• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.4
• /
• pp.11-19
• /
• 2007

A ubiquitous network environment is a system where the user can avail of the network's services anytime, anywhere. To establish such an environment, studies continue being conducted on wireless communication technology and mobile terminals. The company that provides such services should have an established system for authentication, authorization and charging for users. This service is referred to as Authentication, Authorization, Accounting(AAA), and its aspects have been consistently studied. On the other hand, existing studies have been promoted with regard to the authentication and efficiency of the mobile terminal. One of the method is that the mobile terminal contacts to the home authentication server through the external authentication server every time it is required and; another one is to use a medium server to provide authentication in the middle between them. Thus, this study aims to determine the best method to use ticketing, where tickets are provided through a mobile terminal, complete with authentication and authorization features. Also, as it uses ticket, it can efficiently provide mobile verification processing.

• Journal of Korea Society of Industrial Information Systems
• /
• v.15 no.3
• /
• pp.41-49
• /
• 2010

Recently, RFID systems are spreading in various industrial areas faster but cause some serious problems of information security because of its unstable wireless communication. Moreover, traditional RFID systems have a restriction that one tag per each application object. This restriction deteriorates their usability because it is difficult to distinguish many tags without some kind of effort. Therefore, efficient information sharing of objects based on information security has to be studied for more spreading of RFID technologies. In this paper, we design a new RFID tag structure for supporting multiple objects which can be shared by many different RFID applications. We also design an encryption/decryption algorithm to protect the identifying information of objects stored in our tag structure. This algorithm is a light revision of the existing SEED algorithm which can be operated in RFID tag environment. To evaluate the performance of our algorithm, we measure the encryption and decryption times of this algorithm and compare the results with those of the original SEED algorithm.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.2
• /
• pp.27-40
• /
• 2016

This paper aims to analyze the business types of 237 IoT based smart home companies in the world (launched during 1999~2014) which got global investment last few years. For this, the previous literatures trying to analze technology and service types of smart home are searched and the typology of the platform is discussed. Based on it, this research conceptualizes an analysis framework that includes three areas of smart home like home automation, home security, and energy efficiency with the three platform types like product, software, and service. This study concludes that the development of business type for IoT based smart home ecosystem is from the product to software and it can be a platform or not. In current status, there are a few platforms of product and software, but in the device management (16%) and thermostat (11%), companies are persuing more platform like. It is difficult to find the service platform in overall areas, for application based service has a few attractions in the investment market due to the lack of cloud infrastructure and data analytics. The following three are the implication to domestic market: 1) More active offering of API and SDK, 2) more active introduction of wireless Intenet network protocols, and 3) more active interoperability efforts and alliance activities are needed.

• Korean Security Journal
• /
• no.13
• /
• pp.145-168
• /
• 2007

Like to change to the information-oriented society, the guard service needs to be changed. The communication and hardware technology develop rapidly and according to the internet environment change from cable to wireless, modern person can approach every kinds of information service using wireless communication machinery which can be moved such as laptop, computer, PDA, mobile phone and so on, LBS field which presents the needing information and service at anytime, anywhere, and which kinds of device expands it's territory all the more together with the appearance of ubiquitous concept. LBS use the chip in the mobile phone and make to confirm the position of the joining member anytime within several tens centimeters to hundreds meters. LBS can be divided by the service method which use mobile communication base station and apply satellite. Also each service type can be divided by location chase service, public safe service, location based information service and so on, and it is the part which will plan with guard service development. It will be prospected 8.460 hundred million in 2005 years and 16.561 hundred million in 2007 years scale of market. Like this situation, it can be guessed that the guard service has to change rapidly according to the LBS application. Study method chooses documentary review basically, and at first theory method mainly uses the second documentary examination which depends on learned journal and independent volume which published in the inside and the outside of the country, internet searching, other kinds of all study report, statute book, thesis which published at public order research institute of the Regional Police Headquarter, police operation data, data which related with statute, documents and statistical data which depend on private guard company and so on. So the purpose of the study gropes in accordance with the LBS application, and present the problems and improvement method to analyze indirect of manager side of operate guard adaptation service of LBS, government side which has to activate LBS, systematical, operation management, manpower management and education training which related with guard course side which has to study and educate in accordance with application of the new guard service, as well as intents to excellent quality service of guard.

• Korean Security Journal
• /
• no.22
• /
• pp.197-230
• /
• 2010

This study examined the institutional improvement directions of industrial security programs, particularly focusing upon policies and practices in the U.S., to enhance the effectiveness of industrial security programs in Korea. This study also aimed to investigate the significance of institutional and/or policy implementations in preventing economic espionage attempt. Data leakage and/or loss of trade secrets in corporations has been a scary proposition and a serious headache to both the CEOs and the CSOs(Chief Security Officers). Security professionals or practitioners have always had to deal with data leakage issues that arise from e-mail, instant messaging(IM), and other Internet communication channels. In addition, with the proliferation of wireless and mobile technology, it's now much easier than ever for loss by data breaches to occur, whether accidentally or maliciously or even by an economic espionage attempt. The researcher in this study used both a case study and a comparative research to analyze the different strategies and approaches between the U.S. and Korea in regard of implementing policies to mitigate damages by economic espionage attempts and prevent them from occurring. The researcher first examined the current policies and practices in the U.S. in terms of federal government's and agencies' approach and strategies on industrial security programs and their partnerships with private-commercial-sectors. The purpose of this paper is to explain and suggest selected findings, and a discussion of actions to be taken on implementing a proactive and tactical approach to enhance the effectiveness of industrial security programs to fight against information loss or data leaks. This study used case reviews, literatures, newspapers, articles, and Internet resources relating to the subject of this study for triangulation of data. The findings during this research are as follows. This research suggests that both the private and the governmental sector should closely cooperate in the filed of industrial security to strengthen its traditional prevention strategies and reduce opportunities of economic espionage as well. This study finally recognizes both the very importance of institutional development led by the Government in preventing economic espionage attempts and its effectiveness when properly united with effective industrial security programs.

• Journal of Convergence for Information Technology
• /
• v.10 no.11
• /
• pp.55-63
• /
• 2020

The IoT technology is a field that applies and converges the technologies in the existing industrial environment, instead of new technologies. The IoT technology is releasing various application services converged with other industries such as smart home, healthcare, construction, and automobile, and it is also possible to secure the work efficiency and convenience of users of IoT-based technologies. However, the security threats occurring in the IoT-based technology environment are succeeding to the vulnerability of the existing wireless network environment. And the occurrence of new and variant attacks in the combination with the ICT convergence environment, is causing damages. Thus, in the IoT technology-based environment, it would be necessary to have researches on the safe transmission of messages in the communication environment between user and device, and device and device. This thesis aims to design a safe communication protocol in the IoT-based technology environment. Regarding the suggested communication protocol, this thesis performed the safety analysis on the attack techniques occurring in the IoT technology-based environment. And through the performance evaluation of the existing PKI-based certificate issuance system and the suggested communication protocol, this thesis verified the high efficiency(about 23%) of communication procedure. Also, this thesis verified the reduced figure(about 65%) of the issued quantity of certificate compared to the existing issuance system and the certificate management technique.

• Journal of the Korean Association of Geographic Information Studies
• /
• v.14 no.1
• /
• pp.49-58
• /
• 2011

Recently, GIS(Geographic Information System) has been developed to personalized service for providing the specialized services that is aimed to personal user based on mobile communication. The existing GIS system provides comprehensive and simple information but GIS System for personalized service must provide the adjustive information through the personal interest profile based on POI(PoInt of Interest). This paper describes the intelligent retrieval geographical information service module for providing personal oriented geographic information service. Our proposal model consists of user preference profile, acquisition of POI through hybrid network (Wireless LAN, CDMA), service platform and implementation of prototype system. Implementation model can apply to the life information service like restaurant, oil station, convenient store and etc.

• Journal of the Korea Convergence Society
• /
• v.7 no.4
• /
• pp.33-38
• /
• 2016

DDoS attack has been continuously utilized that caused the excessively large amount of traffic that network bandwidth or server was unable to deal with paralyzing the service. Most of the people regard NTP as the biggest cause of DDoS. However, according to recently executed DDoS attack, there have been many SSDP attack in the use of amplified technique. According to characteristics of SSDP, there is no connection for making a forgery of source IP address and amplified resources feasible. Therefore, it is frequently used for attack. Especially, as it is mostly used as a protocol for causing DDoS attack on IoT devices that constitute smart home including a wireless router, media server, webcam, smart TV, and network printer. Hereupon, it is anticipated for servers of attacks to gradually increase. This might cause a serious threat to major information of human lives, major government bodies, and company system as well as on IoT devices. This study is intended to identify DDoS attack techniques in the use of weakness of SSDP protocol occurring in IoT devices and attacking scenario and counter-measures on them.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.46 no.7
• /
• pp.602-609
• /
• 2018

This paper proposes the hybrid crypto-system for fast video data encryption of UAV(Unmanned Aerial Vehicle) under the LTE(Long-Term Evolution) wireless communication environment. This hybrid crypto-system is consisted of ECC(Elliptic Curve Cryptography) public key algorithm and LEA(Light-weight Encryption Algorithm) symmetric key algorithm. ECC is a faster public key algorithm with the same security strength than RSA(Rivest Shamir Adleman), and Korean standard LEA with the same key size is also a faster symmetric key algorithm than AES(Advances Encryption Standard). We have implemented this hybrid crypto-system using OpenSSL, OpenCV and Socket programs under the Swarm 8-UAV. We have shown the efficient adaptability of this hybrid crypto-system for the real-time swarm UAV through the experiments under the LTE communication environment.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.12
• /
• pp.6060-6070
• /
• 2012

Real-Time Enterprise (RTE)'s key requirement is that it should respond and adapt fast to the change of the firms' internal and external situations including the change of market and customers' needs. Recently, the big data processing technology to support the speedy change of the firms is spotlighted. Under the circumstances that wire and wireless communication networks are evolving with an accelerated rate, it is especially critical to provide a strong security monitoring function and stable services through a real-time processing of massive communication data traffic. By applying the big data processing technology based on a cloud computing architecture, this paper solves the managerial problems of telecommunication service providers and discusses how to operate the network management system effectively.