• Journal of KIISE:Computer Systems and Theory
• /
• v.26 no.11
• /
• pp.1391-1400
• /
• 1999

이동 통신은 대기를 전달매체로 하고 이동단말기를 사용하기 때문에 가로채기나 불법사용과 같은 공격에 취약하다. 이를 극복하기 위해, 이동 통신 환경에서 이동단말기와 기지국 사이에 안전한 통신을 제공하기 위한 많은 프로토콜들이 제안되어왔다. 그러나 이동단말기의 부족한 계산능력과 전력량 때문에 공개키를 이용한 프로토콜들은 많은 장점에도 불구하고 충분히 활용되지 못했다. 본 논문에서는 이동 통신 환경에서 기지국과 이동단말기 사이의 상호인증 및 세션키 공유 프로토콜들의 성능을 향상시킬 수 있는 기법을 제안한다. 본 논문에서 제안하는 기법은 이동단말기의 비밀 정보를 기지국에게 드러나게 하지 않으면서 많은 계산을 기지국으로 하여금 대신 수행하도록 하는 것이다. 제안된 기법은 기존의 프로토콜들을 최대 5배까지 성능을 향상시키며 해당하는 만큼 이동단말기의 전력량 소모를 감소시킬 수있다.Abstract Mobile communication is more vulnerable to security attacks such as interception and unauthorized access than fixed network communication. To overcome these problems, many protocols have been proposed to provide a secure channel between a mobile station and a base station. However, these public-key based protocols have not been fully utilized due to the poor computing power and small battery capacity of mobile stations. In this paper, we propose techniques for accelerating public-key based key establishment protocols between a mobile station and a base station. The proposed techniques enable a mobile station to borrow computing power from a base station without revealing its secret information. The proposed schemes accelerate the previous protocols up to five times and reduce the amount of power consumption of mobile stations.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.7C
• /
• pp.985-996
• /
• 2004

In order to solve the increasing security problems, IDSs(Intrusion Detection System) have appeared. However, local IDSs have a limit to detect various intrusions in a large-scale network environment. So there are a lot of researches in progress which organize the elements of IDS in a distributed or hierarchical manner. In this paper, we design a integrated IDS which exchanges messages between them through the standardized message format (IDMEF) and communication protocol (IDXP). We also propose a policy profile for an effective control of IDSs, and employ the PKI mechanism for mutual authentication. We implement a prototype system for the proposed IDSs communicating with Snort and analyze its performance.

• Journal of Communications and Networks
• /
• v.11 no.6
• /
• pp.599-606
• /
• 2009

For many mission-critical related wireless sensor network applications such as military and homeland security, user's access restriction is necessary to be enforced by access control mechanisms for different access rights. Public key-based access control schemes are more attractive than symmetric-key based approaches due to high scalability, low memory requirement, easy key-addition/revocation for a new node, and no key predistribution requirement. Although Wang et al. recently introduced a promising access control scheme based on elliptic curve cryptography (ECC), it is still burdensome for sensors and has several security limitations (it does not provide mutual authentication and is strictly vulnerable to denial-of-service (DoS) attacks). This paper presents an energy-efficient access control scheme based on ECC to overcome these problems and more importantly to provide dominant energy-efficiency. Through analysis and simulation based evaluations, we show that the proposed scheme overcomes the security problems and has far better energy-efficiency compared to current scheme proposed byWang et al.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.850-853
• /
• 2008

As th Internet grew rapidly, the Electronic Commerce that is based on Internet increased. The Electronic Commerce is unsubstantial in the mutual authentication between the parties and a commerce As a solution to this issue, a Web server uses a Client Message technology. The purpose of Client Message is to validate the user and the electronic commercial transaction. Further, it increases efficiency and offers several ability at various purposes. However, the Client Message is transferred and stored as an unencrypted text file, the information can be exposed easily to the network threats, end system threats, and Client Message harvesting threats. In this paper designed by used crypto algorithm a Secure Message as a solution to the issue have proposed above. Further, designed a security service per Network transmitting message to transfer client's user input information to a Web server safety.

• Proceedings of the Korean Institute Of Construction Engineering and Management
• /
• 2006.11a
• /
• pp.453-457
• /
• 2006

After the introduction of Professional Engineer System to secure superior technical personnel in 1963, the engineering license regulations were introduced in 1995 - the person qualified with either the academic back ground or career in the construction field can be authorized as a construction engineer- to cope with higher demands for construction engineers caused by revitalization of construction business such as 2 million house construction. As a result, the number of construction engineers has been increased drastically since year 2000, which caused serious problems in utilizing top technical certificate, the PE's. Recently, relating to the opening of technology market according to WTO agreement and mutual authentication among countries and etc., the government is preparing legal and systematic foundations to guarantee the professionalism of engineers. Through the exact supply-demand forecast of PE's reflecting these systematic aspects, we are going to analyze the problems in the supply-demand of PE's and suggest the systematic improvement plans for managing the supply-demand of PE's. The result of this research can be used for building efficient and consistent raising and utilizing system of PE's as well as supply and demand system of qualified PE's

• Journal of Internet Computing and Services
• /
• v.11 no.4
• /
• pp.129-141
• /
• 2010

In digital computing environment, for the mal functions in appliances and system errors, the unaccepted intrusion should be occurred. The evidence collecting technology uses the system which was damaged by intruders and that system is used as evidence materials in the court of justice. However the collected evidences are easily modified and damaged in the gathering evidence process, the evidence analysis process and in the court. That’s why we have to prove the evidence’s integrity to be valuably used in the court. In this paper, we propose a mechanism for securing the reliability and the integrity of digital evidence that can properly support the Computer Forensics. The proposed mechanism shares and manages the digital evidence through mutual authenticating the damaged system, evidence collecting system, evidence managing system and the court(TTP: Trusted Third Party) and provides a secure access control model to establish the secure evidence management policy which assures that the collected evidence has the corresponded legal effect.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.6B
• /
• pp.970-976
• /
• 2010

Platform convergence originated from the convergence of broadcast and telecommunication is making rapid progress including IT and not-IT fields in order to provide a variety of converged services, S/W eco-system construction, and so on. With the advent of convergence environment, IEEE 802.15.4-based RF4CE technology is rising because of creating momentum for the market using converged connectivity between home and office devices as well as all around located devices. In this paper, we present enhanced RF4CE key seed distribution approach in order to provide efficient connection and control between devices. The proposed approach consists of device mutual authentication, initial vector assignment, and two-phase key seed distribution. Moreover, we make a development real RF4CE test board and its key agreement simulator to verify the proposed approach.

• Journal of Navigation and Port Research
• /
• v.43 no.3
• /
• pp.179-185
• /
• 2019

Currently, despite having active movements related to port logistics security, there is lack of awareness, education, and security systems related to port technology. Before implementing port logistics security, a mutual authentication agreement should be reached through the establishment of an integrated network that can share port logistics security information in real time. In order to achieve port competitiveness and strengthen logistics service, establishment of national strategy for logistics security is necessary. However, there is an urgent need to raise the security consciousness among the port logistics organization members and enhance the information security ability which is a crucial feature of the port logistics organization. Therefore, the objective of this study is to analyze the factors affecting the information security capacity of port logistics organization members. Even though the analysis rejected the hypothesis that security regulations affect security awareness, the security activities and security awareness were significantly correlated. It also has a positive impact on the relationship between security norms and security abilities, and security awareness and security abilities.

• Journal of Digital Convergence
• /
• v.17 no.1
• /
• pp.195-201
• /
• 2019

This paper proposes a blockchain system to share Wireless Local Area Network (WLAN) that recently suffers from mutual interference among increasing devices using unlicensed bands. Blockchain technology can induce cooperation from users by incentivizing them with cryptocurrency like shown in Bitcoin example. In this paper, we describe Blockchain based access mechanism in WLAN instead of conventional authentication based access. Here, users can access any WLAN access point by paying through smart contract while they also receive payment from others. In order to support real-time transaction, we apply proof-of-authority that is realized by Byzantine fault tolerant protocol instead of well-known proof-of-work that requires huge computing power and delay.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.81-92
• /
• 2009

Recently, there is a drastic increase in users interested in real-time multimedia services in the WLAN environment, as the demand of IEEE 802.11 WLAN-based services increases. However, the handoff delay based on 802.11i security policy is not acceptable for the seamless real-time multimedia services provided to MS frequently moving in the WLAN environment, and there is a possibility of DoS attacks against session key derivation process and handoff mechanism. In this paper, a secure and efficient handoff mechanism in the centralized WLAN environment is introduced to solve the security problems. The 4-way Handshake for both mutual authentication and session key derivation is replaced by the 2-way Reassociation process.