• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.7B
• /
• pp.647-659
• /
• 2003

LPM(Longest Prefix Matching)searching in If address lookup is a major bottleneck of IP packet processing in the high speed router. In the conventional lookup table for the LPM searching in CAM(Content Addressable Memory) the complexity of fast update take 0(1). In this paper, we designed pipeline architecture for fast update of 0(1) cycle of lookup table and high throughput and low area complexity on LPM searching. Lookup-table architecture was designed by CAM(Content Addressable Memory)away that uses 1bit RAM(Random Access Memory)cell. It has three pipeline stages. Its LPM searching rate is affected by both the number of key field blocks in stage 1 and stage 2, and distribution of matching Point. The RTL(Register Transistor Level) design is carried out using Verilog-HDL. The functional verification is thoroughly done at the gate level using 0.35${\mu}{\textrm}{m}$ CMOS SEC standard cell library.

• Journal of KIISE:Databases
• /
• v.32 no.1
• /
• pp.100-110
• /
• 2005

The update transactions to be executed in spatial databases usually have been known as interactive and long duration works. To improve the parallelism of concurrent updates, it needs multiple transactions concurrently update a large spatial object which has a spatial extensions larger than workspace of a client. However, under the existing locking protocols, it is not possible to concurrently update a large spatial object because of conflict of a write lock This paper proposes a partial locking scheme of enabling a transaction to set locks on parts of a big object. The partial locking scheme which is an exclusive locking scheme set by user, acquires locks for a part of the big object to restrict the unit of concurrency control to a partial object of a big object. The scheme gives benefits of improving the concurrency of un updating job for a large object because it makes the lock control granularity finer.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.10
• /
• pp.661-667
• /
• 2018

Recently, the smart home market is growing due to the development of wireless communication technology and sensor devices, and various devices are being utilized. Such an IoT environment collects various vast amount of device information for intelligent services, receives services based on user information, controls various devices, and provides communication between different types of devices. However, with this growth, various security threats are occurring in the smart home environment. In fact, Proofpoint and HP warned about the cases of damage in a smart home environment and the severity of security vulnerabilities, and cases of infringement in various environments were announced. Therefore, in this paper, we have studied secure mutual authentication method between smart nodes used in smart home to solve security problems that may occur in smart home environment. In the case of the proposed thesis, security evaluations are performed using random numbers and frequently updated session keys and secret keys for well-known vulnerabilities that can occur in IoT environments and sensor devices such as sniffing, spoofing, device mutual authentication, And safety. In addition, it is confirmed that it is superior in security and key management through comparison with existing smart home security protocol.

• The Journal of the Korea Contents Association
• /
• v.10 no.2
• /
• pp.14-24
• /
• 2010

Because WSNs operate with limited resources of sensor nodes, its life is extended by cluster-based routing methods. In this study, we use data on direction, distance, density and residual energy in order to maximize the energy efficiency of cluster-based routing methods. Through this study, we expect to minimize the frequency of isolated nodes when selecting a new cluster head autonomously using information on the direction of the upper cluster head, and to reduce energy consumption by switching sensor nodes, which are included in both of the new cluster and the previous cluster and thus do not need to update information, into the sleep mode and updating information only for newly included sensor nodes at the setup phase using distance data. Furthermore, we enhance overall network efficiency by implementing secure and energy-efficient communication through key management robust against internal and external attacks in cluster-based routing techniques. This study suggests the modified cluster head selection scheme which uses the conserved energy in the steady-state phase by reducing unnecessary communications of unchanged nodes between selected cluster head and previous cluster head in the setup phase, and thus prolongs the network lifetime and provides secure and equal opportunity for being cluster head.

• The Journal of Society for e-Business Studies
• /
• v.10 no.1
• /
• pp.121-134
• /
• 2005

The MANET has many problems in security despite of its many advantages such as supporting the mobility of nodes, independence of the fixed infrastructure, and quick network establishment. In particular, in establishing security, the traditional certification service has many difficult problems in applying to the MANET because of its safety, expandability, and availability. In this paper, a secure and effective distributed certification service method was proposed using the Secret Sharing scheme and the Threshold Digital Signature scheme in providing certification services in the MANET. In the proposed distributed certification service, certain nodes of relatively high safety among the mobile nodes consisting of the MANET, were set as privileged nodes, from which the process of issuing a certification started. The proposed scheme solved problem that the whole network security would be damaged by the intrusion to one node in the Centralized Architecture and the Hierarchical Architecture. And it decreased the risk of the exposure of the personal keys also in the Fully Distributed Architecture as the number of the nodes containing the partial confidential information of personal keys decreased. By the network simulation, the features and availability of the proposed scheme was evaluated and the relation between the system parameters was analyzed.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.11
• /
• pp.7541-7548
• /
• 2015

Wireless Sensor Networks is the technology which is used in explore role for military purposes, as well as various fields such as industrial equipment management, process management, and leverage available technologies by distributing node into various areas. but there are some limitations about energy, processing power, and memory storage capacity in wireless sensor networks environment, because of tiny hardware, so various routing protocols are proposed to overcome it. however existing routing protocols are very vulnerable in the intercommunication, because they focus on energy efficiency, and they can't use existing encryption for it, Because of sensor's limitations such like processing power and memory. Therefore, this paper propose mutual authentication scheme that prevent various security threats by using mutual authentication techniques and, Key generation and updating system as taking into account energy efficiency.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.5
• /
• pp.33-38
• /
• 2019

In this paper, we propose a new blockchain technology that could comply with GDPR. The proposed model can prevent illegal access by controlling access to the personal information according to a access policy. For example, it can control access to the information on a role-basis and information validation period. The core mechanism of the proposed model is to encrypt the personal information with public key which is associated with users attributes policy, and then decrypt it with a private key and users attributes based on a Attribute-based Encryption scheme. It can reduce a trusted third-part risk by replacing it with a number of nodes selected from the blockchain. And also the private key is generated in the form of one-time token to improve key management efficiency. We proved the feasibility by simulating the proposed model using the chaincode of the Hyperledger Fabric and evaluate the security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.4
• /
• pp.21-35
• /
• 2007

In ad hoc networks, position-based routing schemes, that use geographical positions of nodes, have been proposed to efficiently route messages. In these routing schemes, the location service is one of the key elements that determines and effects security and efficiency of the protocol. In this paper, we define security threats of location service and propose a new quorum based location service protocol. In our proposed protocol, nodes register their public keys in other nodes during the initialization phase and these registered keys are used to verify locations of other nodes and the messages exchanged. In this paper, we prove that our protocol is robust against traditional attacks and new attacks that may occur due to the use of position-based routing. We also analyze the efficiency of our protocol using various simulations.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2012.07a
• /
• pp.195-197
• /
• 2012

전자서명의 장기검증이란 서명에 사용된 인증서의 유효기간이 지난 오랜 후에 서명을 검증하고자 하는 문제이다. RFC3126에서는 전자서명의 장기검증을 가능하게 하기 위해 타임스탬프기관(TSA)에 대한 신뢰를 바탕으로 전자서명에 타임스탬프(TS)를 부가하여 장기검증포맷으로 변환하여 저장하는 방법을 제시하고 있는데 TSA의 인증서도 유효기간을 가지기 때문에 시간이 지날수록 새로운 TS를 계속 부가해야 한다는 단점이 있다. 한편 과거에 사용했던 인증서 및 CRL등의 인증체계 자체를 보존하고 인증해주기 위한 메커니즘은 인증체계의 연속성을 보장하기 위해 매우 중요하다고 볼 수 있는데, 현재의 공개키기반구조(PKI) 메커니즘에는 특별히 정의되어 있지 않다. 인증체계의 장기검증을 위해 RFC3126[1]의 방법론을 적용하는 것은 여러 가지 측면에서 효율적인 방법이 아니다. 이 논문에서는 인증체계의 과거역사를 보존하고 보증해주기 위한 새로운 방법을 제시하는데, 인증기관이 자신의 인증서를 갱신하는 경우 자신이 운영했던 과거의 인증역사에 대해 봉인을 하고 책임있는 사후서비스를 하도록 하며, 현재의 인증서에 과거역사에 대한 명시적인 인증을 포함하도록 하는 것이다. 이러한 방법은 기존의 인증체계와 함께 이용될 수 있고 인증체계의 연속성을 보장하는데 큰 역할을 하게 되며 전자서명 장기검증에도 유용하게 이용될 수 있음을 보인다.

• Convergence Security Journal
• /
• v.5 no.1
• /
• pp.85-92
• /
• 2005

For an efficient role based access control in highly distributed computing environment to reduce management cost, we utilize attribute certificates. Especially highly distributed computing environments such as ubiquitous computing environments which cannot have global or broad control, need another attribute certificate management technique. The techniques for transmission of the attribute certificates and management of the group keys should be considered to reduce management cost. For better performance we structure attribute certificates. We group roles and make the role group relation tree. It results secure and efficient role renewing and distribution. For scalable attribute certificate distribution, multicasting packets are used. We take into account the packet loss and quantifying performance enhancements of structuring attribute certificates.