• Journal of Digital Convergence
• /
• v.15 no.10
• /
• pp.253-260
• /
• 2017

Authenticated key agreement in multi-server environments is one of very important security issues because only authorized user needs to access their data and services. To support this issue, numerous schemes have been proposed over recent years. Recently, Shin showed the security weaknesses in the previous scheme and proposed an improved scheme called SIAKAS to solve them. Unfortunately, this paper shows that SIAKAS is still weak against application server impersonation attack and could be traceable to attackers. To solve the problems in SIAKAS, we propose an untraceable authenticated key agreement scheme, denoted by UAKAS. UAKAS efficiently solves security and privacy issues in SIAKAS and the related schemes and could reduce the operation overhead at least 12% compared to them.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.4
• /
• pp.13-26
• /
• 2006

RFID technology is evaluated as one of core technologies for ubiquitous environment, because of its various characteristics which barcode systems don't have. However, RFID systems have consumer's privacy infringement problems, such like information leakage and location tracing. We need RFID privacy protection protocols, that satisfy three essential security requirements; confidentiality, indistinguishability and forward security, in order to protect consumer's privacy perfectly. The most secure protocol, that satisfies all of the three essential security requirements, among existing protocols, is the hash-chain based protocol that Ohkubo proposed. Unfortunately this protocol has a big disadvantage that it takes very long time to identify a tag in the back-end server. In this paper, we propose a scheme to keep security just as it is and to reduce computation time for identifying a tag in back-end server. The proposed scheme shows the results that the identification time in back-end server is reduced considerably compared to the original scheme of Ohkubo protocol.

• Convergence Security Journal
• /
• v.8 no.4
• /
• pp.199-207
• /
• 2008

Web service has many security weekness because it is exposure to outside and connected with various application. Especially, as new technology developed new type of security weakness has occured consistently. In this paper, we construct webserver and honeyweb by using virtual reality on a basis these weakness. So it cannot be influenced by any attack to the hardware of the system. By using honey web, it disigned and embodied web server secutiry system to collect the data about new attack. Through this, it can provide proper secutiry in a web environment of mutual communication.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.61-72
• /
• 2009

To guarantee security between the tag and back-end server and implementation efficiency in low power tag, we propose two typed mutual authentication protocols in RFID system. One is static-ID authentication scheme which is well suitable in distributed server environments. The other is dynamic-ID scheme which is additively satisfied forward security. In proposed scheme, it does not need any random number generator in tag and requires only one(maximally three) hash operation(s) in tag or server to authenticate each other. Furthermore, we implement the proposed schemes in RFID smart card system and verify its normal operations.

• The Journal of the Korea Contents Association
• /
• v.22 no.2
• /
• pp.71-79
• /
• 2022

Currently, even if control and mock hacking are performed for the security of web servers, vulnerabilities continue to occur and be hacked. To solve this problem, we have developed a secure web server that can control all web communication using sockets between L4 and L5. And when giving HTTP responses, we proposed a method of combining files and headers in advance. As a result, both security and speed could be improved. Therefore, in this paper, we proposed the reason why vulnerabilities occur even if control and mock hacking occur, a solution to it, and a security web server development method that can maintain security up to DB.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1465-1475
• /
• 2015

Cheating detection models in the online games can be divided into two parts. The one is on client based model, which is designed to detect malicious programs not to be run while playing the games. The other one is server based model, which distinguishes the difference between benign users and cheaters by the server log analysis. The client based model provides various features to prevent games from cheating, For instance, Anti-reversing, memory manipulation and so on. However, being deployed and operated on the client side is a huge weak point as cheaters can analyze and bypass the detection features. That Is why the server based model is an emerging way to detect cheating users in online games. But the simple log data such as FPS's one can be hard to find validate difference between two of them. In this paper, In order to compensate for the disadvantages of the two detection model above, We use the existing game security solution log as well as the server one to bring high performance as well as detection ratio compared to the existing detection models in the market.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.11b
• /
• pp.1313-1316
• /
• 2003

최근에 공공장소에서의 보다 안정적이고 고속의 무선 인터넷 접속에 대한 욕구가 커지면서 무선랜에 대한 수요가 많아지고 있고, 유무선 사업자들은 무선랜 시장을 선점하기 위해서 서비스를 서두르고 있다. 이와 같은 무선랜환경에서 안전하게 사용자를 인증하고 서비스를 제공하기 위한 AAA 프로토콜로 Diameter Protocol 표준이 정의되었다. 이와 같은 Diameter base Protocol 표준의 관리를 위한 MIB 구조가 Diameter Base MIB에 정의되어 있다. 본 논문에서는 무선단말 사용자를 인증시켜 주고 무선랜서비스를 허가해주는 Diameter Server 를 관리하기 위한 관리 시스템을 위의 MIB 을 기준으로 해서 설계하고 구현하였다.

• International Journal of Computer Science & Network Security
• /
• v.22 no.1
• /
• pp.97-104
• /
• 2022

In recent years, data privacy has become increasingly important. The goal of network cryptography is to protect data while it is being transmitted over the internet or a network. Social media and smartphone apps collect a lot of personal data which if exposed, might be damaging to privacy. As a result, sensitive data is exposed and data is shared without the data owner's consent. Personal Information is one of the concerns in data privacy. Protecting user data and sensitive information is the first step to keeping user data private. Many applications user data can be found on other websites. In this paper, we discuss the issue of privacy and suggest a mechanism for keeping user data hidden in other applications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.4
• /
• pp.661-670
• /
• 2023

With the emergence of serverless computing paradigm and the innovations of cloud technology, the structure of backend server infrastructure has evolved from on-premises to container-based serverless computing. However, an access control on the server still heavily relies on the traditional SSH protocol, which poses limitations in terms of security and scalability. This hampers user convenience and productivity in managing server infrastructure. A web shell is an interface that allows easy access to servers and execution of commands from any device with a web browser. While hackers often use it to exploit vulnerabilities in servers, we pay attention to the high portability of web shell technology for server management. This study proposes a novel proxy-based server management framework utilizing web shell technology. Our evaluation demonstrates that the proposed framework addresses the drawbacks of SSH without additional overhead, and efficiently operates large-scale infrastructures in diverse computing environments.

• Journal of KIISE:Software and Applications
• /
• v.32 no.12
• /
• pp.1238-1246
• /
• 2005

This thesis is written with web security module for safe data transmission between heterogeneous systems(ex. OS). Web system has allowed users to have great convenience and a lot of information. Though web service business has been progressed much, because of the limitation of it's own system, lots of loss, derived from data spillage which is the weakest point of security, has also followed. Suggested security module is realized by two module. One for server security module for web server, the other is client security module for client. The security structure, suggested on this thesis guarantee safe data transmission by only simple installation of modules in clients and servers. for speed sensitive transmission between web server and browser, Triple-DES, symmetric encryption system suitable for fast encryption communication, is adapted. To solve problems caused from key management, Diffie-Hellman's key exchange algorithm is adapted. By this method, all symmetric encryption troubles from key distribution and management, speed could be work out a solution. And Diffie-Hellman type algorithm secures Authentication for safe data Protection.