• Journal of the Korea Computer Industry Society
• /
• v.2 no.10
• /
• pp.1269-1284
• /
• 2001

The Secure Sockets Layer is a protocol for encryption TCP/IP traffic that provides confidentiality, authentication and data integrity. Also the SSL is intended to provide the widely applicable connection-oriented mechanism which is applicable for various application-layer, for Internet client/server communication security. SSL, designed by Netscape is supported by all clients' browsers and server supporting security services. Now the version of SSL is 3.0. The first official TLS vl.0 specification was released by IETF Transport Layer Security working group in January 1999. As the version of SSL has had upgraded, a lot of vulnerabilities were revealed. SSL and TLS generate the private key with parameters exchange method in handshake protocol, a lot of attacks may be caused on this exchange mechanism, also the same thing may be come about in record protocol. In this paper, we analyze SSL protocol, compare the difference between TLS and SSL protocol, and suggest what developers should pay attention to implementation.

• Journal of KIISE:Information Networking
• /
• v.37 no.2
• /
• pp.99-108
• /
• 2010

The Wireless Ad Hoc network is discussed as a core technology for ubiquitous computing, and the smart tag technology is currently being actively discussed as a part of the sensor network. Thus, considering its security may advance the realization of ubiquitous computing. RFID (Radio Frequency Identification) technology using the smart tag technology as a part of the sensor network is currently in the limelight. In particular, when RFID is applied to a knowledge management system managing various data, data mobility and management convenience are ensured and automated knowledge service can be provided to users. Accordingly, this paper to proposed a secure scheme for mobility knowledge management systems using multi-agents differentiated from the existing knowledge management systems. Specifically, the proposed scheme designates user's authentication and privilege information in multi-agents and provides effective knowledge service through grouping based on user information. Moreover, even user's movement, the proposed scheme ensures service availability and provides continuous information through communication with multi-agent systems.

• Journal of KIISE:Information Networking
• /
• v.31 no.5
• /
• pp.429-437
• /
• 2004

The mobileip working group is equipped with the RR(Return Routabilit) taking the simple procedures and small amount of cryptographic operations by considering the processing capability of the mobile node however it dose not provide security features enough. To replace with enhanced methods, mobileip WG is making an effort to find the approved solutions include CGA(Craptographically Generated Address), IPsec(Internet Protocol Security) as well as the existing infrastructure such as AAA(Authentication, Authorization and Account) and PKI(Public Key Infrastructure). In this paper, we propose the authentication and route optimization based on AAA suitable for the requested security service for its successful story in wireless network such as 802.11 and 3GPP(3rd Generation Partnership Project) as well as wired one. We analyze the effectiveness of our scheme according to the traffic and mobility properties. The result shows the cost reduction up to 20 percent comparing with RR.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1401-1414
• /
• 2018

The k-means clustering algorithm groups input data with the number of groups represented by variable k. In fact, this algorithm is particularly useful in market segmentation and medical research, suggesting its wide applicability. In this paper, we propose a privacy-preserving clustering algorithm that is appropriate for outsourced encrypted data, while exposing no information about the input data itself. Notably, our proposed model facilitates encryption of all data, which is a large advantage over existing privacy-preserving clustering algorithms which rely on multi-party computation over plaintext data stored on several servers. Our approach compares homomorphically encrypted ciphertexts to measure the distance between input data. Finally, we theoretically prove that our scheme guarantees the security of input data during computation, and also evaluate our communication and computation complexity in detail.

• Journal of the Korea Convergence Society
• /
• v.10 no.10
• /
• pp.21-26
• /
• 2019

At present, it is indispensable to utilize data as an information society. Therefore, the database is used to manage large amounts of data. In real life, most of the data in a database is the personal information of a group of members. Because personal information is sensitive data, the role of the database administrator who manages personal information is important. However, there is a growing number of attacks on databases to use this personal information in a malicious way. SQL Injection is one of the most known and old hacking techniques. SQL Injection attacks are known as an easy technique, but countermeasures are easy, but a lot of efforts are made to avoid SQL attacks on web pages that require a lot of logins, but some sites are still vulnerable to SQL attacks. Therefore, this study suggests effective defense measures through analysis of SQL hacking technology cases and contributes to preventing web hacking and providing a secure information communication environment.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.5
• /
• pp.394-400
• /
• 2013

WoT (Web of Things) was proposed to realize intelligent thing to thing communications using WEB standard technology. It is difficult to adapt security protocols suited for existing Internet communications into WoT directly because WoT includes LLN(Low-power, Lossy Network) and resource constrained sensor devices. Recently, IETF standard group propose to use DTLS protocol for supporting security services in WoT environments. However, DTLS protocol is not an efficient solution for supporting end to end security in WoT since it introduces complex handshaking procedures and high communication overheads. We, therefore, divide WoT environment into two areas- one is DTLS enabled area and the other is an area using lightweight security scheme in order to improve them. Then we propose a mutual authentication scheme and a session key distribution scheme for the second area. The proposed system utilizes a smart device as a mobile gateway and WoT proxy. In the proposed authentication scheme, we modify the ISO 9798 standard to reduce both communication overhead and computing time of cryptographic primitives. In addition, our scheme is able to defend against replay attacks, spoofing attacks, select plaintext/ciphertext attacks, and DoS attacks, etc.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.5
• /
• pp.410-415
• /
• 2013

Recently, as Internet enters WEB 2.0, many social network services through such as Facebook, Twitter and Youtube appeared. In these social network sites, users can easily make friends, join groups and access others personal information. Therefore, a malicious user can easily gather information of others. In order to protect user's personal information from the unauthenticated users, we propose privacy protection mechanism based on key assignment and user's trust level. A master-key is generated for each users and is segmented into a core-key and several sub-key. The master-key stores at the information owner's side and the sub-key will be distributed to requestor according to the relation and trust level. At last, in order to proof the efficiency, the performance of our proposed mechanism is compared with those of existing mechanisms.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.7
• /
• pp.41-47
• /
• 2010

The emergency between vehicles on the superhighway should be transmitted quickly to the following vehicles for safety of people. The message between them has been transmitted by broadcast method in an wireless environment of 802.11, so far. That causes the broadcast storm and a waste of the bandwidth of Wireless network owing to unnecessary process of sending messages to even vehicles that do not have to receive the information. The message collision is a main cause of the increase of message delay. In order to overcome the existing problem, this paper proposed a message broadcast scheme based on cell (MBC), which is the way to divide cars into different groups by cell unit and transmit messages to the members of the groups through the cell primary (cp) vehicles. This paper shows the proposed broadcast's performance in the same environment is much superior to other conventional broadcast schems for inter-vehicle communication, since the receiving ratio among the following vehicles is improved.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.11 no.6
• /
• pp.784-792
• /
• 2018

In this study, we designed the area except the development market and the traditional market, where large scale shops were concentrated by realizing the real estate center of the alley commercial area. In addition, we have developed an area setting method for the alley area where reliability and rationality can be ensured by utilizing the actual data such as the business statistics, the survey data of the business, and the store business DB, which are managed by the local government or the state. The alley commercial areas were classified into five groups according to density. It is thought that users can distinguish the commercial areas from dense commercial areas to the commercial areas in order to utilize various commercial areas.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.11
• /
• pp.105-111
• /
• 2009

The study aims to propose the intelligent clustering technique that calculates the distance by improving the problems of multi-hop clustering technique for inter-vehicular secure communications. After calculating the distance between vehicles with no connection for rapid transit and clustering it, the connection between nodes is created through a set distance vale. Header is selected by the distance value between nodes that become the identical members, and the information within a group is transmitted to the member nodes. After selecting the header, when the header is separated due to its mobility, the urgent situation may occur. At this time, the information transfer is prepared to select the new cluster header and transmit it through using the intelligent cluster provided from node by the execution of programs included in packet. The study proposes the cluster technique of the intelligent distance estimation for the mobile Ad-hoc network that calculates the cluster with the Store-Compute-Forward method that adds computing ability to the existing Store-and-Forward routing scheme. The cluster technique of intelligent distance estimation for the mobile Ad-hoc network suggested in the study is the active and intelligent multi-hop cluster routing protocol to make secure communications.