• Smart Media Journal
• /
• v.10 no.1
• /
• pp.88-98
• /
• 2021

As blockchain technology has emerged as a security issue for IoT, technology which integrates block chain into IoT is being studied. In this paper is a research concerning token-based IoT service access control technology for data sharing, which propose a possessor focused data sharing technic by using the permissioned blockchain. To share IoT health data, a Hyperledger Fabric Network consisting of three organizations was designed to provide a way to share data by applying different access control policies centered on device owners for different services. In the proposed system, the device owner issues access control tokens with different security levels applied to the participants in the organization, and the token issue information is shared through the distributed ledger of the HFN. In IoT, it is possible to lightweight the access control processing of IoT devices by granting tokens to service requesters who request access to data. Furthmore, by sharing token issuance information among network participants using HFN, the integrity of the token is guaranteed and all network participants can trust the token. The device owners can trust that their data is being used within their authorized rights, and control the collection and use of data.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.553-568
• /
• 2024

Due to the rapid development of IoT technology and the increase in home activities after the COVID-19 pandemic, users' demand for smart homes has increased significantly. As the size of the smart home market increases every year and the number of users increases, the importance of personal information protection and various security issues is also growing. It often grants temporary users smart home owner rights and gives them access to the system. However, this can easily allow access to third parties because the authorities granted are not properly managed. In addition, it is necessary to prevent the possibility of secondary damage using personal information collected through smart home devices and sensors. Therefore, in this paper, to prevent indiscriminate access to smart home systems without reducing user convenience, access rights are subdivided and designed according to the functions and types of smart home devices, and a token-based user access control technique using personal devices is proposed.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.58 no.2
• /
• pp.407-414
• /
• 2009

The foundation fieldbus(FF) is one of the fieldbuses most widely used for process control and automation, In order for system designer to optimize medium management, it is imperative to predict transmission delay time of data. In a former research, mathematical modeling to analyze transmission delay of FF token-passing system has been developed based on the assumption that a device node has only one priority data(1Q model), From 1Q model, all of the device nodes, which are connected on the FF system, are defined priority level in advance, and as system operates, data are generated based on given priority level. However, in practice, some non-periodic data can have different priority levels from one device. Therefore, new mathematical model is necessary for the case where different priority levels of data are created under one device node(2Q model). In this research, the mathematical model for 2Q model is developed using the equivalent queue model. Furthermore, the characteristics of transmission delay of 2Q model which is presented in this paper were compared with 1Q model. The validity of the analytical model was verified by using a simulation experiment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.377-391
• /
• 2019

Recently, system studies using tokens and block chains for authentication, access control, etc in IoT environment have been going on at home and abroad. However, existing token-based systems are not suitable for IoT environments in terms of security, reliability, and scalability because they have centralized characteristics. In addition, the system using the block chain has to overload the IoT device because it has to repeatedly perform the calculation of the hash et to hold the block chain and store all the blocks. In this paper, we intend to manage the access rights through tokens for proper access control in the IoT. In addition, we apply the Tangle to configure the P2P distributed ledger network environment to solve the problem of the centralized structure and to manage the token. The authentication process and the access right grant process are performed to issue a token and share a transaction for issuing the token so that all the nodes can verify the validity of the token. And we intent to reduce the access control process by reducing the repeated authentication process and the access authorization process by reusing the already issued token.

• Proceedings of the KSR Conference
• /
• 2007.05a
• /
• pp.1735-1740
• /
• 2007

Communication network in KTX (Korea Train eXpress), the express train system, has to transmit status variables periodically within tens of seconds and real-time control informations which has short reply like status transition or alarm. KTX uses $Tornad^*$ (TOken Ring Network Alsthom Device) network for this purpose. This network can send and receive messages which enable express train applications embedded in intelligence boards to communicate by itself. Layer 1, 2 of $Tornad^*$ is implemented with differential manchester encoding and IEEE 802.4 standard(token bus standard) respectively. To implement layer 1 and 2, we implemented twisted pair modem using FPGA for layer 1 and used MC68824 from Motorola for layer 2. MC68824 bus arbitration and memory controller is implemented using CPLD.

• Journal of the Korea Society for Simulation
• /
• v.25 no.4
• /
• pp.21-30
• /
• 2016

Recently manufacturing companies have used PLC control programs popularly for their automated production systems. Since the life cycle of production process is not so long, the change of the production lines occur frequently. Most of changes happen with modification of the position information and control process of the equipment. PLC control program is also modified based on the fundamental process. Therefore, to verify new PLC program by configuring virtual space according to real environment is needed. In this paper we show a logical modeling method, based on Timed-FSA useful for sequence control and dead-lock prevention. There is a problem wasting user's labor and time when defining a variety of states in a device. To overcome this problem, we propose an extended I-O model based on existing methods by adding a token concept of Petri Nets. Also we will show the usability of the extended I-O modeling through user study.

• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.1767-1770
• /
• 2003

This paper proposes an efficient network architecture for reflective memory system (RMS). Using this architecture, the time for broadcasting a shared-data to all nodes can be significantly shortened. The device named topology conversion switch (TCS) is implemented to realize the network architecture. The implemented TCS is applied to the ethernet based real time control network (ERCnet) to evaluate the performance.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.46 no.1
• /
• pp.35-45
• /
• 2009

In an open environment such as Home Network, ZigBee Cluster comprising a plurality of Ato-cells is required to provide intense security over the movement of collected, measured data. Against this setting, various security issues are currently under discussion concerning master key control policies, Access Control List (ACL), and device sources, which all involve authentication between ZigBee devices. A variety of authentication methods including Hash Chain Method, token-key method, and public key infrastructure, have been previously studied, and some of them have been reflected in standard methods. In this context, this paper aims to explore whether a new method for searching for neighboring devices in order to detect device replications and Sybil attacks can be applied and extended to the field of security. The neighbor detection applied method is a method of authentication in which ACL information of new devices and that of neighbor devices are included and compared, using information on peripheral devices. Accordingly, this new method is designed to implement detection of malicious device attacks such as Sybil attacks and device replications as well as prevention of hacking. In addition, in reference to ITU-T SG17 and ZigBee Pro, the home network equipment, configured to classify the labels and rules into four categories including user's access rights, time, date, and day, is implemented. In closing, the results demonstrates that the proposed method performs significantly well compared to other existing methods in detecting malicious devices in terms of success rate and time taken.

• Proceedings of the KAIS Fall Conference
• /
• 2010.05a
• /
• pp.195-198
• /
• 2010

홈 네트워크 서비스 산업은 미래의 국가발전과 새로운 변혁의 원동력으로서 향후 발전 가능성이 매우 크다고 할 수 있으나, 홈 네트워크 서비스의 보급이 확산되고 다양한 형태의 홈 네트워크 서비스가 등장하면서, 사이버공격의 대상 범위 또한 확대되어 사회적, 경제적으로 우리 사회에 큰 불안 요소로 작용할 가능성이 있고, 홈 네트워크 서비스의 침해사고 발생을 방지하고 사용자의 정보가 노출되지 않는 사용자 인증이 필요하다. 본 논문에서는 OTP를 기반으로 한 인증서를 이용하여 홈 네트워크의 보안요소 중 사용자 인증과 접근제어에 관하여 연구 하였으며, 인증 서버와 클라이언트 간에 동기화된 OTP 난수 값으로 인증서 정보를 암호화 하여, 외부 공격으로부터 보다 안전한 사용자 인증 기법을 제안한다.

• Smart Media Journal
• /
• v.12 no.7
• /
• pp.27-42
• /
• 2023

The development of cloud services and IoT technology has radically changed the cloud environment, and has evolved into a new concept called fog computing and F2C (fog-to-cloud). However, as heterogeneous cloud/fog layers are integrated, problems of access control and security management for end users and edge devices may occur. In this paper, an F2C-based IoT smart health monitoring system architecture was designed to operate a medical information service that can quickly respond to medical emergencies. In addition, a role-based service access control technology was proposed to enhance the security of user's personal health information and sensor information during service interoperability. Through simulation, it was shown that role-based access control is achieved by sharing role registration and user role token issuance information through blockchain. End users can receive services from the device with the fastest response time, and by performing service access control according to roles, direct access to data can be minimized and security for personal information can be enhanced.