• Journal of Digital Convergence
• /
• v.14 no.12
• /
• pp.471-476
• /
• 2016

Recently, important information related with smart work such as office and video conference are handled in smart device quite a lot compare with before. Also, execution environment of smart devices is getting developed as open software environment. It brought convenience to download and use any kind of application software. By that, security side of smart devices became vulnerable. This paper will discuss characteristics of smart device security technology based on virtualization that is a mobile device platform with isolated secure execution area based on TEE (Trusted Execution Environment). Also, this paper will suggest an implementation method about safe smart device security platform based on domain separation for application software which can be executed in smart devices. The domain separation based smart device security platform technology in this paper blocks unauthorized access and leakage of sensitive information in device. Also it will be the solution can block transmission and execution of malicious code in various area including variety of IoT devices in internet rather than just smart devices.

• Journal of Information Processing Systems
• /
• v.16 no.4
• /
• pp.975-990
• /
• 2020

Nowadays, the Internet of Things (IoT) network, is increasingly becoming a ubiquitous connectivity between different advanced applications such as smart cities, smart homes, smart grids, and many others. The emerging network of smart devices and objects enables people to make smart decisions through machine to machine (M2M) communication. Most real-world security and IoT-related challenges are vulnerable to various attacks that pose numerous security and privacy challenges. Therefore, IoT offers efficient and effective solutions. intrusion detection system (IDS) is a solution to address security and privacy challenges with detecting different IoT attacks. To develop an attack detection and a stable network, this paper's main objective is to provide a comprehensive overview of existing intrusion detections system for IoT environment, cyber-security threats challenges, and transparent problems and concerns are analyzed and discussed. In this paper, we propose software-defined IDS based distributed cloud architecture, that provides a secure IoT environment. Experimental evaluation of proposed architecture shows that it has better detection and accuracy than traditional methods.

• Nuclear Engineering and Technology
• /
• v.53 no.10
• /
• pp.3327-3334
• /
• 2021

Present electric grids are advanced to integrate smart grids, distributed resources, high-speed sensing and control, and other advanced metering technologies. Cybersecurity is one of the challenges of the smart grid and nuclear plant digital system. It affects the advanced metering infrastructure (AMI), for grid data communication and controls the information in real-time. The research article is emphasized solving the nuclear and smart grid hardware security issues with the integration of field programmable gate array (FPGA), and implementing the latest Time Authenticated Cryptographic Identity Transmission (TACIT) cryptographic algorithm in the chip. The cryptographic-based encryption and decryption approach can be used for a smart grid distribution system embedding with FPGA hardware. The chip design is carried in Xilinx ISE 14.7 and synthesized on Virtex-5 FPGA hardware. The state of the art of work is that the algorithm is implemented on FPGA hardware that provides the scalable design with different key sizes, and its integration enhances the grid hardware security and switching. It has been reported by similar state-of-the-art approaches, that the algorithm was limited in software, not implemented in a hardware chip. The main finding of the research work is that the design predicts the utilization of hardware parameters such as slices, LUTs, flip-flops, memory, input/output blocks, and timing information for Virtex-5 FPGA synthesis before the chip fabrication. The information is extracted for 8-bit to 128-bit key and grid data with initial parameters. TACIT security chip supports 400 MHz frequency for 128-bit key. The research work is an effort to provide the solution for the industries working towards embedded hardware security for the smart grid, power plants, and nuclear applications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.993-999
• /
• 2015

OTP(One time password) is widely used as an authentication method for financial and other security-sensitive transactions. OTP provides strong security since each password is used only one time while normal password-based authentications use passwords as long term secrets. However, OTP-based authentications relatively lack usability since they require users to hold an OTP card or generator. To overcome such a problem, smartphones start replacing OTP cards and such a method is called smart OTP. However, smart OTP inherits security vulnerabilities that smartphones have. In this paper, we propose a smart OTP authentication based on an extremely light authentication protocol called HB+. HB+ protocol is developed for low-cost devices and has small communication and computation costs. We present our solution and discuss its security, efficiency and practicality. Our contribution is providing a method to securely use smart OTP without losing its efficiency and usability.

• International journal of advanced smart convergence
• /
• v.5 no.3
• /
• pp.27-31
• /
• 2016

High-tech industries in a state well enough to troubleshoot hacking information introduction a big barrier to delay the growth of the market related to IoT(Internet of Things) as is likely to be on the rise. This early on, security issues introduced in the solution, a comprehensive solution, including the institutional laws/precautions needed. Recent examples of frequent security threats while IoT is the biggest issue of introducing state-of-the-art industry information due to the vulnerable security hacking. This high-tech industries in order to bridge the information responsible for the target attribute, target range, and the protection of security and how to protect the subject, IoT environment (domestic industrial environment) considering the approach is needed. IoTs with health care and a wide variety of services, such as wearable devices emerge. This ensures that RFID/USN-based P2P/P2M/M2M connection is the implementation of the community. In this study, the issue on the high-tech industrial information and the vulnerable security issues of IoT are described.

• Journal of Service Research and Studies
• /
• v.7 no.4
• /
• pp.69-81
• /
• 2017

Smart work refers to enhancing the efficiency of work by utilizing smart devices. Smart work improves business productivity by improving business productivity of companies, reducing costs, but there is a threat to various information protection. To operate telecommuting, mobile office, and smart work center, hardware and software are needed to support various network resources, servers, and platforms. As a result, there are many vulnerabilities to security and information protection that protect information resources. In this paper, we analyze the smart work environment for smart work service and analyze vulnerability for smart work information protection through analysis of IOS27001 and KISA-ISMS. We have developed requirements for information protection requirements for users and service providers. We have developed a solution for information security protection for smart work environments such as common parts, mobile office, telecommuting, and smart work center for security threats and weaknesses per smart work type.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2020.05a
• /
• pp.231-234
• /
• 2020

In the past few years, the industrial internet of things (IIoT) has received great attention in various industrial sectors which have potentially increased a high level of integrity, availability, and scalability. The increasing of IIoT is expected to create new smart industrial enterprises and build the next generation smart system. However existing IIoT systems rely on centralized servers that are vulnerable to a single point of failure and malicious attack, which exposes the data to security risks and storage. To address the above issues, blockchain is widely considered as a promising solution, which can build a secure and efficient environment for data storing, processing and sharing in IIoT. In this paper, we propose a decentralized, peer-to-peer platform for secure data storing in industrial IoT base on the ethereum blockchain. We exploit ethereum to ensure data security and reliability when smart devices store the data.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.65 no.1
• /
• pp.165-170
• /
• 2016

Recently, IoT(Internet of Things) technology is widely applied in not only our everyday lives but also in industry, medical field and security system. NFC system, the basis of IoT, is in the spotlight which can be an alternative solution of a anti-theft system for motorcycle as they basically have practicality and security issues. Anti-theft system for motorcycle using the NFC smart devices based on RFID has been proposed. because Progress of Smart Device If someone get the Key for motorcycle theft, he can be easily stolen motorcycle. We thought about the concept of NFC security devices as a wireless key and automatic solenoid valve for setting the lock and unlock module. In this study, we designed motorcycle smart key system with general-purpose NFC system and the automatic solenoid valve for setting the lock and unlock module. First, we designed control unit and NFC card reader for motorcycle smart key system. Then we propose an AES encryption algorithm and prove that the motorcycle key system is controllable by showing the result of implementing and testing, after installing.

• International Journal of Computer Science & Network Security
• /
• v.21 no.7
• /
• pp.205-210
• /
• 2021

In this paper, the possibility of using a contactless smart card as a cache for geocaching is analyzed. Geocaching is an outdoor game in which players search for hidden boxes, or caches based on geographical coordinates. The problems with this game are the possibility of players cheating and the need to maintain the caches. And then there is the problem of the ignorant public accidentally discovering a cache and considering it an explosive device. This paper proposes a concept for a possible solution to the above problems by replacing the boxes with conventional contactless smart cards. Also, this concept makes geocaching more attractive by using various games. This paper proposes a system architecture as well as the cryptographic protocol required for secure communication between the player's smartphone and the card.

• Journal of the Semiconductor & Display Technology
• /
• v.18 no.1
• /
• pp.74-78
• /
• 2019

As software becomes larger and network technology develops, the management of distributed data becomes more popular. Therefore, it is becoming increasingly important to use blockchain technology that can guarantee the integrity of data in various fields by utilizing existing infrastructure. Blockchain is a distributed computing technology that ensures that servers participating in a network maintain and manage data according to specific agreement algorithms and rules to ensure integrity. As smart contracts are applied, not only passwords but also various services to be applied to the code. In order to reinforce existing research on smart contract applied to the blockchain, we proposed a dynamic conditional rule of smart contract that can formalize rules of smart contract by introducing ontology and SWRL and manage rules dynamically in various situations. In the previous research, there is a module that receives the upper rule in the blockchain network, and the rule layer is formed according to this module. However, for every transaction request, it is a lot of resources to check the top rule in a blockchain network, or to provide it to every blockchain network by a reputable organization every time the rule is updated. To solve this problem, we propose to separate the module responsible for the upper rule into an independent server. Since the module responsible for the above rules is separated into servers, the rules underlying the service may be transformed or attacked in the middleware. Therefore, the security mechanism using TLS and PKI is added as an agent in consideration of the security factor. In this way, the benefits of computing resource management and security can be achieved at the same time.