• Annual Conference of KIPS
• /
• 2024.05a
• /
• pp.308-309
• /
• 2024

IoT(Internet of Things) 기기를 대상으로 하는 보안 위협이 증가하면서 IoT 정보의 기밀성 유지가 중요한 과제로 떠오르고 있다. 따라서 경량, 저가, 저전력 IoT 환경에서 높은 보안 수준을 유지할 수 있는 암호화 방법이 필요하다. 본 연구에서 AES(Advanced Encryption Standard)와 SAES(Simplified AES)를 이용한 이중 암호화 기법을 제안한다. 제안하는 기법은 SAES 로 평문 메시지 전체를 블록 단위로 암호화하고, 각 암호문 블록의 일부 비트를 추출해 AES 로 재암호화한다. 실험 결과에 따르면, 제안한 경량 이중 암호화 기법이 종래 방식보다 암호문의 크기를 32% 줄일 수 있었다.

• Annual Conference of KIPS
• /
• 2007.05a
• /
• pp.1125-1128
• /
• 2007

보안 취약성이 끊임없이 보고되고 있다. 이는 보안솔루션의 초기 효과수준을 유지하기 위해서는, 새로운 취약성이 보고되면 즉시 대처하는 지속적 관리활동이 필요함을 뜻한다. 한편 기업성과 개선을 위한 IT투자성과관리가 강조되는 가운데, 정보보호 솔루션 도입 시 재무적 타당성 증명이 요구되고 있다. 이를 위해 여러 형태의 ROSI(Security ROI)가 제시되었으나, 지속적 보호활동에 따른 관리비용이 중요하게 다루어져야 함에도 불구하고 비용에 대한 고려가 적고 효과산정에만 치우쳐, 경영자의 의사 결정을 지원하는 실제적인 재무 성과지표로 활용될 수 없었다. 이에 본 논문은 조직수준의 비용효과 최적화를 추구하는 정보보호 관리체계에 기반을 두어 효과를 산정하고, 비용 산정은 지속적 관리활동이라는 특징을 반영하여 TCO에 기반을 둔 개선된 ROSI를 제안한다. 또한, 제안한 ROSI를 활용한 보안솔루션 평가사례를 제시한다. 증명이 어려운 정보보호 분야 투자타당성 증명은 물론 보안솔루션 선택 시 실제적인 의사결정 판단근거로서 활용될 수 있다.

• Journal of Advanced Navigation Technology
• /
• v.14 no.3
• /
• pp.397-408
• /
• 2010

SMEs (Small and Medium-sized Enterprise) have became competitive by improvement of work efficiency due to utilization of DBMS, which is mainly used among large enterprises, but reverse functions such as security events and vulnerabilities have been increasing. SMEs without enough investment on security infrastructure have difficulties with implementing DB security products. Therefore the most of SMEs are exposed to hacking and security accidents defensivelessly. Hence this study offers distributional H/W DB security solution which is affordable for SMEs.

• Journal of Satellite, Information and Communications
• /
• v.12 no.3
• /
• pp.50-53
• /
• 2017

Satellite communications are vulnerable to malicious eavesdroppers and interceptors due to wide coverage and broadcasting applications. However, technologies for securing satellite networks have yet to be more articulated beyond high-layer packet encryption. As attempts for jamming and spoofing attacks spread out, it is extremely critical to invest on the development of physical layer security solutions. In this paper, we review current technologies for satellite communication network security both in high and physical layers. We also present recent research results on physical layer security in the fields of information theory and wireless networks. We suggest a future direction for satellite communication security, including a cross-layer approach.

• Convergence Security Journal
• /
• v.3 no.3
• /
• pp.67-74
• /
• 2003

Home network technologies which interconnect various wire and wireless home appliances, access network technologies and service offer technologies are continuing growth. To provide secure services in the home, home network environment, access network environment, and various service and contents offer technologies are consist organically. Thesis of administration method of systematic and effective groove network is most urgent and important urea to offer safety and authoritativeness of home networking service in home network that strong certification and security function are required among these technologies. In this paper, we propose home gateway security management architecture and the way to use SNMPv3. Also, we propose structure and function of home network management system to support various home networking security scenarios.

• Convergence Security Journal
• /
• v.4 no.2
• /
• pp.77-83
• /
• 2004

According as information society has been raised, many countries of the world have taken a lot of interests in e-government implementation. The several guidance countries already have offered people various administrative service and popular enmity service in the Internet conveniently People can use e-government service more conveniently by the Internet, but important personal information or state secret can be leaked in the Internet. Because of these security vulnerabilities, a lot of countries are constructing security infrastructure that can protect personal information. In this paper, we examine e-government construction trends of the several guidance countries, and propose security considerations to provide safe and reliable e-government service.

• Journal of Advanced Navigation Technology
• /
• v.12 no.5
• /
• pp.451-463
• /
• 2008

There are management and security of software source code equivalent to 10 assembly lines of important infrastructure in the early stage of information society directly. A support technology and framework to protect software source code are so poor state In this paper, the proposed model that is support protection and access control between software source code as object and subject that is not authenticated safely was named CRYPTEX model. And we propose active business model to provide delegate, mobile, and security/access control function for passive software source code in document state using CRYPTEX.

• Convergence Security Journal
• /
• v.10 no.4
• /
• pp.21-30
• /
• 2010

Wireless network is one of the 2010's most important security issues. As smartphone is popularize, the number of Wireless Internet users is really growing and wireless AP spring up everywhere. But most wireless AP haven't being managed properly in terms of security, Wireless Internet users also don't recognize important of security. This situation causes grave security threats. This paper design and analyze a new cyber attack whose it circulates malware via QR code and activates Mobile AP to induce service charge. The new vulnerability we suggest forces to activate Mobile AP of smartphone based on Android and responds to all Probe Request are generated around, and brings induction of service charge and communication problems in its train.

• Annual Conference of KIPS
• /
• 2003.05c
• /
• pp.2089-2092
• /
• 2003

홈 네트워킹 기술을 이용하면 가정내의 각각의 기기를 연결하고, 인터넷에 동시에 접속할 수 있다. 뿐만 아니라 홈 네트워킹 기술로 연결된 가정 기기들은 상호운용이 가능하며 인터넷을 통해 외부에서도 가정내의 기기를 제어할 수 있다. 그러나 이러한 외부로부터의 제어 가능성으로 인하여 홈 네트워크에 대한 접근 및 제어에 대한 인증의 필요성이 대두되었을 뿐만 아니라 전자상거래의 증가 및 VPN을 이용한 자택근무의 증가로 인하여 홈 네트워크의 보안도 중요한 관리요소에 포함되었다. 본 논문에서는 흠 네트워크 보안 및 관리를 위한 홈 네트워크 관제 센터의 구조 및 설계에 대하여 기술한다. 기존의 흠 게이트웨이에 집중되었던 흠 네트워크 관리기능과 방화벽이나 사용자 인증 등의 보안 기능을 홈 네트워크 관제 센터로 이동함으로써 보안관리의 편리성 제공 및 홈 게이트웨이의 부하를 줄일 수 있을 뿐만 아니라 좀 더 완벽한 홈 네트워크 보안을 제공할 수 있다.

• Convergence Security Journal
• /
• v.11 no.3
• /
• pp.75-84
• /
• 2011

With the rapid development of mobile technology the use of smartphone is spreading. In order to activate mobile banking and market in the future, the most important key is a secure financial transactoin. However, because many apps are developed without security check in proportional to the spread of smartphone, security threat is inevitably high. Current smartphone banking is processed as the way of the existing public certificate or OTP technique in the mobile environment, but many security hole about current technology is pointed out steadily. Therefore, in this paper we are to improve a existing security hole by reinforcing the security through multi-factor authentication and providing a physical non-repudiation.