• Title/Summary/Keyword: USB Security

Search Result 86, Processing Time 0.029 seconds

Study on the Physical vulnerability factors of network and the Countermeasure technology (네트워크의 물리적 취약요인과 대응기술에 관한 연구)

  • Jeon, Jeong Hoon;Ahn, Chang Hoon;Kim, Sang Choon
    • Convergence Security Journal
    • /
    • v.16 no.7
    • /
    • pp.139-145
    • /
    • 2016
  • Recently, The attack on the USB and network are increasing in many domestic infrastructure. These attacks are the most independent of insider intention, caused by the Anthropogenic Manipulation. These attacks are Anthropogenic Response Measures for Physical Security. and Representative Technology has CCTV, Access Control System, Sensor Technology. However, Physical Security, it is represented by several Product family according to the Market, has become an obstacle but rather a variety of Physical Security Technology Development and Application. As the Anthropogenic Attacks have occur continually in the network, it need to the proper Physical Response Techniques in this situation. Therefore, In this paper, we will find out about the awareness and demand trends of Physical Security. And The Physical Vulnerable Factors of Network. Thereby this is expected to be utilized as a basis for the domestic Physical Security Technology development and deployment Road-map in a future.

Implementation of Embedded Biometrics Technologies : A Case of a Security Token for Fingerprints (임베디드 생체 인식 기술 구현 : 지문 보안 토큰 사례)

  • 김영진;문대성;반성범;정용화;정교일
    • Journal of the Institute of Electronics Engineers of Korea CI
    • /
    • v.40 no.6
    • /
    • pp.39-46
    • /
    • 2003
  • Biometric technologies using biometric information like fingerprints features are in wide use for the secure user authentication in many services including log-in of computer systems, entrance ID and E-commercial security. Nowadays, biometric technologies are ported into small embedded systems like security tokens or smart cards due to the merit of being secure and automatic in comparison with the previous method in user authentication such as using a PIN. In this paper, the security token developed as an embedded system and tile user authentication system implemented and tested using fingerprints information are described. Communications between the security token and tile host are tested and verified with USB. And, execution time and runtime memory on tile security token board was measured and performance improvement was described. In addition, requisites for the transit from the security token to the match-on-card was mentioned.

Implementation of A Security Token System using Fingerprint Verification (지문 인증을 이용한 보안 토큰 시스템 구현)

  • 문대성;길연희;안도성;반성범;정용화;정교일
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.13 no.4
    • /
    • pp.63-70
    • /
    • 2003
  • In the modern electronic world, the authentication of a person is an important task in many areas of online-transactions. Using biometrics to authenticate a person's identity has several advantages over the present practices of Personal Identification Numbers(PINs) and passwords. To gain maximum security in the verification system using biometrics, the computation of the verification as well as the store of the biometric pattern has to be taken place in the security token(smart card, USB token). However, there is an open issue of integrating biometrics into the security token because of its limited resources(memory space, processing power). In this paper, we describe our implementation of the USB security token system having 206MHz StrongARM CPU, 16MBytes flash memory, and 1MBytes RAM. Also, we evaluate the performance of a light-weighted In-gerprint verification algorithm that can be executed in the restricted environments. Based on experimental results, we confirmed that the RAM requirement of the proposed algorithm was about 6.8 KBytes and the Equal Error Rate(EER) was 1.7%.

The Proactive Threat Protection Method from Predicting Resignation Throughout DRM Log Analysis and Monitor (DRM 로그분석을 통한 퇴직 징후 탐지와 보안위협 사전 대응 방법)

  • Hyun, Miboon;Lee, Sangjin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.2
    • /
    • pp.369-375
    • /
    • 2016
  • Most companies are willing to spend money on security systems such as DRM, Mail filtering, DLP, USB blocking, etc., for data leakage prevention. However, in many cases, it is difficult that legal team take action for data case because usually the company recognized that after the employee had left. Therefore perceiving one's resignation before the action and building up adequate response process are very important. Throughout analyzing DRM log which records every single file's changes related with user's behavior, the company can predict one's resignation and prevent data leakage before those happen. This study suggests how to prevent for the damage from leaked confidential information throughout building the DRM monitoring process which can predict employee's resignation.

On the Security of Public-Key-Certificate-Relay Protocol for Smart-Phone Banking Services (스마트폰뱅킹을 위한 공인인증서 복사 프로토콜의 취약점 분석)

  • Shin, DongOh;Kang, Jeonil;Nyang, DaeHun;Lee, KyungHee
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.37C no.9
    • /
    • pp.841-850
    • /
    • 2012
  • Most of banks in Korea provide smartphone banking services. To use the banking service, public key certificates with private keys, which are stored in personal computers, should be installed in smartphones. Many banks provides intermediate servers that relay certificates to smartphones over the Internet, because the transferring certificates via USB cable is inconvenient. In this paper, we analyze the certificate transfer protocol between personal computer and smartphone, and consider a possible attack based on the results of the analysis. We were successfully able to extract a public key certificate and password-protected private key from encrypted data packets. In addition, we discuss several solutions to transfer public key certificates from personal computers to smartphones safely.

Privilege Management Technology based-on One-time Certificate for Smart Device in Mobile Cloud Computing Environment (모바일 클라우드 컴퓨팅 환경의 스마트 디바이스용 일회용 인증서 기반 권한 관리 기술)

  • Moon, Jong-Sik;Han, Seung-Wan;Lee, Im-Yeong
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2011.04a
    • /
    • pp.832-835
    • /
    • 2011
  • 공인인증서의 사용은 꾸준히 증가하고 있으나 증가하는 사용량에 비례하여 하드디스크에 저장된 공인인증서 해킹으로 인한 피해 사례가 증가하고 있다. 이에 따라 정부는 하드디스크 내 공인인증서 저장을 금지하고 이동형 저장매체에 저장하도록 하는 방침을 내놓았다. 또한 모바일 클라우드 컴퓨팅 환경에서는 중앙의 스토리지에 데이터가 저장되기 때문에 공인인증서를 중앙 스토리지에 저장하는 것은 매우 위험한 일이다. 이러한 방침으로 인해 앞으로 USB 메모리 및 스마트폰과 같은 이동형 저장매체에 대한 중요성이 높아질 것이며, 분실 위험이 높은 USB 메모리 및 스마트폰의 특징에 따라 인증서가 저장된 저장매체 없이도 인증서를 사용할 수 있는 방안이 필요하게 될 것이다. 본 논문은 일회용 인증서에 대한 요구사항 분석 및 형식을 설계하고, PKI 인증서를 기반으로 경량화된 일회용 인증서를 발급받아 인증서를 사용할 수 있도록 하였다. 또한 모바일 클라우드 컴퓨팅 환경에서 일회용 인증서를 이용한 권한 관리 기술을 제안하여 안전성과 효율성을 제공하도록 하였다.

Design of Security Protocal for Mobility Memory Secunity Using PUF (이동성 메모리 보안을 위한 PUF을 이용한 보안 시스템 프로토콜 설계)

  • Jung, Young-Min;Park, Seok-Cheon
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2013.11a
    • /
    • pp.625-628
    • /
    • 2013
  • 기술이 발달함에 따라 USB메모리, 보안 SD카드, 보안인증토큰 등 이동형 저장 매체도 비약적인 발전을 하고 있다. USB의 가격이 저렴해지고 작아지면서 용량의 확장도 증가하여 다양한 이용을 할 수 있게 되었다. 하지만 분실율이 높고 보안성이 낮아 다수의 사용자에게 중요한 회사의 기밀이나 개인의 인적 사항들이 노출 될 수 있다. 이를 위해 PUF를 이용하여 플래시 메모리 마다 고유키를 저장, 생성하여 외부 유출이 없이 사용자 인증을 하기 위한 플래시 드라이버의 구조 및 프로토콜을 제안하고자 한다.

Network Configuration Study for Multi-Satellite Operations (다중위성운영을 위한 네트워크 구성 방안 연구)

  • Baek, Hyun Chul;Jang, In Sik;Lee, Sang Jeong;Kim, Byung Chul;Lee, Jae Yong
    • Journal of Aerospace System Engineering
    • /
    • v.13 no.4
    • /
    • pp.1-9
    • /
    • 2019
  • Integration of satellites with diverse missions, such as broadcast-communication, earth, meteorologicaland marine observations, and navigation, is vulnerable. The problems of the currently constructed ground station network were analyzed by constructing the test environment. Based on this, we designed a network that was capable of operating multiple satellites by one ground station. In addition, we proposed an interface and network configuration method with domestic and foreign ground stations. The network linking the domestic and foreign ground stations was composed of KREONET (Korea Research Environment Open Network) and GLORIAD (Global Ring Network for Advanced Application Development) of the KISTI(Korea Institute of Science and Technology Information). The internal network consists of VPN (Virtual Private Network), DMZ(De-Militarized Zone), and 1-way USB and so forth. By constructing the network by using the proposed method, harmful data, such as virus inflow and infection, can be blocked.

The study of security management for application of blockchain technology in the Internet of Things environment (Focusing on security cases in autonomous vehicles including driving environment sensing data and occupant data) (사물인터넷 환경에서 블록체인 기술을 이용한 보안 관리에 관한 소고(주행 환경 센싱 데이터 및 탑승자 데이터를 포함한 자율주행차량에서의 보안 사례를 중심으로))

  • Jang Mook KANG
    • Convergence Security Journal
    • /
    • v.22 no.4
    • /
    • pp.161-168
    • /
    • 2022
  • After the corona virus, as non-face-to-face services are activated, domain services that guarantee integrity by embedding sensing information of the Internet of Things (IoT) with block chain technology are expanding. For example, in areas such as safety and security using CCTV, a process is required to safely update firmware in real time and to confirm that there is no malicious intrusion. In the existing safe security processing procedures, in many cases, the person in charge performing official duties carried a USB device and directly updated the firmware. However, when private blockchain technology such as Hyperledger is used, the convenience and work efficiency of the Internet of Things environment can be expected to increase. This article describes scenarios in how to prevent vulnerabilities in the operating environment of various customers such as firmware updates and device changes in a non-face-to-face environment. In particular, we introduced the optimal blockchain technique for the Internet of Things (IoT), which is easily exposed to malicious security risks such as hacking and information leakage. In this article, we tried to present the necessity and implications of security management that guarantees integrity through operation applying block chain technology in the increasingly expanding Internet of Things environment. If this is used, it is expected to gain insight into how to apply the blockchain technique to guidelines for strengthening the security of the IoT environment in the future.

A Design for Network Security System via Non-security Common Network (일반망과 보안망을 연계한 네트워크 보안체계 설계)

  • Cho, Chang-Bong;Lee, Sang-Guk;Dho, Kyeong-Cheol
    • Journal of the Korea Institute of Military Science and Technology
    • /
    • v.12 no.5
    • /
    • pp.609-614
    • /
    • 2009
  • In this paper, we have proposed a design for security network system passing through the non-security network which is commonly used for various networking services. Based on the security requirements which are assumed that the large classified data are bi-transmitted between a server and several terminals remotely located, some application methods of security techniques are suggested such as the network separation technique, the scale-down application technique of certification management system based on the PKI(Public Key Infrastructure), the double encryption application using the crypto-equipment and the asymmetric keys encryption algorithm, unrecoverable data deleting technique and system access control using USB device. It is expected that the application of this design technique for the security network causes to increase the efficiency of the existing network facilities and reduce the cost for developing and maintaining of new and traditional network security systems.