• The KIPS Transactions:PartC
• /
• v.8C no.6
• /
• pp.741-756
• /
• 2001

With the development of computer systems, there has been a sharp increase in the threats on these systems including attacks by malicious programs such as virus, vandal, etc. Currently virus vaccines are widely used to thwart these threats, but they have many weaknesses. They cannot guard against unknown threats and sometimes, they also cannot detect the existence of malicious programs before these malicious programs make any destructive results. For lack of an efficient security model, the existing security programs have the problem that they raise many false-positive alarms in spite of normal action. So it becomes very important to develop the improved security program that can make up for the weakness of the existing computer security program and can detect many threats of malicious programs as early as possible. In this paper we describe the design of an improved security model and the implementation of a security program that can filter and handle the threats on computer systems at the kernel level in real time.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.4
• /
• pp.43-53
• /
• 2015

Password-based authentication schemes for server-client system are convenient to use, but vulnerable to dictionary attack or brute-force attack. To solve this vulnerability, Cryptographic secret key is used for security, but difficult to memorize. So, for the first time, Das proposed a biometric-based authentication scheme to solve various problems but it has various vulnerabilities. Afterwards, Jiping et al. improved Das's scheme, but some vulnerabilities remain. In this paper, we analyze the cryptanalysis of Jiping et al.'s authentication scheme and then propose improved biometric based user authentication scheme to resolve the analyzed problem. Moreover, we conduct a security analysis for the proposed scheme and make a comparison between the proposed scheme and other biometric based user authentications.

• The KIPS Transactions:PartC
• /
• v.8C no.5
• /
• pp.557-564
• /
• 2001

Many people use Linux and FreeBSD because it is freeware and excellent performance. The open source code is very important feature but it also has some problem which may be attacked by hackers frequently. This paper describes the SecuROS of secure operating system that is best solution to this problem and introduces user and programmer interface for active use of secure operating system. Developed secure operating system is composed of the access control method MAC and ACL and conforms to the POSIX which is universally used.

• The KIPS Transactions:PartC
• /
• v.14C no.5
• /
• pp.431-438
• /
• 2007

RFID system is core technology that construct ubiquitous environment for replacement of barcode technology. Use ratio of RFID system rapidly increase because the technology has many good points such as identification speed, storage space, convenience etc. But low-cost tag operates easily by query of reader, so the system happened user privacy violent problem by tag information exposure. The system studied many ways for security application, but operation capability of low-cost tag is about $5K{\sim}10K$ gates, but only $250{\sim}3K$ gates allocated security part. So it is difficult to apply security to the system. Therefore, this scheme uses dividing 64 bits and reduces arithmetic, so proposed scheme provide mutual authentication that can apply to low-cost RFID system. Existing methods divide by 4 and used 96 bits. However, that reduces 32 bits length for lightweight and reduced from communication number of times of 7 times to 5 times. Also, because offer security by random number than existing scheme that generate two random numbers, that is more efficient. However, uses hash function for integrity that was not offered by XOR arithmetic and added extension of proposed scheme. Extended scheme is not offered efficiency than methods that use XOR arithmetic, but identification distance is mode that is proposed secure so that can use in for RFID system.

• The Transactions of the Korean Institute of Electrical Engineers P
• /
• v.67 no.1
• /
• pp.9-14
• /
• 2018

In this paper, we introduce an AES-based security chip for the embedded system of Internet of Things(IoT). We used Verilog HDL to implement the AES algorithm in FPGA. The designed AES module creates 128-bit cipher by encrypting 128-bit plain text and vice versa. RTL simulations are performed to verify the AES function and the theory is compared to the results. An FPGA emulation was also performed with 40 types of test sequences using two Altera DE0-Nano-SoC boards. To evaluate the performance of security algorithms, we compared them with AES implemented by software. The processing cycle per data unit of hardware implementation is 3.9 to 7.7 times faster than software implementation. However, there is a possibility that the processing speed grow slower due to the feature of the hardware design. This can be solved by using a pipelined scheme that divides the propagation delay time or by using an ASIC design method. In addition to the AES algorithm designed in this paper, various algorithms such as IPSec can be implemented in hardware. If hardware IP design is set in advance, future IoT applications will be able to improve security strength without time difficulties.

• Journal of Families and Better Life
• /
• v.31 no.6
• /
• pp.39-51
• /
• 2013

Because of the increasing demand for day care centers, The Korean government has enforced childcare accreditation. The government has created the evaluation certification system for child care facilities. But the system includes variable items, and the physical rules are not sufficient for ensuring security and quality amenities. So this study, through literature search, examined the rules of Child Care Centers in the U.S. and compared them with those in Korea focusing on the provision of security and amenities. The standards found in 4 U.S. states were investigated, and the results are as follows. The rule pertaining to the size of indoor activity spaces in C.C.C. allows the spaces to be smaller in Korea than in the U.S. There is no specific criterion for infants and toddlers in our standard. When comparing the standards of Korea with those of the United States, Korea's standards do not state specific rules about child care facilities such as indoor furniture, finishes and space planning. Additionally, the binding force ensuring compliance with the standards of physical facilities is weak. Thus, the ratings of child care standards for the physical environment should be presented in detail. And if a center does not comply with the criteria, stronger penalties will have to be imposed.

• The KIPS Transactions:PartC
• /
• v.16C no.3
• /
• pp.357-362
• /
• 2009

Summation generator can be easily made as a simple hardware or software and it's period and linear complexity are very high. So it is appropriate to mobile security system for ubiquitous environment. But it showed us the weakness by Golic's correlation attack and Meier's fast correlation attack. In this paper, we proposed a Nonlinear Summation Generator(NSG), which is improved by using LFSR and NFSR(nonlinear feedback shift register), is different from $E_0$ algorithm which use only LFSR in summation generator. It enhanced nonlinearity and is hard to decipher even though the correlation attack or fast correlation attack. We also analyzed the security aspects and the performances for the proposed algorithm.

• Convergence Security Journal
• /
• v.6 no.4
• /
• pp.101-112
• /
• 2006

It will not be able to guarantee the secure operation for the information and communication systems with only technical security. So, ISMS(Information Security Management System) research and standardization are active going on. Korea published "The national cyber security management regulation" and "The national cyber security manual" in 2005. According to the regulation and manual, the government organ and public institution must accomplish the security management assessment to itself for systematic management of an information security. We studied related standards and security management systems of the Australia and the USA, and analyzed the security management evaluation system in "The national cyber security manual" in efficient security management focus. We presented the improvement direction of national security evaluation system through the research. We propose the additional control, selective control set and improvement of the evaluation process for efficient security management. Proposed system possible composition of suitable to each organ and flexible adaptation of rapidly changed information environment.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.6A
• /
• pp.640-647
• /
• 2006

This paper describes a design of AES-based CCMP(Counter mode with CBC-MAC Protocol) core for IEEE 802.11i wireless LAN security. To maximize the performance of CCMP core, two AES cores are used, one is the counter mode for data confidentiality and the other is the CBC node for authentication and data integrity. The S-box that requires the largest hardware in ARS core is implemented using composite field arithmetic, and the gate count is reduced by about 27% compared with conventional LUT(Lookup Table)-based design. The CCMP core was verified using Excalibur SoC kit, and a MPW chip is fabricated using a 0.35-um CMOS standard cell technology. The test results show that all the function of the fabricated chip works correctly. The CCMP processor has 17,000 gates, and the estimated throughput is about 353-Mbps at 116-MHz@3.3V, satisfying 54-Mbps data rate of the IEEE 802.11a and 802.11g specifications.

• The KIPS Transactions:PartC
• /
• v.12C no.4 s.100
• /
• pp.481-488
• /
• 2005

The Mobile W provides an efficient and scalable mechanism for host mobility within the Internet. However, the mobility implies higher security risks than static operations in fixed networks. In this paper, the Mobile IP has been adapted to allow AAA protocol that supports authentication, authorization, and accounting(AAA) for security and collection for accounting information of network usage by mobile nodes(MNs). For this goal, we Propose the boundary tone overlapped network structure while solidifying the security for the authentication of an MN. That is, the Proposed scheme delivers the session keys at the wired link for MN's security instead of the wireless one, so that it provides a fast and seamless handoff mechanism. According to the analysis of modeling result, the proposed mechanism compared to the existing session key reuse method is up to about $40\%$ better in terms of normalized surcharge for the handoff failure rate that considers handoff total time.