• Journal of Korea Society of Industrial Information Systems
• /
• v.18 no.1
• /
• pp.1-9
• /
• 2013

Most calls of a called user are invoked by the group of calling users. This call pattern is defined as call locality. Similarly Internet sessions including IP telephony calls have this pattern. We define it session locality. In this paper, we propose a caching scheme to support session locality in hierarchical SIP networks. The proposed scheme can be applied easily by adding only one filed to cache to a data structure of the SIP mobility agent. And this scheme can reduce signaling cost, database access cost and session setup delay to locate a called user. Moreover, it distributes the load on the home registrar to the SIP mobility agents. Our performance evaluation shows the proposed caching scheme outperforms the hierarchical SIP scheme when session to mobility ratio is high.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.3
• /
• pp.1263-1279
• /
• 2020

Activating appropriate roles for a session in the role-based access control (RBAC) model has become challenging because of the so-called role explosion. In this paper, factors and issues related to user-driven role management are analysed, and a session role activation (SRA) problem based on reasonable assumptions is proposed to describe the problem of such role management. To solve the SRA problem, we propose an extended RBAC model with context-based role filtering. When a session is created, context conditions are used to filter roles that do not need to be activated for the session. This significantly reduces the candidate roles that need to be reviewed by the user, and aids the user in rapidly activating the appropriate roles. Simulations are carried out, and the results show that the extended RBAC model is effective in filtering the roles that are unnecessary for a session by using predefined context conditions. The extended RBAC model is also implemented in the Apache Shiro framework, and the modifications to Shiro are described in detail.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.1
• /
• pp.103-114
• /
• 2008

Single Sign-On is an authentication scheme that enables a user to authenticate once and then to access to the resources of multiple software systems without re-authentication. As web services are being integrated into a single groupware, more web sites are adopting for user convenience. However, these Single Sign-On services are very dependent upon the cookies and thus, simple eavesdropping enables attackers to hiject the user's session. Even worse, the attacker who hijacked one session can move to another site through the Single Sign-On. In this paper, we show the vulnerabilities of the top ranked sites regarding this point of view and also propose a way to protect a user's session.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.04a
• /
• pp.298-300
• /
• 2001

VoIP 기술은 사용자 사이에서 call을 설정, 변경, 종료할 수 있는 signaling 프로토콜이 필수적이다. 이러한 점에서 인터넷 프로토콜 네트워크 상에서의 call과 멀티미디어 세션의 실시간 제어를 목적으로 IETF의 MUSIC WG에서 말들어진 새로운 signaling 프로토콜이 SIP(Session Initiation Protocol)이다. 또한, IETF에서 SIP WG이 생겨나면서 이 프로토콜에 대한 연구가 더욱 활발해지고 있다. 본 노문에서는 SIP에 대한 개략적인 내용과 SIP 프로토콜의 기능들을 간략하게 소개하였고, SIP session initiation의 과정과 registration 과정 등의 동작에 대하여 설명하였다. 그리고 User Agent의 기본적인 동작을 설명하고, VOVIDA에서 개발한 SIP의 리눅스용 공개 소스를 통해서 User Agent의 실행되는 과정을 분석하였다.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.2 no.2
• /
• pp.95-100
• /
• 2007

Recently ubiquitous application services are developed plentifully using RFID techniques in the field of distribution and security industries. However, except these field the applications using RFID are not mature yet. In this study, we proposed a real-time context service model of the u-conference based on the real-time contextual information acquired from conference and exposition. With collection of real-time contextual information for u-conference, the model can provide a lot of information services on the state of session attendee, doorway control, affairs, user certification, presentation progress etc. For the verification of proposed real-time context service model of u-conference, we design and implement the conference progress state service included the state of session attendee, user certification and presentation progress etc. This service provides the presentation state information included the current presenter, the paper list, the number of session attendee, the schedule and place of each session using the collecting RFID tag and the related information.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.1
• /
• pp.31-39
• /
• 2011

VoIP service uses packet network of ip-based because that has eavesdropping, interception, illegal user as vulnerable elements. In addition, PSTN of existing telephone network is subordinate line but VoIP service using the ip packet provide mobility. so The user authentication and VoIP user's account service using VoIP has emerged as a problem. To solve the vulnerability of SIP, when you use VoIP services with SIP, this paper has made it possible to authenticate user's terminal by using proxy server and proxy server by using authentication server. In conclusion, sender and receiver are mutually authenticated. In the mutual authentication process, the new session key is distributed after exchanging for the key between sender and receiver. It is proposed to minimize of service delay while the additional authentication. The new session key is able to authenticate about abnormal messages on the phone. This paper has made it possible to solve the vulnerability of existing SIP authentication by using mutual authentication between user and proxy server and suggest efficient VoIP service which simplify authentication procedures through key distribution after authentication.

• Journal of Internet Computing and Services
• /
• v.17 no.5
• /
• pp.89-95
• /
• 2016

In a software testing domain, test case prioritization techniques improve the performance of regression testing, and arrange test cases in such a way that maximum available faults be detected in a shorter time. User-sessions and cookies are unique features of web applications that are useful in regression testing because they have precious information about the application state before and after making changes to software code. This approach is in fact a user-session based technique. The user session will collect from the database on the server side, and test cases are released by the small change configuration of a user session data. The main challenges are the effectiveness of Average Percentage Fault Detection rate (APFD) and time constraint in the existing techniques, so in this paper developed an intelligent framework which has three new techniques use to manage and put test cases in group by applying useful criteria for test case prioritization in web application regression testing. In dynamic weighting approach the hybrid criteria which set the initial weight to each criterion determines optimal weight of combination criteria by evolutionary algorithms. The weight of each criterion is based on the effectiveness of finding faults in the application. In this research the priority is given to test cases that are performed based on most common http requests in pages, the length of http request chains, and the dependency of http requests. To verify the new technique some fault has been seeded in subject application, then applying the prioritization criteria on test cases for comparing the effectiveness of APFD rate with existing techniques.

• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.55-62
• /
• 2021

Recently, the use of sensor devices is gradually increasing. As various sensor device emerge and the related technologies advance, there has been a dramatic increase in the interest in heterogeneous wireless sensor networks (WSNs). While sensor device provide us many valuable benefits, automatically and remotely supported services offered and accessed remotely through WSNs also exposes us to many different types of security threats. Most security threats were just related to information leakage and the loss of authentication among the involved parties: users, sensors and gateways. An user authentication protocol for wireless sensor networks is designed to restrict access to the sensor data only to user. In 2019, Chen et al. proposed an efficient user authentication protocol. However, Ryu et al. show that it's scheme still unstable and inefficient. It cannot resist offline password guessing attack and session key attack. In this paper, we propose an improved protocol to overcome these security weaknesses by storing secret data in device. In addition, security properties like session-key security, perfect forward secrecy, known-key security and resistance against offline password attacks are implied by our protocol.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.3
• /
• pp.127-141
• /
• 2014

A Vehicle Tracking System consists of GPS tracking device which fits into the vehicle and captures the GPS location information at regular intervals to a central GIS server, and GIS tracking server providing three major responsibilities: receiving data from the GPS tracking unit, securely storing it, and serving this information on demand of the user. GPS based tracking systems supporting a multi-session processing among RMA, RM, and RCP can make a quick response to various services including other vehicle information between RSU and OBU on demand of the user. In this paper we design RSU lower layers and RCP applications in OBU for a multisession processing simulation and test message processing transactions among RMA-RM and RM-RCP. Furthermore, we implement the additional functions of handling access commands simultaneously on multiple service resources which are appropriate for the experimental testing conditions. In order to make a multi-session processing test, it reads 30 resource data,0002/0001 ~ 0002/0030, in total and then occurs 30 session data transmissions simultaneously. We insert a sequence number field into a special header of dummy data as a corresponding response to check that the messages are received correctly. Thus, we find that GIS service system with a multi-session processing is able to provide additional 30 services in a same speed of screen presentation loading while identifying the number of session processing of Web GIS service, the number of OBU service, and the speed of screen presentation loading by comparing a single session and a multi-session of GIS service system.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.1
• /
• pp.273-278
• /
• 2013

Recently, user authentication schemes using smart cards for multi-server environment have been proposed for practical applications. In 2009, Liao-Wang proposed a secure dynamic ID based remote user authentication scheme for multi-server environment that can withstand the various possible attacks and provide user anonymity. In this paper, we analyze the security of Liao-Wang's scheme, and we show that Liao-Wang's scheme is still insecure against the forgery attack, the password guessing attack, the session key attack, and the insider attack. In addition, Liao-Wang's scheme does not provide user anonymity between the user and the server.