• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.10B
• /
• pp.880-890
• /
• 2004

As the side effects of information society, for example hacking, virus, etc., diffuse, the information security becomes one of the most important issues over the world. Information security manpower who produce the information security products, and who conduct the information security services are critical factor to complete secure information society In spite of many Plans formulated and implemented by government and civil sector, there is no systematic analysis on the current status of information security educational institutions. This article aims to analyze the current status of information security educational institutions - colleges, universities and graduate schools-with Statistical Yearbook of Education, and to predict the supply of information supply manpower.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.12
• /
• pp.3244-3260
• /
• 2013

A three-party password-based authenticated key exchange (PAKE) protocol allows two clients registered with a trusted server to generate a common cryptographic key from their individual passwords shared only with the server. A key requirement for three-party PAKE protocols is to prevent an adversary from mounting a dictionary attack. This requirement must be met even when the adversary is a malicious (registered) client who can set up normal protocol sessions with other clients. This work revisits three existing three-party PAKE protocols, namely, Guo et al.'s (2008) protocol, Huang's (2009) protocol, and Lee and Hwang's (2010) protocol, and demonstrates that these protocols are not secure against offline and/or (undetectable) online dictionary attacks in the presence of a malicious client. The offline dictionary attack we present against Guo et al.'s protocol also applies to other similar protocols including Lee and Hwang's protocol. We conclude with some suggestions on how to design a three-party PAKE protocol that is resistant against dictionary attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.2
• /
• pp.751-765
• /
• 2012

Key establishment protocols are fundamental for establishing secure communication channels over public insecure networks. Security must be given the topmost priority in the design of a key establishment protocol. In this work, we provide a security analysis on two recent key establishment protocols: Harn and Lin's group key transfer protocol and Dutta and Barua's group key agreement protocol. Our analysis shows that both the Harn-Lin protocol and the Dutta-Barua protocol have a flaw in their design and can be easily attacked. The attack we mount on the Harn-Lin protocol is a replay attack whereby a malicious user can obtain the long-term secrets of any other users. The Dutta-Barua protocol is vulnerable to an unknown key-share attack. For each of the two protocols, we present how to eliminate their security vulnerabilities. We also improve Dutta and Barua's proof of security to make it valid against unknown key share attacks.

• Journal of Information Processing Systems
• /
• v.16 no.5
• /
• pp.1113-1128
• /
• 2020

Ad hoc networks play an important role in mobile communications, and the performance of nodes has a significant impact on the choice of communication links. To ensure efficient and secure data forwarding and delivery, an intelligent routing protocol (IAODV) based on learning method is constructed. Five attributes of node energy, rate, credit value, computing power and transmission distance are taken as the basis of segmentation. By learning the selected samples and calculating the information gain of each attribute, the decision tree of routing node is constructed, and the rules of routing node selection are determined. IAODV algorithm realizes the adaptive evaluation and classification of network nodes, so as to determine the optimal transmission path from the source node to the destination node. The simulation results verify the feasibility, effectiveness and security of IAODV.

• Journal of Environmental Impact Assessment
• /
• v.9 no.3
• /
• pp.239-248
• /
• 2000

The aggravating water quality from the expansion of industrialization along with increasing population lead to develop more intensive physical measures to secure better drinking water quality. This study was mainly initiated to establish a water-pollutant buffering zone for the upper stream basin of Paldang--the major source area of drinking water for the metropolitan Seoul and suburban areas with a population more than 13 million. Two different criteria were considered in determining the buffering distance from the edge of the streamflow : 1km-width buffer zone for the special protection area which has been strictly controlled by the conventional laws for the protection of drinking water supply, and 500m-width buffer zone for the rest of the area. To delineate the exact boundaries of the water-pollutant buffering zone, GIS database was created integrating topography, hydrography, cadastral, and other related layers. The newly designated water-pollutant buffering zone would contribute to improve the water quality in a long term along with the conservation of the wet land. More study, however, should be made within the water-pollutant buffering zone such as the detailed survey of the pollutants, vegetation, and ecosystem for more effective management of the buffering zone.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.26 no.11C
• /
• pp.102-112
• /
• 2001

This paper analyzes Security Performance and Processing Performance to measure performance between nodes by using AH and ESP protocol. IPsec VPN provides application with security service implemented in IP Layer while traffic cost and packet processing time it increased by encryption, decryption and authentication in AH and ESP. We measured overall packet processing time and IPsec module processing time. The result of the efficiency test showed that the factors of influencing electrical transmission efficiency were the size of electrical transmission packets, codes used for tunnelling, authentication functions, CPU velocity of host7, and the embodiment of IPsec; for a high capacity traffic, IPsec transmission was not appropriate, because transmission velocity was delayed by more than ten times in comparison with Non-IPsec.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.10B
• /
• pp.1013-1020
• /
• 2009

This paper proposes an authentication protocol using the key server in the ECPglobai RFID system. The proposed authentication protocol uses the key server and the time-out mechanism to resist various attacks including DoS(Denial of Service) attack. For easy implementation, the proposed protocol also uses the function existing in EPCglobal class 1 gen2 protocol without additive function such as hash function. The proposed protocol is evaluated through two analytical methods. The correctness of the proposed protocol is proved using the GNY analysis. By the security analysis, this paper showed that the proposed protocol is resistant to various attacks including DoS attack. The analytical results demonstrated that the proposed protocol offered a secure RFID system.

• Journal of Information Technology Applications and Management
• /
• v.24 no.1
• /
• pp.81-91
• /
• 2017

In Korea, "Act on the Development of Cloud Computing and Protection of its Users" has been enforced since September 28, 2015. Many countries implemented 'Cloud First' policies and global companies such as Amazon, Microsoft, IBM started cloud services in Korea. Under these circumstance, the Act was established for developing the cloud computing industry. The Act includes clauses for encouraging the use of private cloud computing by public organizations, supporting small- and medium-size cloud service providers, and utilizing secure cloud computing services by users. However, some terms appear to be similar but have different meanings from "Act on Promotion of Information and Communications Network Utilization and Information Protection, etc." and "Personal Information Protection Act". This generated some confusion and conflicts in relation to providing user information to a 3rd party and notifying the intrusion in the Cloud Computing Act. This paper discusses these issues and suggestions for revision of the Cloud Computing Act.

• 전자공학회논문지 IE
• /
• v.48 no.2
• /
• pp.52-60
• /
• 2011

RFID is method used on wireless system. However, this mechanism is not used for authentication and security. Therefore, it is very vulnerable to attacks such as dropping attacks and traffic attacks. the RFID Tags are of the limited nature due to environment factors and there is greater constraints in designing authentication protocol. If we do not RFID to secure corporate information and product all the information will be exposed. The attacker will break into the RFID system and stop the distribution system. So, this paper proposes a new authentication protocol which provides not only unlimited access to Tag&Reader and connection between Tag and Reader bet also provides authentication mechanism by defining the key distribution.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.5
• /
• pp.841-850
• /
• 2015

XaaS (Everything as a Service) provides re-usable, fine-grained software components like software, platform, infra across a network. Then users usually pay a fee to get access to the software components. It is a subset of cloud computing. Since XaaS is provided by centralized service providers, it can be a target of various security attacks. Specially, if XaaS becomes the target of APT (Advanced Persistent Threat) attack, many users utilizing XaaS as well as XaaS system can be exposed to serious danger. So various solutions against APT attack are proposed. However, they do not consider all aspects of security control, synthetically. In this paper, we propose overall security checkup considering technical aspect and policy aspect to securely operate XaaS.