• Title/Summary/Keyword: information security system

Search Result 6,599, Processing Time 0.033 seconds

A Study on Implementation of Authentication System for Home Networking Service (홈 네트워크 서비스를 위한 인증시스템 구현에 관한 연구)

  • Lee, Ki-Young
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.13 no.6
    • /
    • pp.1091-1098
    • /
    • 2009
  • In this paper, we designed the authentication system for home network service and applied it to actual sensor nodes. The pair-wise pre-distribution key skim is applied for prevention of authentication key from sniffing on the wireless sensor networks. The authentication key and data are encrypted by using the CBC mode RC5 algorithm based on the SPINS. The experimental environment consists of a base station (BS)and sensor nodes and each sensor node sends both sensing data and the encrypted authentication key to the BS. For simulations we set up some what-if scenarios of security menaces in home network service.Slightly modified the TOS_Msg data arrays of TinyOS is suggested to store 8-byte authentication key which can enable data encryption and authentication at the each sensor node. As a result, malfunction caused by communication between BS and nodes of other groups of added nodes having malicious purpose can be protected. Also, we confirmed that a critical data of home networking service like vital signal can be transmitted securely through this system by encryption technique.

Wireless LAN System based on IEEE 802.1x EAP-TLS Authentication Mechanism (IEEE 802.1x EAP-TLS 인증 메커니즘 기반 Wireless LAN 시스템)

  • Hong, Seong-Pyo;Han, Seung-Jo
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.16 no.9
    • /
    • pp.1983-1989
    • /
    • 2012
  • The IEEE 802.1x standard provides an architectural framework which can be used various authentication methods. But, IEEE 802.1x also has vulnerabilities about the DoS(Denial of Service), the session hijacking and the MiM(Man in the Middle) attack due to caused by structural of authentication protocol. In this paper, we propose a WLAN system which can offer safety communication by complement of IEEE 802.1x vulnerabilities. The WLAN system accomplishes mutual authentications between authentication servers, clients and the AP using PKI and prevents an illegal user from intervening in communication to disguise oneself as a client, the AP or authentication servers. Also, we guarantee the safety of the communication by the Dynamic WEP key distribution between clients and the AP.

The Study on Secure Mail Platform and Mutual Authentication Using Mail Proxy (메일 프락시를 통한 사용자 상호인증 방법과 안전한 메일 플랫폼에 대한 연구)

  • Ahn, Hyo-Beom;Lee, Su-Yeon
    • Journal of Digital Convergence
    • /
    • v.14 no.12
    • /
    • pp.201-208
    • /
    • 2016
  • The purpose of Email system is used to transmit important information between companies in today. But Email system has vulnerabilities such that changing email address of sender by attacker. So it is important to authenticate mail server and user using mail server. This paper proposed mail proxy located between mail servers that evaluate authority and authenticate sender and receiver. The proposed email platform has some functions to compose trusted domain and to authenticate mail servers in the domain. Also, if sender and recipient are valid users in mail system, each exchanges a key for confidentiality and the sender sends an e-mail encrypted with exchanged key to recipient. In this paper, we propose a key exchange scheme in proposed platform and verify this protocol using Casper which is the formal analysis tool. In the future research, we will study the overall platform of the domain configuration for the security of mail.

The Study on Legal and Institutional Improvement to the Acquisition and Sharing of Land Monitoring Data (국토모니터링 자료취득 및 공동활용 개선을 위한 법제도 개선 방안 연구)

  • Lee, Suk-Min;Jo, Seon-Hui
    • Spatial Information Research
    • /
    • v.19 no.6
    • /
    • pp.29-41
    • /
    • 2011
  • Recently, the importance of systematic Land-monitoring has been emphasized. The existing Law does not include any definitions or regulations of monitoring. Although there exist laws regarding examining and measuring the current status of region, utilization, distribution, share, security and management of the data need to be improved. In order to upgrade the Land-monitoring system, several tasks such as terms, building cycle, forms, scope, management team should be well-defined. In this study, problems of the Land-monitoring is investigated by understanding the legislation in the land planning system and its operating system. The setting of the land-monitoring concept in Framework Act on the National Land and revision of specific laws in this field were introduced. Finally, new Land-monitoring legislation covering the improvement of the data-acquisition and co-utilization were suggested.

VLIS Design of OCB-AES Cryptographic Processor (OCB-AES 암호 프로세서의 VLSI 설계)

  • Choi Byeong-Yoon;Lee Jong-Hyoung
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.9 no.8
    • /
    • pp.1741-1748
    • /
    • 2005
  • In this paper, we describe VLSI design and performance evaluation of OCB-AES crytographic algorithm that simulataneously provides privacy and authenticity. The OCB-AES crytographic algorithm sovles the problems such as long operation time and large hardware of conventional crytographic system, because the conventional system must implement the privancy and authenticity sequentially with seqarated algorithms and hardware. The OCB-AES processor with area-efficient modular offset generator and tag generator is designed using IDEC Samsung 0.35um standard cell library and consists of about 55,700 gates. Its cipher rate is about 930Mbps and the number of clock cycles needed to generate the 128-bit tags for authenticity and integrity is (m+2)${\times}$(Nr+1), where m and Nr represent the number of block for message and number of rounds for AES encryption, respectively. The OCB-AES processor can be applicable to soft cryptographic IP of IEEE 802.11i wireless LAN and Mobile SoC.

A Study of Gate Control System Using RFID (RFID를 이용한 출입문 제어 시스템 연구)

  • Kang, Sung-Chul;Kim, Hyung-Chan;Doh, Yang-Hoi;Lee, Kwang-Man;Kim, Do-Hyeun
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.8 no.6
    • /
    • pp.1505-1512
    • /
    • 2007
  • The RFID Technology (which is importantly used at the Ubiquitous environment) is attached to all of the units like the ID cards and then information on the units and units' environment is transferred and processed through the radio frequency. so it is the no touched recognition system. RFID Technology's research of the middle ware and wireless interface etc. is currently conducted and variously broaden like the industry of the distribution and logistics. This paper suggests that the gate control system which is based on RFID middle ware is realized to prevent the district and facility for security. The indication of this paper is that algorithm (which is to certificate Users' enterance through RFID EPC code) is proposed and realizes the user certification module, the control module of the gates' opening and closing, the maintenance module of the gate, the display module of coming and going information, test program ect. through RFID technology.

  • PDF

Analysis of Traffic and Attack Frequency in the NURION Supercomputing Service Network (누리온 슈퍼컴퓨팅서비스 네트워크에서 트래픽 및 공격 빈도 분석)

  • Lee, Jae-Kook;Kim, Sung-Jun;Hong, Taeyoung
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.9 no.5
    • /
    • pp.113-120
    • /
    • 2020
  • KISTI(Korea Institute of Science and Technology Information) provides HPC(High Performance Computing) service to users of university, institute, government, affiliated organization, company and so on. The NURION, supercomputer that launched its official service on Jan. 1, 2019, is the fifth supercomputer established by the KISTI. The NURION has 25.7 petaflops computation performance. Understanding how supercomputing services are used and how researchers are using is critical to system operators and managers. It is central to monitor and analysis network traffic. In this paper, we briefly introduce the NURION system and supercomputing service network with security configuration. And we describe the monitoring system that checks the status of supercomputing services in real time. We analyze inbound/outbound traffics and abnormal (attack) IP addresses data that are collected in the NURION supercomputing service network for 11 months (from January to November 1919) using time series and correlation analysis method.

Communication Models and Performance Evaluation for the Delivery of Data and Policy in a Hybrid-Type Intrusion Detection System (혼합형 침입 탐지 시스템에서 데이터 및 정책 전달 통신 모델과 성능 평가)

  • Jang, Jung-Sook;Jeon, Yong-Hee;Jang, Jong-Soo;Sohn, Seung-Won
    • The KIPS Transactions:PartC
    • /
    • v.10C no.6
    • /
    • pp.727-738
    • /
    • 2003
  • Much research efforts are being exerted for the study of intrusion detection system(IDS). However little work has been for the communication medels and performance eveluation of the IDS. Here we present a communication framework for doing hybrid intrusion detection in which agents are used for local intrusion detections with a centralized data anaysis componenta for a global intrusion detection at multiple domains environment. We also assume the combination of host-based and network-based intrusion detection systems in the oberall framework. From the local domain, a set of information such as alert, and / or log data are reported to the upper level. At the root of the hierarchy, there is a global manager where data coalescing is performed. The global manager delivers a security policy to its lower levels as the result of aggregation and correlation of intrusion detection alerts. In this paper, we model the communication mechanisms for the hybrid IDS and develop a simular using OPNET modeller for the performance evaluation of transmission capabillities for the delivery of data and policy. We present and compare simulation results based on several scenarios focuding on communication delay.

Implementation of Web-based Data Storage Service System Using External Storage Devices (외장형 저장장치를 이용한 웹 기반 데이터 스토리지 서비스 시스템 구현)

  • Kim, Buemjun;Lee, Kyounghee
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2017.10a
    • /
    • pp.111-114
    • /
    • 2017
  • As digital contents are widely used and require increasingly high quality, the data storage services over Internet also become more and more important. One of popular services, web-hard, provides lots of users with web-based functions for data storage, management and sharing but such storage utilization requires quite high cost compared to using portable storage devices. Moreover, some users may avoid putting their important data into open Internet area. On the other hand, portable storage devices are cheaper but can be used only when they are physically connected to host devices such as PC. Also additional management and security functions should be equipped to support data sharing among users. In this paper, we propose a web-based data storage system combining those advantages of aforementioned two approaches. The proposed system immediately provides web-based services for data management and sharing when a portable device such as SDD is connected to the server.

  • PDF

A Design of Smart Banking System using Digital Signature based on Biometric Authentication (바이오인증 기반의 전자서명을 이용한 스마트 뱅킹 시스템 설계)

  • Kim, Jae-Woo;Park, Jeong-Hyo;Jun, Moon-Seog
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.16 no.9
    • /
    • pp.6282-6289
    • /
    • 2015
  • Today, there is an increasing number of cases in which certificate information is leak, and accordingly, electronic finance frauds are prevailing. As certificate and private key a file-based medium, are easily accessible and duplicated, they are vulnerable to information leaking crimes by cyber-attack using malignant codes such as pharming, phishing and smishing. Therefore, the use of security token and storage toke' has been encouraged as they are much safer medium, but the actual users are only minimal due to the reasons such as the risk of loss, high costs and so on. This thesis, in an effort to solve above-mentioned problems and to complement the shortcomings, proposes a system in which digital signature for Internet banking can be made with a simply bio-authentication process. In conclusion, it was found that the newly proposed system showed a better capability in handling financial transitions in terms of safety and convenience.