal
• /
• v.13 no.3
• /
• pp.25-31
• /
• 2013

Looking at the recent value change of users and the usage pattern of network users, it is changing from simple web information, one-way information acquisition and data transmission to increase of usage of multimedia, increasing demand for security and customization, and increasing demands for free mobility. Due to this change of demand, the services which were provided individually, developed into a form which is merged, the network also seems to develop into the combined network from the individual network for individual service, and the communication network control technology which is the core technology is also rapidly developing. To reflect the users' demands, the next generation network created the multi-layer network which is based on the WDM/IP transmission system and added the to make it easy to restructure. P-OTS (Packet-Optical Transport System) can be defined as a platform that combines SONET/SDH, Ethernet, DWDM, optical transport network (OTN) switching and reconfigurable optical add-drop multiplexers (ROADMs). In this paper, we suggested that the optimum path choice be performed through diversification of the PCE-based path selection using the information of various layers altogether in the multi-layer environment, compared with the established path selection method when the path was selected using the information of each layers.

• Journal of KIISE:Information Networking
• /
• v.33 no.4
• /
• pp.310-323
• /
• 2006

In this paper, we describe a secure cluster-routing protocol based on a multi-layer scheme in ad hoc networks. We propose efficient protocols, Authentication based on Multi-layer Clustering for Ad hoc Networks (AMCAN), for detailed security threats against ad hoc routing protocols using the selection of the cluster head (CH) and control cluster head (CCH) using a modification of cluster-based routing ARCH and DMAC. This protocol provides scalability of Shadow Key using threshold authentication scheme in ad hoc networks. The proposed protocol comprises an end-to-end authentication protocol that relies on mutual trust between nodes in other clusters. This scheme takes advantage of Shadow Key using threshold authentication key configuration in large ad hoc networks. In experiments, we show security threats against multilayer routing scheme, thereby successfully including, establishment of secure channels, the detection of reply attacks, mutual end-to-end authentication, prevention of node identity fabrication, and the secure distribution of provisional session keys using threshold key configuration.

• Convergence Security Journal
• /
• v.13 no.6
• /
• pp.77-82
• /
• 2013

Looking at the recent value change of users and the usage pattern of network users, it is changing from simple web information, one-way information acquisition and data transmission to increase of usage of multimedia, increasing demand for security and customization, and increasing demands for free mobility. Due to this change of demand, the services which were provided individually, developed into a form which is merged, the network also seems to develop into the combined network from the individual network for individual service, and the communication network control technology which is the core technology is also rapidly developing.. This paper propose three path computation scheme that not only use the resources effectively but also to minimize the information transmissions between the multi-layers in a multi-domain environment. This paper also suggested that the optimum path choice be performed through diversification of the path selection using the information of various layers altogether in the multi-layer environment, compared with the established path selection method when the path was selected using the information of each layers.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.10
• /
• pp.1397-1402
• /
• 2021

The overlay2 file system is one of the union file systems that mounts multiple directories into one. The source directory used for this overlay2 file system mount has a characteristic that it operates independently of the write-able layer after mounting, so it is often used for container platforms for application delivery. However, the overlay2 file system has a security vulnerability that the write-able layer is also modified when file in the source directory is modified. In this study, I proposed the overlay2 file system protection technology to remove the security vulnerabilities of the overlay2 file system. As a result of empirically implementing the proposed overlay2 file system protection technology and verifying the function, the protection technology proposed in this study was verified to be effective. However, since the method proposed in this study is a passive protection method, a follow-up study is needed to automatically protect it at the operating system level.

• Journal of Advanced Technology Convergence
• /
• v.2 no.1
• /
• pp.1-7
• /
• 2023

Recently, there have been increasing interests in researches to apply wireless communication technologies for smart farm. This paper introduces the problems in the smart farm for the outdoor culture and technical considerations to solve the problems. As candidate technologies, this paper selects LoRa, Sigfox, NB-IoT, and Wi-Fi and then determines that LoRa is a suitable technology based on the CAPEX, coverage, transmission rate, battery, and the price. To provide technical analysis, this paper introduces technologies related to the physical and medium access control (MAC) layers as well as the security. Specifically, this paper includes the modulation technology in the physical layer, Class (Class A, B, and C) based protocol operations in MAC layer, and security architecture based on the LoRa version.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1271-1278
• /
• 2020

Deep learning-based profiling side-channel analysis is a powerful analysis method that utilizes the neural network to profile the relationship between the side-channel information and the intermediate value. Since the neural network interprets each point of the signal in a different dimension, jitter makes it much hard that the neural network with dimension-wise weights learns the relationship. This paper shows that replacing the fully-connected layer of the traditional CNN (Convolutional Neural Network) with global average pooling (GAP) allows us to design the inherently robust neural network inherently for jitter. We experimented with the ChipWhisperer-Lite board to demonstrate the proposed method: as a result, the validation accuracy of the CNN with a fully-connected layer was only up to 1.4%; contrastively, the validation accuracy of the CNN with GAP was very high at up to 41.7%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.6
• /
• pp.15-24
• /
• 2006

Recently, the importance of the area efficient implementation of cryptographic algorithm for the portable device is increasing. Previous ARIA(Academy, Research Institute, Agency) implementation styles that usually concentrate upon speed, we not suitable for mobile devices in area and power aspects. Thus in this paper, we present an area efficient AR processor which use 32-bit architecture. Using new implementation technique of diffusion layer, the proposed processor has 11301 gates chip area. For 128-bit master key, the ARIA processor needs 87 clock cycles to generate initial round keys, n8 clock cycles to encrypt, and 256 clock cycles to decrypt a 128-bit block of data. Also the processor supports 192-bit and 256-bit master keys. These performances are 7% in area and 13% in speed improved results from previous cases.

• Korean Security Journal
• /
• no.60
• /
• pp.113-135
• /
• 2019

Despite being one of the most important national facilities, the National Assembly building of the Republic of Korea has become increasingly vulnerable to potential terrorist attacks, and the instances of demonstrations occurring around and banned items taken into the building are continuing to rise. In addition, promoting the idea of "open assembly" has led to increased visitors and weakened access control. Furthermore, while there is a significant symbolic value attached to attacking the National Assembly building, the level of security management is relatively very low, making it a suitable target for terrorism. In order to address such vulnerability, an appropriate access control system should be in place from the areas surrounding the building. However, the National Assembly Security Service which oversees security around the building is scheduled to disband in June 2020 following the abolition of the conscripted police force in 2023. Therefore, there needs to be an alternative option to bolster the security system outside the facility. In this research, the perceptions of 114 government officials in charge of security at the National Assembly Secretariat toward the protection and security system of the areas surrounding the National Assembly building were examined. Results showed that the respondents believed it was highly likely that risky situations could occur outside the building, and the use of advanced technologies such as intelligent video surveillance, intrusion detection system, and drones was viewed favorably. Moreover, a mid- to long-term plan of establishing a unified three-layer protection system and designating a department in charge of the security outside the building were perceived positively. Lastly, the participants supported the idea of employing private police to replace the National Assembly Security Service for the short term and introducing parliamentary police for the mid- to long-term.