• Proceedings of the IEEK Conference
• /
• summer
• /
• pp.355-360
• /
• 2004

With the growing acceptance of XML technologies, XML will be the most common tool for all data manipulation and data transmission. Meeting security requirements for privacy, confidentiality and integrity is essential in order to move business online and it is important for security to be integrated with XML solutions. Many policies require certain conditions to be satisfied and actions to be performed before or after a decision is made. Binary yes/no decision to an access request is not enough for many applications. These issues were addressed and formalized as provisions and obligations by Betti et Al. In this paper, we propose an authorization model with provisions and obligations in XML. We introduce a formal definition of authorization policy and the issues involving obligation discussed by Betti et Al. We use the formal model as a basis to develop an authorization model in XML. We develop DTDs in XML for main components such as authorization request, authorization policy and authorization decision. We plan to develop an authorization system using the model proposed.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2019.06a
• /
• pp.144-146
• /
• 2019

Recently, according to the rapid development of surveillance information, closed-circuit television (CCTV) has become an indispensable component in security systems. A lot of advanced technologies of encryption and compression are implementing to improve the performance and security levels of the CCTV system. Especially, 360 video CCTV streaming is promising for surveillance without blind areas. However, compared to previous systems, 360 CCTV requires large bandwidth and low latency. Therefore, it requires more efficiently effort to improve the CCTV system performance. In order to meet the demands of 360 CCTV streaming, transcoding is an essential process to enhance the current CCTV system. Moreover, encryption algorithm is also an important priority in security system. In this paper, we propose a real-time transcoding solution in combination with the ARIA and AES algorithms. Experimental results prove that the proposed method has achieved around 195% speed up transcoding compared to FFMPEG libx265 method. Furthermore, the proposed system can handle multiple transcoding sessions simultaneously at high performance for both live 360 CCTV system and existing CCTV system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1436-1457
• /
• 2018

Secure routing services in Wireless Sensor Networks (WSNs) are essential, especially in mission critical fields such as the military and in medical applications. Additionally, they play a vital role in the current and future Internet of Things (IoT) services. Lightness and efficiency of a routing protocol are not the only requirements that guarantee success; security assurance also needs to be enforced. This paper proposes a Secure-Fuzzy Energy Aware Routing Protocol (S-FEAR) for WSNs. S-FEAR applies a security model to an existing energy efficient FEAR protocol. As part of this research, the S-FEAR protocol has been analyzed in terms of the communication and processing costs associated with building and applying this model, regardless of the security techniques used. Moreover, the Qualnet network simulator was used to implement both FEAR and S-FEAR after carefully selecting the following security techniques to achieve both authentication and data integrity: the Cipher Block Chaining-Message Authentication Code (CBC-MAC) and the Elliptic Curve Digital Signature Algorithm (ECDSA). The performance of both protocols was assessed in terms of complexity and energy consumption. The results reveal that achieving authentication and data integrity successfully excluded all attackers from the network topology regardless of the percentage of attackers. Consequently, the constructed topology is secure and thus, safe data transmission over the network is ensured. Simulation results show that using CBC-MAC for example, costs 0.00064% of network energy while ECDSA costs about 0.0091%. On the other hand, attacks cost the network about 4.7 times the cost of applying these techniques.

• Journal of Digital Contents Society
• /
• v.11 no.3
• /
• pp.331-339
• /
• 2010

On intranet system, it is essential element for providing information to decrease response time. To realize this efficiencies of response time of the network, a lot of research have been conducted. The purpose of the research and implementation is to shorten the response time of information system. We can realize final goal of information system through fast response time. This final goal of information system is to secure the performance efficiency within the required time. In order to acquire the method of warranty of fast response time, the efficient measurement method is essential. This research suggests a latency test techniques being used on infrastructure system and also offers a response time measurement methodology. Methodology proposed in this research has proven that it is possible to measure response time through the scheduled method. Also it is possible to develop a enhanced networking capabilities, and information system capabilities for the development of information system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.279-286
• /
• 2013

The recent power shortages due to surge in demand for electricity highlights the importance of smart grid technologies for efficient use of power. The experimental content for vulnerability against availability of smart meter, an essential component in smart grid networks, has been reported. Designing availability protection mechanism to boost the realization possibilities of the secure smart grid is essential. In this paper, we propose a mechanism to detect the availability infringement attack for smart meter and also to find anomaly nodes through analyzing smart grid structure and traffic patterns. The proposed detection mechanism uses approximate entropy technique to decrease the detection load and increase the detection rate with few samples and utilizes the signal information(CIR or RSSI, etc.) that the anomaly node can not be changed to find the anomaly nodes. Finally simulation results of proposed method show that the detection performance and the feasibility.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.17 no.4
• /
• pp.695-702
• /
• 2022

Smart railway system, which has been actively studied in recent years, is entering the intelligent stage beyond the automation stage based on ICT (Information & Communication Technology) such as communication technology and information technology. ICT technology used in smart railways is generally supported by various information protection technologies as it is vulnerable to information infringement. As a means of high-speed/mass transportation, it is essential to devise an information protection plan for ICT technology that forms the basis for smartening the railway system. Therefore, this paper presents the necessity of step-by-step information protection that measures for smart railway communication by examining potential risk factors of smart railway communication base and considering information protection factors that can respond to them.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.2
• /
• pp.322-332
• /
• 2017

Wireless Body Area Networks is an environment that provides an appropriate service remotely by collecting user's biometric information. With the growing importance of sensor, WBAN also attracts extensive attention. Since WBAN is representatively used in the medical field, it can be directly related to the patient's life. Hence security is very important in WBAN. Mutual authentication between the client and the application provider is essential. And efficiency is also important because a used device is limited to computation cost. In this reason, ID-based anonymous authentication scheme in WBAN has been intensively studied. We show that the recent research result of Wu et al. which is about the ID-based anonymous authentication scheme is vulnerable to impersonation attack. And we propose a new ID-based anonymous authentication scheme that is secure against the attacks discovered in the existing schemes. Compared to the existing schemes, the computation cost of our scheme is improved by 30.6% and 7.3%.

• Journal of National Security and Military Science
• /
• s.1
• /
• pp.345-360
• /
• 2003

To build an information oriented armed forces, the Korean military telecommunication networks adopt TCP/IP standard communication infrastructures based on ATM packet switched networks. Utilizing this network infrastructure, the Korean armed forces also applies to the areas of battleship management for efficient operation command controls and resource management for efficient resource allocations. In this military communication networks, it is essential to determine the least cost network topology under equal performance and reliability constraints. Basically, this type of communication network design problem is known in the literature as an NP Hard problem. As the number of network node increases, it is very hard to obtain an optimal solution in polynomial time. Therefore, it is reasonable to use a heuristic algorithm which provides a good solution with minimal computational efforts. In this study, we developed a simulated annealing based heuristic algorithm which can be utilized for the design of military communication networks. The developed algorithm provides a good packet switched network topology which satisfies a given set of performance and reliability constraints with reasonable computation times.

• Journal of Information Processing Systems
• /
• v.5 no.1
• /
• pp.25-32
• /
• 2009

It is absolutely essential to implement advanced IP network technologies such as QoS, Multicast, High Availability, and Security in order to provide real-time services like IPTV via IP backbone network. In reality, the existing commercial networks of internet service providers are subject to certain technical difficulties and limitations in embodying those technologies. On-going research efforts involve the experimental engineering works and implementation experience to trigger IPTV service on the premium-level IP backbone which has recently been developed. This paper introduces the core network technologies that will enable the deployment of a high-quality IPTV service, and then proposes a suitable methodology for application and deployment policies on each technology to lead the establishment and globalization of the IPTV service.

• Journal of Convergence Society for SMB
• /
• v.4 no.4
• /
• pp.25-29
• /
• 2014

Security is a primary concern in group communication, and secure authentication is essential to establishing a secure group communication. Most conventional authentications consist of knowledge-based and token-based methods. One of the token-based methods is a X.509 certificate, which is used under a Public Key Infrastructure (PKI); it is the most well-known authentication system in a distributed network environment. However, it has a well-known weakness, which only proves the belonging of a certificate. PKI cannot assure identity of a person. The conventional knowledge-based and token-based methods do not really provide positive personal identification because they rely on surrogate representations of the person's identity. Therefore, I propose a secure X.509 certificate with biometric information to assure the identity of the person who uses the X.509 certificate in a distributed computing environment.