• Journal of KIISE:Information Networking
• /
• v.30 no.5
• /
• pp.614-620
• /
• 2003

As the proliferation of Internet, mobile agent related technologies are examined for possible growth and evolution. In information retrieval, network and distributed system management, and electronic commerce, mobile agent is more flexible than the traditional communication paradigm. Despite the performance benefits, mobile agent is not used widely in the market because it is very vulnerable to a variety of attacks. In many studies related the security vulnerability for a mobile agent, the high security causes the performance to degrade. In this paper, we propose and evaluate the efficient security model for mobile agent using TDGM(Trusted Domain & Guide Manager), which provides three kinds of services : the trusted domain management, the security service and the travel plan guide. The result clearly shows that this model provides high security and minimizes the performance degradation.

• Smart Media Journal
• /
• v.5 no.4
• /
• pp.116-123
• /
• 2016

Recently, important information related with smart work such as office and video conference are handled in smart device quite a lot compare with before. Also, execution environment of smart devices is getting developed as open software environment. It brought convenience to download and use any kind of application software. By that, security side of smart devices became vulnerable. This paper will discuss characteristics of smart device security technology based on virtualization that is a mobile device platform with isolated secure execution area based on TEE (Trusted Execution Environment). Also, this paper will suggest an implementation method about safe smart device security platform based on domain separation for application software which can be executed in smart devices.

• Journal of Digital Convergence
• /
• v.14 no.12
• /
• pp.471-476
• /
• 2016

Recently, important information related with smart work such as office and video conference are handled in smart device quite a lot compare with before. Also, execution environment of smart devices is getting developed as open software environment. It brought convenience to download and use any kind of application software. By that, security side of smart devices became vulnerable. This paper will discuss characteristics of smart device security technology based on virtualization that is a mobile device platform with isolated secure execution area based on TEE (Trusted Execution Environment). Also, this paper will suggest an implementation method about safe smart device security platform based on domain separation for application software which can be executed in smart devices. The domain separation based smart device security platform technology in this paper blocks unauthorized access and leakage of sensitive information in device. Also it will be the solution can block transmission and execution of malicious code in various area including variety of IoT devices in internet rather than just smart devices.

• Journal of the Korean BIBLIA Society for library and Information Science
• /
• v.32 no.3
• /
• pp.217-246
• /
• 2021

This study aimed to analyze the quality concepts and requirements of digital records as evidence and to find an implication to develop requirements for trusted digital records with securing authoritative qualities. To this end, this study compared requirements of records domain linking records process, records metadata and records systems with judicial domain on digital evidence, and identified the records requirements to secure the legal admissibility linking records and judicial domain. This study analyzed the relationship of quality concepts between digital records and digital evidence, found the legal admissibility is highly related to the reliability, and derived that it needs the measure to secure the reliability at the stage of records creation and capture. To prove authenticity of digital evidence, this study identified importance of records process, records metadata and records system, and proposed the necessity of measurement to secure records' evidence.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.1
• /
• pp.305-325
• /
• 2014

In cloud computing infrastructure, current virtual machine trust measurement methods have many shortcomings in dynamism, security and concurrency. In this paper, we present a new method to measure the trust of virtual machine. Firstly, we propose "behavior trace" to describe the state of virtual machine. Behavior trace is a sequence of behaviors. The measurement of behavior trace is conducted on the basis of anticipated trusted behavior, which not only ensures security of the virtual machine during runtime stage but also reduces complexity of the trust measurement. Based on the behavior trace, we present a Dynamic Tree Style Trust Measurement Model (DTSTM). In this model, the measurement of system domain and user domain is separated, which enhances the extensibility, security and concurrency of the measurement. Finally, based on System Call Interceptor (SCI) and Virtual Machine Introspection (VMI) technology, we implement a DTSTM prototype system for virtual machine trust measurement. Experimental results demonstrate that the system can effectively verify the trust of virtual machine and requires a relatively low performance overhead.

• ETRI Journal
• /
• v.37 no.4
• /
• pp.696-706
• /
• 2015

This paper presents an achievable secure videoconferencing system based on quantum key encryption in which key management can be directly applied and embedded in a server/client videoconferencing model using, for example, OpenMeeting. A secure key management methodology is proposed to ensure both a trusted quantum network and a secure videoconferencing system. The proposed methodology presents architecture on how to share secret keys between key management servers and distant parties in a secure domain without transmitting any secrets over insecure channels. The advantages of the proposed secure key management methodology overcome the limitations of quantum point-to-point key sharing by simultaneously distributing keys to multiple users; thus, it makes quantum cryptography a more practical and secure solution. The time required for the encryption and decryption may cause a few seconds delay in video transmission, but this proposed method protects against adversary attacks.

• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.1
• /
• pp.26-36
• /
• 2021

The Internet was created as a decentralized and autonomous system of interconnected computer networks used for data exchange across mutually trusted participants. The element technologies on the Internet, such as inter-domain and intra-domain routing and DNS, operated in a distributed manner. With the development of the Web, the Web has become indispensable in daily life. The existing web applications allow us to form online communities, generate private information, access big data, shop online, pay bills, post photos or videos, and even order groceries. This is what has led to centralization of the Web. This centralization is now controlled by the giant social media platforms that provide it as a service, but the original Internet was not like this. These giant companies realized that the decentralized network's huge value involves gathering, organizing, and monetizing information through centralized web applications. The centralized Web applications have heralded some major issues, which will likely worsen shortly. This study focuses on these problems and investigates blockchain's potentials for decentralized web architecture capable of improving conventional web services' critical features, including autonomous, robust, and secure decentralized processing and traceable trustworthiness in tamper-proof transactions. Finally, we review the decentralized web architecture that circumvents the main Internet gatekeepers and controls our data back from the giant social media companies.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.929-938
• /
• 2023

ARM processors, utilized in mobile devices, have integrated the hardware isolation framework, TrustZone technology, to implement two execution environments: the trusted domain "Secure World" and the untrusted domain "Normal World". Rootkit is a type of malicious software that gains administrative access and hide its presence to create backdoors. Detecting the presence of a rootkit in a Secure World is difficult since processes running within the Secure World have no memory access restrictions and are isolated. This paper proposes a technique that leverages the hardware based PMU(Performance Monitoring Unit) to measure events of the Secure World rootkit and to detect the rootkit using deep learning.

• Journal of Digital Convergence
• /
• v.14 no.12
• /
• pp.201-208
• /
• 2016

The purpose of Email system is used to transmit important information between companies in today. But Email system has vulnerabilities such that changing email address of sender by attacker. So it is important to authenticate mail server and user using mail server. This paper proposed mail proxy located between mail servers that evaluate authority and authenticate sender and receiver. The proposed email platform has some functions to compose trusted domain and to authenticate mail servers in the domain. Also, if sender and recipient are valid users in mail system, each exchanges a key for confidentiality and the sender sends an e-mail encrypted with exchanged key to recipient. In this paper, we propose a key exchange scheme in proposed platform and verify this protocol using Casper which is the formal analysis tool. In the future research, we will study the overall platform of the domain configuration for the security of mail.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.11-15
• /
• 2002

현재 공통평가기준을 이용하여 작성된 대부분의 파이어월과 VPN, 스마트 카드의 보호 프로파일의 기능요구사항에 영역분리기능이 포함되어 있다. 공통평가기준의 영역분리기능은 미국 국방성 운영체제 평가 기준인 TCSEC이 요구하는 보증수단에서 유래하였다. 8086프로세서는 리얼 모드라는 세그멘테이션 메커니즘을 처음으로 이용하여 향상된 메모리 주소관리를 제공하고 있으며, 80$\times$86은 리얼 모드이외에 보호모드를 제공하여 시스템 영역과 응용프로그램영역을 분리시킬 수 있는 메커니즘을 제공한다. 인텔 80$\times$86 프로세서의 구조적인 발전을 이용하여 구현된 Trusted OS는 링 상태(ring state)라고 알려져 있는 영역 분리기능을 제공하여 시스템의 영역을 응용 프로그램 영역으로부터 보호하는 메커니즘을 구현하고 보증하고 있다. 단 논문에서는 인텔 마이크로 프로세서 8086과 80$\times$86의 구조와 메모리 관리방법을 고찰하여 8086과 비교한 80$\times$86의 발전된 보호모드 메커니즘을 연구하여 시스템영역을 보호할 수 있는 영역분리 메커니즘을 연구하였다.