• 한국산업정보학회논문지
• /
• 제18권1호
• /
• pp.1-9
• /
• 2013

Most calls of a called user are invoked by the group of calling users. This call pattern is defined as call locality. Similarly Internet sessions including IP telephony calls have this pattern. We define it session locality. In this paper, we propose a caching scheme to support session locality in hierarchical SIP networks. The proposed scheme can be applied easily by adding only one filed to cache to a data structure of the SIP mobility agent. And this scheme can reduce signaling cost, database access cost and session setup delay to locate a called user. Moreover, it distributes the load on the home registrar to the SIP mobility agents. Our performance evaluation shows the proposed caching scheme outperforms the hierarchical SIP scheme when session to mobility ratio is high.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권3호
• /
• pp.1263-1279
• /
• 2020

Activating appropriate roles for a session in the role-based access control (RBAC) model has become challenging because of the so-called role explosion. In this paper, factors and issues related to user-driven role management are analysed, and a session role activation (SRA) problem based on reasonable assumptions is proposed to describe the problem of such role management. To solve the SRA problem, we propose an extended RBAC model with context-based role filtering. When a session is created, context conditions are used to filter roles that do not need to be activated for the session. This significantly reduces the candidate roles that need to be reviewed by the user, and aids the user in rapidly activating the appropriate roles. Simulations are carried out, and the results show that the extended RBAC model is effective in filtering the roles that are unnecessary for a session by using predefined context conditions. The extended RBAC model is also implemented in the Apache Shiro framework, and the modifications to Shiro are described in detail.

• 정보보호학회논문지
• /
• 제18권1호
• /
• pp.103-114
• /
• 2008

Single Sign-On은 한 번의 로그인으로 여러 시스템에 인증된 상태로 접근할 수 있게 해주는 인증기술이다. 웹 서비스를 그룹단위로 통합하는 곳이 늘어감에 따라 이를 위해 다양한 Single Sign-On 솔루션이 개발되어 사용되고 있지만 이러한 솔루션들의 보안성은 대부분 쿠키에만 의존하기 때문에 공격자는 단순한 네트워크 도청과 재전송 공격을 통해 사용자의 세션을 가로채는 것이 가능하며 세션을 가로챈 이후 Single Sign-On이 적용된 타 사이트로도 이동할 수 있어 또 다른 보안문제를 발생시킬 수 있다. 본 논문에서는 유명 포털사이트 및 메신저에서 사용되고 있는 Single Sign-On 솔루션을 예로 들어 이러한 취약점을 분석하고 사용자의 세션을 보호하는 방법을 제안한다.

• 한국정보과학회:학술대회논문집
• /
• 한국정보과학회 2001년도 봄 학술발표논문집 Vol.28 No.1 (A)
• /
• pp.298-300
• /
• 2001

VoIP 기술은 사용자 사이에서 call을 설정, 변경, 종료할 수 있는 signaling 프로토콜이 필수적이다. 이러한 점에서 인터넷 프로토콜 네트워크 상에서의 call과 멀티미디어 세션의 실시간 제어를 목적으로 IETF의 MUSIC WG에서 말들어진 새로운 signaling 프로토콜이 SIP(Session Initiation Protocol)이다. 또한, IETF에서 SIP WG이 생겨나면서 이 프로토콜에 대한 연구가 더욱 활발해지고 있다. 본 노문에서는 SIP에 대한 개략적인 내용과 SIP 프로토콜의 기능들을 간략하게 소개하였고, SIP session initiation의 과정과 registration 과정 등의 동작에 대하여 설명하였다. 그리고 User Agent의 기본적인 동작을 설명하고, VOVIDA에서 개발한 SIP의 리눅스용 공개 소스를 통해서 User Agent의 실행되는 과정을 분석하였다.

• 대한임베디드공학회논문지
• /
• 제2권2호
• /
• pp.95-100
• /
• 2007

Recently ubiquitous application services are developed plentifully using RFID techniques in the field of distribution and security industries. However, except these field the applications using RFID are not mature yet. In this study, we proposed a real-time context service model of the u-conference based on the real-time contextual information acquired from conference and exposition. With collection of real-time contextual information for u-conference, the model can provide a lot of information services on the state of session attendee, doorway control, affairs, user certification, presentation progress etc. For the verification of proposed real-time context service model of u-conference, we design and implement the conference progress state service included the state of session attendee, user certification and presentation progress etc. This service provides the presentation state information included the current presenter, the paper list, the number of session attendee, the schedule and place of each session using the collecting RFID tag and the related information.

• 디지털산업정보학회논문지
• /
• 제7권1호
• /
• pp.31-39
• /
• 2011

VoIP service uses packet network of ip-based because that has eavesdropping, interception, illegal user as vulnerable elements. In addition, PSTN of existing telephone network is subordinate line but VoIP service using the ip packet provide mobility. so The user authentication and VoIP user's account service using VoIP has emerged as a problem. To solve the vulnerability of SIP, when you use VoIP services with SIP, this paper has made it possible to authenticate user's terminal by using proxy server and proxy server by using authentication server. In conclusion, sender and receiver are mutually authenticated. In the mutual authentication process, the new session key is distributed after exchanging for the key between sender and receiver. It is proposed to minimize of service delay while the additional authentication. The new session key is able to authenticate about abnormal messages on the phone. This paper has made it possible to solve the vulnerability of existing SIP authentication by using mutual authentication between user and proxy server and suggest efficient VoIP service which simplify authentication procedures through key distribution after authentication.

• 인터넷정보학회논문지
• /
• 제17권5호
• /
• pp.89-95
• /
• 2016

In a software testing domain, test case prioritization techniques improve the performance of regression testing, and arrange test cases in such a way that maximum available faults be detected in a shorter time. User-sessions and cookies are unique features of web applications that are useful in regression testing because they have precious information about the application state before and after making changes to software code. This approach is in fact a user-session based technique. The user session will collect from the database on the server side, and test cases are released by the small change configuration of a user session data. The main challenges are the effectiveness of Average Percentage Fault Detection rate (APFD) and time constraint in the existing techniques, so in this paper developed an intelligent framework which has three new techniques use to manage and put test cases in group by applying useful criteria for test case prioritization in web application regression testing. In dynamic weighting approach the hybrid criteria which set the initial weight to each criterion determines optimal weight of combination criteria by evolutionary algorithms. The weight of each criterion is based on the effectiveness of finding faults in the application. In this research the priority is given to test cases that are performed based on most common http requests in pages, the length of http request chains, and the dependency of http requests. To verify the new technique some fault has been seeded in subject application, then applying the prioritization criteria on test cases for comparing the effectiveness of APFD rate with existing techniques.

• 융합보안논문지
• /
• 제21권1호
• /
• pp.55-62
• /
• 2021

최근 센서를 이용한 장치들의 사용은 증가추세이다. 이런 센서 장치들은 이종무선 센서네트워크 환경에서 최신 기술들과 연관 지어 폭발적으로 증가하고 있다. 이런 환경에서 센서디바이스의 사용은 우리에게 편리함을 제공하기는 하나 여러 형태의 보안위협이 도사리고 있는 실정이다. 무선선서네트워크를 이용하여 원격으로 접속하여 제공받는 서비스에 존재하는 보안위협 중 대부분은 전송되는 정보의 유출과 사용자, 센서, 게이트웨이 사이의 인증에 대한 손실이 대부분이다. 2019년 Chen 등이 이종무선 센서 네트워크에 안전한 사용자 인증 프로토콜을 제안하였다. 그러나 Ryu 등이 제안한 논문에서 그들이 제안 프로토콜은 password guessing attack과 session key attack에 취약하다는 것을 주장하였다. 본 논문은 이전에 제안된 논문의 취약점을 개선하여 더욱 안전하고 효율적인 사용자 인증 프로토콜을 제안하였다.

• 디지털산업정보학회논문지
• /
• 제10권3호
• /
• pp.127-141
• /
• 2014

A Vehicle Tracking System consists of GPS tracking device which fits into the vehicle and captures the GPS location information at regular intervals to a central GIS server, and GIS tracking server providing three major responsibilities: receiving data from the GPS tracking unit, securely storing it, and serving this information on demand of the user. GPS based tracking systems supporting a multi-session processing among RMA, RM, and RCP can make a quick response to various services including other vehicle information between RSU and OBU on demand of the user. In this paper we design RSU lower layers and RCP applications in OBU for a multisession processing simulation and test message processing transactions among RMA-RM and RM-RCP. Furthermore, we implement the additional functions of handling access commands simultaneously on multiple service resources which are appropriate for the experimental testing conditions. In order to make a multi-session processing test, it reads 30 resource data,0002/0001 ~ 0002/0030, in total and then occurs 30 session data transmissions simultaneously. We insert a sequence number field into a special header of dummy data as a corresponding response to check that the messages are received correctly. Thus, we find that GIS service system with a multi-session processing is able to provide additional 30 services in a same speed of screen presentation loading while identifying the number of session processing of Web GIS service, the number of OBU service, and the speed of screen presentation loading by comparing a single session and a multi-session of GIS service system.

• 한국인터넷방송통신학회논문지
• /
• 제13권1호
• /
• pp.273-278
• /
• 2013

최근에, 멀티서버 환경을 위한 스마트 카드를 이용한 사용자 인증 방식이 실질적인 응용 분야에서 적용되고 있다. 2009년도에 Liao-Wang은 멀티서버를 위한 안전한 동적 ID 기반 원격 사용자 인증 방식을 제안하였다. 이 방식은 여러 종류의 가능한 공격에 안전하면서 사용자 익명성 보장하였다. 본 논문에서 우리는 Liao-Wang의 방식에 대한 안정성을 분석하고, Liao-Wang의 방식이 위조 공격, 패스워트 추측 공격, 세션키 공격 그리고 내부자 공격에 취약하다는 것을 보여준다. 추가로 Liao-Wang의 방식이 사용자와 서버간의 사용자 익명성 역시 제공하지 못한다는 것을 증명한다.