• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.99-107
• /
• 2022

The use of smart home appliances and Internet of Things (IoT) devices is growing, enabling new interactions and automation in the home. This technology relies heavily on mobile services which leaves it vulnerable to the increasing threat of hacking, identity theft, information leakage, serious infringement of personal privacy, abnormal access, and erroneous operation. Confirming or proving such security breaches have occurred is also currently insufficient. Furthermore, due to the restricted nature of IoT devices, such as their specifications and operating environments, it is difficult to provide the same level of internet security as personal computers. Therefore, to increase the security on smart home IoT devices, attention is needed on (1) preventing hacking and user authority theft; (2) disabling abnormal manipulation; and (3) strengthening audit records for device operation. In response to this, we present a plan to build a cloud security authentication platform which features security authentication management functionality between mobile terminals and IoT devices.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.2
• /
• pp.153-159
• /
• 2014

For smart work (smart office), RDP(Remote Desktop Protocol) connection is the most popular method. When the office workers do not have personal space, smart office is very useful. That is, they can connect personal computer using Internet at cafe or public spaces. Using the smart office, it is possible to make personal business environment to increase business efficiency. In this paper, we designed and implemented smart office using RDP (Remote Desktop Protocol). We expected that the office workers can be used smart office for business efficiency.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.86-88
• /
• 2017

The digital door lock is an electronic door lock that uses a password system and has the function of automatically locking the door when the door is closed, thus eliminating the worry about the door lock. As the technology has gradually developed, various authentication technologies such as semiconductor key system, RFID, and fingerprint recognition have been introduced. However, there is a danger of copying the door lock key, and there are password stealing and infringement. In this paper, we develop a remote control system that can unlock or open a smartphone to supplement the user's risk. The system you are going to develop can use WiFi to check if the door is locked or open on your smartphone, and you can lock or unlock the door remotely.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.1
• /
• pp.147-153
• /
• 2014

The numerous improved schemes of remote user authentication based on password have been proposed in order to overcome the security weakness in user authentication process. Recently, some of biometric-based user authentication schemes to use personal biometric information have been introduced and they have shown the relatively higher security and the enhanced convenience as compared to traditional password-based schemes. These days wireless sensor network is a fundamental technology in face of the ubiquitous era. The wireless sensor networks to collect and process the data from sensor nodes in increasing high-tech applications require important security issues to prevent the data access from the unauthorized person. Accordingly, the research to apply to the user authentication to the wireless sensor networks has been under the progress. In 2010, Yuan et al. proposed a biometric-based user authentication scheme to be applicable for wireless sensor networks. Yuan et al. claimed that their scheme is effectively secure against the various security flaws including the stolen verifier attack. In this paper, author will prove that Yuan et al.'s scheme is still vulnerable to the password guessing attack, user impersonation attack and the replay attack, by analyzing their security weakness.

• The KIPS Transactions:PartC
• /
• v.9C no.1
• /
• pp.9-16
• /
• 2002

As existing analog video surveillance systems could save and retrieve data only in a limited space within short distance, it had many constraints in developing into various application systems. However, on the back of development of the Internet and computer technologies, digital video surveillance systems can be controlled from a remote location by web browser without space limits. Moreover, data compression and management technologies with Index Search algorithm make it possible to efficiently handling, storing, and retrieving a large amount of data and further motion detection algorithm enhances a recording speed and efficiency for a practical application, that is, a practical remote recordable video surveillance system using our efficient algorithms as mentioned, called WebCam. The WebCam server system can intelligently record and save video images digitized through efficient database management, monitor and control cameras in a remote place through user authentication, and search logs.

• KSCI Review
• /
• v.14 no.2
• /
• pp.205-214
• /
• 2006

Is need Remote Access through internet for business of Ubiquitous Computing age, and apply OTP for confidentiality about inputed ID and Password, network security of integrity. Current OTP must be possessing hardware or Token, and there is limitation in security. Install a Snooping tool to OTP network in this treatise, and because using Cain, enforce ARP Cache Poisoning attack and confirm limitation by Snooping about user password. Wish to propose new system that can apply Tokenless OTP by new security way, and secure confidentiality and integrity. Do test for access control inflecting Tokenless OTP at Remote Access from outside. and could worm and do interface control with certification system in hundred. Even if encounter hacking at certification process, thing that connection is impossible without pin number that only user knows confirmed. Because becoming defense about outward flow and misuse and hacking of password when apply this result Tokenless OTP, solidify security, and evaluated by security system that heighten safety.

• Journal of Advanced Navigation Technology
• /
• v.21 no.3
• /
• pp.294-299
• /
• 2017

Home network service is evolving into a service that can receive contents such as remote education, home automation, remote meter reading and various entertainment anytime and anywhere by connecting all household appliances in home with wired and wireless network. In this paper, an intelligent home gateway installed at home is connected to the mobile communication terminal from the outside to solve the problems of the existing home network and configure and maintain a more efficient and comfortable home network environment for the user, In the window, the login page is activated to confirm the user access authority, and the user proceeds the authentication procedure through own login information. When the normal authentication procedure is performed, the intelligent home gateway maintains only the network connection with the user, and the user presents the intelligent home network system using the RFID which is accessed by the intelligent home network system.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.1 s.45
• /
• pp.107-116
• /
• 2007

Is need Remote Access through internet for business of Ubiquitous Computing age, and apply OTP for confidentiality about inputed ID and Password, network security of integrity. Current OTP must be possessing hardware of Token, and there is limitation in security. Install a Snooping tool to OTP network in this treatise, and because using Cain, enforce ARP Cache poisoning attack and confirm limitation by Snooping about user password. Wish to propose new system that can apply Tokenless OTP by new security way, and secure confidentiality and integrity. Do test for access control inflecting Tokenless OTP at Remote Access from outside, and could worm and do interface control with certification system in hundred. Even if encounter hacking at certification process, thing that connection is impossible without pin number that only user knows confirmed. Because becoming defense about outward flow and misuse and hacking of password when apply this result Tokenless OTP, solidify security, and evaluated by security system that heighten safety.

• Journal of the Korea Convergence Society
• /
• v.12 no.5
• /
• pp.9-16
• /
• 2021

Due to the prolonged infectious disease of COVID-19 worldwide, there are various security threats due to network attacks on Internet of Things devices that are vulnerable to telecommuting. Initially, users of Internet of Things devices were exploited for vulnerabilities in Remote Desktop Protocol, spear phishing and APT attacks. Since then, the technology of network attacks has gradually evolved, exploiting the simple service discovery protocol of Internet of Things devices, and DRDoS attacks have continued to increase. Existing SSDPs are accessible to unauthorized devices on the network, resulting in problems with information disclosure and amplification attacks on SSDP servers. To compensate for the problem with the authentication procedure of existing SSDPs, we propose a hash-based SSDP that encrypts server-specific information with hash and adds authentication fields to both Notify and M-Search message packets to determine whether an authorized IoT device is present.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.2
• /
• pp.265-270
• /
• 2022

With the advent of the Fourth Industrial Revolution, the paradigm of finance is also changing. As remote work becomes more active due to cloud computing and coronavirus, the work environment changes and attack techniques are becoming intelligent and advanced, companies should accept new security models to further strengthen their current security systems. Zero trust security increases security by monitoring all networks and allowing strict authentication and minimal access rights for access requesters with the core concept of doubting and not trusting everything. In addition, the use of NAC and EDR for identification subjects and data to strengthen access control of the zero trust-based security system, and strict identity authentication through MFA will be explained. Therefore, this paper introduces a zero-trust security solution that strengthens existing security systems and presents the direction and validity to be introduced in the financial sector.