• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.6
• /
• pp.99-119
• /
• 2007

The USB flash drive is common used for portable storage. That is able to store large data and transfer data quickly and carry simply. But when you lose your USB flash drive without any security function in use, all stored data will be exposed. So the new USB flash drive supported security function was invented to compensate for the problem. In this paper, we analyze vulnerability of 6 control access program for secure USB flash drives. And we show that exposed password on communication between secure USB flash drive and PC. Also we show the vulnerability of misapplication for initialization. Further we develop a protection profile for secure USB flash drive based on the common criteria version 3.1. Finally, we examine possible threat of 6 secure USB flash drives and supports of security objectives which derived from protection profile.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.18 no.1
• /
• pp.25-30
• /
• 2023

We propose a method to update DSP (Digital Signal Processor) firmware using USB (Universal Serial Bus) flash drives. The DSP automatically detects USB drives based on an interrupt when the USB drive is inserted into the USB port. The new firmware binary file is found in the mounted USB drive, and the destination address of DSP flash memory is identified for the firmware update writing by investigating the firmware file header. After the new firmware is written to the DSP flash memory, the DSP is reset and rebooted with the newly updated firmware. By employing TI's TMS320F28379D control card with USB ports, we conduct experiments and verify the normal operation of the implemented method.

• Journal of Korea Multimedia Society
• /
• v.13 no.1
• /
• pp.93-101
• /
• 2010

A USB flash drive is a portable storage device. For its promising moderate price, portability and high capacity USB flash drive users are increasing rapidly. Despite these advantages USB flash drives have critical problems as well. Such as personal information data leakage due to easy loss of the portable device. As these personal information leakage incidents increases various security measure solutions are produced and distributed. Despite these security measures and solutions it is not enough to perfectly protect personal data leakage. Hence the necessity of a more concrete, secure, user-friendly security measure solution is required. In this paper we provide you with portable USB flash drive security solution analysis and provide you with the latest secure, user-friendly security measure solutions.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.5 no.4
• /
• pp.175-184
• /
• 2010

This paper designs a virtual USB drive for mobile devices which gives an illusion of a traditional USB flash memory drive and provides capacity-free storage space over IP network. The virtual USB drive operating with a S3C2410 hardware platform and embedded linux consists of USB device driver, an iSCSI-enabled network stack, and a seamless USB/iSCSI tunneling module. For performance enhancement, it additionally provides a kernel-level seamless USB/iSCSI tunneling module and data sharing with symbol references among kernel modules. Experiments reveal that the kernel-level implementation can improve the I/O performance up to 8 percentage, as compared with the user-level implementation.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.12 no.6
• /
• pp.359-368
• /
• 2017

As the BadUSB is a vulnerability, in which a hacker tampers the firmware area of a USB flash drive. When the BadUSB device is plugged into the USB port of a host system, a malicious code acts automatically. The host system misunderstands the act of the malicious behavior as an normal behaviour for booting the USB device, so it is hard to detect the malicious code. Also, an antivirus software can't detect the tampered firmware because it inspects not the firmware area but the storage area. Because a lot of computer peripherals (such as USB flash drive, keyboard) are connected to host system with the USB protocols, the vulnerability has a negative ripple effect. However, the countermeasure against the vulnerability is not known now. In this paper, we analyze the tampered area of the firmware when a normal USB device is changed to the BadUSB device and propose the countermeasure to verify the integrity of the area when the USB boots. The proposed method consists of two procedures. The first procedure is to verify the integrity of the area which should be fixed even if the firmware is updated. The verification method use hashes, and the target area includes descriptors. The second procedure is to verify the integrity of the changeable area when the firmware is updated. The verification method use code signing, and the target area includes the function area of the firmware. We also propose the update protocol for the proposed structure and verify it to be true through simulation.

• Journal of Korea Multimedia Society
• /
• v.25 no.8
• /
• pp.1085-1096
• /
• 2022

The manufacturing industry is continuously pursuing advanced technology and smartization as it converges with innovative technology. Improvement of manufacturing productivity is achieved by monitoring, analyzing, and controlling the facilities and processes of the manufacturing site in real time through a network. In this paper, we proposed a new OPC-UA based digital twin model for smart factory facilities. A testbed system for USB flash drive packaging facility was implemented based on the proposed digital twin model and OPC-UA data communication scheme. Through OPC-UA based digital twin model, equipment and process status information is transmitted and received from PLC to monitoring and control 3D digital models and physical models in real time. The usefulness of the developed digital twin testbed system was evaluated through usability test.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.04a
• /
• pp.699-701
• /
• 2012

USB flash drive와 같은 이동형 저장매체는 한 손에 쏙 들어오는 작은 크기와 가벼운 무게로 뛰어난 휴대성을 제공하고 있다. 많은 사용자들은 자신의 데이터를 저장하기 위해 고용량을 제공하는 이동형 저장매체에 관심을 보이고 있다. 하지만 이동형 저장매체는 휴대성으로 인한 도난 및 분실당할수 있다. 개인 정보가 유출되는 등의 많은 문제들이 발생하고 있다. 인터넷의 발달과 클라우드 컴퓨팅 붐을 통하여 이동형 저장매체의 문제점을 해결할 수 있는 클라우드 스토리지 서비스가 급증하고 있다. 하지만 이러한 클라우드 스토리지 서비스는 인터넷이 가지고 있는 취약성 및 서버와 서버의 관리자의 비신뢰성 등의 문제를 가지고 있으며, 이로 인한 몇몇 사고가 발생하였다. 이러한 문제를 해결하기 위해서 클라우드 스토리지 환경에서는 데이터를 암호화 저장하고 이를 복호화 과정 없이 검색할 수 있는 검색 가능한 암호 기술의 필요성이 대두되고 있다. 하지만 기존의 검색가능 암호 기술은 사용자가 저장하고자 하는 데이터를 직접 업로드하고, 해당 자료를 필요에 따라 공유 하고, 공유대상이 변화되는 클라우드 스토리지 환경에서 비효율성을 가지고 있어 실제 서비스에 적용하기 힘든 단점을 가지고 있다. 따라서 본 논문에서는 클라우드 컴퓨팅 환경을 고려하여 검색가능한 암호화 색인 생성 및 이를 재암호화를 통해 다른 사용자와 안전하게 공유할 수 있는 검색가능한 재 암호화 시스템을 제안한다.

• The Journal of the Korea Contents Association
• /
• v.16 no.8
• /
• pp.90-96
• /
• 2016

The 3390 million people, around 83% of the adult population in Korea use smartphone. Although the safety problem of the certificate has been occurred continuously, most of these users use the certificate. These safety issues as a solution to 'The owner of a mobile phone using SMS authentication technology', 'Biometric authentication', etc are being proposed. but, a secure and reliable authentication scheme has not been proposed for replace the certificate yet. and there are many attacks to steal the certificate and private key. For these reasons, security experts recommend to store the certificate and private key on usb flash drive, security tokens, smartphone. but smartphones are easily infected malware, an attacker can steal certificate and private key by malicious code. If an attacker snatchs the certificate, the private key file, and the password for the private key password, he can always act as valid user. In this paper, we proposed a safe way to keep the private key on smartphone using smartphone's unique information and user password. If an attacker knows the user password, the certificate and the private key, he can not know the smart phone's unique information, so it is impossible to use the encrypted private key. Therefore smartphone user use IT service safely.