• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.7
• /
• pp.3678-3698
• /
• 2017

With the rapid development of vehicular ad hoc Network (VANET), it has gained significant popularity and received increasing attentions from both academics and industry communities in aspects of security and efficiency. To address the security and efficiency issues, a self-authentication and deniable efficient group key agreement protocol is proposed in this paper. The scheme establishes a group between road side units (RSUs) and vehicles by using self-authentication without certification authority, and improves certification efficiency by using group key (GK) transmission method. At the same time, to avoid the attacker attacking the legal vehicle by RSUs, we adopt deniable group key agreement method to negotiation session key (sk) and use it to transmit GK between RSUs. In addition, vehicles not only broadcast messages to other vehicles, but also communicate with other members in the same group. Therefore, group communication is necessary in VANET. Finally, the performance analysis shows superiority of our scheme in security problems, meanwhile the verification delay, transmission overheard and message delay get significant improvement than other related schemes.

• International Journal of Computer Science & Network Security
• /
• v.24 no.4
• /
• pp.11-25
• /
• 2024

The proliferation of IoT devices has presented an unprecedented challenge in managing device identities securely and efficiently. In this paper, we introduce an innovative Hybrid Blockchain-Based Approach for IoT Identity Management that prioritizes both security and efficiency. Our hybrid solution, strategically combines the advantages of direct and indirect connections, yielding exceptional performance. This approach delivers reduced latency, optimized network utilization, and energy efficiency by leveraging local cluster interactions for routine tasks while resorting to indirect blockchain connections for critical processes. This paper presents a comprehensive solution to the complex challenges associated with IoT identity management. Our Hybrid Blockchain-Based Approach sets a new benchmark for secure and efficient identity management within IoT ecosystems, arising from the synergy between direct and indirect connections. This serves as a foundational framework for future endeavors, including optimization strategies, scalability enhancements, and the integration of advanced encryption methodologies. In conclusion, this paper underscores the importance of tailored strategies in shaping the future of IoT identity management through innovative blockchain integration.

• Korean Security Journal
• /
• no.20
• /
• pp.119-140
• /
• 2009

It seems that security police's business to secure safety of state and citizens has existed since the mankind began to create a community. State was not fully responsible for such security business from the beginning. The business was carried out autonomously by the private sector for a long period. However, as the state system had been strengthened, the public sector absorbed the function. But in the modern society where various risks exist, safety of society could not be guaranteed only by public police. Accordingly, cooperation with the private sector is indispensable. In the limit of public police, autonomous organization of security companies and general citizens is expanding its scope. As a result, they should exercise partnership as a tripod to build social safety net. Security police failed to secure manpower exclusively responsible for security, despite various businesses and excessive mobilization. Accordingly, their professionalism and ability to cope with crisis are being questioned. In particular, efficiency of security police is becoming a more urgent issue in an era of international terrorism. Private sector can be classified into security companies and private autonomous organization. In case of security companies, the problem is quality and business ability of guards compared to a rapid external growth such as quantitative expansion and advancement into various businesses. In terms of pure private activity, the necessity of understanding of public police activity and conditions for organizational and continuous activity should be prepared. To tide over such problems and effectively achieve the common goal, changes in the method of employment, new establishment of security police department, and strengthening of professionalism and crisis management ability are necessary in the public police sector. In case of security companies, improvement of relations with public police through joint education, strengthening of business ability and activation of business cooperation through these matters are necessary. To maximize activity of pure private sector, it needs to establish reserve police, manage such private autonomous organization and bolster publicity with citizens.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.993-999
• /
• 2015

OTP(One time password) is widely used as an authentication method for financial and other security-sensitive transactions. OTP provides strong security since each password is used only one time while normal password-based authentications use passwords as long term secrets. However, OTP-based authentications relatively lack usability since they require users to hold an OTP card or generator. To overcome such a problem, smartphones start replacing OTP cards and such a method is called smart OTP. However, smart OTP inherits security vulnerabilities that smartphones have. In this paper, we propose a smart OTP authentication based on an extremely light authentication protocol called HB+. HB+ protocol is developed for low-cost devices and has small communication and computation costs. We present our solution and discuss its security, efficiency and practicality. Our contribution is providing a method to securely use smart OTP without losing its efficiency and usability.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.83-94
• /
• 2015

Deduplication, which is a technique of eliminating redundant data by storing only a single copy of each data, provides clients and a cloud server with efficiency for managing stored data. Since the data is saved in untrusted public cloud server, however, both invasion of data privacy and data loss can be occurred. Over recent years, although many studies have been proposed secure deduplication schemes, there still remains both the security problems causing serious damages and inefficiency. In this paper, we propose secure and efficient client-side deduplication with Key-server based on Bellare et. al's scheme and challenge-response method. Furthermore, we point out potential risks of client-side deduplication and show that our scheme is secure against various attacks and provides high efficiency for uploading big size of data.

• KEPCO Journal on Electric Power and Energy
• /
• v.3 no.2
• /
• pp.73-78
• /
• 2017

Recently, a number of foreign electric power companies including domestic Korea Electric Power Corporation (KEPCO) have actively engaged in the construction of a power grid with the concept of a smart grid. The Smart grid is a technology that increases the efficiency of the power by converging the information network with the power grid. It can maximize the energy efficiency through the two-way communication between the utility and the consumer. However, as the power grid converges with the information and communication network, security threats are increasing more than existing power grids. Due to the nature of the power grid, the damage caused by security threats is not only personal privacy but also economic loss of society. So smart grid becomes the target of hackers. In this paper, we discuss security vulnerabilities of Advanced Metering Infrastructure (AMI), which is a core technology of smart grid construction, and the corresponding security technologies to prevent security damage of smart grid.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.4C
• /
• pp.197-206
• /
• 2011

In the RFID system, bulk tag information is stored into the back-end database as plaintext format not ciphertext. In this case, the tags's private informations can be easily compromised by an external hacker or an insider attacker. If the private informations of tags disclosed by the attackers, it can occur serious privacy invasion problem. Recently the database(DB) security is an important issue to prevent the above DB compromised attack. However, DB security for RFID systeme has not been considered yet. If we use the DB security technique into the RFID system, the above described privacy invasion' problem can be easily prevented. Based on this motivation, this paper proposes a secure and efficient back-end database security and authentication(S-DB) scheme with XOR-based encryption/decryption algorithm. In the proposed scheme, all tag's private information is encrypted and stored by using the DB secret key to protect the DB compromised attack. As a result, the proposed S-DB scheme 'can provide stronger security and more efficiency for the secure RFID system environment.

• Journal of Advanced Navigation Technology
• /
• v.25 no.6
• /
• pp.492-497
• /
• 2021

Smart Security is the global initiative of Airports Council International in collaboration with airports, airlines and governmental agencies. Its main objective is to create a step change in passenger and cabin baggage screening, escalating security costs and constantly evolving threats. Incheon International Airport should adopt and deploy smart security systems not only to strengthen aviation security but also increase passenger's experiences and operational efficiency by way of seamless security screening that it will lead to establish the best security environment to prevent terrorism and acts of unlawful interference.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.2
• /
• pp.345-350
• /
• 2009

In this paper, it is reviewed vulnerability of security in S-MAC communication protocol of sensor network, and analyzed in the respect of power efficiency, which is consumed at each stage of communication procedure in according to vulnerability of denial of service. Therefore, from research results, it can be induced the need of authentication scheme, which is considered reliability, efficiency and security of normal S-MAC communication.

• International Journal of Computer Science & Network Security
• /
• v.21 no.3
• /
• pp.275-286
• /
• 2021

As a result of the vast amount of data that is geographically found in different locations. Distributed data mining (DDM) has taken a center stage in data mining. The use of mobile agents to enhance efficiency in DDM has gained the attention of industries, commerce and academia because it offers serious suggestions on how to solve inherent problems associated with DDM. In this paper, a novel DDM model has been proposed by using a mobile agent to enhance efficiency. The main idea behind the model is to use the Naive Bayes algorithm to give the mobile agent the ability to learn, compare, get and store the results on it from each server which has different datasets and we found that the accuracy increased roughly by 0.9% which is our main target.