• 한국컴퓨터정보학회:학술대회논문집
• /
• 한국컴퓨터정보학회 2016년도 제54차 하계학술대회논문집 24권2호
• /
• pp.91-92
• /
• 2016

본 논문은 실험 정보보호에 대하여 고찰하였다. 물리학은 자연과학의 하나로, 이론 물리학과 실험 물리학 등으로 분류되며, 이론 물리학은 실험 결과를 기반으로 더욱 포괄적인 이론을 도출하는 학문, 그리고 실험 물리학은 이론 물리학에서 도출된 이론을 실험을 통하여 검증하는 학문이다. 현재의 정보보호 분야는 수학적 도구를 기반으로 정립된 이론적인 암호 분야, 그리고 이를 기반으로 응용 분야 및 안전성 평가 분야 등과 같이 다양한 분야로 분류되어 연구되고 있지만, 실험 물리학과 같이 이론을 기반으로 실제 실험을 통하여 결과를 도출하는 학문에 대한 연구는 부재한 실정이다. 따라서 본 논문에서는 실험 정보보호에 대하여 고찰하고 향후 활용하는 방안에 대하여 논한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제9권12호
• /
• pp.5116-5134
• /
• 2015

In this paper, due to the network security defense is mainly static defense, a dynamic classification network security defense strategy model is proposed by analyzing the security situation of complex computer network. According to the network security impact parameters, eight security elements and classification standard are obtained. At the same time, the dynamic classification algorithm based on fuzzy theory is also presented. The experimental analysis results show that the proposed model and algorithm are feasible and effective. The model is a good way to solve a safety problem that the static defense cannot cope with tactics and lack of dynamic change.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제18권6호
• /
• pp.1599-1618
• /
• 2024

Access control has always been one of the effective methods to protect data security. However, in new computing environments such as big data, data resources have the characteristics of distributed cross-domain sharing, massive and dynamic. Traditional access control mechanisms are difficult to meet the security needs. This paper proposes CACM-MMSR to solve distributed cross-domain access control problem for massive resources. The method uses blockchain and smart contracts as a link between different security domains. A permission decision model migration method based on access control logs is designed. It can realize the migration of historical policy to solve the problems of access control heterogeneity among different security domains and the updating of the old and new policies in the same security domain. Meanwhile, a semantic reasoning-based permission decision method for unstructured text data is designed. It can achieve a flexible permission decision by similarity thresholding. Experimental results show that the proposed method can reduce the decision time cost of distributed access control to less than 28.7% of a single node. The permission decision model migration method has a high decision accuracy of 97.4%. The semantic reasoning-based permission decision method is optimal to other reference methods in vectorization and index time cost.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2014년도 추계학술대회
• /
• pp.390-393
• /
• 2014

현재 정보보호에 대한 중요성이 부각되고 있으며 u-Korea 또는 유비쿼터스 IT 시대에서는 정보보호가 더욱 중요시 되고 있으며, 특히 소형 암호 장치에 있어서 핵심이 되는 암호 알고리즘의 보안성이 중요한 부분이지만 전력분석공격은 암호 알고리즘 자체의 안전성이 높다고 하더라도 암호 알고리즘이 구현된 방법이나 구현된 환경에 따라 적용이 가능한 공격이다. 이에 본 논문에서는 전력분석공격에 대하여 설명하고, 실험환경을 분석 하고자 한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권4호
• /
• pp.2237-2253
• /
• 2017

For the existing security problem based on Fuzzy Vault algorithm, we propose a cancelable fingerprint template encryption scheme in this paper. The main idea is to firstly construct an irreversible transformation function, and then apply the function to transform the original template and template information is stored after conversion. Experimental results show it effectively prevents the attack from fingerprint template data and improves security of the system by using minutiae descriptor to encrypt abscissa of the vault. The experiment uses public FVC2004 fingerprint database to test, result shows that although the recognition rate of the proposed algorithm is slightly lower than the original program, but the improved algorithm security and complexity are better, and therefore the proposed algorithm is feasible in general.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권12호
• /
• pp.5596-5615
• /
• 2016

Security is one of the major challenges in the Wireless Sensor Networks (WSNs). WSNs are more vulnerable to adversarial activities. All cryptographic security services indirectly depend on key management. Symmetric key management is the best key establishment process for WSNs due to the resource constraints of the sensors. In this paper, we proposed dynamic session key establishment scheme based on randomly generated nonce value and sensor node identity, in which each sensor node is equipped with session key on expire basis. The proposed scheme is compare with five popular existing key management systems. Our scheme is simulated in OMNET++ with MixiM and presented experimental results. The analytical study and experimental results show the superiority of the proposed scheme over the existing schemes in terms of energy, storage, resilience and communication overhead.

• 한국세라믹학회지
• /
• 제56권4호
• /
• pp.354-359
• /
• 2019

Information security films that can ensure personal privacy by reducing the viewing angle of display screens were fabricated by microlouver patterning and a ZnO nano-ink filling process. Optical simulation results demonstrated that all the microlouver films showed good security performances. Security performances were evaluated as calculated relative luminance ratios compared between the side and front. Based on the simulation results, microlouver films were fabricated by UV imprint lithography and nano-ink bar coating. However, distortion of the microlouver pattern occurred with the use of high-viscosity nano-inks such as ZrO₂ and TiO₂, and the CuO-filled microlouver film suffered from very low optical transmittance. Accordingly, the effects of ZnO filling height on security performance were intensively investigated through simulation and experimental measurements. The fabricated microlouver film with a 75-㎛-high ZnO filling exhibited a good relative luminance ratio of 0.75 at a 60° side angle and a transmittance of 44% at a wavelength of 550 nm.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제16권10호
• /
• pp.3333-3354
• /
• 2022

The 5G Core Network (5GC) is an essential part of the mobile communication network, but its security protection strategy based on the boundary construction is difficult to ensure the security inside the network. For example, the Network Function (NF) mutual authentication mechanism that relies on the transport layer security mechanism and OAuth2.0's Client Credentials cannot identify the hijacked NF. To address this problem, this paper proposes a trust model for 5GC based on NF interaction behavior to identify malicious NFs and improve the inherent security of 5GC. First, based on the interaction behavior and context awareness of NF, the trust between NFs is quantified through the frequency ratio of interaction behavior and the success rate of interaction behavior. Second, introduce trust transmit to make NF comprehensively refer to the trust evaluation results of other NFs. Last, classify the possible malicious behavior of NF and define the corresponding punishment mechanism. The experimental results show that the trust value of NFs converges to stable values, and the proposed trust model can effectively evaluate the trustworthiness of NFs and quickly and accurately identify different types of malicious NFs.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권12호
• /
• pp.4531-4544
• /
• 2021

Because the traditional network information security vulnerability risk assessment method does not set the weight, it is easy for security personnel to fail to evaluate the value of information security vulnerability risk according to the calculation value of network centrality, resulting in poor evaluation effect. Therefore, based on the network security data element feature system, this study designed a quantitative assessment method of network information security vulnerability detection risk under single transmission state. In the case of single transmission state, the multi-dimensional analysis of network information security vulnerability is carried out by using the analysis model. On this basis, the weight is set, and the intrinsic attribute value of information security vulnerability is quantified by using the qualitative method. In order to comprehensively evaluate information security vulnerability, the efficacy coefficient method is used to transform information security vulnerability associated risk, and the information security vulnerability risk value is obtained, so as to realize the quantitative evaluation of network information security vulnerability detection under single transmission state. The calculated values of network centrality of the traditional method and the proposed method are tested respectively, and the evaluation of the two methods is evaluated according to the calculated results. The experimental results show that the proposed method can be used to calculate the network centrality value in the complex information security vulnerability space network, and the output evaluation result has a high signal-to-noise ratio, and the evaluation effect is obviously better than the traditional method.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권4호
• /
• pp.1904-1921
• /
• 2019

In this paper, we investigate the problem of secure communications in multiple-input-multiple-output interference networks from the perspective of physical layer security. Specifically, the legitimate transmitter-receiver pairs are divided into different categories of active and inactive. To enhance the security performances of active pairs, inactive pairs serve as cooperative jammers and broadcast artificial noises to interfere with the eavesdropper. Besides, active pairs improve their own security by using joint transceivers. The encoding of active pairs and inactive pairs are designed by maximizing the difference of mean-squared errors between active pairs and the eavesdropper. In detail, the transmit precoder matrices of active pairs and inactive pairs are solved according to game theory and linear programming respectively. Experimental results show that the proposed algorithm has fast convergence speed, and the security performances in different scenarios are effectively improved.