• 한국컴퓨터정보학회논문지
• /
• 제3권4호
• /
• pp.91-96
• /
• 1998

본 논문에서는 일반적으로 많이 사용되고 있는 클라이언트-서브 시스템에 암호화 기법을 도입함으로써 클라이언트와 서버간에 교환되는 정보가 타인에게 누설되는 것을 방지할 수 있는 Secure 클라이언트-서버시스템을 설계하였다. 초기의 로그온 단계에서는 비대칭암호화 방식을 도입하여 상호간 사용자 확인을 가능하게 하였으며 일반 정보 교환 단계에서는 대칭 암호화 방식을 도입하여 암호화에 소요되는 시간을 최소화 시켰다. 또한 이러한Secure 클라이언트-서버 시스템에서도 디지털 서명이 가능함을 보였으며 시스템에서 사용되는 암호키의 생성 및 배포를 안전하게 할 수 있는 효율적인 관리 방안을 제시하였다.

• 한국멀티미디어학회논문지
• /
• 제19권8호
• /
• pp.1466-1470
• /
• 2016

As individuals create many contents anytime and anywhere together with the widespread dissemination of smart devices as well as various social networking services (SNS), content centric networking (CCN) has regarded as a new networking technology. However, CCN is exposed to malicious attacks on the mobility management of mobile content sources during handover and high volume of control messages. Therefore, this paper presents a secure duplicate name detection (SecureDND) mechanism without additional control messages by signed information and secure token. It is shown from the performance evaluation that the proposed scheme can provide low control overhead, which results in the network scalability.

• 인터넷정보학회논문지
• /
• 제23권2호
• /
• pp.9-17
• /
• 2022

In this paper, we propose a secure smart home network model and a novel cryptographic protocol called the Smart Home Security Protocol (SHSP). Authentication, key distribution, and encryption functions are properly supported in order to make a smart home secure, and a residential gateway (RG) plays a central role in performing these functions. According to the characteristics of networks and attached devices, we classify smart homes into three different types of sub-networks and these networks are interconnected with one another by the RG. Depending on a sub-network, we use different types of secure schemes to reduce the burden of the process and the delay in devices while it provides proper security functions. The proposed secure smart home model is implemented and verified by using a variety of embedded system environments.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권1호
• /
• pp.366-381
• /
• 2020

Steganography has been successfully employed in various applications, e.g., copyright control of materials, smart identity cards, video error correction during transmission, etc. Deep learning-based steganography models can hide information adaptively through network learning, and they draw much more attention. However, the capacity, security, and robustness of the existing deep learning-based steganography models are still not fully satisfactory. In this paper, three models for different cases, i.e., a basic model, a secure model, a secure and robust model, have been proposed for different cases. In the basic model, the functions of high-capacity secret information hiding and extraction have been realized through an encoding network and a decoding network respectively. The high-capacity steganography is implemented by hiding a secret image into a carrier image having the same resolution with the help of concat operations, InceptionBlock and convolutional layers. Moreover, the secret image is hidden into the channel B of carrier image only to resolve the problem of color distortion. In the secure model, to enhance the security of the basic model, a steganalysis network has been added into the basic model to form an adversarial network. In the secure and robust model, an attack network has been inserted into the secure model to improve its robustness further. The experimental results have demonstrated that the proposed secure model and the secure and robust model have an overall better performance than some existing high-capacity deep learning-based steganography models. The secure model performs best in invisibility and security. The secure and robust model is the most robust against some attacks.

• 정보처리학회논문지C
• /
• 제12C권7호
• /
• pp.999-1006
• /
• 2005

보안 운영체제는 운영체제나 소프트웨어에 내재된 보안상의 결함으로 인해 발생 가능한 각종 보안 문제로부터 시스템을 보호하기 위해 기존의 운영체제 내에 보안기능을 추가한 운영체제이다. 기존의 보안운영체제에서는 다중 사용자 환경에서 사용자 개인 자원을 보호할 수 있는 보안정책의 효율적인 설정이 어려웠다. 이러한 문제를 해결하기 위해 본 논문에서 우리는 다중사용자 환경에서 보안설정을 하는데 있어 유연성을 제공하기 위한 방법으로 "객체 소유자 정보 활용" 및 "메타 기호 지원" 기법을 제시한다. 본 논문에서는 이 기능들을 통해 보안관리자가 효율적으로 사용자 자원에 대한 접근제어 정책을 수립할 수 있다는 것을 예를 들어 설명한다. 그리고 이 기법은 솔라리스 운영체제 환경에서 Secusys라는 보안운영체제를 통해 구현되었다.

• 정보보호학회논문지
• /
• 제17권5호
• /
• pp.3-14
• /
• 2007

본 논문에서는 강력한 의사난수 함수 관점에서 안전한 tweakable 전단사 함수 패밀리를 이용하여 연관키에 안전한 전단사 함수 패밀리를 설계할 수 있음을 보인다. 이를 이용하여 현재까지 알려진 것 중에 가장 빠르면서 연관키 공격에 안전한 전단사 함수 패밀리를 구성한다. 또한, 의사난수 함수 관점에서 안전한 적당한 유형의 함수 패밀리를 이용하여 연관키 공격에 안전한 전단사 함수 패밀리를 구성할 수 있음을 보인다. 이는 기존의 안전성이 증명된 MAC 알고리즘을 이용하면 연관키 공격에 안전한 스킴을 구성할 수 있음을 나타낸다. 끝으로, 본 논문에서는 연관키 공격에 대한 여러 안전성 개념(indistinguishability, non-malleability)을 정의하구 그들 사이의 관계를 살펴본다.

• 디지털산업정보학회논문지
• /
• 제5권3호
• /
• pp.87-98
• /
• 2009

This paper discuss secure information flow analysis and its visualization. Information leak is defined as existence of information flow from variables which have user's private informations to variables that anyone can access. Secure information flow analysis has been made to decide of whether the information leak is or not. There are many researches for secure information flow analysis concerning high level programming languages. But actually, programs that user executes don't have program source code represented in high level programming language. Thus there is need for analysis of program represented in low level language. More to analysis, visualization of analysis is very important. So, this paper discuss visualization of secure information flow analysis. In this paper, Mini x86 Assembly Language which is subset of x86 assembly language is defined and secure information flow analysis of program is proposed. In addition, this paper defines transfer function that is used for analysis and shows how to visualize control flow graph.

• ETRI Journal
• /
• 제37권4호
• /
• pp.696-706
• /
• 2015

This paper presents an achievable secure videoconferencing system based on quantum key encryption in which key management can be directly applied and embedded in a server/client videoconferencing model using, for example, OpenMeeting. A secure key management methodology is proposed to ensure both a trusted quantum network and a secure videoconferencing system. The proposed methodology presents architecture on how to share secret keys between key management servers and distant parties in a secure domain without transmitting any secrets over insecure channels. The advantages of the proposed secure key management methodology overcome the limitations of quantum point-to-point key sharing by simultaneously distributing keys to multiple users; thus, it makes quantum cryptography a more practical and secure solution. The time required for the encryption and decryption may cause a few seconds delay in video transmission, but this proposed method protects against adversary attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권12호
• /
• pp.6139-6160
• /
• 2018

For ease of use and access, web browsers are now being used to access and modify sensitive data and systems including critical control systems. Due to their computational capabilities and network connectivity, browsers are vulnerable to several types of attacks, even when fully updated. Browsers are also the main target of phishing attacks. Many browser attacks, including phishing, could be prevented or mitigated by using site-, user-, and device-specific security configurations. However, we discovered that all major browsers expose disparate security configuration procedures, option names, values, and semantics. This results in an extremely hard to secure web browsing ecosystem. We analyzed more than a 1000 browser security configuration options in three major browsers and found that only 13 configuration options had syntactic and semantic similarity, while 4 configuration options had semantic similarity, but not syntactic similarity. We: a) describe the results of our in-depth analysis of browser security configuration options; b) demonstrate the complexity of policy-based configuration of web browsers; c) describe a knowledge-based solution that would enable organizations to implement highly-granular and policy-level secure configurations for their information and operational technology browsing infrastructures at the enterprise scale; and d) argue for necessity of developing a common language and semantics for web browser configurations.

• 정보보호학회논문지
• /
• 제22권4호
• /
• pp.901-911
• /
• 2012

개발단계에서의 보안취약점 제거는 운영단계에서 실행하는 것보다 훨씬 더 효율적이고 효과적으로 적용될 수 있다. 소프트웨어에 내재된 보안취약점이 사이버 침해사고의 주요 원인이 되고 있어서 소스코드 수준에서의 보안취약점을 최소화하기 위한 일환으로 시큐어코딩이 주목받고 있다. 소프트웨어 개발과정에서 보안취약점을 제거하는 것이 보다 효과적이면서도 근본적인 해결책이 될 수 있다. 본 논문에서는 개인 단체 조직에서 모바일 시큐어코딩 적용에 따른 보안수준을 평가하기 위한 모바일 시큐어코딩 자가평가(Mobile-Secure Coding Self Assessment) 방법을 연구 제안한다.