• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제6권4호
• /
• pp.1223-1247
• /
• 2012

The need for securing Wireless Sensor Networks (WSNs) is essential especially in mission critical fields such as military and medical applications. Security techniques that are used to secure any network depend on the security requirements that should be achieved to protect the network from different types of attacks. Furthermore, the characteristics of wireless networks should be taken into consideration when applying security techniques to these networks. In this paper, energy efficient Security Model for Tree-based Routing protocols (SMTR) is proposed. In SMTR, different attacks that could face any tree-based routing protocol in WSNs are studied to design a security reference model that achieves authentication and data integrity using either Message Authentication Code (MAC) or Digital Signature (DS) techniques. The SMTR communication and processing costs are mathematically analyzed. Moreover, SMTR evaluation is performed by firstly, evaluating several MAC and DS techniques by applying them to tree-based routing protocol and assess their efficiency in terms of their power requirements. Secondly, the results of this assessment are utilized to evaluate SMTR phases in terms of energy saving, packet delivery success ratio and network life time.

• Journal of Communications and Networks
• /
• 제14권1호
• /
• pp.104-110
• /
• 2012

Group key agreement protocols allow a group of users, communicating over a public network, to establish a shared secret key to achieve a cryptographic goal. Protocols based on certificateless public key cryptography (CL-PKC) are preferred since CL-PKC does not need certificates to guarantee the authenticity of public keys and does not suffer from key escrow of identity-based cryptography. Most previous certificateless group key agreement protocols deploy signature schemes to achieve authentication and do not have constant rounds. No security model has been presented for group key agreement protocols based on CL-PKC. This paper presents a security model for a certificateless group key agreement protocol and proposes a constant-round group key agreement protocol based on CL-PKC. The proposed protocol does not involve any signature scheme, which increases the efficiency of the protocol. It is formally proven that the proposed protocol provides strong AKE-security and tolerates up to $n$-2 malicious insiders for weak MA-security. The protocol also resists key control attack under a weak corruption model.

• 대한전기학회논문지:전력기술부문A
• /
• 제50권8호
• /
• pp.388-394
• /
• 2001

This paper presents how to determine the optimal operating points of Unified Power Flow controllers (UPFC) the line flow control of which can enhance system security level. In order to analyze the effect of these devices on the power system, the decoupled model has been employed as a mathematical model of UPFC for power flow analysis. The security index that indicates the level of congestion of transmission line has been proposed and minimized by iterative method. The sensitivity of objective function for control variables of and UPFC has been derived, and it represents the change in the security index for a given set of changes in real power outputs of UPFC. The proposed algorithm with sensitivity analysis gives the optimal set of operating points of multiple UPECs that reduces the index or increases the security margin and Marquart method has been adopted as an optimization method because of stable convergence. The algorithm is verified by the 10-unit 39-bus New England system that includes multiple FACTS devices. The simulation results show that the power flow congestion can be relieved in normal state and the security margin can be guaranteed even in a fault condition by the cooperative operation of multiple UPECs.

• 정보보호학회논문지
• /
• 제16권2호
• /
• pp.71-80
• /
• 2006

신뢰할 수 있는 무선 센서 네트워크 통신을 위해, 무선 센서 노드들 사이의 보안 키들은 안전하게 설립되어야 한다. 최근에, Anderson, Chad 그리고 Perrig들은 소모형 센서 네트워크 환경을 위한 보안 키 설립 스킴을 제안하였다. 그들은 공격 가능성이 적은 소모형 센서 네트워크 환경에 적합한 현실적인 공격 모델을 제안하였다. 그러나 제안된 스킴은 그들이 정의한 공격 모델에서 취약점을 가지고 있다. 본 논문에서는 그 취약점을 설명하고 개선된 스킴을 제안한다. 더불어, 우리가 제안한 스킴은 추가적인 통신비용을 요구하지 않으면서 센서 배치 전에 센서 노드가 잠재적인 키를 저장 할 필요도 없다.

• International journal of advanced smart convergence
• /
• 제12권1호
• /
• pp.41-52
• /
• 2023

The purpose of this study is to review the proposed solutions to the Blockchain trilemma put forward by various research scholars and to draw conclusions by comparing the findings of each study. We found that the models so far developed either compromise scalability, decentralization, or security. The first model compromises decentralization. By partially centralizing the network, transaction processing speed can be improved, but security strength is weakened. Examples of this include Algorand and EOS. Because Algorand randomly selects the node that decides the consensus, the security of Algorand is better than EOS, wherein a designated selector decides. The second model recognizes that scalability causes a delay in speed when transactions are included in a block, reducing the system's efficiency. Compromising scalability makes it possible to increase decentralization. Representative examples include Bitcoin and Ethereum. Bitcoin is more vital than Ethereum in terms of security, but in terms of scalability, Ethereum is superior to Bitcoin. In the third model, information is stored and managed through various procedures at the expense of security. The application case is to weaken security by applying a layer 1 or 2 solution that stores and reroutes information. The expected effect of this study is to provide a new perspective on the trilemma debate and to stimulate interest in continued research into the problem.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2021년도 춘계학술대회
• /
• pp.657-660
• /
• 2021

영상정보처리기기(CCTV)는 민감 정보를 수집, 전송, 저장하는 데 있어서 관리적, 물리적, 기술적 측면에서 포괄적으로 보안관리가 이뤄져야 한다. 이를 위해 영상정보처리에 관련된 암호기술, 기술인증, 보호기술, 보안장비에 대한 적용 기준이 필요하다. 본 논문에서는 영상정보처리기기에 관련된 다양한 보안기술, 인증제도를 분석하여 영상정보처리기기의 구축 및 운영에 적용하여 포괄적 보안관리를 위한 암호·인증·보호·체계(CCPS; Cryptography·Certification·Protection·System) 모델을 제안한다.

• 한국방재학회:학술대회논문집
• /
• 한국방재학회 2008년도 정기총회 및 학술발표대회
• /
• pp.629-632
• /
• 2008

Risk-based security impact evaluation may be affected by various factors according to numerous combinations of explosive devices, cutting devices, impact vehicles, and specific attack location to consider. Presently, in planning and design phases, designers are still often uncertain of their responsibility, lack of information and training of security. Therefore, designers are still failing to exploit the potential to reduce threats on site. In this study, the concept of security impact assessment is introduced in order to derive the performing design for safety in design phase. For this purpose, a framework for security impact assessment model using risk-based approach for bridge structures is suggested. The suggested model includes of information survey, classification of terror threats, and quantitative estimation of severity and occurrence.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권5호
• /
• pp.2414-2428
• /
• 2018

In order to solve the problem that the current network security situation assessment methods just focus on the attack behaviors, this paper proposes a kind of network security situation assessment method based on Markov Decision Process and Game theory. The method takes the Markov Game model as the core, and uses the 4 levels data fusion to realize the evaluation of the network security situation. In this process, the Nash equilibrium point of the game is used to determine the impact on the network security. Experiments show that the results of this method are basically consistent with the expert evaluation data. As the method takes full account of the interaction between the attackers and defenders, it is closer to reality, and can accurately assess network security situation.

• 정보보호학회논문지
• /
• 제19권5호
• /
• pp.131-142
• /
• 2009

정보보호제품 사용자는 보안성과 성능을 포함한 좋은 품질의 정보보호제품을 요구하고 있으나 정보보호제품에 대한 품질평가는 물론 다양한 정보보호제품의 품질을 평가하기 위한 품질 모델과 정보보호제품별 메트릭에 대한 연구가 전무한 실정이다. 본 논문에서는 정보보호제품을 3가지 제품군으로 분류하고, 다양한 정보보호제품이 가질 수 있는 보안성과 성능을 분석하였다. 이를 통하여 정보보호제품의 보안성과 성능이 고려된 품질 모델을 새롭게 정의하였고 정의된 품질모델은 7개의 품질 특성과 24개의 품질 부특성을 가진다. 또한, 정보보호제품의 품질평가에 사용가능한 62개의 공통 메트릭과 45개의 확장 메트릭으로 구성하고 특정 정보보호제품의 품질평가 메트릭을 생성하는 방법을 제안하였다. 제안된 메트릭 생성 방법은 다양한 정보보호제품에 적용할 수 있도록 메트릭의 확장이 가능하며 침입차단시스템, 침입탐지시스템 및 지문인식시스템에 대한 품질평가 메트릭을 생성하고 검증하여 다양한 정보보호제품에 적용가능함을 보였다.

• 융합보안논문지
• /
• 제1권1호
• /
• pp.1-7
• /
• 2001

본 논문에서는 접근제어 요구 사항의 복잡한 문제를 해결하기 위한 직무기반 접근제어 모델을 설계하였다. 본 논문에서 설계한 접근제어 모델은 직무기반 접근제어를 이용하여 권한을 효과적으로 통제하고, 신분 및 규칙기반 접근제어를 이용하여 정보의 비밀성, 무결성 및 가용성의 보장과 불법적인 유통을 방지할 수 있다. 설계된 접근제어 모델은 직무, 보안등급, 무결성 등급 및 소유권 등의 다단계 보안 정책을 기반으로 하여 자원에 대한 불법적인 접근을 방어 할 수 있다.