• Annual Conference of KIPS
• /
• 2002.11a
• /
• pp.559-562
• /
• 2002

LBS (Location Based Services)란 휴대폰, PDA (Personal Digital Assistant), 노트북 PC 등 위치 추적이 가능한 단말기를 휴대한 사용자의 현재 및 과거 위치 정보를 활용한 유무선 인터넷 서비스를 말한다. 최근의 이동 통신 기술의 발달과 휴대폰, PDA 등과 같은 모바일 단말의 급속한 확산으로 인하여 LBS 는 유무선 인터넷의 응용 및 위치 정보를 사용한 부가 가치 창출에 있어 핵심적인 역할을 할 것으로 예상되고 있다. 이러한 LBS 를 위해서는 단말의 위치 정보들을 저장 및 관리하고 위치 정보를 이용하여 다양한 위치 기반 서비스를 지원하는 LBS 플랫폼의 역할이 매우 중요하다. 이를 위한 LBS 플랫폼은 위치 정보의 획득. 위치 정보의 저장 및 관리, 인증 및 정보 보호 등의 사용자 관리, 대용량 위치 정보 데이터베이스의 관리 등의 기능을 제공하여야 한다. 본 논문에서는 1) 위치 기반 서비스를 위한 LBS 플랫폼으로써 사용될 수 있는 참조 시스템을 설계한다. 이를 위하여 LBS 플랫폼으로써 참조 시스템이 제공하여야 하는 기능과 각 기능의 처리 흐름을 UML 의 유스케이스(Usecase)를 사용하여 분석 및 설명한다. 또한 2) 설계된 참조 시스템을 사용하여 제공될 수 있는 서비스 시나리오를 알아본다.

• Journal of KIISE:Information Networking
• /
• v.30 no.3
• /
• pp.377-386
• /
• 2003

In this paper, we present an application layer protocol to support secure wireless Internet services, called Application Layer Security(ALS). The drawbacks of the two traditional approaches to secure wireless applications motivated the development of ALS. One is that in the conventional application-specific security protocol such as Secure HyperText Transfer Protocol(S-HTTP), security mechanism is included in the application itself. This gives a disadvantage that the security services are available only to that particular application. The other is that a separate protocol layer is inserted between the application and transport layers, as in the Secure Sockets Layer(SSL)/Transport Layer Security(TLS). In this case, all channel data are encrypted regardless of the specific application's requirements, resulting in much waste of network resources. To overcome these problems, ALS is proposed to be implemented on top of HTTP so that it is independent of the various transport layer protocols, and provides a common security interface with security applications so that it greatly improves the portability of security applications. In addition, since ALS takes advantages of well-known TLS mechanism, it eliminates the danger of malicious attack and provides applications with various security services such as authentication, confidentiality integrity and digital signature, and partial encryption. We conclude this paper with an example of applying ALS to the solution of end-to-end security in a present commercial wireless protocol stack, Wireless Application Protocol.

• Smart Media Journal
• /
• v.12 no.2
• /
• pp.27-35
• /
• 2023

Currently, online user authentication is perform using joint certificates issued by accredited certification authorities and simple certificates issued by private agency. In such a PKI(Public Key Infrastructure) system, various cryptographic technologies are used, and in particular, digital signatures are used as a core technology. The digital signature scheme is equally used in DID(Decentralized Identity), which is attracting attention to replace the existing centralized system. As such, the digital signature-based user authentication used in current online services is also applied in the metaverse, which is attracting attention as the next-generation online world. Metaverse, a compound word of "meta," which means virtual and transcendent, and "universe," means a virtual world that includes the existing online world. Due to various developments of the metaverse, it is expted that new authentication technologies including biometric authentication will be used, but existing authentication technologies are still being used. Therefore, in this study, we study digital signature scheme that can be efficiently used for user authentication in the developing metaverse. In particular, we experimentally analyze the effectiveness of ECDSA, which is currently used as a standard for digital signatures, and Schnorr signatures, which can quickly verify a large amount of signatures.

• Journal of Digital Convergence
• /
• v.15 no.10
• /
• pp.253-260
• /
• 2017

Authenticated key agreement in multi-server environments is one of very important security issues because only authorized user needs to access their data and services. To support this issue, numerous schemes have been proposed over recent years. Recently, Shin showed the security weaknesses in the previous scheme and proposed an improved scheme called SIAKAS to solve them. Unfortunately, this paper shows that SIAKAS is still weak against application server impersonation attack and could be traceable to attackers. To solve the problems in SIAKAS, we propose an untraceable authenticated key agreement scheme, denoted by UAKAS. UAKAS efficiently solves security and privacy issues in SIAKAS and the related schemes and could reduce the operation overhead at least 12% compared to them.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.7
• /
• pp.1634-1642
• /
• 2014

Mobile RFID system, that consists of the existing RFID reader mounted on the mobile devices such as smartphones, is able to provide the users a variety of services and convenience. But security of mobile RFID system is too weak like the existing RFID system. In this paper, the mobile RFID mutual authentication protocol with high level of security is proposed to overcome the troubles such as cryptographic protocols in the existing RFID system responding with the same value in every authentication procedure and the exposure in the exchange of messages. The proposed protocol exchanges messages unexposed by using the random numbers generated in the mutual authentication between the tag and the reader and making numbers coded with the symmetric key. Besides, the protocol uses the mutual authentication utilizing OTP by considering the characteristics of the reader embedded in mobile devices in the mutual authentication process between the reader and the server. Because changed message in every authentication, which produces safe from spoofing attacks and replay attacks, etc.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.181-195
• /
• 2011

There's a controversy about an invasion of privacy which includes a leakage of private information and linking of user's behavior on internet. Although many solutions for this problem are proposed, we think anonymous authentication, authorization, and payment mechanism is the best solution for this problem. In this paper, we propose an effective anonymity-based method that achieves not only authentication but also authorization. Our proposed method uses anonymous qualification certificate and group signature method as an underlying primitive, and combines anonymous authentication and qualification information. An eligible user is legitimately issued a group member key pair through key issuing process and issued some qualification certificates anonymously, and then, he can take the safe and convenience web service which supplies anonymous authentication and authorization. The qualification certificate can be expanded according to application environment and it can be used as payment token.

• Journal of Satellite, Information and Communications
• /
• v.5 no.2
• /
• pp.75-81
• /
• 2010

COMS (Communication, Ocean and Meteorological Satellite) is the multi-purposed Korean geostationary satellite funded by four Korean government ministries, and is to supply communication services, ocean and weather observation for 7 years. As part of COMS, development of Ka band communication payload composed of microwave switching transponder and multi-horn antenna is sponsored by KCC (Korea Communications Commission) and developed by ETRI (Electronics and Telecommunications Research Institute). The purpose of Ka Payload development is to acquire space proven technology of Ka payload and to exploit advanced multimedia communication services. This paper aims to study development technology of Ka payload system through whole process of ETRI project. Also application of Ka payload will be dealt in this paper.

• Journal of Applied Reliability
• /
• v.4 no.2
• /
• pp.65-72
• /
• 2004

If a quality system is properly designed and implemented, it will be one of the most effective tools in the prevention of quality problems, as well as potential product liability incidents. The purpose of this research is to present how the quality system should developed and focuses more on what it should include for the sake of preventing unsafe products and design. Includings are descriptions on how a manufacturer can put a comprehensive procedures and processes for product safety and effort in place, and move their existing quality system to a new level.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2008.02a
• /
• pp.95-98
• /
• 2008

센서네트워크는 넓은 지역에 무선 인프라로 묶여 설치된 센서들을 사용하여 상황 인지로 감지된 데이터를 응용서비스 서버와 연동하는 기술이다. 이는 환경 감시, 대상 추적, 환자 모니터링, 군사적 목적 등 매우 다양한 분야에 사용될 수 있다. 센서네트워크 역시 기존 네트워크에서 필요로 하는 보안 기능을 요구한다. 그러나 센서네트워크에 사용되는 노드들이 사용할 수 있는 자원에 제약이 있어, 기존의 암호기술을 그대로 적용하는데 어려움이 있다. 이러한 센서네트워크에서의 키 분배 문제를 해결하기 위하여 인증센터를 사용하는 기법, 랜덤 키 사전 분배 기법, q-합성수 랜덤 키 사전 분배 기법, Blom 스킴, 위치 기반 키 사전 분배 기법 등이 제안되어 있다. 한편, 공개키 연산의 많은 부하로 인하여 공개키 기법을 센서네트워크에 적용하기에 적합하지 않으리라 여겨져 왔으나, 최근의 연구결과들에 의하면 PKI처럼 복잡한 시스템을 구현하는 것은 부적합할지라도 공개키를 이용한 키 분배 기법을 센서네트워크에 적용하는 것이 실효성이 있다는 것을 보여준다. 본 논문에서는 TinyOS 플랫폼에서 공개키를 이용하여 센서 노드 간 상호 인증 및 세션키를 생성하여 암호 데이터 통신을 수행하는 센서네트워크 플랫폼을 구현한 결과를 제시한다.

• The Journal of the Korea Contents Association
• /
• v.11 no.11
• /
• pp.49-61
• /
• 2011

In recent, library is considered as an integrated knowledge convergence center that can respond to various requests about information service of users. Therefor it is necessary to establish a novel information system based on information communications technologies of the era. In other words, it is currently required to develop mobile information service available in portable devices such as smart phones or tablet PCs, and to establish information system reflecting cloud computing, SaaS, Annotation, and Library 2.0 etc. In this paper we design and implement a library information system using collective intelligence and cloud computing. This information system can be adapted for the varieties of mobile service paradigm and abruptly increasing amount of electronic materials. Advantages of this concept model are resource sharing, multi-tenant supporting, configuration, and meta-data supporting etc. In addition it can offer software on-demand type user services. In order to test the performance of our system, we perform an effectiveness analysis and TTA authentication test. The average response time corresponding to variance of data reveals 0.692 seconds which is very good performance in timing effectiveness point of view. And we detect maturity level-3 or 4 authentication in TTA tests such as SaaS maturity, performance, and application programs.