• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.9 no.5
• /
• pp.451-457
• /
• 2016

To improve security in the data communication field, many studies on the application of chaotic signals to encryption have been conducted in recent years. In this study, a new security protocol where the initial value sensitivity and noise similarity of chaotic signals have been applied to an RFID communication channel was designed. In the case of chaotic systems, if the initial values become identical, the same signals are generated at the same time after that point even though the two systems have been calculated independently. Therefore, an unpredictable security channel can be produced based on such characteristics. However, a security channel can be produced only when an initial value is shared in advance, and thus there is a potential problem of infringement during the transmission of the initial value. To resolve this problem, a method in which a certain proportion of new chaotic signals are applied to two chaotic systems for communication and are then synchronized after some time was proposed. This new method can conceal the initial value, and thus can resolve the problem of the existing communication method using chaotic signals. The designed method was verified with the encryption and decryption of images. It is expected that a more secure RFID system could be established by applying the communication protocol proposed in this study to insecure RFID communication channels.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.5
• /
• pp.394-400
• /
• 2013

WoT (Web of Things) was proposed to realize intelligent thing to thing communications using WEB standard technology. It is difficult to adapt security protocols suited for existing Internet communications into WoT directly because WoT includes LLN(Low-power, Lossy Network) and resource constrained sensor devices. Recently, IETF standard group propose to use DTLS protocol for supporting security services in WoT environments. However, DTLS protocol is not an efficient solution for supporting end to end security in WoT since it introduces complex handshaking procedures and high communication overheads. We, therefore, divide WoT environment into two areas- one is DTLS enabled area and the other is an area using lightweight security scheme in order to improve them. Then we propose a mutual authentication scheme and a session key distribution scheme for the second area. The proposed system utilizes a smart device as a mobile gateway and WoT proxy. In the proposed authentication scheme, we modify the ISO 9798 standard to reduce both communication overhead and computing time of cryptographic primitives. In addition, our scheme is able to defend against replay attacks, spoofing attacks, select plaintext/ciphertext attacks, and DoS attacks, etc.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1147-1157
• /
• 2014

Intelligent transportation system (ITS) is realized through a highly ephemeral network, i.e. vehicular ad hoc network (VANET) which is on its way towards the deployment stage, thanks to the advancements in the automobile and communication technologies. However, it has not been successful, at least to date, to install the technology in the mass of vehicles due to security and privacy challenges. Besides, the users of such technology do not want to put their privacy at stake as a result of communication with peer vehicles or with the infrastructure. Therefore serious privacy measures should be taken before bringing this technology to the roads. To date, privacy issues in ephemeral networks in general and in VANET in particular, have been dealt with through various approaches. So far, multiple pseudonymous approach is the most prominent approach. However, recently it has been found out that even multiple pseudonyms cannot protect the privacy of the user and profilation is still possible even if different pseudonym is used with every message. Therefore, another privacy-aware mechanism is essential in vehicular networks. In this paper, we propose a novel identity exchange mechanism to preserve conditional privacy of the users in VANET. Users exchange their pseudonyms with neighbors and then use neighbors' pseudonyms in their own messages. To this end, our proposed scheme conditionally preserves the privacy where the senders of the message can be revoked by the authorities in case of any dispute.

• The KIPS Transactions:PartC
• /
• v.15C no.3
• /
• pp.157-166
• /
• 2008

The ubiquitous service environment is poor in reliability of connection and also has a high probability that the intrusion against a system and the failure of the services may happen. Therefore, It is very important to guarantee that the legitimate users make use of trustable services from the viewpoint of security without discontinuance or obstacle of the services. In this paper, we point out the problems in the standard Jini service environment and analyze the Jgroup/ARM framework that has been developed in order to help fault tolerance of Jini services. In addition, we propose a secure Jini service architecture to satisfy the security, availability and quality of services on the basis of the analysis. The secure Jini service architecture we propose in this paper is able to protect a Jini system not only from faults such as network partition or server crash, but also from attacks exploiting flaws. It provides security mechanism for dynamic trust establishment among the service entities. Moreover, our secure Jini service architecture does not incur high computation costs to merge the user service states because of allocation of the replica based on each session of a user. Through the experiment on a test-bed, we have confirmed that proposed secure Jini service architecture is able to guarantee the persistence of the user service states at the level that the degradation of services quality is ignorable.

• The KIPS Transactions:PartC
• /
• v.13C no.4 s.107
• /
• pp.427-434
• /
• 2006

Broadband Convergence Network(BcN) is a critical infrastructure to provide wired-and-wireless high-quality multimedia services by converging communication and broadcasting systems, However, there exist possible danger to spread the damage of an intrusion incident within an individual network to the whole network due to the convergence and newly generated threats according to the advent of various services roaming vertically and horizontally. In order to cope with these new threats, we need to analyze the vulnerabilities of BcN in a system architecture aspect and classify them in a systematic way and to make the results to be utilized in preparing proper countermeasures, In this paper, we propose a new classification of vulnerabilities which has been extended from the ITU-T recommendation X.805, which defines the security related architectural elements. This new classification includes system elements to be protected for each service, possible attack strategies, resulting damage and its criticalness, and effective countermeasures. The new classification method is compared with the existing methods of CVE(Common Vulnerabilities and Exposures) and CERT/CC(Computer Emergency Response Team/Coordination Center), and the result of an application to one of typical services, VoIP(Voice over IP) and the development of vulnerability database and its management software tool are presented in the paper. The consequence of the research presented in the paper is expected to contribute to the integration of security knowledge and to the identification of newly required security techniques.

• The KIPS Transactions:PartD
• /
• v.10D no.6
• /
• pp.1059-1066
• /
• 2003

In this paper, the magnetic sensing system is designed and implemented for the safe security in internet commerce system. When the payment is required inthe internet commerce system, the magnetic sensing system will get the information from a credit card without keyboard input and then encrypt and transmit the information to server. The credit card sensing system, which is proposed in this paper, is safe from keyboard hacking because it encrypts card information immediately in its internal chip and sends the information to host system. For the protection of information, the magnetic sensing system is basically based on a synchronous stream cipher cryptosystem which is related to a group of matrices. The size of matrices and the bits of keys for the best performances are determined for various cases. It is shown that for credit card payments. matrices of size 2 have good performance even at most 128bits keys with the consideration of inverse matrices. For authentication of general-purpose data, the magnetic sensing system needs more than 1.5KB data and in this case, the optimum size of matrices is 2 or 3 at more 256bits keys with consideration of inverse matrices.

• Journal of Distribution Science
• /
• v.4 no.2
• /
• pp.123-144
• /
• 2006

For the property right's protection of the nation, the uncertainty's dissolution and the reliability's security of real estate trade are very important. With the life style's change, the market of real estate becomes diversification, and the level of the real estate trade becomes diversification. But compared with this, the trade system of the real estate has not broken away from the mode in the past yet. To cope with it actively, it needs to review the real estate trade form. Especially, it needs to investigate a plan that can advance the Agency Listing method. The Exclusive Agency Listing and the real estate Information Network System have been the usual system in some advanced countries like America, Japan. It is the system that establishes the real estate brokerage's trade order and encourages the execution for the real estate client's property right's protection and benefit offer. In our country, The Exclusive Agency Listing and the real estate Information Network System were created in the revised real estate brokerage law in 12, 1993. But because of varies of questions, it can not be settled down. So this paper will develop the characteristic factors of the Exclusive Agency Listing and the real estate Information Network System revitalization and examine the mutual relation depends on the factors. And these factors were studied through the proved analysis to the effecting made on the Agency function's consideration and real estate broker' trust and customer satisfaction. So depends on these, the existed value now will present the revitalization plan and political implication about the Exclusive Agency Listing and the real estate Information Network System.

• Journal of Korean Society of Disaster and Security
• /
• v.6 no.3
• /
• pp.29-34
• /
• 2013

This study is to provide the implementation plan for standard code to efficiently manage curriculum information in disaster and safety education programs across domestic and foreign institutions, and to encourage active information sharing. Projects regarding disaster safety education have been progressed and developed since the opening of NDMI on March 2006. Efficient management and systematic operation for the existing disaster safety education contents are also required. It is essential for both domestic and foreign disaster management organizations to share and utilize their educational contents each other prior to the effect of the Framework Act on the Management of Disaster and Safety starting from February 7th, 2014. As disaster gets more complex and diverse in its types and sizes, the share of information on advanced disaster and safety education system between each countries is becoming more necessary than they ever did before. Therefore, the standard code of disaster safety education curriculum is resulted based on the flexibility that accommodates the change of education environment and extended applications in both domestic and foreign education institutions. The effective application of standard code will be a possible way to improve the disaster safety education system and help to set its correct definition.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.44 no.6
• /
• pp.1-9
• /
• 2007

Recently, as a number of media are fused into a phone, the requirement of security of service provided on a mobile phone is increasing. For this, conventional cryptographic key based on password and security card is used in the mobile phone, but it has the characteristics which is easy to be vulnerable and to be illegally stolen. To overcome such a problem, the researches to generate key based on biometrics have been done. However, it has also the problem that biometric information is susceptible to the variation of environment, whereas conventional cryptographic system should generate invariant cryptographic key at any time. So, we propose new method of producing cryptographic key based on "Biometric matching-based key release" instead of "Biometric-based key generation" by using both face and iris information in order to overcome the unstability of uni-modal biometries. Also, by using mega-pixel camera embedded on mobile phone, we can provide users with convenience that both face and iris recognition is possible at the same time. Experimental results showed that we could obtain the EER(Equal Error Rate) performance of 0.5% when producing cryptographic key. And FAR was shown as about 0.002% in case of FRR of 25%. In addition, our system can provide the functionality of controlling FAR and FRR based on threshold.

• International Journal of Computer Science & Network Security
• /
• v.22 no.12
• /
• pp.63-70
• /
• 2022

The essence of the definition of "tolerance" is analyzed. Motivational, knowledge and behavioral criteria for tolerance of future teachers are highlighted. Indicators of the motivational criterion are the formation of value orientations, motivational orientation, and the development of empathy. Originality and productivity of thoughts and judgments, tact of dialogue, pedagogical ethics and tact are confirmed as indicators of the knowledge criterion. The behavioral criterion includes social activity as a life position, emotional and volitional endurance, and self-control of one's own position. The formation of tolerance is influenced by a number of factors: the social environment, the information society, existing stereotypes and ideas in society, the system of education and relationships between people, and the system of values. The main factors that contribute to the education of tolerance in future teachers are highlighted. Analyzing the structure of tolerance, it is necessary to distinguish the following functions of tolerance: - motivational (determines the composition and strength of motivation for social activity and behavior, promotes the development of life experience, because it allows the individual to accept other points of view and vision of the solution; - informational (understanding the situation, the personality of another person); - regulatory (tolerance has a close connection with the strong - willed qualities of a person: endurance, selfcontrol, self-regulation, which were formed in the process of Education); - adaptive (allows the individual to develop in the process of joint activity a positive, emotional, stable attitude to the activity itself, which the individual carries out, to the object and subject of joint relations). The implementation of pedagogical functions in the information society: educational, organizational, predictive, informational, communicative, controlling, etc. provides grounds to consider pedagogical tolerance as an integrative personal quality of a representative of any profession in the field of "person-person". The positions that should become conditions for the formation of tolerance of the future teacher in the information society are listed.