• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.669-685
• /
• 2003

Nowadays mobile phones and PDAs are part and parcel of our lives. By carrying a portable mobile device with us all the time we are already living in partial Pervasive Computing Environment (PCE) that is waiting to be exploited very soon. One of the advantages of pervasive computing is that it strongly supports the deployment of Location-Based Service(s) (LBSs). In PCE, there would be many competitive service providers (SPs) trying to sell different or similar LBSs to users. In order to reserve a particular service, it becomes very difficult for a low-computing and resource-poor mobile device to handle many such SPs at a time, and to identify and securely communicate with only genuine ones. Our paper establishes a convincing trust model through which secure job delegation is accomplished. Secure Job delegation and cost effective cryptographic techniques largely help in reducing the burden on the mobile device to securely communicate with trusted SPs. Our protocol also provides users privacy protection, replay protection, entity authentication, and message authentication, integrity, and confidentiality. This paper explains our protocol by suggesting one of the LBSs namely“Secure Automated Taxi Calling Service”.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.679-691
• /
• 2020

In the future, 5G technology will become the core infrastructure driving the 4th industrial era. For intelligent super-convergence service, it will be necessary to collect various personal information such as location data. If a person's high-precision location information is exposed by a malicious person, it can be a serious privacy risk. In the past, various approaches have been researched through encryption and obfuscation to protect location information privacy. In this paper, we proposed a new technique that enables statistical query and data analysis without exposing location information. The proposed method does not allow the original to be re-identified through polynomial-based transform processing. In addition, since the quality of the original data is not compromised, the usability of positioning big data can be maximized.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2010.07a
• /
• pp.403-405
• /
• 2010

위치 추적 서비스와 같은 LBS 서비스는 신속하게 변화하는 수많은 양의 공간 및 이동 객체를 관리 및 실시간으로 처리해야 하므로 고성능의 DBMS가 필요하다. 본 논문에서는 실시간 처리와 고성능 처리를 향상시키기 위한 메인 메모리 기반의 이동체 DBMS를 사용한 위치 추적 서비스 시스템을 제안하였다.

• Journal of Internet Computing and Services
• /
• v.15 no.4
• /
• pp.141-152
• /
• 2014

According to proliferation of smartphones and extension of various services utilizing location information, markets of Location Based Service(LBS) have been activating all over the world. However, as the privacy violations of personal location information have been continuously increased, interests in the deregulation have been grown as well. While the regulations of location information can protect personal information and privacy, it causes some negative affect in terms of development of diverse services and industry activation. In particular, Korea is the only country that has applied strict restrictions of LBS by making location information related independent 'Location Information Protection Act'. As a result of this, the issues that LBS industry has no longer developed in Korea and it is necessary for us to relax the regulations have been consistently raised. Thus, this study confirmed that there was the negative(-) relationship between the regulations and the market activation of LBS by comparing and analyzing the correlation between the market growth rate of LBS and relevant regulations at home and abroad; the regulations are strengthened, restrictions in market entry and the business performance can occur. In other words, LBS business will be able to be activated if the regulations which have not directly related to the privacy have been relaxed.

• Journal of KIISE
• /
• v.41 no.9
• /
• pp.715-727
• /
• 2014

The number of subscribers in 4th generation mobile system has been increased rapidly. Along with that, preserving subscribers' privacy has become a hot issue. To prevent users' location from being revealed publicly is important more than ever. In this paper, we first show that the privacy-related problem exists in user authentication procedure in 4th generation mobile system, especially LTE. Then, we suggest an attack model which allows an adversary to trace a user, i.e. he has an ability to determine whether the user is in his observation area. Such collecting subscribers' location by an unauthorized third party may yield severe privacy problem. To keep users' privacy intact, we propose a modified authentication protocol in LTE. Our scheme has low computational overhead and strong secrecy so that both the security and efficiency are achieved. Finally, we prove that our scheme is secure by using the automatic verification tool ProVerif.

• Convergence Security Journal
• /
• v.11 no.6
• /
• pp.31-36
• /
• 2011

Cloud computing is a system which efficiently utilizes resources. In this paper, we propose 2-factor authentication system combing PKI, ID_PW and location information. The proposed method improve the security of hybrid cloud systems and manage resources more safely.

• Convergence Security Journal
• /
• v.6 no.1
• /
• pp.83-90
• /
• 2006

Recently, the security for RFID/USN environment is divided into network security and RFID security. The authentication protocol design for RFID security is studied to protect user privacy in RFID system. However, the study of efficient authentication protocol for RFID system is not satisfy a security for low-cost RFID tag and user privacy. Therefore, this paper proposes a secure matrix-based RFID authentication protocol that decrease communication overhead and computation. In result, the Matrix-based RFID authentication protocol is an effective authentication protocol compare with HB and $HB^+$ in traffic analysis attack and trace location attack.

• 한국방재학회:학술대회논문집
• /
• 2008.02a
• /
• pp.629-632
• /
• 2008

Risk-based security impact evaluation may be affected by various factors according to numerous combinations of explosive devices, cutting devices, impact vehicles, and specific attack location to consider. Presently, in planning and design phases, designers are still often uncertain of their responsibility, lack of information and training of security. Therefore, designers are still failing to exploit the potential to reduce threats on site. In this study, the concept of security impact assessment is introduced in order to derive the performing design for safety in design phase. For this purpose, a framework for security impact assessment model using risk-based approach for bridge structures is suggested. The suggested model includes of information survey, classification of terror threats, and quantitative estimation of severity and occurrence.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.18 no.5
• /
• pp.17-23
• /
• 2018

The rapid development of mobile technology has increased the use of mobile devices, and the possibility of security incidents is also increasing. The leakage of information through photos is the most representative. Previous methods for preventing this are disadvantageous in that they can not take pictures for other purposes. In this paper, we design and implement a system to prevent information leakage through photos using object recognition and beacon. The system inspects pictures through object recognition based on deep learning and verifies whether security policies are violated. In addition, the location of the mobile device is identified through the beacon and the appropriate rules are applied. Web applications for administrator allow you to set rules for taking photos by location. As soon as a user takes a photo, they apply appropriate rules to the location to automatically detect photos that do not conform to security policies.

• The KIPS Transactions:PartC
• /
• v.18C no.5
• /
• pp.327-330
• /
• 2011

After releasing the smart phone equipping the strong computational capability compared to traditional mobil phone, a field of services, which is available on the personal computers, is expanded to smart phone. The development of technology reduces the limited service utilization on time and space but it has a venerability exposing an information to malicious user. Especially we need to more attention when using the financial services which communicate the user's private information. To solve the security problem, OTP(One Time Pad), which uses a private key for a session, is recommended. OTP techniques in smart phone having focused on traditional environments have been proposed and implemented. However, security over mobile environments is more vulnerable to attack and has restriction on resources than traditional system. For this reason, definition of proper conceptual OTP on smart phone is required. In the paper, we present the L-OTP(Location-OTP) protocol, using T-OTP(Time One Time Pad) technique with location information. Proposal generates the OTP using unique location information which is obtained in smart phone.