• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.2
• /
• pp.828-832
• /
• 2005

무선 인터넷에서는 원격지 이동, 근무자의 근무지원, 무선 상거래로 그 초점이 맞추어지면서 당연히 현재 무선인터넷의 보안도 트랜잭션(transaction) 보안을 시발점으로 하고 있다. 본 논문에서는 현재 무선인터넷에서 가장 화두가 되고 있는 WPKI(Wireless Public Key Infrastructure)를 이용한 단대단(End-to-End) 시스템과 MVPN(Mobile Virtual Private Network)을 분석하고, 현재 국내에서 무선인터넷 서비스를 하고 있는 이동통신 사업자의 네트워크 환경을 분석하여, 우선적으로 이동통신망을 이용한 무선 인터넷에서의 보안 시스템에 대해 기술하고자 한다. 그리고 이동전화사업자와 단말기 업체들에 이어 종합 포털(portal)들도 호환성이 강점인 자바 기반의 ‘J2ME(Jave 2 Micro Edition)’을 사용하여 무선인터넷 플랫폼 최적화 움직임이 가속화되고 있는 추세에 맞추어, 본 논문에서는 무선 인터넷 서비스 방식 중 콘텐츠 프로그램의 서버 보관 등 타사 플랫폼과는 차별화된 서비스를 제공하기 때문에 이용자들에게 한층 더 향상된 무선인터넷 서비스를 이용할 수 있게 하는 J2ME 서비스를 기초로 한 단대단간의 보안 역할을 하는 중계보안시스템에 대해 논의하고자 하며, 향후 그 모듈의 일환으로 무선 암호 메시지 전송의 구현을 통하여 이를 현실화하고자 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.171-180
• /
• 2008

This paper also suggests the Digital Evidence Transmission System for E-Discovery which is suited to domestic environments in order to solve these problems and promote safe and convenient transmission of the electronic evidences. The suggested Digital Evidence Transmission System for E-Discovery is the system that submit digital evidences to Court's Sever through the Internet using Public Key Infrastructure and Virtual Private Network, and solves the problems - such as privileged and privacy data, trade secret of company, etc.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2022.07a
• /
• pp.257-258
• /
• 2022

COVID-19 팬데믹으로 인하여, 재택근무와 같은 비대면 업무환경이 확대됨에 따라, 기업에서는 내부 보안을 위한 VPN 구축 및 사용률이 급격하게 증가하였다. 하지만, 기존의 대면 환경과는 다르게, 비대면 업무환경에서는 자신을 식별할 수 있는 수단을 제한적으로 활용하기 때문에, 사용자의 비밀번호가 노출되면, VPN에 접근하기 위한 사용자 인증이 무력화되는 심각한 문제점이 존재하며, 이러한 보안 취약점을 해결하기 위한 기술이 요구되는 실정이다. 따라서 본 논문에서는 기존 VPN 인증 기술에 내재된 보안 취약점을 해결하기 위하여, 사물 환경 인증, HIP 기술, 위치 인증, 상호 인증 기술을 활용한 다중 인증 기반의 제로 트러스트를 제공하는 VPN 인증 기술을 제안한다. 최종적으로는 본 논문에서 제안하는 기술을 통하여, 보다 안전성이 향상된 VPN을 제공할 것으로 사료된다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.328-330
• /
• 2022

Currently, the Metaverse is introduced in various fields, and a virtual convergence economy that uses NFTs for content or item transactions is expected to develop into a 'metaverse environment'. The 'metaverse environment' will lead the changes in our society in the future and it will be fused with AI, big data, cloud, IoT, block chain, and next-generation network technology. However, personal information, device information, and behavior information provided by Metaverse users to use the service are subject to major attacks. Therefore, in order to provide a safe environment for users to use and to expand the business base of related companies, building a public-private cooperation system and developing a security guide are the leading tasks. Therefore, in this study, we compare and analyze metaverse features and technologies, and examine possible security threats and countermeasures.

• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.691-699
• /
• 2012

"Information", which is circulated in society by information technology development represented by computer, has brought innovation not only to physical civilization, but also deep into our daily lives. This is to say that information has brought fundamental change to its form of existence, and value system through being faster regarding the circulation and the way of management being diverse. As time goes by, this kind of change would stimulate more changes to be made as the development of scientific civilization. Therefore, informatization is one of the important characteristic that defines modern society's essence, but on the other side, information has been taken advantage of that temperament and abused in a lot of different ways. "The Law Regarding Computer Network Diffusion Expansion and Usage Promotion"(1986), as a counterplan of informatization is our nation's first Act about informatization, which enacts national policy and system about this issue. Since then, many laws has been enacted down to "Private Information Protection Act"(2011), forming a comprehensive system. The basic background of these laws are based upon the premise that even if the place where the information is managed is virtual space, rules that are considered valid in the real world should be basically applied in the virtual space. Therefore, the violation of the law in the real world is also considered the violation in the virtual space. This direction of current law regarding information is shared with both the theories and the reality. However, current law system and notion are based upon the premise that the law regards material objects, thus the characteristic of the information, which is "Immaterial Being" is not reflected. Also, the management and approach to this issue is allopathic, exposing many problems. Thus, this paper examines the way of protecting information stipulated in the current law, contemplates its protection scope and limitation, and seeks the direction of the improvement, based on the critical mind explained above.

• The KIPS Transactions:PartC
• /
• v.11C no.4
• /
• pp.519-526
• /
• 2004

This paper presents an efficient interoperation scheme of a VPN(Virtual Private Network) and Mobile IP using a hierarchical structure of a FA(Foreign Agent). In the proposed scheme, the GFA(Gateway Foreign Agent) plays a role of VPN gateway on behalf of the MN(Mobile Node). When the MN moves in the same GFA domain, because the GFA has already an IPsec security association with a VPN gateway in the home network of the MN, the MN does not need an IPsec re-negotiaion. In this way, our mechanism reduces a message overhead and a delay resulted from an IPsec negotiation. And a MN can send a data to a correspondent node without a packet leakage. We show a performance of our scheme by using a discrete analytical model. Analytical results demonstrated that the total processing cost calculated by a registration update cost and a packet delivery cost is significantly reduced through our proposed scheme.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.4B
• /
• pp.444-454
• /
• 2004

To support diverse transmission requirements of multimedia applications, Quality of Service (QoS) should be provided in the Internet, where only the best-effort service is available. In this paper, we describe our recent effort on the implementation and verification of an extendable and flexible QoS allocation and resource management system based on the bandwidth broker model for realizing the IETF differentiated service (DiffServ). Focusing on the bandwidth issue over single administrative domain, the implemented system provides real-time resource reservation and allocation, delayed call admission control, simple QoS negotiation between sewer and users, and simple resource monitoring. The implemented system is verified by evaluating the performance of a resource-intensive application over the real-world testbed network.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.11
• /
• pp.287-294
• /
• 2018

This thesis covers legal aspects of the crypto-currency exchange and the legal rights of crypto-currencies holders. Unlike financial markets in which central authorities or intermediaries determine the validity of transactions and manage records, crypto-currency markets utilize a decentralization system based on block chain technology. Such distinct characteristics distinguish crypto-currency from currency, notes, or financial instruments. Therefore, we need to check closely the legal principles that are applicable to crypto-currency. Crypto-currency users possess rights indirectly through the crypto-currency exchange. However, we should look at whether crypto-currency can be an object of ownership. This research found that legal protection for crypto-currency exchanges are limited. Domestic laws have many shortcomings to protect users' rights. This study found that users who incurred damages due to internet computation errors at exchanges require a protective system like stock markets. Therefore, studies on the legal controls and system regulations are required to protect users' rights. Also, crypto-currency information exchanges keep inside and protections for users' private information need to be further examined.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1043-1057
• /
• 2015

In order to recognize intelligent threats quickly and detect and respond to them actively, major public bodies and private institutions operate and administer an Intrusion Detection Systems (IDS), which plays a very important role in finding and detecting attacks. However, most IDS alerts have a problem that they generate false positives. In addition, in order to detect unknown malicious codes and recognize and respond to their threats in advance, APT response solutions or actions based systems are introduced and operated. These execute malicious codes directly using virtual technology and detect abnormal activities in virtual environments or unknown attacks with other methods. However, these, too, have weaknesses such as the avoidance of the virtual environments, the problem of performance about total inspection of traffic and errors in policy. Accordingly, for the effective detection of intrusion, it is very important to enhance security monitoring, consequentially. This study discusses a plan for the reduction of false positives as a plan for the enhancement of security monitoring. As a result of an experiment based on the empirical data of G, rules were drawn in three types and 11 kinds. As a result of a test following these rules, it was verified that the overall detection rate decreased by 30% to 50%, and the performance was improved by over 30%.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.26 no.12C
• /
• pp.280-291
• /
• 2001

LL (Leased Line service) is a facility-based service as a traditional business data service, but new competition services, such as FR (Frame Relay), VPN (Virtual Private Network), and ATM (Asynchronous Transfer Mode), are value-added services. Because of different service classifications, it is hard to gather necessary data for the service providers to plan their market strategies and regulations and policies are also applied asymmetrically to each service provider. Therefore an appropriate market classification is required for the business data services. After various methods of market classification are reviewed, the Hendry model is selected in this paper to analyze substitution-degree among brands or among services. Since the structure of virtual competitions is required for the Hendry model to be applied to data service market, the market is analyzed first by the well-known Porter's model. By the analysis of Porter's model, two virtual competition structures are set up - one is for the competitions among leased line service providers, and the other is for the competitions among business data services such as LL, FR, VPN and ATM. After the Hendry model is applied to each competition structure, it is confirmed that 7 LL service providers do not compete directly, but 2 sub-markets exist for the LL service provisions. However, it is shown that 4 business data services compete directly. Using the Switching Probability Matrix from Hendry model, future market shares of LL service providers and market shares of business data services are forecasted. These empirical results are helpful for service providers to set competitive strategies with the minimization of cannibalization effect and they can easily and efficiently predict their market demands.