• Journal of Korea Society of Industrial Information Systems
• /
• v.13 no.2
• /
• pp.80-87
• /
• 2008

RFID systems are being studied and developed in the area of the industry and marketplace. Recently RFID systems are core element of the ubiquitous technologies in individual life and industry. However, RFID systems often cause some serious problems such as violation of privacy and information security because their contactless devices communicate each other by radio frequency In this paper, we propose multiple objects RFID tag scheme including tag structure and authentication protocol. The proposed RFID tag structure maintains several object IDs of different applications in a tag memory. The tag structure allows those applications to access object IDs simultaneously. The authentication protocol for multiple objects tag is designed ta overcome the problems of security and privacy. The protocol has robustness against various attacks in low cost RFID systems. We evaluate the efficiency of proposed scheme and compare security of our scheme with several traditional schemes.

• Journal of Korea Multimedia Society
• /
• v.7 no.5
• /
• pp.721-736
• /
• 2004

Because of increasing the notebook computer and PDA, users' requirement with respect to mobility is growing more and more. However, current IP protocol is not changed IP address and can not deliver IP packets on new location of host in case moving another network. To solve this problem, the IETF has proposed mobile IP. Today users want to be provided suitable QoS in the internet since demand of services is variety. The policy-based network management is method which can solve various problems of QoS, security, and complication of management in IP networks. This paper presents the network topology constitution, operation procedure and architecture of policy-based network management for providing internet DiffServ on mobile IP environment. In this paper we propose policy classes of policy-based DiffServ network management on mobile environment and create policy scenarios using the proposed policy description language to represent the policy classes. Finally, we implemented a policy-based DiffServ network management system on mobile IP environment.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.4B
• /
• pp.377-386
• /
• 2009

IPTV technology for providing multimedia content with high-speed is the network which combines existing network, multimedia and internet technology etc. But internet, broadcasting and web technologies which is now being used is not optimized to IPTV because the security problem between user who gets content service through mobile units and content server is not guaranteed. This paper proposes user certification mechanism between mobile device and content server to receive the service which the user for the content chooses by mobile device safely. The proposed mechanism uses the random number which user creates and certification token for preventing illegal user who uses other's service that already paid. Also the proposed protocol encrypts the delicate data like user's information or profile using shared-key between java card attached on user's mobile device and grant sewer and then prevents reply attack which happens often in wireless section and man-in-the-middle attack by MAC.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.3
• /
• pp.478-484
• /
• 2008

When a mobile node moves, MIPv6 operates an authentication process for the new connection. These kinds of frequent binding update and authentication processes cause much traffic and delay the service. To solve this problem, PMIPv6 provides a network-based mobility protocol in order to lessen the load on a mobile node. However, when it is moved from a domain to a domain or in a domain, there still lies a need fDr a new address, so MIPv6's demerit still exists. In IPsec, too, a new negotiation should be made when it is moved to WAN(Wide Area Network). This causes load to the mobile node. In this paper suggests MBB(Make Before Break) system to eliminate disconnections or delays resulted from the address change or renegotiation for security. When the mobile node receives a CoA address, IPsec negotiation gets operated. Its identity is authenticated by sending the identifier used for the prior negotiation to CN(Correspondent Node) through the BID message suggested. After that, negotiation Bets simplified that disconnections can be eliminated, and in the IPsec negotiation, the load on the mobile node can be lessened as well; moreover, two addresses are used for the communication simultaneously, so the probability of packet loss can be reduced.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.10
• /
• pp.1873-1879
• /
• 2007

As the mobile terminal which uses P2P service increases and it comes to be applied to many fields, mobile agent technology has been applied to P2P and its innovative services has been offered to various fields. However, free mobility of mobile agent technology works like worm, the problem which is contaminated by malicious attacker's attack quickly has appeared and fundamental solution has not been developed yet. This paper proposes STAS (Security Tracking and Auditing Server) system which can offer verification for security of mobile agent in structured P2P environments. Mobile Agent will send data value to STAS via peer so that STAS can verify secure audit and integrity and Mobile agent initiator will obtain the final value of the data from STAS. It can minimize overload of mobile terminal which is occurred by verification of mobile agent and its accomplishment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1191-1204
• /
• 2019

In January 2019, the government revised the regulation on electronic financial supervision to revitalize the use of cloud in the financial sector. However, as cloud policies and regulations cloud undermine financial firms' autonomous security activities or restrict some of the people's basic rights, there has been little movement in the financial sector to use important information as the cloud. In addition, the data localization policy, which requires important information to be kept only in Korea, is a representative regulation that prevents the revitalization of cloud use, which also creates discrimination problems for overseas operators. Therefore, policy and regulatory improvements are needed to enable the cloud to provide a foundation for digital financial innovation through data. This study looked into the current status of cloud policies for domestic and foreign financial companies and analyzed policies and regulations for domestic financial companies. Through these efforts, the government aims to draw up limitations and problems in cloud policies for domestic financial companies and propose policy alternatives, such as measures to improve regulations on localizing data for financial companies to revitalize their use of cloud.

• Journal of Convergence for Information Technology
• /
• v.9 no.11
• /
• pp.8-14
• /
• 2019

Due to the development of computer technology, IoT technology is being used in various fields of industry, economy, medical service and education. However, multimedia information processed through IoT equipment is still one of the major issues in the application sector. In this paper, a big data protection model for users of IoT based IoT is proposed to ensure integrity of users' multimedia information processed through IoT equipment. The proposed model aims to prevent users' illegal exploitation of big data information collected through IoT equipment without users' consent. The proposed model uses signatures and authentication information for IoT users in a hybrid cryptographic method. The proposed model feature ensuring integrity and confidentiality of users' big data collected through IoT equipment. In addition, the user's big data is not abused without the user's consent because the user's signature information is encrypted using a steganography-based cryptography-based encryption technique.

• KIPS Transactions on Software and Data Engineering
• /
• v.8 no.11
• /
• pp.427-432
• /
• 2019

In this paper, we propose three approaches to modeling Android malware. The first method involves human security experts for meticulously selecting feature sets. With the second approach, we choose 300 features with the highest importance among the top 99% features in terms of occurrence rate. The third approach is to combine multiple models and identify malware through weighted voting. In addition, we applied a novel method of eliminating permission information which used to be regarded as a critical factor for distinguishing malware. With our carefully generated feature sets and the weighted voting by the ensemble algorithm, we were able to reach the highest malware detection accuracy of 97.8%. We also verified that discarding the permission information lead to the improvement in terms of false positive and false negative rates.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.1063-1070
• /
• 2021

The development of IT technology emphasizes the importance of training IT professionals, and the need for education for elementary and secondary education as well as adult education for training technical talent is expanding. In particular, information curriculum will be added as an essential course from the 2015 revised curriculum, and IT technology will be understood in the curriculum for elementary and secondary schools and will be required to develop applicability to solve problems based on understanding. Currently, research is under way to integrate IT technologies to provide new services, and if the use of personal information is required in the process, thorough security for the leakage of personal information is pre-empted. It also prevents the identification of personal information in the process of transmitting data to the outside world. In this paper, we propose a training method for elementary school subjects to understand the non-identification process that occurs in the process of transferring data using pipe games so that they can understand the principles of non-identification and develop applications to solve real-life problems.

• Journal of the Society of Disaster Information
• /
• v.17 no.2
• /
• pp.266-274
• /
• 2021

Purpose: The purpose of this study is to develop a concrete public sign block for floors that can provide pedestrian safety and various information. Method: In order to achieve these research objectives, step-by-step block manufacturing techniques applied in relation to the development of public sign blocks were proposed, and the field applicability of the developed concrete public sign blocks was evaluated. Result: The concrete public sign block for floors developed in this study is expected to be capable of expressing public signs of various shapes and to reduce manufacturing cost. As a result of the usability evaluation for two years, no problems such as cracks, edge dropouts, discoloration, and abrasion were found, so it is judged that sufficient durability was secured. Conclusion: Based on these research results, it is expected that the concrete public sign block will be used as an alternative to secure the weaknesses such as stickers, stone and brass plates that have been used in the existing public sign for floors. It is expected that it can be applied in various fields.