• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39C no.4
• /
• pp.362-369
• /
• 2014

A railway SCADA system is a control systems that provide the trains with the electricity. A railway SCADA system sends commands to the RTUs(remote terminal unit) and then it gathers status information of the field devices in the RTUs or controls field devices connected with the RTUs. The RTU can controls input output modules directly, gathers the status information of the field devices connected with it, and send the information to the control center. In this way, a railway SCADA system monitors and controls the electricity power for running trains. The cyber attackers may use some vulnerabilities in the railway SCADA system software to attack critical infrastructures. The vulnerabilities might be created in the railway software development process. Therefore it need to detect and remove the vulnerabilities in the control system. In this paper we propose a new control protocol fuzzing method to detect the vulnerabilities in the DNP3 protocol based application running on VxWorks in RTU(Remote Terminal Unit) that is a component of the centralized traffic control system for railway. Debug-channel based fuzzing method is required to obtain process status information from the VxWorks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.57-68
• /
• 2004

Recently, Radio Frequency Identification (RFID) systems stands in the spotlight of industry as a common and useful tool in manufacturing, supply chain management (SCM) and stock management. In the near future, low-cost RFID Electronic Product Code; (EPC) or smart-labels may be a practical replacement for optical barcodes on consumer items. However, manufacturing cheap and small RFID tags, and developing secure RFID authentication Protocols are problems which need to be solved. In spite of advances in semiconductor technology, computation and storage ability of the tag are so limited that it is difficult and too expensive to apply existing crypto-systems to RFID tags. Thus it is necessary to create a new protocol which would require less storage space and lower computation costs and that is secure in the RFID system's environments. In this paper, we propose a RFID authentication protocol that is secure against location tracking and spoofing attacks. Our protocol can be used as a practical solution for privacy protection because it requires less computations in database than the previous RFID authentication protocol.

• Convergence Security Journal
• /
• v.6 no.1
• /
• pp.45-53
• /
• 2006

It has been proposed that several RFID authentication protocols based on hash chain. Status based authentication protocol and challenge-response based authentication protocol are secured against location tracking attacks, spoofing attacks, replay attacks, traffic analysis attacks but are vulnerable to Dos attacks. RFID authentication protocol with strong resistance against traceability and denial of service attack is secured against location tracking attack, spoofing attacks, replay attacks, DoS attacks but are vulnerable to traffic analysis attacks. The present study suggests a more secure and lightweight RFID authentication protocol which is combining the advantages of hash-chain authentication protocol and RFID authentication protocol with strong resistance against traceability and denial of service attack. The results of the secure analysts for a proposed protocol are illustrated that it is secured against location tracking attacks, spoofing attacks, replay attacks, traffic analysis attacks, Dos attacks and is a lightweight operation between server and tag.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.381-384
• /
• 2002

현재 인증서의 상태 검증을 실시간으로 제공하기 위해 각 CA(Certificate Authority)들은 고전적 방법인 CRL(Certificate Revocation List) 배포보다는 OCSP(Online Certificate Status Protocol)을 통하여 인증서의 상태에 대한 정보를 실시간으로 제공한다. 그러나, 경로검증 및 인증서 정책 맵핑 및 정책검증과 인증서 상태검증을 제공하는 SCVP(Simple Certificate Validation Protocol)는 CRL을 사용하는 한계로 인하여 실시간 검증을 제공하지 못하고 있다. 또한 OCSP는 인증서의 실시간 상태검증만을 제공할 뿐, 인증서의 경로검증과 인증서 정책 맵핑 및 정책검증에 대한 서비스는 제공하지 못하고 있다. 따라서, 이러한 두 프로토콜의 단점을 보안하고, 인증서 검증서버가 제공해야 하는 모든 서비스를 제공하기 위해 OCSP와 SCVP의 연동방안에 대한 연구를 통하여 SCVP에서의 실시간 검증을 제공할 수 있도록 한다.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.9
• /
• pp.49-55
• /
• 2017

Despite the Openflow's switch migration occurs after the channel was established in secure manner (optional), the current cryptography protocol cannot prevent the insider attack as the attacker possesses a valid public/private key pair. There are methods such as the certificate revocation list (CRL) or the online certificate status protocol (OCSP) that tries to revoke the compromised certificate. However, these methods require a management system or server that introduce additional overhead for the communication. Furthermore, these methods are not able to mitigate power abuse of an insider. In this paper, we propose a role-based identity-based cryptography (RB-IBC) that integrate the identity of the node along with its role so the nodes within the network can easily mitigate any role abuse of the nodes. Besides that, by combining with IBC, it will eliminate the need of exchanging certificates and hence improve the performance in a secure channel.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.4
• /
• pp.51-58
• /
• 2017

Research on the Development of EPUB SCP(Secure Content Protection) Technical Specification and International Standardization has been carried out as a R&D project granted by the Korea Copyright Commission since 2014. The research aims to build a standard framework for the EPUB DRM(Digital Rights Management) based on the Readium LCP(Licensed Content Protection) and KS EPUB DRM specifications, to develop element technologies for the framework, and to standardize it as an IDPF(International Digital Publishing Forum) industrial standard. One of the essential features of the EPUB DRM developed though this study is to support the lending model of the digital library. This paper introduces LSD(License Status Document) specification which is a DRM license management protocol for the digital library lending process, and also represents a model which can automatically test the implemented entities of the LSD specification, test scenarios and test materials.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2000.10a
• /
• pp.355-358
• /
• 2000

최근 전자정보기술의 전파와 함께 정보통신 네트워크를 기반으로 한 전자상거래가 활성화되고 있고 이에 따라 인터넷상에서 이용할 수 있는 전자적 화폐 수단이 강구되고 있다. 전자화폐 자체는 이러한 네트워크 상의 거래뿐만이 아니라 일반적으로 전자정보를 내장하고 있는 지불 가능 수단은 모두 포함하는 광범위한 의미를 가지고 있다. 이미 전자상거래 등의 활성화와 더불어 전자 지불 수단을 위한 전반적인 시스템이 구축되어 가고 있는 실정이다. 본 논문에서는 이러한 환경하에 전자화폐 개발 기술과 표준화 현황을 분석하였다.

• Proceedings of the IEEK Conference
• /
• 2006.06a
• /
• pp.535-536
• /
• 2006

In the embedded system, external device interface that operates serial protocol with lower speed than the general computers is used commonly. This paper describes I2C bus protocol that is a bi-directional serial bus with a two-pin interface. The I2C bus requires a minimum amount of hardware to relay status and reliability information concerning the processor subsystem to an external device.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.2201-2204
• /
• 2003

최근 인증서에 대한 중요성이 높아지고 있으며, 이에 따른 많은 인증서에 관한 시스템이 개발되고 있다. 실시간 처리를 위해 OCSP(Online Certificate Status Protocol)가 제안되었으나, 네트웍의 과부하로 인하여 이용하는데 어려움이 있다. 본 논문은 이에 따라 부하를 줄이고, 좀더 효율적인 인증서 검증을 위해 방안을 제시하고, 이 시스템의 서버와 클라이언트 사이의 인증서 검증을 위해 필요한 request와 response에 대한 프로토콜을 제안한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.11B
• /
• pp.792-803
• /
• 2005

Ultra wide band (UWB) technology will be applied in the high rare wireless personal area networks (WPANs) for its high rate, low power, and innate immunity to multipath fading. In this paper, a power aware multi-hop packet relay MAC protocol in UWB based WPANs is proposed and a power aware path status factor (PAPSF), which is derived from SINR and power resource condition of each device, is used to select a suitable relay node. Compared with relaying by piconet coordinator (PNC), which is easily chosen by other ad hoc routing protocol, the new scheme can achieve hi임or throughput, decrease the time required for transmitting high power signal and we can easily distribute the battery power consumption from PNC to other devices in the piconet to prevent the PNC device using up its battery too fast and finally avoid PNC handover too frequently.