• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.463-472
• /
• 2012

This paper propose a security method that performs mutual authentication between the SIP UA and the server, check for integrity of the signaling channel and protection of SDP information for VoIP using a One-Time Password. To solve the vulnerability of existing HTTP Digest authentication scheme in SIP, Various SIP Authentication schemes have been proposed. But, these schemes can't meet security requirements of SIP or require expensive cryptographic operations. Proposed method uses OTP that only uses hash function and is updated each authentication. So Proposed method do not require expensive cryptographic operations but performs user authentication efficiently and safely than existing methods. In addition, Proposed method verifies the integrity of the SIP messages and performs SDP encryption/decryption through OTP that used for user authentication. So Proposed method can reduce communication overhead when applying S/MIME or TLS.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37C no.11
• /
• pp.1011-1019
• /
• 2012

This paper presents a novel hybrid authentication scheme in the next-generation Tactical Mobile Communication Systems(TMCS) with wireless MSAP mesh networks. The existing centralized and distributed authentication methods for security between MSAPs may have their pros and cons. The centralized authentication method induces overhead from frequent MSAP association which leads to long authentication delay. On the other hand, the distributed authentication method requires initial sharing of the authentication information. Therefore, a more efficient authentication scheme is needed to protect the network from malicious MSAPs and also maximize efficiency of the network security. The proposed scheme provides a hybrid method of efficiently managing the authentication keys in the wireless MSAP mesh network to reduce the induced authentication message exchange overhead. Also, as the authentication method between MSAP and TMFT is different, a method of utilizing the ACR for handling the EAP packets is proposed. In overall, the proposed scheme provides efficient mutual authentication between MSAPs especially for tactical environments and is analyzed through performance evaluation to prove its superiority.

• ETRI Journal
• /
• v.33 no.4
• /
• pp.517-527
• /
• 2011

Currently, there is a considerable interest in 3D object reconstruction using terrestrial laser scanner (TLS) systems due to their ability to automatically generate a considerable amount of points in a very short time. To fully map an object, multiple scans are captured. The different scans need to be registered with the help of the point cloud in the overlap regions. To guarantee reliable registration, the scans should have large overlap ratio with good geometry for the estimation of the transformation parameters among these scans. The objective of this paper is to propose a registration method that relaxes/eliminates the overlap requirement through the utilization of photogrammetrically reconstructed features. More specifically, a point-based procedure, which utilizes non-conjugate points along corresponding linear features from photogrammetric and TLS data, will be used for the registration. The non-correspondence of the selected points along the linear features is compensated for by artificially modifying their weight matrices. The paper presents experimental results from simulated and real datasets to illustrate the feasibility of the proposed procedure.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.565-568
• /
• 2017

The security protocols such as SSH and SSL/TLS operate over TCP and encrypt all data from the application layer. However, this method has unnecessary performance degradation because it encrypts even data which does not require confidentiality. In this paper, we propose TCP OENC(TCP Optional Encryption) which optionally encrypts only confidential data by the application user. The proposed TCP OENC is in accordance with TCP standard operation, and it operates if application user demand on encrypting data. Before the TCP OENC sends first encrypted data, performs the key agreement, and then encrypts and sends data which application user is desired by using shared key obtained from the key agreement.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.19 no.1
• /
• pp.23-30
• /
• 2023

According to the government's plan for cloud conversion and integration of information resources for administrative and public institutions, work is underway to convert administrative and public institutions to the cloud by 2025. In addition, in the private sector, companies in many fields, including finance, are already using cloud services, and the usage is expected to expand more and more. As a result, changes have occurred in security control activities using security systems, it is required to secure visibility for encrypted traffic when building a cloud control environment. In this paper, an analysis was conducted on the way to provide visibility in the cloud service environment. Ways to provide visibility in the cloud service environment include methods of using load balancer, methods of using security systems, and methods of using equipment dedicated to SSL/TLS decryption. For these methods, Performance comparison was performed in terms of confidentiality, functionality (performance), cost. Through this, the pros and cons of each visibility provision method were presented.

• 제어로봇시스템학회:학술대회논문집
• /
• 2001.10a
• /
• pp.116.4-116
• /
• 2001

We consider a robust configuration problem of inertial sensors for inertial navigation system(INS). Fault detection and isolation(FDI) is necessary to improve reliability of the system. For FDI, there used to be more than three mutually orthogonal sensors and thus we have to consider configuration methods of sensors. Various studies in this area have been done, but the former results did not consider effect of uncertainty(misalignment, scale factor error) to determine the configuration of the sensors. In this paper robust configuration of sensors is proposed through sensitivity analysis. Also total least square(TLS) method ...

• The Transactions of the Korean Institute of Electrical Engineers P
• /
• v.52 no.2
• /
• pp.81-84
• /
• 2003

This paper presents a proper rational transfer function synthesis in the continuous time system from noisy measurements. The proposed method identifies the coefficients vector of the transfer function from an overdetermined linear system that develops from rearranging the two dimensional system matrices and output vectors obtained from the observed frequency responses. By computer simulation, the performance improvement is verified.

• 제어로봇시스템학회:학술대회논문집
• /
• 1993.10b
• /
• pp.7-12
• /
• 1993

This paper presents a generalized truncated least, squares adaptive algorithm and a two-stage design method. The proposed algorithm is directly derived from the normal equation of the generalized truncated least squares method (GTLSM). The special case of the GTLSM, the truncated least squares (TLS) adaptive algorithm, has a distinct features which includes the case of minimum steps estimator. This algorithm seemed to be best in the deterministic case. For real applications in the presence of disturbances, the GTLS adaptive algorithm is more effective. The two-stage design method proposed here combines the adaptive control system design with a conventional control design method and each can be treated independently. Using this method, the validity of the presented algorithms are examined by the simulation studies of an indirect adaptive control.

• The KIPS Transactions:PartC
• /
• v.13C no.4 s.107
• /
• pp.435-440
• /
• 2006

XML encryption is to provide confidentiality service, though not limited to, for web contents. XML encryption can be applied to entire data files as opaque objects, or more frequently to various parts of XML documents, supporting various encryption granularity. It is this characteristic that makes XML encryption a more efficient alternative for data confidentiality in various web applications than is possible with SSL/TLS, IPsec, PGP, or S/MIME. It is essential for successful deployment of XML encryption to achieve interoperability among the products implementing this technology, which requires the products to implement the XML encryption standards correctly. Conformance testing is to test if products implement the relevant standard correctly. In this paper we present a conformance testing method for XML encryption products and implement it. We will first look at XML encryption standards developed by W3C, and extract test criteria. Then we propose a testing method in which the encryption capability and the decryption capability of a product are tested separately. The proposed methody is actually implemented as a GUI-based testing tool and some test results are presented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1079-1085
• /
• 2020

Fuzzing is used to find vulnerabilities for a library. Because library fuzzing only tests the implemented functions, in order to achieve higher code coverage, additional functions that are not implemented should be implemented. However, if a function is added without regard to the calling relationship of the functions in the library, a problem may arise that the function that has already been tested is added. We propose a novel method to improve the code coverage of library fuzzing. First, we analyze the function call graph of the library to efficiently add the functions for library fuzzing, and additionally implement a library function that has not been implemented. Then, we apply a hybrid fuzzing to explore for branches with complex constraints. As a result of our experiment, we observe that the proposed method is effective in terms of increasing code coverage on OpenSSL, mbedTLS, and Crypto++.