• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.10a
• /
• pp.214-215
• /
• 2016

기존 전력망과 최신 IT기술의 융합을 통해 탄생한 차세대 전력망인 스마트그리드의 확산이 본격화됨에 따라 스마트그리드 환경 하에서 동작하는 단말기기, 운영시스템 간 보안통신에 대한 요구사항이 급증하고 있으며, 관련 연구도 활발히 진행 중에 있다. 적법한 인증과정을 거친 인가된 기기와 서버 간 안전한 통신환경 구축을 위해서는 PKI 기반의 기기 보안인증 기술의 적용이 필수적이다. 본 논문에서는 스마트 기기 간 PKI 기반의 기기 보안인증 통신을 위해 스마트 기기용 암호화 키를 안전하게 생성, 관리 및 주입하는 방법에 대해 제시한다. 제시된 방법은 스마트 기기에 대한 안전한 키 관리 및 주입은 물론, 모바일 장비를 활용한 이동식 키주입 방법을 지원함으로써 스마트 기기의 암호화키 노출 등 해킹사고 발생 시 장비교체에 따른 전력서비스 공백을 최소화 할 수 있다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.3-11
• /
• 2009

Forward secrecy in an e-mail system means that the compromising of the long-term secret keys of the mail users and mail servers does not affect the confidentiality of the previous e-mail messages. Previous forward-secure e-mail protocols used the certified public keys of the users and thus needed PKI(Public Key Infrastructure). In this paper, we propose a password-based authenticated e-mail protocol providing forward secrecy. The proposed protocol does not require certified public keys and is sufficiently efficient to be executed on resource-restricted mobile devices.

• Journal of Internet Computing and Services
• /
• v.14 no.5
• /
• pp.11-26
• /
• 2013

In the wireless Internet, it is so restrictive to use the IPSec. The MIPv4 IPSec's path cannot include wireless links. That is, the IPSec of the wireless Internet cannot protect an entire path of Host-to-Host connection. Also wireless circumstance keeps a path static during the shorter time, nevertheless, the IKE for IPSec SA agreement requires relatively long delay. The certificate management of IPSec PKI security needs too much burden. This means that IPSec of the wireless Internet is so disadvantageous. Our paper is to construct the Mobile IPSec proper to the wireless Internet which provides the host-to-host transport mode service to protect even wireless links as applying excellent WP-IBE scheme. For this, Mobile IPSec requires a dynamic routing over a path with wireless links. FA Forwarding is a routing method for FA to extend the path to a newly formed wireless link. The FA IPSec SA for FA Forwarding is updated to comply the dynamically extended path using Source Routing based Bind Update. To improve the performance of IPSec, we apply efficient and strong future Identity based Weil Pairing Bilinear Elliptic Curve Cryptography called as WP-IBE scheme. Our paper proposes the modified protocols to apply 6 security-related algorithms of WP-IBE into the Mobile IPSec. Particularly we focus on the protocols to be applied to construct ESP Datagram.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.7
• /
• pp.181-188
• /
• 2008

Nowadays, WiMAX which provides internet service with a middle and low speed serves more function and is wider than Wi-Fi. While they solve the security risks as subscribers do handover by subscriber's re-certification procedure as the Network range is getting wider, there are more security problems making the problems of electric-power consumption and delay. This paper suggests a handover mechanism which simplify the subscriber's re-certification procedure and prevents a security problem as doing handover for solving the problem of delay and the rate of processing. The mechanism can cooperate with PKI structure to increase flexibility and security and minimize network re-entry procedure or re-certification procedure by providing continual service. As a result. the mechanism's throughput as the number of subscribers is lower than IEEE 802.16e and the mechanism proves that it is secure from the attack of man-in-the-middle and reply as doing handover.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.10a
• /
• pp.359-362
• /
• 2009

Qualified certificates in online financial and security transaction area are currently used for authentication of the user. The authorized user's public key certificates are stored in binary; the private key corresponding to the user's public key certificates is encrypted by the user password, and then is stored in a file. But the present management system to access the public certificates in local has some problems. In this study, we propose that the mobile public certificate management application to avoid the exist problems.

• Journal of Internet Computing and Services
• /
• v.9 no.1
• /
• pp.1-8
• /
• 2008

IETF has proposed Fast Handovers for Mobile IPv6 (FMIPv6) for efficient mobility management, FMIPv6 has no solutions to protect binding updates. Previous researches have mainly concentrated on using AAA, public cerificates or cryptographic algorithms to secure binding updates. However the approaches need a particular infrastructure or a heavy processing cost to setup secure associations for handovers. Proposed scheem provides authentication for FMIPv6 without infrasturcture and costly cryptographic algorithms by extending Return Routability Protocol. Also proposed scheme is oble to be used for various existing handover mechanisms in IPv6 network.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.233-236
• /
• 2002

디지털 서명의 정당성을 검증하기 위해서는 서명자 공개키의 유효성을 인증해야 한다. 이 때, PKI 기반의 인증서를 통해 인증을 수행한다면, 무선 인터넷이라는 특성에 따른 보안상의 문제가 있을 뿐만 아니라 비효율적이다. 그런데 별도의 인증서 검증이 필요 없는 개인식별정보 자체를 공개키고 사용한다면 인증서 검증을 위한 무선 인터넷에서 유선 인터넷으로의 접속 없이 서명의 검증이 가능하게 되고, 무선망만을 이용한 통신이 가능하게 된다. 본 논문에서는 이와 같이 이동 통신 환경에 적합하도록 개인식별정보를 공개키고 사용하는 디지털 서명 알고리즘을 제안한다.

• Proceedings of the KAIS Fall Conference
• /
• 2010.11a
• /
• pp.259-262
• /
• 2010

현대 사회에서 스마트폰은 손안의 PC라는 말이 있을 정도로 작지만 많은 기능들을 제공하고, PC와 마찬가지로 개인적이고 중요한 정보들을 저장할 수 있다. 스마트폰의 활성화로 인해 좋은 부분도 있지만 모바일 환경의 무선 보안 문제 또한 부각되고 있다. 본 논문에서는 스마트폰 환경에서 무선 AP를 통해 무선 네트워크 서비스를 이용할 시 문제점들을 보완하고자 3G망을 통하여 암호화된 값을 보내주고 대칭키, PKI, 전자서명을 사용하였다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.10a
• /
• pp.436-438
• /
• 2004

이동 ad-hoc 네트워크(mobile ad-hoc network : MANET)는 유선 기반 망 흑은 액세스 포인트 없이 이동 단말기들로 구성된 망이다. 기존의 기반망을 사용하지 않으므로 유선 기반망이 구축되어 있지 않은 곳이나 유선 기반망이 파괴된 지역에 사용한다. 그러나 HANET에서는 노출된 매체와 동적인 토폴로지, 중앙의 감시와 관리 결여, 자원의 제약성 등과 같은 이유로 인해 유선망보다 더욱 않은 보안 문제가 발생한다. 본 논문에서는 이동 ad hoc 네트워크에서 노드의 신분 보장을 제공하기 위하여 기밀성에 중점을 둔 공개키 기반 구조에서의 노드 간 인증 기법을 제안한다.

• Journal of Information Processing Systems
• /
• v.19 no.3
• /
• pp.334-346
• /
• 2023

An electronic document based on PDF has been widely used in customer communication between an enterprise and a customer to deliver personalized content. However, electronic documents based on PDF in the form of paper layouts are not suitable for mobile environments because of low readability and lack of interactive interaction. Even though HTML is an essential language in a mobile environment, electronic document based on PDF is still used as it has a content integrity verification feature with a digital signature. It means that a user is sacrificing user experience in a mobile environment for content integrity and using paper-layout electronic documents. In this research, we design the Document HTML specification by setting the Document HTML conformance, adding the extended meta tags, and signing the message digest with a digital signature based on public key infrastructure (PKI). Furthermore, we implemented the Document HTML system, which has REST API services to generate and verify the Document HTML, and did experimental verification of the theory. As a result, we have confirmed that the Document HTML has both content integrity and user experience on mobile. Furthermore, the Document HTML is expected to be an alternative document format to deliver personalized content from an enterprise to a customer in a mobile environment instead of the paper layout electronic document such as PDF.