• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.38 no.11
• /
• pp.9-18
• /
• 2001

Currently most of VPNs within internet has only capability to protect cooperate data. Recently, various types of VPNs are being studied based on the concept of SCG(Secure Communication Group). This paper analyses the problems of path-definition method and area-definition method of VPNs using SCG technology, and discusses the possible models among VPNs using SCG technology. This paper proposes the hierarchal VPN configuration method using SCG number and internet based area definition method, and analyze the characteristics of the proposed VPN model on the point of the authentication frequency and the number of managements keys.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2018.10a
• /
• pp.487-489
• /
• 2018

This paper presents chaotic Lorenz system implementation for secure data communication applications. In this work chaotic signal is generated by a PIC18F family based microcontroller, XC8 compilers have been utilized for the compilation of C code of microcontroller program. For simulation work Matlab and Proteus platforms were utilized and finally, chaotic time waveforms, 2D and 3D chaotic attractor were obtained and secure communication waveforms were achieved successfully.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.582-596
• /
• 2019

Considering that the existing Long Term Evolution is not suitable for the fast and frequent handovers of high-speed trains, this paper proposes a relay-assisted handover mechanism to solve the problems of long handover authentication time and vulnerable to security attacks. It can achieve mutual authentication for train-ground wireless communication, and data transmission is consistent with one-time pad at the same time. The security analysis, efficiency analysis and simulation results show that the proposed mechanism not only realizes the forward security and resists many common attacks, but also effectively reduces the computational overhead of train antenna during the secure handover process. When the running speed of a train is lower than 500km/h, the handover delay is generally lower than 50ms and the handover outage probability is less than 1.8%. When the running speed of a train is 350km/h, the throughput is higher than 16.4mbps in the process of handover. Therefore, the secure handover mechanism can improve the handover performance of high-speed trains.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.3
• /
• pp.1212-1228
• /
• 2016

Secure communication is an important aspect of today's interconnected environments and it can be achieved by the use of cryptographic algorithms and protocols. However, many existing cryptographic mechanisms are tightly integrated into communication protocols. Issues emerge when security vulnerabilities are discovered in cryptographic mechanisms because their replacement would eventually require replacing deployed protocols. The concept of cryptographic agility is the solution to these issues because it allows dynamic switching of cryptographic algorithms and keys prior to and during the communication. Most of today's secure protocols implement cryptographic agility (IPsec, SSL/TLS, SSH), but cryptographic agility mechanisms cannot be used in a standalone manner. In order to deal with the aforementioned limitations, we propose a lightweight cryptographically agile agreement model, which is formally verified. We also present a solution in the Agile Cryptographic Agreement Protocol (ACAP) that can be adapted on various network layers, architectures and devices. The proposed solution is able to provide existing and new communication protocols with secure communication prerequisites in a straightforward way without adding substantial communication overhead. Furthermore, it can be used between previously unknown parties in an opportunistic environment. The proposed model is formally verified, followed by a comprehensive discussion about security considerations. A prototype implementation of the proposed model is demonstrated and evaluated.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.6 no.1
• /
• pp.1-6
• /
• 2011

This study used the disaster to build secure wireless networks for business interruption and disaster-related agencies no secure wireless network equipment, along with the aging of life and property damage has been increasing concern at spreading under the study is to propose preventive measures.

• Convergence Security Journal
• /
• v.3 no.1
• /
• pp.31-37
• /
• 2003

This paper proposed a model supporting secure mechanism both group communication service and subgroup communication service of TETRA system that the standard developed by the technical committee Radio Equipment and Systems(RES) of the European Telecommunications Standards Institute(ETSI) provides a pure digital information technology for the transmission of speech and data. In each scheme, members in a subgroup maintains its subgroup key, which is not distributed, but computed by each member in the subgroup only with his own secret information and public values and secure subgroup members in a same subgroup can communication securely each other by using their subgroup key. Also, all members in group can share securely a group key. In communication services of TETRA system, this model supports mechanism for both group and subgroup communication are simultaneously needed.

• The KIPS Transactions:PartC
• /
• v.10C no.3
• /
• pp.335-344
• /
• 2003

In accordance with the changes in the wireless communication environment, there has been a great need to satisfy the demand for diverse modes of information exchange. Various types of short-distance wireless communication technology have been developed and studied to meet this demand. Among them, Bluetooth and WLAN which has recently been acclaimed as the standard for short-distance wireless communication, has been the focus of many such studies. However, Bluetooth and WLAN has weaknesses in its security features when its in real services are applied to m-commerce. The purpose of this study is to propose techniques that affinity considers to item that is non-security enemy who is although there is no public secure division direct connection in peculiar environment of radio environment as well as limitation security enemy of short distance radio communication. Propose secure monitoring techniques for straggling device to user center also applying proposed way to Bluetooth and WLAN that are short distance communication representative technology based on item that is security enemy and item that is rain suity enemy.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.3 no.4
• /
• pp.313-318
• /
• 2002

The Integration of agent technology and security technology is needed to many application areas like electronic commerce. This paper suggests a model of extended multi-agent engine which supports privacy, integrity, authentication and non-repudiation on agent communication. Each agent which is developed with the agent engine is composed of agent engine layer and agent application layer. We describe and use the concepts self-to-self messages, secure communication channel, and distinction of KQML messages in agent application layer and messages in agent engine layer. The suggested agent engine provides an agent communication language which is extended to enable secure communication between agents without any modifications or restrictions to content layer and message layer of KQML. Also, in the model of our multi-agent engine, secure communication is expressed and processed transparently on the agent communication language.

• Journal of information and communication convergence engineering
• /
• v.14 no.2
• /
• pp.89-96
• /
• 2016

In mobile communication, there are various types of handoff for the support of all forms of mobility. Proxy mobile IPv6 (PMIPv6) enables local network-based mobility management of a mobile node without any effect of mobility-related signaling. Recently, PMIPv6 has been considered for supporting mobility management in LTE/SAE-based mobile networks. To support seamless mobility in heterogeneous mobile networks, the overall cost of handoffs needs to be minimized and the procedure should be guaranteed to be secure. However, the reduction of the authentication cost has not been fully investigated to provide seamless connectivity when mobile users perform a handoff between the PMIPv6 domains. This paper proposes secure pre-authentication schemes, completing an authentication procedure before performing a handoff, for a fast handoff in PMIPv6. Analytic models have been used for measuring the authentication latency and for the overhead cost analysis. In addition to providing fast authentication, the proposed pre-authentication schemes can prevent threats such as replay attacks and key exposure.

• Proceedings of the Korean Information Science Society Conference
• /
• 2008.06d
• /
• pp.62-65
• /
• 2008

Mobile IPv6에서 단말이 이동을 하게 되면 경로 최적화를 위한 바인딩 업데이트를 하게 된다. 안전한 바인딩 업데이트를 위해 RFC 3775에서 Return Routability가 제안 되었다. 그러나 Return Routability는 MN과 HA 사이에는 IPSec으로 Secure Path를 보장 받지만, MN과 CN 사이에는 바인딩 업데이트 과정에 공격자가 개입할 경우 다양한 공격에 노출될 수 있다. 이에 본 논문에서는CN도 MN과 같이 HA와 Secure Channel을 보유한 이동 단말일 경우, 각 HA 사이에 커버로스 서버를 이용한 키 분배를 통해 바인딩 업데이트 메시지가 전달되는 전 구간에 걸쳐 안전한 경로를 확보하는 아키텍쳐를 제안한다.