• 한국HCI학회:학술대회논문집
• /
• 2009.02a
• /
• pp.34-39
• /
• 2009

Four-digit PIN(Personal Identification Number) is a well-known user authentication method used for many applications including ATMs and mobile phones. However, it is vulnerable to shoulder surfing attacks(SSAs). In this paper, we present new PIN entry methods which are secure against SSA and easy to use. We compare the usability and security of these methods with those of the existing methods.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05b
• /
• pp.1333-1336
• /
• 2003

IMT-2000 상용화를 눈앞에 둔 시점에서 다양한 모바일 서비스들이 성장세를 보임에 따라 무선 인터넷 환경에서의 보안 문제가 큰 이슈로 대두되고 있다. 본 논문에서는 무선 인터넷상의 Data 전송에 쓰이는 보안 솔루션(WAP, ME, 1-Mode)을 비교 분석하며, End-To-End Security 문제를 해결할 수 있는 플렛폼을 제시한다. 제안된 모바일 인증 플렛폼은 표준화된 암호화 패킷을 사용함으로써 보다 높은 보안 수준을 제공하고 기존의 WAP의 WAP Gateway에서의 평문의 내용 유출을 막음으로서, 안전한 모바일 환경을 제공할 수 있는 가능성을 제시한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.10a
• /
• pp.793-796
• /
• 2016

정보통신 기술의 발달로 사물인터넷에 대한 관심이 증가하였다. 사물인터넷의 한 요소인 무선 큰거리 통신 기술에는 WIFi, 블루투스, ZigBee 등이 있다. 이러한 기술들 중 저전력 블루투스는 낮은 전력 소비와 범용성 덕분에 많은 각광을 밭고 있다. BLE(Bluetooth LE)의 한 형태인 비콘은 더욱 저전력이며, 패킷을 전달하는 방식 또한 기존의 블루투스와 차이가 있다. 본 논문에서논 컨텐츠 보안이 필요한 비콘 서비스의 예시로 비콘을 통한 새로운 형태의 음악 음반을 제시하였다. 또한, 그 보안 특성에 맞춰 패킷 이중화, RSSI, Serial Number Binding 등의 기술들을 사용한 보안 방법을 설계 및 구현한 보안 사레에 대하여 서술한다.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.14 no.3
• /
• pp.69-75
• /
• 2018

Recently, various convergence technologies are attracting attention due to the block chain innovation technology in the M2M environment. Although the block-chain-based technology is known to be secure in its own right, there are various problems such as security and weight reduction in various M2M environments connected with this. In this paper, we propose a new lightweight method for the hash tree generation of block chains to solve the lightweight problem. It is designed considering extensibility without affecting the existing block chain. Performance analysis shows that the computation performance increases with decreasing the existing hash length.

• The Journal of the Korea Contents Association
• /
• v.6 no.6
• /
• pp.56-63
• /
• 2006

Key recovery has been the subject of a lot of discussion, of much controversy and of extensive research. Key recovery, however, might be needed at a corporate level, as a form of key management. The basic observation of the present paper is that cryptographic solutions that have been proposed so far completely ignore the communication context. IPSec is a security protocol suite that provides encryption and authentication services for IP messages at the network layer of the Internet. We propose example to provide key recovery capability by adding key recovery information to an IP datagram. It is possible to take advantage of the communication environment in order to design key recovery protocols that are better suited and more efficient.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.10a
• /
• pp.63-65
• /
• 2016

In this paper, smart door-lock system to access public facilities will be proposed. An existed door-lock system using physical door-lock, NFC Tag, and RFID could be replaced by our proposed system. Automatic access control management system with security authentication module enables the worker to access public facilities efficiently.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.789-792
• /
• 2011

RFID(Radio Frequency Identification) 시스템은 비접촉식 무선 인식 기술로 유통 및 물류, 환경, 교통, 보안 분야 등 산업 전반에 걸쳐 다양하게 활용되고 있다. 그러나 태그의 정보가 전송과정에서 무선특성에 따른 과도한 정보 노출과 사용자의 위치정보 추적 등 심각한 프라이버시 침해를 유발시킨다. 본 논문에서는 해쉬된 ID 와 스트림 암호 알고리즘을 이용한 OTP 를 활용하여 리더와 태그간 상호인증을 제공하는 프로토콜을 제안한다. 제안된 프로토콜의 OTP 생성에 사용된 NLM-128 알고리즘은 $2^{128}$ 비도 수준(Security level)을 갖는 스트림 암호로써, 안전성 및 구현 용이성 등의 특징을 가지며 RFID/USN 등의 저전력, 제한된 메모리 및 컴퓨팅 사양에서 적용하기 용이한 알고리즘이다.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.4
• /
• pp.975-983
• /
• 1998

In these days, information communication systems are based on both open distributed computing technologies and object-oriented techniques like inheritance, encapsulation and object reuse to support various system configuration and application. As information systems are interconnected through unsecure networks, the need for the secure information exchange is more critical than before. In this paper, we have designed and implemented a transparent CORBA-basce Security infrastructure with authentication, security context association, access control and security information management to support a secure applications in distributed object environment. SESAME Ver. 4 was adopted as an external security service to manage user privilege attributes and to distribute keys for data encryption, decryption and integrity. Using filter and transformer with an interface to Object Request Broker, it provides a transparent security service to applications. The filter objects are special classes that allow additional parameters to be inserted into messages before they are sent and removed just after they are received. The transformer objects are special classes that allow direct access to the byte stream of every messages for encryption and decryption before it is sent and just after it is received. This study is to implement the access control interceptor(ACI) and the secure invocation interceptor(SII) of secure ORB defined in CORBA using filter and transformer.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.20 no.1
• /
• pp.35-44
• /
• 2020

The growing use of public blockchain-based virtual cryptocurrency calls for secure management of blockchain account information managed through cryptocurrency wallet programs. The previously proposed wallet program has high security in terms of managing an account's private key, but low security in managing an account's recovery phrase. Therefore, in this paper, we propose a safe management system of blockchain account recovery string based on the new user authentication method using the user's mobile device information and OTP technique to overcome the problem of the existing account recovery string management method. It also conducts an analysis of the proposed blockchain account recovery string management system based on the expected behavior scenario.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.11 no.1
• /
• pp.121-128
• /
• 2018

Internet of Things architecture connected to the Internet is a technology. However, Many paper research for the lightweight Protocol of IoT Environment. In these Paper excluded secure problem about protocol. So Light weight Protocol has weakness of secure in IoT environment. All of IoT devices need encryption algorithm and authentication message code for certain level of security. However, IoT environment is difficult to using existing security technology. For this reason, Studies for Lightweight IPsec is essential in IoT environment. For Study of Lightweight IPsec, We analyze existing protocols such as IPsec, 6LoWPAN for IEEE 802.15.4 layer and Lightweight IPsec based 6LoWPAN. The result is to be obtained for the lightweight IPsec protocols for IoT environment. This protocol can compatible with Internet network.