• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.63-72
• /
• 2021

The hospital biomedical engineering team is responsible for establishing and regulating the Medical Device Management Program (MEMP) to ensure that medical devices are safe and reliable. As technology advances, medical devices such as artificial intelligence and precision medicine are developing into a form that allows connection between objects anytime, anywhere, and as various technologies converge, internal and external security threats continue to increase. In this paper, we present a study of the Medical Device Management Program (Secure-MEMP) method, considering that the security threat of medical devices continues to increase due to advances in technology.

• Journal of Convergence Society for SMB
• /
• v.4 no.3
• /
• pp.27-31
• /
• 2014

According to increasing of payment and settlements like smart banking, internet shopping and contactless transaction in smart device, the security issues are on the rise, such as the vulnerability of the mobile OS and certificates abuse problem, we need a secure user authentication. We apply the OTP using biometrics and PKI as user authentication way for dealing with this situation. Biometrics is less risk of loss and steal than other authentication that, in addition, the security can be enhanced more when using the biometric with OTP. In this paper, we propose a user authentication using biometrics and OTP in the mobile device.

• The KIPS Transactions:PartC
• /
• v.18C no.6
• /
• pp.397-404
• /
• 2011

Recently the existing one-way electricity system that combines information and communications technology to develop smart grid technology is made active. The core infrastructure of the smart grid, AMI smart meters to AMR system, the amount of power measured at the top to MDMS transmits data store. Smart meters utilizing information and communication technology to transfer data and power because of the existing security threats are expected, including the additional security threats. It exposes the privacy of consumers and industrial systems, such as paralysis is likely to result in the loss. In this paper to respond to these security threats in the environment smart grid. Also, We propose data transfer methods between smartmeter and MDMS and between home device and MDMS.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.189-200
• /
• 2012

With increasing the number of smart device such as Tablet PC, smart phone and netbook, information security which based on smart device in mobile environment have become the issue. It is important to enter a password safety. In various types of mobile devices, because of hardware limitation of device, it is difficult that to equip secondary input device such as keyboard and mouse. Also, a loss of accuracy becomes a problem because input information was entered by touch screen. Because of problem mentioned above it can be predicted to change password scheme text based password scheme to graphical password scheme, graphical password scheme is easy to use and is resistant to shoulder surfing attack. So this paper proposes new graphical password scheme based 5 strokes which are made by decomposed the Korean to defend against shoulder surfing attack.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.344-345
• /
• 2022

ogy is being used in many fields, such as smart farms, smart oceans, smart homes, and smart energy. Various IoT terminals are used for these IoT services. Here, IoT devices are physically installed in various places. A malicious attacker can access the IoT service using an unauthorized IoT device, access unauthorized important information, and then modify it. In this study, to solve these problems, we propose an authentication system for IoT devices used in IoT services. The IoT device authentication system proposed in this study consists of an authentication module mounted on the IoT device and an authentication module of the IoT server. If the IoT device authentication system proposed in this study is used, only authorized IoT devices can access the service and access of unauthorized IoT devices can be denied. Since this study proposes only the basic IoT device authentication mechanism, additional research on additional IoT device authentication functions according to the security strength is required.IoT technol

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.125-136
• /
• 2011

The vulnerabilities existed in Korean electricity control systems is unexposed because it is being operated in a closed network with superior security. The threat will become greater once the closed network develops into a smart grid environment with superior intelligence. Security will have a greater impact once each household will be connected to the power plant via the smart meter. This research focuses on stable data transfer in harsh external environment and whole-nation coverage network, and suggested standardized and optimized Virtual Private Network (VPN) Gateway architecture to support Power Line Communication (PLC). The functionality and stability of the prototype has been verified with field tests. For implementation of outdoor type VPN device for smart grid, we adopted PLC low voltage remote-meter-net for data communication. Also, IPSec type tunneling and ARIA algorithm based encryption of data collected by PLC low voltage remote meter is transmitted.

• Convergence Security Journal
• /
• v.18 no.2
• /
• pp.49-58
• /
• 2018

As the demand for Internet of Things(IoT) increases, the need for the security of IoT devices is increasing steadily. It is difficult to apply the conventional security theory to IoT devices because IoT devices are subject to be constrained by some factors such as hardware, processor, and energy. Nowadays we have several security guidelines and related documents on IoT device. Most of them, however, do not consider the characteristics of specific IoT devices. Since they describes the security issues comprehensively, it is not easy to explain the specific security level reflecting each characteristics of IoT devices. In addition, most existing guidelines and related documents are described in view of developers and service proposers, and thus ordinary users are not able to assess whether a specific IoT device can protect their information securely or not. We propose an security evaluation model, based on the existing guidelines and related documents, for more specific IoT devices and prove that this approach is more convenient to ordinary users by creating checklists for the smart watch.

• Journal of Internet Computing and Services
• /
• v.24 no.1
• /
• pp.17-26
• /
• 2023

A smart city is a massive internet of things (IoT) environment, where all terminal devices are connected to a network to create and share information. In accordance with massive IoT environments, millions of IoT devices are connected, and countless data are generated in real time. However, since heterogeneous IoT devices are used, collecting the logs for each IoT device is difficult. Due to these issues, when an IoT device is invaded or is engaged in malicious behavior, such as infection with malware, it is difficult to respond quickly, and additional damage may occur due to information leakage or stopping the IoT device. To solve this problem, in this paper, we propose identifying the attack technique used for initial access to IoT devices through MITRE ATT&CK, collect the logs that can be generated from the identified attack technique, and use them to identify the cause of malware infection.

• Journal of Platform Technology
• /
• v.6 no.3
• /
• pp.17-22
• /
• 2018

Smart home is a technology for monitoring and controlling all the information about a house by integrating various home applications like cooling, heating, lighting, kitchen and security systems into a network. Although home appliances have become more convenient to use due to the development of smart home technology, they are also more vulnerable to information security hazards. Unauthorized visitors may have access to any of home appliance to arbitrarily control it or acquire information. This causes serious privacy and security problems, which should be solved to further smart home technology. This present paper proposed a dynamic user access control system for privacy protection in smart homes. The proposed system defines the role of a user of smart home services by automatically identifying the status information of the user and dynamically controls the access range for the service. In this way, the privacy of a user can be protected and the inter-smart device service is effectively provided. Consequently, the proposed dynamic user access control for smart home will improve the security service for protecting privacy in smart home devices.

• International Journal of Computer Science & Network Security
• /
• v.24 no.8
• /
• pp.32-42
• /
• 2024

The Internet of Things (IoT) is set to transform patient care by enhancing data collection, analysis, and management through medical sensors and wearable devices. However, the convergence of IoT device vulnerabilities and the sensitivity of healthcare data raises significant data integrity and privacy concerns. In response, this research introduces the Smart-Coord system, a practical and affordable solution for securing healthcare IoT. Smart-Coord leverages blockchain technology and coordinate-based access management to fortify healthcare IoT. It employs IPFS for immutable data storage and intelligent Solidity Ethereum contracts for data integrity and confidentiality, creating a hierarchical, AES-CBC-secured data transmission protocol from IoT devices to blockchain repositories. Our technique uses a unique coordinate system to embed confidentiality and integrity regulations into a single access control model, dictating data access and transfer based on subject-object pairings in a coordinate plane. This dual enforcement technique governs and secures the flow of healthcare IoT information. With its implementation on the Matic network, the Smart-Coord system's computational efficiency and cost-effectiveness are unparalleled. Smart-Coord boasts significantly lower transaction costs and data operation processing times than other blockchain networks, making it a practical and affordable solution. Smart-Coord holds the promise of enhancing IoT-based healthcare system security by managing sensitive health data in a scalable, efficient, and secure manner. The Smart-Coord framework heralds a new era in healthcare IoT adoption, expertly managing data integrity, confidentiality, and accessibility to ensure a secure, reliable digital environment for patient data management.