• Journal of Internet Computing and Services
• /
• v.13 no.2
• /
• pp.59-71
• /
• 2012

PKI-based public key scheme is outstanding in terms of authenticity and privacy. Nevertheless its application brings big burden due to the certificate/key management. It is difficult to apply it to limited computing devices in WSN because of its high encryption complexity. The Bilinear Pairing emerged from the original IBE to eliminate the certificate, is a future significant cryptosystem as based on the DDH(Decisional DH) algorithm which is significant in terms of computation and secure enough for authentication, as well as secure and faster. The practical EC Weil Pairing presents that its encryption algorithm is simple and it satisfies IND/NM security constraints against CCA. The Random Oracle Model based IBE PKG is appropriate to the structure of our target system with one secret file server in the operational perspective. Our work proposes modification of the Weil Pairing as proper to the closed network for secret file distribution[2]. First we proposed the improved one computing both encryption and message/user authentication as fast as O(DES) level, in which our scheme satisfies privacy, authenticity and integrity. Secondly as using the public key ID as effective as PKI, our improved IBE variant reduces the key exposure risk.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.8 no.3
• /
• pp.549-555
• /
• 2007

A digital signature scheme provides integrity of the document, authentication and non-repudiation of a signer. Usually the key for digital signature is stored in hard disk or removal disk storage. The drawback of this approach is that the signer can let the agent to sign instead of the signer by providing the key information. It can be abused in applications such as electronic election. In this paper, we propose the undeniable biometric digital multi-signature scheme suitable for applications where the signer should not make an agent sign instead of himself/herself. The undeniable multi-signature scheme requires many signers and only the designated user can confirm the authenticity of multi-signature. The proposed scheme satisfies undeniable property and it is secure against active attacks such as modification and denial of the multi-signature by signers. As the key is generated through the signer's fingerprint image, it's also secure against signing by an agent.

• Proceedings of the Korean Institute Of Construction Engineering and Management
• /
• 2007.11a
• /
• pp.77-82
• /
• 2007

This paper discusses on implementation methods for providing data exchange capability of the Construction Project Lifecycle Management System (CPLM). Because most information media currently used in the construction industry are computer files, the system must be capable of handling various file types; however, The goals of PLM cannot be achieved if the contents of the files are communicated freely, which can only be achieved using a standardized information model that has comprehensive coverage of all information produced within the projects (i.e., a BlM). Several methods of adopting the model are investigated here, and a transitional implementation method for K-IFC is suggested, in which a file-based exchange backed by the BlM can evolve into object-level transactions of the BIM with not only advanced data integrity and security, but also improved communications between the project participants.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.3
• /
• pp.440-448
• /
• 2021

This paper presents problems of network technology in smart grid and implements a blockchain-based LoRa multi-hop network to solve them. Since some smart grid applications are operated in harsh environments, it is difficult to establish communication infrastructure. We propose a LoRa network with multi-hop using the Flooding routing protocol. Smart grid environment composes an independent network using various power grid protocols depending on the application. Since this has a problem that an independent infrastructure must be established for each network, a single gateway device supports multiple power grid protocols to implement a method for network integration. Lastly, the author applied Hyperledger-based blockchain to the LoRa network to ensure the integrity of data in a smart grid environment, and strengthened security by physically distributing it. After constructing the three suggestions on the actual test bed, we confirmed that the network operates normally through experiments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.6
• /
• pp.131-142
• /
• 2007

In this paper, semi-fragile watermarking algorithm was proposed for the application to RP(Rapid Prototyping) system. In the case of the perceptual change or distortion of the original one, the prototype product will be affected from the process because the RP system requires the high precision measure. Therefore, the geometrical transformations like translation, rotation and scaling, the mesh order change and the file format change are used in the RP system because they do not change the basic shapes of the 3D models, but, the decimation and the smoothing are not used because they change the models. The proposed algorithm which is called semi-fragile watermarking is robust against to these kinds of manipulations which preserve the original shapes because it considers the limitations of the RP system, but fragile against to the other manipulations which change the original shapes. This algorithm does not change the model shapes after embedding the watermark information, that is, there is no shape difference between the original model and the watermarked model. so, it will be useful to authenticate the data integrity and hide the information in the field of mechanical engineering which requires the high precision measure.

• The KIPS Transactions:PartC
• /
• v.10C no.3
• /
• pp.281-286
• /
• 2003

Nowadays, a patient's private medical data which is exposed to the outside world has a severe effect on not only the patient's private life but also his/her social activities and environment. So, it is important to securely protect the patient's private medical data from the illegal manipulation. This paper studies the method to store the electronic prescription information in an IC card. For that, an access control for users, such as a doctor, a nurse, a medical institute member, a pharmacy, a pharmacist, or a patient, is proposed to access the data stored in an IC card. The certificate is issued using the Crypto API of a certificate management model supported by Windows 2000. The public/private key is created by the Cryptographic Service Provider program, and the electronic prescription is signed using the digital signature. The proposed system, therefore, can improve the quality of medical services by securing the safety and integrity of the electronic prescription, stored in an IC card.

• The KIPS Transactions:PartC
• /
• v.18C no.3
• /
• pp.157-166
• /
• 2011

The virtualization layer is executed in higher authority layer than kernel layer and suitable for monitoring operating systems. However, existing virtualization monitoring systems provide simple information about the usage rate of CPU or memory. In this paper, the monitoring system using full virtualization technique is proposed, which can monitor virtual machine's dynamic kernel object as memory, register, GDT, IDT and system call table. To verify the monitoring system, the proposed system was implemented based on KVM(Kernel-based Virtual Machine) with full virtualization that is directly applied to linux kernel without any modification. The proposed system consists of KvmAccess module to access KVM's internal object and API to provide other external modules with monitoring result. In experiments, the CPU utilization for monitoring operations in the proposed monitering system is 0.35% when the system is monitored with 1-second period. The proposed monitoring system has a little performance degradation.

• Smart Media Journal
• /
• v.10 no.1
• /
• pp.88-98
• /
• 2021

As blockchain technology has emerged as a security issue for IoT, technology which integrates block chain into IoT is being studied. In this paper is a research concerning token-based IoT service access control technology for data sharing, which propose a possessor focused data sharing technic by using the permissioned blockchain. To share IoT health data, a Hyperledger Fabric Network consisting of three organizations was designed to provide a way to share data by applying different access control policies centered on device owners for different services. In the proposed system, the device owner issues access control tokens with different security levels applied to the participants in the organization, and the token issue information is shared through the distributed ledger of the HFN. In IoT, it is possible to lightweight the access control processing of IoT devices by granting tokens to service requesters who request access to data. Furthmore, by sharing token issuance information among network participants using HFN, the integrity of the token is guaranteed and all network participants can trust the token. The device owners can trust that their data is being used within their authorized rights, and control the collection and use of data.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.1
• /
• pp.171-178
• /
• 2021

In this paper, the author proposes a method for detecting modification of transmitted messages in C/C++ based Discrete Event System Specification (DEVS) simulation. When a message generated by a model instance is delivered to other model instances, it may be modified by some of the recipients. Such modifications may corrupt simulation results, which may lead to wrong decision making. In the proposed method, every model instance stores a copy of every transmitted message. Before the deletion of the transmitted message, the instance compares them. Once a modification has been detected, the method interrupt the current simulation run. The procedure is automatically performed by a simulator instance. Thus, the method does not require programmers to follow secure coding or to add specific codes in their models. The performance of the method is compared with a DEVS simulator.

• Journal of KIISE:Computing Practices and Letters
• /
• v.12 no.3
• /
• pp.192-207
• /
• 2006

Today, the SSL protocol has been used as core part in various computing environments or security systems. But, the SSL protocol has several problems, because of the rigidity on operating. First, SSL protocol brings considerable burden to the CPU utilization so that performance of the security service in encryption transaction is lowered because it encrypts all data which is transferred between a server and a client. Second, SSL protocol can be vulnerable for cryptanalysis due to the key in fixed algorithm being used. Third, it is difficult to add and use another new cryptography algorithms. Finally. it is difficult for developers to learn use cryptography API(Application Program Interface) for the SSL protocol. Hence, we need to cover these problems, and, at the same time, we need the secure and comfortable method to operate the SSL protocol and to handle the efficient data. In this paper, we propose the SSL component which is designed and implemented using CBD(Component Based Development) concept to satisfy these requirements. The SSL component provides not only data encryption services like the SSL protocol but also convenient APIs for the developer unfamiliar with security. Further, the SSL component can improve the productivity and give reduce development cost. Because the SSL component can be reused. Also, in case of that new algorithms are added or algorithms are changed, it Is compatible and easy to interlock. SSL Component works the SSL protocol service in application layer. First of all, we take out the requirements, and then, we design and implement the SSL Component, confidentiality and integrity component, which support the SSL component, dependently. These all mentioned components are implemented by EJB, it can provide the efficient data handling when data is encrypted/decrypted by choosing the data. Also, it improves the usability by choosing data and mechanism as user intend. In conclusion, as we test and evaluate these component, SSL component is more usable and efficient than existing SSL protocol, because the increase rate of processing time for SSL component is lower that SSL protocol's.