• Journal of Digital Convergence
• /
• v.14 no.10
• /
• pp.295-302
• /
• 2016

Many countries, especially ICT powers, are supporting IoT-based technology at a national level and this technology is actively being researched in the businesses and research institutes in an aim to develop technology and create an ecosystem. Roads in the Seoul city are building public facilities based on IoT to provide various services and conveniences for the users. However, for the full-fledged introduction and development of IoT, there are many cases where infringement on security and privacy and threat for life and safety happen. Also, as the IoT environment includes various environment technologies such as the existing sensor network, heterogeneous communication network, and devices optimized for the IoT environment, it inherits the existing security threat and various attack techniques. This paper researches the attribute based encryption technology for safe communication in the IoT environment. The data collected from the device is transmitted utilizing the attribute based encryption and by designing the key generation protocol, grades and authorities for the device and users are identified to transmit safe messages.

• Journal of Digital Convergence
• /
• v.13 no.4
• /
• pp.175-189
• /
• 2015

As issues of Fintech(Financial technology) emerge, research on electronic banking is growing and garnering much attention in the market. This study analyzed 184 studies on e-banking over 15 years, from 2000 to 2014. Using meta-analysis, the paper draws attentions to the trends in domestic electronic banking studies. Interest peaked in 2008, when 28 papers were published and 35 theses in Information Security and Cryptology were announced. This research focus emphasizes the impact of e-banking services, technology and infrastructure, and laws and regulations on society. Electronic payment systems are a focal point of research on technology and infrastructure. Research on the e-finance market have influenced studies on the financial progress and other social issues. Benefits of this research include a better understanding of the trends in electronic banking studies and its influence on related fields, as well as help electronic banking-related policies and technology research.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.5
• /
• pp.9-17
• /
• 2019

As the IoT environment becomes more popular, the safety of the M2M environment, which establishes the communication environment between objects and objects without human intervention, becomes important. Due to the nature of the wireless communication environment, there is a possibility of exposure to security threats in various aspects such as data exposure, falsification, tampering, deletion and privacy, and secure communication security technology is considered as an important requirement. In this paper, we propose a new method for group key generation and exchange using trap hash collision hash in existing 'M2M communication environment' using hash collision, And a mechanism for confirming the authentication of the device and the gateway after the group key is generated. The proposed method has attack resistance such as spoofing attack, meson attack, and retransmission attack in the group communication section by using the specificity of the collision message and collision hash, and is a technique for proving safety against vulnerability of hash collision.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.5
• /
• pp.3-13
• /
• 2006

As computing devices become ubiquitous and increasingly mobile, it becomes obvious that a synchronous and direct peer-to-peer communication model is not sufficient in distributed computing environment. Using an indirect event service instead of other traditional communication model has an advantage of decreasing the coupling of applications in a distributed environment and removing the need for many static dependencies. In this paper, we design and implement the secure event service for providing secure ubiquitous computing environment. The Secure Event Service implemented enables users to perform content-based event retrieval, and supports only eligible event comsumer and event producer can publish and receive events through the secure event service. SPKI/SDSI certificate is used for supporting authentication and authorization in the secure event service. In order to provide a content-based event retrieval, an asynchronous communication between event producers and consumers, and a disconnectedness support for mobile devices, we modify and expand the Javaspace package.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.5
• /
• pp.9-17
• /
• 2015

The development of wireless communication technology and change in the ICT market has led to the development of the M2M service and technology. Under these circumstances, the M2M environment has been the focus of communication environment construction between machines without control or direct intervention of human being. With characteristics of wireless communication environment, the possibility of being exposed to numerous security threats and safe communication security technology have becoming an issue an important requirements for problems such as data exposure, forgery, modulation, deletion, and privacy. This research analyzes requirements of trapdoor collision hash, generates keys between groups under the M2M environment by using the specificity of trapdoor, and suggests technology to exchange keys with session keys. Further, it also suggests techniques to confirm authentication of device and gateway in accordance with group key generation. The techniques herein suggested are confirmed as safe methods in that they have attack resistance such as Masquerade Attack, Man-in-the-Middle Attack, and Replay Attack in the group communication block by using the speciality of collision message and collision hash.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.4
• /
• pp.141-146
• /
• 2015

Data have been increased enormously due to the development of IT technology such as recent smart equipments, social network services and streaming services. To meet these environments the technologies that can treat mass data have received attention, and the typical one is Hadoop. Hadoop is on the basis of open source, and it has been designed to be used at general purpose computers on the basis of Linux. To initial Hadoop nearly no security was introduced, but as the number of users increased data that need security increased and there appeared new version that introduced Kerberos and Token system in 2009. But in this method there was a problem that only one secret key can be used and access permission to blocks cannot be authenticated to each user, and there were weak points that replay attack and spoofing attack were possible. Hence, to supplement these weak points and to maintain efficiency a protocol on the basis of group key, in which users are authenticated in logical group and then this is reflected to token, is proposed in this paper. The result shows that it has solved the weak points and there is no big overhead in terms of efficiency.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.26 no.1
• /
• pp.82-86
• /
• 2016

This paper proposes a method for the immobilization of motorbike brakes in conjunction with near-field communication (NFC) technology in order to meet the increasing demand for security and convenience of motorbike drivers. We thought about the concept of wireless key, NFC security devices and automatic solenoid valve for setting the lock and unlock module. This paper propose the design and development of an innovative anti-theft alarm system for motorcycles using NFC smart devices based on RFID system, the basis of IoT and AES(advanced encryption standard) encryption Algorithm. The design concept is based on NFC communication strategy between the vehicle and owner. To do this concept, we designed motorcycle smart key system with general-purpose NFC system and the automatic solenoid valve for setting the lock and unlock module. First, we designed control unit and NFC card reader for motorcycle smart key system. Then we propose an AES encryption algorithm and prove that the motorcycle key system is controllable by showing the result of implementing and testing, after installing.

• Journal of IKEEE
• /
• v.27 no.4
• /
• pp.548-555
• /
• 2023

With the advancement of the internet, the use of personal information in online interactions has increased, underscoring the significance of data protection. Breaches of personal data due to unauthorized access can result in psychological and financial damage to individuals, and may even enable wide-ranging societal attacks aimed at those associated with the victims. In response to such threats, there is active research into security measures using blockchain to safeguard personal information. This study proposes a system that uses middleware and IAM (Identity and Access Management) services to protect personal information in a BaaS (Blockchain as a Service) environment where blockchain is provided via the Internet. The middleware operates on servers where IAM roles and policies are applied, authenticates users, and performs access control to allow only legitimate users to access blockchain data existing in the cloud. Additionally, to understand the impact of the proposed personal information protection method on the system, we measure the response time according to the time taken and the number of users under three assumed scenarios, and compare the proposed method and research related to personal information protection using blockchain in terms of security characteristics such as idea, type of blockchain, authentication, and confidentiality.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.7 no.1
• /
• pp.149-157
• /
• 2003

Recently, the Internet enhanced by development of IT makes the processing and exchanging of information, As the Internet is sending and receiving digitized documents over the Internet e-mail system. The security of document information is being threated when exchanging digitized documents over an open network such as the Internet. The degree of threat is even higher when sensitive documents are involved Therefore, in this paper, the secure e-mail system on a client is designed and implemented in order to make secure exchanging of digitized documents. By using the public key infrastructure in which encrypted mail transmission, proof of delivery and integrity of the message are garanted, unauthorized manipulation, illegal acquisition and mutual authentication problem can be prevented in order to secure the document information which is crucial and sensible when exchanging the digitized document over the Internet. Futhenmore, by using the SET protocol based on public key cryptography, the secure mail system is designed and implemented in order for the users not having any professional knowledge to deal with the system easily and friendly in GUI environment.

• 전자공학회논문지 IE
• /
• v.43 no.1
• /
• pp.46-51
• /
• 2006

Recently, smart card system which is known as easy to portable and also safe from physical, electrical, and software attack is observed to manage information that becomes the target of security in safety. And java card graft upon java technology to smart card platform is having very good advantage with object-oriented techniques and also, java card have the open type OS that can show the same action in different hardware characteristic which allows various application programs. In this paper, we introduced independent execution characteristic of java platform because being set to each smart card was uncomfortable till now and we designed access control member card that allows several administrators in different access privilege by single card using java card. Several administrators can approach to various information of file type that is included on issued card to user by using different PIN. In the proposed method, confirmation of personal information, administration contents update, demand by contents, is possible by single card. At this moment, wish to do safer user certification that improve security limitation which is from PIN, used for user certification, and signature data. In the proposed method, as design and implementation of utilization technology of java card, biometrics, user certification which uses multi PIN, provide that more safety and conveniently.