• Journal of Convergence for Information Technology
• /
• v.8 no.3
• /
• pp.85-90
• /
• 2018

Blockchain technology provides distributed trust structure; with this, we can implement a system that cannot be forged and make Smart Contract possible. With blockchain technology emerging as next generation security technology, there have been studies on authentication and security services that ensure integrity. Although Internet-based services have been going with user authentication with password, the information can be stolen through a client and a network and the server is exposed to hacking. For the reason, we suggest blockchain technology and OTP based authentication mechanism to ensure integrity. In particular, the Two-Factor Authentication is able to ensure secure authentication by combining OTP authentication and biometric authentication without using password. As the suggested authentication applies multiple hash functions and generates transactions to be placed in blocks in order for biometric information not to be identified, it is protected from server attacks by being separate from the server.

• Journal of Digital Convergence
• /
• v.17 no.1
• /
• pp.195-201
• /
• 2019

This paper proposes a blockchain system to share Wireless Local Area Network (WLAN) that recently suffers from mutual interference among increasing devices using unlicensed bands. Blockchain technology can induce cooperation from users by incentivizing them with cryptocurrency like shown in Bitcoin example. In this paper, we describe Blockchain based access mechanism in WLAN instead of conventional authentication based access. Here, users can access any WLAN access point by paying through smart contract while they also receive payment from others. In order to support real-time transaction, we apply proof-of-authority that is realized by Byzantine fault tolerant protocol instead of well-known proof-of-work that requires huge computing power and delay.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.3
• /
• pp.59-67
• /
• 2021

Blockchain technology began in 2008 when an unidentified person named Satoshi Nakamoto proposed a cryptocurrency called Bitcoin. Satoshi Nakamoto had distrust of the existing financial system and wanted to implement a financial system that is robust against hacking or mannipulation without a middleman such as a bank through blockchain technology. Satoshi proposed a blockchain as a technology to prevent the creation of the bitcoin and forging of transactions, and through this, the functions of issuance, transaction, and verification of currency were implemented. Since then, Ethereum, a cryptocurrency that can implement the smart contract on the blockchain, has been developed, allowing financial products that require complex contracts such as deposits, loans, insurance, and derivatives to be brought into the area of cryptocurrency. In addition, it is expanding the possibility of substituting products provided by financial institutions through combination with real assets. These applications are defined as Decentralized Finance (DeFi). This paper was prepared to understand the overall technical understanding of DeFi and to introduce the services currently in operation. First, the technologies and ecosystems that implement the overall DeFi are explained, and then the representative DeFi services are categorized by feature and described.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.2
• /
• pp.79-88
• /
• 2021

In this paper, we propose a API Gateway technique for the expansion of human resource management module, one of the ERP functions. The institution has introduced ERP (Enterprise Resource Planning) based on its efforts to transform all human and physical resources into business competitiveness and its response to the digital knowledge informatization environment, and listed it as multiple success factors. Human resource management is one of the factors that have been dealt with. However, ERP's Human Resources Management Module remains in the role of functional personnel management. How to utilize human resources begins with navigating and recognizing human resources. The proposed API Gateway technique leverages blockchain networks to design and implement APIs for human resource sharing and navigation, including the possibility of extending ERP's human resource management module. Secondly, it was designed and implemented using a smart contract that behaves like an API for preventing information forgery. The proposed method will not only be used as a tool that can actively utilize human resources, but will also be a complete resource for utilizing big data technology.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.2
• /
• pp.445-466
• /
• 2022

As everything linking to the internet, people can subscribe to various services from a service provider to facilitate their lives through the Internet of Things (IoT). An obligatory thing for the service provider is that they should push the service data safely and timely to multiple IoT terminal devices regularly after the IoT devices accomplishing the service subscription. In order to control the service message received by the legal devices as while as keep the confidentiality of the data, the public key encryption algorithm is utilized. While the existing public encryption algorithms for push service are too complicated for IoT devices, and almost of the current subscription schemes based on push mode are relying on centralized organization which may suffer from centralized entity corruption or single point of failure. To address these issues, we design a secure subscription-push service scheme based on blockchain and edge computing in this article, which is decentralized with secure architecture for the subscription and push of service. Furthermore, inspired by broadcast encryption and multicast encryption, a new encryption algorithm is designed to manage the permissions of IoT devices together with smart contract, and to protect the confidentiality of push messages, which is suitable for IoT devices. The edge computing nodes, in the new system architecture, maintain the blockchain to ensure the impartiality and traceability of service subscriptions and push messages, meanwhile undertake some calculations for IoT devices with limited computing power. The legalities of subscription services are guaranteed by verifying subscription tags on the smart contract. Lastly, the analysis indicates that the scheme is reliable, and the proposed encryption algorithm is safe and efficient.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.22 no.2
• /
• pp.151-157
• /
• 2022

In this paper, the performance of various blockchain consensus algorithms was compared and analyzed as a method to increase the transaction cost and processing time during NFT transactions and to increase the transaction stability requirements that occur during smart contract execution. Network reliability and TPS are evaluation items for performance comparison. TPS and the stability of the Consensus algorithm are presented for three evaluation items. In order to establish a standardized expression for each evaluation item, the reliability of the node and the success rate of the smart contract were considered as variables in the calculation formula, and the performance of the consensus algorithm of the three groups, PoW/PoS, Paxos/Raft and PBFT, was compared under the same conditions. / analyzed. As a result of the performance evaluation, the network reliability of the three groups was similar, and in the case of the remaining two evaluation items, it was analyzed that the PBFT consensus algorithm was superior to other consensus algorithms. Through the performance evaluation equations and results of this study, it was analyzed that when the PBFT consensus processing process is reflected in the consensus process, the network reliability can be guaranteed and the stability and economic efficiency of the consensus algorithm can be increased.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.3
• /
• pp.916-937
• /
• 2023

Most of the existing Distributed Denial-of-Service mitigation schemes in Software-Defined Networking are only implemented in the network domain managed by a single controller. In fact, the zombies for attackers to launch large-scale DDoS attacks are actually not in the same network domain. Therefore, abnormal traffic of DDoS attack will affect multiple paths and network domains. A single defense method is difficult to deal with large-scale DDoS attacks. The cooperative defense of multiple domains becomes an important means to effectively solve cross-domain DDoS attacks. We propose an efficient multi-domain DDoS cooperative defense mechanism by integrating blockchain and SDN architecture. It includes attack traceability, inter-domain information sharing and attack mitigation. In order to reduce the length of the marking path and shorten the traceability time, we propose an AS-level packet traceability method called ASPM. We propose an information sharing method across multiple domains based on blockchain and smart contract. It effectively solves the impact of DDoS illegal traffic on multiple domains. According to the traceability results, we designed a DDoS attack mitigation method by replacing the ACL list with the IP address black/gray list. The experimental results show that our ASPM traceability method requires less data packets, high traceability precision and low overhead. And blockchain-based inter-domain sharing scheme has low cost, high scalability and high security. Attack mitigation measures can prevent illegal data flow in a timely and efficient manner.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.12
• /
• pp.115-127
• /
• 2023

In this paper, we propose a SBT user authentication method for decentralized environment like blockchain. Due to tranparancy of blockchain, it is difficult to secure the privacy of person information, so it is necessary to use a new authentication method. In order to solve this problem, research using SBT for user authentication is being conducted, however most studies have implemented SBT in form of removing function which is related to trasmission from NFT without applying the technical features requried for SBT. The proposed scheme of this paper is implemented SBT which secured safetey and usabillity with using locking token function of ERC-5192. Also, based of implemented SBT scheme propose a user authentication process. To verify our approach, we set a hypothetical user authentication scenario based on the proposed user authentication process and deployed a smart contract that satisfies the 19 function call scenarios that occur in that scenario.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.10
• /
• pp.73-80
• /
• 2018

The shared economy began with the concept of sharing the physical and intellectual assets of individuals with others. Nowadays, the concept of shared economy is becoming one of the industries as an enterprise type. Especially, with the development of the Internet and smart devices, various forms of shared economy have been developed in accordance with the need of sharing of individual income. Digital content is also a shareable commodity and it is seeking to utilize it as an item of shared economy. Accordingly, when digital contents are used as a shared economy, there are various possible threats -security threats that may arise in the course of transactions, potential for theft, alteration and hacking of contents. In this paper, we propose transaction method and content protection method using block chain-ethereum technology to reduce security threats and transparent transactions that can occur in digital contents transactions. Through the proposed method, the trust of the consumer and the supplier can be measured and the encryption can be performed considering the characteristics of the data to be traded. Through this paper, it is possible to increase the transparency of smart transaction of digital contents and to reduce the risk of content distortion, hacking, etc.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1319-1328
• /
• 2018

A blockchain system developed for crypto-currency has attractive characteristics, such as de-centralization, distributed ledger, and partial anonymity, making itself adopted in various fields. Among those characteristics, partial anonymity strongly assures privacy of users, but side effects such as abuse of crime are also appearing, and so countermeasures for circumventing such abuse have been studied continuously. In this paper, we propose a machine-learning based method for classifying smart contracts in Ethereum regarding their functions and design patterns and for identifying user behaviors according to them.