• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.11a
• /
• pp.1024-1027
• /
• 2008

RFID는 자동 객체 식별 기술로써 유비쿼터스 환경과의 연결을 통해서 적용 범위가 더욱 확대되고 있다. 그러나 RFID 시스템은 전파를 이용하는 통신 구조와 낮은 태그 가격 제약으로 인해서 사용자의 프라이버시 문제와 악의적인 공격노출 등의 위험이 발생하고 있다. 이런 문제점들을 해결하기 위해 물리적인 방법과 암호학적인 접근 방법 등 많은 방법들이 제안되었다. 그 중에서 해시 체인 기법은 다른 방법과 비교하여 강력한 보안 수준을 제공하면서도 간단한 인증 과정이 장점이다. 그러나 재전송 공격과 스푸핑 공격에 취약한 문제점을 가지고 있다. 따라서 본 논문은 기존 해시 체인의 장점을 유지하면서 보안 취약성을 개선한 RFID 인증 프로토콜을 제안한다. 계산 효율성을 고려하여 최소한의 난수와 비트 연산(XOR)을 이용하여 보안 취약성을 개선한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.11a
• /
• pp.1444-1447
• /
• 2008

RFID 기술은 유비쿼터스 환경을 구현하기 위한 핵심기술 중 하나로 기술 개발과 시범사업 등을 통해 충분한 성장 가능성과 기술력 향상이 기대된다. 특히 물류 환경에서 RFID 기술 기반의 물류 환경 관리는 비용 및 납기의 개선 등에 큰 효율성을 가져올 수 있다. 이 논문에서는 RFID 기반의 국제 물류 프로세스에 대한 보안 위험 요소를 분석하고 이에 대한 보안 요구사항 및 보안 정책 방안을 기술한다.

• Journal of Internet Computing and Services
• /
• v.5 no.1
• /
• pp.99-111
• /
• 2004

Two general security measures in computing networks are secure data transmission and user authentication, These problems are still critical in the wireless LAN environments. Thus security becomes most significant issue in personal network environments and ubiquitous networks based on wireless LANs. We purpose a new authentication system for these kind of environments, and coined it UPMA(Ubiquitous Personal Mutual Authen-tication) model. UPMA supports authenticating configurations which provides personal verification for each system. It guarantees secure communications through the session key setup, and provides mutual authentication by verifying each user and his/her station. UPMA solves security problems in ubiquitous networks without accessing authentication server, Instead it performs mutual authentication between terminals or between systems. It is a global authentication system which enables global roaming service through the Internet or other public networks, It can be used to guarantee safe and convenient access to a company Intranet or to a home network.

• Convergence Security Journal
• /
• v.15 no.7
• /
• pp.47-53
• /
• 2015

Recently, the Internet of Things is an important technology with a Cloud computing services and a Big data in the IT fields. and The Internet of Things is widely used in various industries. This trend may be referred to as the emergence of significant based technologies for realizing a ubiquitous times. But the security problems of Internet of things are expected to increase with being realized in a variety of industries. and it will be have to provide a corresponding technology to the security threat for this. Therefore, this paper will be analyzed to the security threats of the Internet of Things by the cases. Thereby this is expected to be utilized as a basis for the countermeasure of Internet of Things in a future.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.15 no.1
• /
• pp.65-68
• /
• 2005

Privacy preservation is crucial in ubiquitous computing environment in which lots of privacy- sensitive information can be collected and distributed without appropriate control. The anonymity-based approach is a famous one used for privacy preservation communication, which allows users to use pseudonyms instead of real ID so as not to reveal their identities. This approach is effective in that it can hide the identity of users. However, it makes it difficult to provide ID-based services like buddy service, dangerous area alert, P2P communication in the ubiquitous computing. We proposes a system architecture which enables ID-based services in the ubiquitous computing environment employing anonymity - based privacy - preserving approach.

• The Magazine of the Society of Air-Conditioning and Refrigerating Engineers of Korea
• /
• v.33 no.5
• /
• pp.7-14
• /
• 2004

이 기술은 유무선 네트워크를 통해 가전기기 및 장치를 연결하여 시간과 장소의 제약 없이 가정의 보안, 장치 제어, 에너지 관리, 방문자 관리, 건강 모니터링 기능 등을 제공하여 가족 구성원들의 삶의 질을 향상시키고자 하는 것이다.

• Convergence Security Journal
• /
• v.12 no.1
• /
• pp.43-48
• /
• 2012

In this paper, the requirements for information security are presented in the ubiquitous ecological(u-Eco) city. The various definition of ubiquitous city is analyzed first, the concept of the u-Eco City, services and major projects are then presented. The framework of the integrated operating center for u-Eco city is proposed, the privacy, data security and network facility protection in the center are analyzed. Unlike to previously proposed security algorithms, the light-weight encoding algorithms(such as block/stream encoding, pseudo-random generator, hash function, and public key encoding) in the u-Eco city center are required to communicate the information in the ubiquitous sensor network. Furthermore, the principal policies guaranteeing the secrecy and authentication for the private information are also presented.

• Journal of the Korea Convergence Society
• /
• v.6 no.6
• /
• pp.81-86
• /
• 2015

The threats to privacy and security have received increasing attention as ubiquitous healthcare applications over the Internet become more prevalent, mobile and universal. In particular, we address the communication security issues of access sharing of health information resources in the ubiquitous healthcare environment. The proposed scheme resolves the sender and data authentication problem in information systems and group communications. We propose a novel key management scheme for generating and distributing cryptographic keys to constituent users to provide form of data encryption method for certain types of data concerning resource constraints for secure communications in the ubiquitous healthcare domains.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.9
• /
• pp.1558-1564
• /
• 2006

This study addressed security requirements for ad-hoc network environments, which lies at the hour of the ubiquitous computing revolution and proposed a partially-distributed certificate management system that can ensure security in mobile ad-hoc networks. The proposed model is characterized by ie ability to handle dynamic mobility of nodes, minimize routing load and enhance expandability of network by allowing participating nodes to authenticate each other without being interrupted by joining the cluster. The security, efficiency and robustness of the proposed model were evaluated through simulation.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.4
• /
• pp.205-211
• /
• 2008

Conventional context-aware service models permit the access of resources only by user authentication, but the ubiquitous environments where the context information around users is changing frequently require the resource access control according to the rapid changes. This paper proposes a scheme to control access permission of resource dynamically as context information of user changes. Our access control model is based on traditional CASA (Context-Aware Security Architecture), but can restrict the access of the user already has been authorized. With the real-time checking of context information, our scheme gives different access controls according to changes in environmental information, and provides more secure services than conventional context-aware models.