• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.10
• /
• pp.1873-1879
• /
• 2007

As the mobile terminal which uses P2P service increases and it comes to be applied to many fields, mobile agent technology has been applied to P2P and its innovative services has been offered to various fields. However, free mobility of mobile agent technology works like worm, the problem which is contaminated by malicious attacker's attack quickly has appeared and fundamental solution has not been developed yet. This paper proposes STAS (Security Tracking and Auditing Server) system which can offer verification for security of mobile agent in structured P2P environments. Mobile Agent will send data value to STAS via peer so that STAS can verify secure audit and integrity and Mobile agent initiator will obtain the final value of the data from STAS. It can minimize overload of mobile terminal which is occurred by verification of mobile agent and its accomplishment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.3
• /
• pp.547-554
• /
• 2022

Recently, the field of telemedicine is growing rapidly due to the COVID-19 pandemic. However, the cost of telemedicine services is relatively high, since cloud computing, video conferencing, and cyber security should be considered. Therefore, in this paper, we design and implement a cost-effective P2P-based telemedicine system. It is implemented using the widely used the open source computing platform, Raspberry Pi, and P2P network that frees users from security problems such as the privacy leakage by the central server and DDoS attacks resulting from the server/client architecture and enables trustworthy identifying connection system using SSL protocol. Also it enables users to check the other party's status including body temperature in real time by installing a thermal imaging camera using Raspberry Pi. This allows several medical diagnoses that requires visual aids. The proposed telemedicine system will popularize telemedicine service and meet the ever-increasing demand for telemedicine.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.2
• /
• pp.658-661
• /
• 2005

Internet-based client/server architecture of Contents Delivery System suffers from frequent disconnections and security treats caused by dependency of the server or overload. But, We reached the limit to the increase of the server because a contents quality enhance and Internet user explosively increase. Therefore, a P2P based computing methods are used for sloving these issues. In this paper, We implement and design the Education Content Delivery System for cyber education system using idle Computing Power in P2P computing to share computing resources. We implement not only Internet infrastructure but also satellite infrastructure system, and designed to transfer real-time or non real-time contents.

• The Journal of Information Systems
• /
• v.10 no.2
• /
• pp.103-128
• /
• 2001

At present, the EDI systems are indispensable software in port logistics industry. Currently, a monopolistic VAN/EDI service provider operates the EDI services. The current EDI client software has the 2-tier fat client/server architecture. However, the current EDI software is lack of Web interface and causes lots of cost for maintenance. Therefore, a variety of implementation architecture has been being tried by using script, XML and distributed object-oriented technology. Web/EDI and XML/EDI are the new EDI systems, However, the EDI systems have some limitations such as speed. This study intends to compare the variety implementation architecture for the EDI systems in the users' perspective and explore the strong and weak points of each architecture. We compared the EDI systems based on our experience of more than 2-years of implementation project for the EDI systems of port logistics. We categorized the EDI systems as client application EDI, Web EDI using script, XML/EDI, and 3-tier distributed object-oriented EDI system. We compared them with criteria such as speed, program maintenance, easiness of implementation and usage, security, and load balancing and fail-over. Finally we discuss the direction of optimal EDI system architecture for the future.

• Journal of Internet Computing and Services
• /
• v.15 no.1
• /
• pp.45-53
• /
• 2014

UI-Mashup is widely used as a service method to add value, which is composed of distributed various contents on the internet and has turned out to be one of the latest trends in web application program development. Previous UI-Mashup-related studies have focused primarily on the dynamic service composition and have not been able to adapt to a rapidly changing Web Standard, thusthe end users conclude that UI-Mashups are slow, incompatible and poor security services. In this study, We propose an architecture for the performance improvements of UI-Mashup.In order to provide fast services and security enhancements, the proposed architecture collects UI fragments on the server in parallel, and sends layouts and contents of Mashups UI to the client through a special delivery channel supporting fast reaction and response time. In this study, the implementation and performance tests were proceeded to verify the proposed architecture experimentally. As a result of the performance testing, the proposed architecture has two to three times faster response time and more than four times throughput compared to the previous UI-Mashup technology.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.2B
• /
• pp.296-301
• /
• 2010

Radio frequency identification(RFID) system can identify an object using wireless transmission. RFID applications are numerous and far reaching. The most interesting and widely used applications are supply chain management for companies. Currently, RFID tags must be detached or killed for security and privacy reasons when tagged objects are purchased. In this paper, we present a new architecture that transfers information about products from the electronic product code information services (EPCIS) server of a company to an individual's personal purchases management (PPM) server when products with RFID codes are sold. It solves the security and privacy issues without detaching the tag. Moreover, the PPM server described in this paper allows customers to handle the expiration dates, updates, location management, and group management of products.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.9
• /
• pp.3870-3884
• /
• 2020

The proposed framework of Four Layer Robust Storage in Cloud (FLRSC) architecture involves host server, local host and edge devices in addition to Virtual Machine Monitoring (VMM). The goal is to protect the privacy of stored data at edge devices. The computational intelligence (CI) part of our algorithm distributes blocks of data to three different layers by partially encoded and forwarded for decoding to the next layer using hash and greed Solomon algorithms. VMM monitoring uses snapshot algorithm to detect intrusion. The proposed system is compared with Tiang Wang method to validate efficiency of data transfer with security. Hence, security is proven against the indexed efficiency. It is an important study to integrate communication between local host software and nearer edge devices through different channels by verifying snapshot using lamport mechanism to ensure integrity and security at software level thereby reducing the latency. It also provides thorough knowledge and understanding about data communication at software level with VMM. The performance evaluation and feasibility study of security in FLRSC against three-layered approach is proven over 2³² blocks of data with 98% accuracy. Practical implications and contributions to the growing knowledge base are highlighted along with directions for further research.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.4C
• /
• pp.441-447
• /
• 2004

Information security simulator is required for the study on the cyber intrusion and defense as information security has been increasingly popular Until now, the main purposes of information security simulation are security estimation of small network as well as performance analysis of information protection systems. However, network simulators that can simulate attacks in a huge network are in needs since large scale internet attacks are very common in these days. In this paper we proposed a simulator design and its implementation details. Our simulator is implemented by expanding the SSFNet program to the client-sewer architecture. A cyber attack scenario used in our simulator is composed by the advanced attack tree model. We analyzed the simulation results to show the correctness of our network defense simulator.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.83-94
• /
• 2016

Recent cloud, big data, there is a problem for the architectural security vulnerability to the server platforms of various fields such as artificial intelligence occurs consistently, but using the virtualization technology. In addition, most secure virtualization technology is known to be dependent on the type is limited and the platform provider. This paper presents a method for mutual authentication for secure data between multiple instances of a shared virtualized environment. The proposed method was designing a security architecture in consideration of the mutual authentication between multiple independent instances, and enhance the safety of a security protocol for sharing data by applying a key chain techniques. Performance analysis results and the existing security architecture demonstrated that protect each virtualized instances of the session and the other way, a compliance effectiveness for each instance of the mutual authentication process.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.45 no.4
• /
• pp.41-52
• /
• 2008

Ubiquitous service environment is poor in reliability of connection and has a high probability that the intrusion and the system failure may occur. Therefore, in the environment, the capability of a system to collectively accomplish its mission in spite of active intrusions and various failure scenarios, that is, the survivability of services are needed. In this paper, we analyze the Jgroup/ARM framework that was developed in order to help the development of fault- tolerant Jini services. More importantly, we propose an intrusion-tolerant Jini service architecture to satisfy the security availability and quality of services on the basis of the analysis. The proposed architecture is able to protect a Jini system not only from faults such as network partitioning or server crash, but also from attacks exploiting flaws. It is designed to provides performance enough to show a low response latency so as to support seamless service usage. Through the experiment on a test-bed, we have confirmed that the architecture is able to provide high security and availability at the level that degraded services quality is ignorable.