• Title/Summary/Keyword: a security man

Search Result 403, Processing Time 0.029 seconds

Design of Safe AP Certification Mechanism on Wireless LAN (무선 LAN 상에서 안전한 AP 인증 메커니즘 설계)

  • Kim, Jeom-Goo
    • Convergence Security Journal
    • /
    • v.11 no.1
    • /
    • pp.33-38
    • /
    • 2011
  • Current IEEE 802.11 standard is very vulnerable that between the AP and STA authentication and security mechanisms is widely known. Therefore, IEEE has proposed security architecture RSN (Robust Security Network) for 802.11. RSN is used the access control, authentication, and key management based on the IEEE 802.1X standard. In this paper, IEEE 802.1X or 802.11 a combination of several models proposed for the vulnerability, and session hijacking or MiM (Man-in the-Middle) attacks to respond, the authentication mechanism Was designed to the access control between the STA and the AP.

Weakness and Improvements of Yong-Lee's Anonymous Fingerprinting Protocol (Yong-Lee의 익명 핑거프린팅 프로토콜의 안전성 취약점 및 개선 방안)

  • Sohn, Ki-Wook;Lee, Yun-Ho;Won, Dong-Ho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.16 no.6
    • /
    • pp.151-155
    • /
    • 2006
  • In 2005, Yong and Lee proposed a buyer-seller fingerprinting protocol using symmetric and commutative encryptions. They claimed that their protocol was practical and anonymous since they used symmetric and commutative encryptions. However, an attacker can get the content embedded with one or more honest buyers' fingerprints using man-in-the-middle attack. In this letter, we point out the weakness and propose methods for improving to their protocol.

Enhanced Security Scheme to Support Secure and Fast ASN-anchored Mobility in Mobile WiMAX

  • Park, Chang-Seop;Kang, Hyun-Sun
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.5 no.11
    • /
    • pp.2204-2220
    • /
    • 2011
  • Without providing a proper security measure to the handover procedure in Mobile WiMAX, several security attacks can be mounted. Even though security schemes have been previously proposed for this purpose, they are still vulnerable to several security attacks due to fatal design flaws. A newly proposed security scheme in this paper is based on the framework of authentication domain and concept of handover ticket. A method of establishing security associations within the authentication domain is proposed, and a lightweight security measure to protect the management messages associated with the handover is also proposed. Especially, using the handover ticket, the new security scheme can defend against a Redirection Attack arising from a compromised base station. The new security scheme is comparatively analyzed with the previous security schemes in terms of Replay, Session Hijacking, Man-In-The-Middle, and Redirection attacks.

A Method for Detecting Unauthorized Access Point over 3G Network (3G망을 사용하는 인가되지 않은 AP 탐지 방법)

  • Kim, I-luk;Cho, Jae-Ik;Shon, Tae-Shik;Moon, Jong-Sub
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.2
    • /
    • pp.259-266
    • /
    • 2012
  • Malicious rogue AP has been used for variety attacks such as packet sniffing and Man-In-The-Middle Attack. It is used for the purpose of data leakage via 3G network within companies, and the unauthorized AP could be a reason of security incidents even though it is not intended. In this paper, we propose the method for detecting unauthorized access point over 3G networks throughout the RTT (Round Trip Time) value for classification. Through the experiments, we show that the method can classify the AP which is installed by normal way and the AP over 3G networks successfully.

Development of field programmable gate array-based encryption module to mitigate man-in-the-middle attack for nuclear power plant data communication network

  • Elakrat, Mohamed Abdallah;Jung, Jae Cheon
    • Nuclear Engineering and Technology
    • /
    • v.50 no.5
    • /
    • pp.780-787
    • /
    • 2018
  • This article presents a security module based on a field programmable gate array (FPGA) to mitigate man-in-the-middle cyber attacks. Nowadays, the FPGA is considered to be the state of the art in nuclear power plants I&C systems due to its flexibility, reconfigurability, and maintainability of the FPGA technology; it also provides acceptable solutions for embedded computing applications that require cybersecurity. The proposed FPGA-based security module is developed to mitigate information-gathering attacks, which can be made by gaining physical access to the network, e.g., a man-in-the-middle attack, using a cryptographic process to ensure data confidentiality and integrity and prevent injecting malware or malicious data into the critical digital assets of a nuclear power plant data communication system. A model-based system engineering approach is applied. System requirements analysis and enhanced function flow block diagrams are created and simulated using CORE9 to compare the performance of the current and developed systems. Hardware description language code for encryption and serial communication is developed using Vivado Design Suite 2017.2 as a programming tool to run the system synthesis and implementation for performance simulation and design verification. Simple windows are developed using Java for physical testing and communication between a personal computer and the FPGA.

A Coherent Model in Upholding General Deterrence Theory and Impact to Information Security Management

  • Choi, Myeong-Gil;Ramos, Edwin R.;Kim, Man-Sig;Kim, Jin-Soo;Whang, Jae-Hoon;Kim, Ki-Joo
    • Journal of Information Technology Applications and Management
    • /
    • v.16 no.3
    • /
    • pp.73-86
    • /
    • 2009
  • To establish an effective security strategy, business enterprises need a security benchmarking tool. The strategy helps to lessen an impact and a damage in any threat. This study analyses many aspects of information security management and suggests a way to deal with security investments by considering important factors that affect security manager's decision. To address the different threats resulting from a major cause of accidents inside an enterprise, we investigate an approach that followed ISO17799. We unfold a criminology theory that has designated many measures against the threat as suggested by General Deterrence Theory. The study proposes a coherent model of the theory to improve the security measures especially in handling and protecting company assets and human lives as well.

  • PDF

Design and Implementation of PDA-based Image Surveillance System for Harbor Security using IP Camera

  • Shim, Joon-Hwan
    • Journal of Navigation and Port Research
    • /
    • v.31 no.9
    • /
    • pp.779-784
    • /
    • 2007
  • This paper describes a new progressive embedded Internet Protocol(IP) camera available for real-time image transmission. It was applied for ship safety and security on seashore area. The functions of developed embedded system was more effective and excellent than conventional systems. Nowadays, each nation has established harbor security systems to jump up their ports to international port. Recently Incheon port has tried to change man security into center security system used by image security system. The security system of Incheon port has some advantages like effectivity of security system and reduction of manpower and cost, installed by image security system with CCTV cameras at the entrance gate and around the fence. Thus in this paper, we have designed and implemented a Personal Digital Assistants(PDA) based Image Surveillance System for Harbor Security using IP Camera under ubiquitous environment. This system has big advantages which are more effective in an emergency and low cost and small manpower than conventional systems.

A Design and Implementation of User Authentication System using Biometric Information (바이오 정보를 이용한 사용자 인증 시스템 설계 및 구현)

  • Lee, Hyung-Woo;Park, Yeong-Joon
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.11 no.9
    • /
    • pp.3548-3557
    • /
    • 2010
  • Security enhancement technologies are required to preventing phishing and pharming attacks on Internet banking. One-time password(OTP) should be used with certificate for enhancing user authentication and security performance. However, existing OTP technique is weak on MITM(Man-In-The-Middle) attack and synchnonization should be provided on OTP system. Therefore, more advanced mechanism such as combining biometic data with OTP can be suggested to enhancing security on authentication system. In this paper, we designed and implemented a multifactor authentication system using one-time biometric template to generate unique authentication data after adapting biometric transform on each user's biometric data.

A Development of the Model for Evaluating the Security of Information Systems in Health Care Organizations (의료기관의 정보보안 수준 측정을 위한 평가모형 개발)

  • Ahn, Sun-Ju;Kwon, Soon-Man
    • Korea Journal of Hospital Management
    • /
    • v.10 no.4
    • /
    • pp.98-112
    • /
    • 2005
  • The purpose of this study is to develop a framework for evaluating security levels in hospitals. We classify security indicators into administrative, technical and physical safeguards. The security evaluation model for hospital information systems was applied to three general hospitals. The analysis of the results showed a low security level in information systems. In particular, requirements for administrative and physical safeguards were very low. Hospitals need strict security policies more than other organizations because their information systems contain patients' highly confidential data. The evaluation model developed in this study can be used for guidelines and as a checklist for hospitals. The security evaluation in hospital informational systems needs to be an essential element of hospital evaluation.

  • PDF

A Study on the Establishment of a Security and Customs Cooperation System for Reinforcement of the International Air Cargo Supply Chain Security (국제항공화물 공급망 보안 강화를 위한 보안과 세관의 협조체계 구축방안에 관한 연구)

  • Park, Man-Hui;Hwang, Ho-Won
    • Journal of the Korean Society for Aviation and Aeronautics
    • /
    • v.29 no.4
    • /
    • pp.142-152
    • /
    • 2021
  • The International Civil Aviation Organization (ICAO) and the World Customs Organization (WCO) emphasize securing supply chain security through mutual cooperation between aviation security and customs by establishing a standardized security system by regulations, procedures and practices of international air cargo. Accordingly, in accordance with the Aviation Security Act, the known consignors system aims to secure cargo security before loading air cargo into the aircraft, while the customs AEO system is a public-private cooperation program that focuses on simplification of customs clearance procedures. These systems basically have the same purpose of effectively identifying high-risk cargo through a risk-based approach in international air cargo transportation and preventing risks in advance, and the content that a common basic standard for cargo security must be established is also similar. Therefore, it is necessary to establish a cooperation system by simplifying problems such as cumbersome and redundant authentication procedures and on-site verification through coordination of security requirements for mutual recognition between the two systems. As a result, it is necessary to establish a process for coordinating security and customs' supply chain security program and maximize the effect of harmonizing supply chain security by strengthening the linkage between known consignors and AEO.