• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1017-1023
• /
• 2013

With the growing use of smartphones, many secure applications are performed on smartphones such as banking, payment, authentication. To provide security services, cryptographic algorithms are performed on smartphones' CPU. However, smartphone's CPU has no considerations against side-channel attacks including Electromagnetic Analysis (EMA). In DesignCon 2012, G. Kenworthy introduced the risk of cryptographic algorithms operated on smartphone against EMA. In this paper, using improved experimental setups, we performed EMA experiments on androin smartphones' commercial secure applications. As a result, we show that the weakness of real application. According to the experimental setups, we picked up the operation of w-NAF scalar multiplication from the operation of Google's Play Store application using radiated EM signal. Also, we distinguished scalar values (0 or not) of w-NAF scalar multiplication.

• Journal of Internet Computing and Services
• /
• v.5 no.3
• /
• pp.25-33
• /
• 2004

Mobile IP Low Latency Handoffs(l) allow greater support for real-time services on a Mobile IP network by minimizing the period of time when a mobile node is unable to send or receive IP packets due to the delay in the Mobile IP Registration process. However, on Mobile IP network with AAA servers that are capable of performing Authentication, Authorization, and Accounting(AAA) services, every Registration has to be traversed to the home network to achieve new session keys, that are distributed by home AAA server, for a new Mobile IP session. This communication delay is the time taken to re-authentication the mobile node and to traverse between foreign and home network even if the mobile node has been previously authorized to old foreign agent. In order to reduce these extra time overheads, we present a method that performs Low Latency Handoffs without requiring further involvement by home AAA server. The method re-uses the previously assigned session keys. To provide confidentiality and integrity of session keys in the phase of key exchange between agents, it uses a key sharing method by gateway foreign agent that performs a trusted thirty party. The proposed method allows the mobile node to perform Low Latency Handoffs with fast as well as secure operation.

• KIISE Transactions on Computing Practices
• /
• v.22 no.12
• /
• pp.663-674
• /
• 2016

Traditional supercomputing services suffer from limited accessibility and low utilization in that users(researchers) may perform computational executions only using terminal-based command line interfaces. To address this problem, in this paper, we provide the design and implementation details of National supercomputing service framework. The proposed framework supports all the fundamental primitive functions such as user management/authentication, heterogeneous computing resource management, HPC (High Performance Computing) job management, etc. so that it enables various 3rd-party applications to be newly built on top of the proposed framework. Our framework also provides Web-based RESTful OpenAPIs and the abstraction interfaces of job schedulers (as well as bundle scheduler plug-ins, for example, LoadLeveler, Open Grid Scheduler, TORQUE) in order to easily integrate the broad spectrum of heterogeneous computing clusters. To show and validate the effectiveness of the proposed framework, we describe the best practice scenario of high energy physics Lattice-QCD as an example application.

• The KIPS Transactions:PartC
• /
• v.10C no.1
• /
• pp.17-26
• /
• 2003

Mobile agent system comes into the spotlight since it contributes largely to mobile computing on distributed network environment. However, this system has a number of significant security Problems. In this Paper, we analyze suity attacks to mobile agent system Presented by NIST[3]. In order to protect this system from them, we suggest a security protocol for mobile agent system by employing R based key distribution and digital multi-signature scheme. To solve these problems described in NIST, securities for mobile agent and agent platform shouid be accomplished. Comparing with other protocols, our protocol performs both of these securities, while other protocols mentioned only one of them. Proposed Protocol satisfies simplicity of key management, providing security service such as confidentiality, integrity, authentication and preventing reputation, liveness guarantee, protection of excution-result data and preventing replay attack. Furthermore, it is designed to detect message modification immediately by verifying each step of agent execution at a corresponding server.

• The KIPS Transactions:PartC
• /
• v.14C no.1 s.111
• /
• pp.55-64
• /
• 2007

Behind the popularity of VoIP in these days, it may present significant security challenges in privacy and accounting. Authentication and message encryption are considered to be essential mechanisms in VoIP to be comparable to PSTN. SIP is responsible for setting up a secure call in VoIP. SIP employs TLS, DTLS or IPSec combined with TCP, UDP or SCTP as a security protocol in VoIP. These security mechanisms may introduce additional overheads into the SIP performance. However, this overhead has not been understood in detail by the community. In this paper we present the effect of the security protocol on the performance of SIP by comparing the call setup delays among security protocols. We implement a simulation of the various combinations of three security protocols and three transport layer protocols suggested for SIP. UDP with any combination of security protocols performs a lot better than the combination of TCP. TLS over SCTP may impose higher impact on the performance in average because TLS might have to open secure channels as the same number of streams in SCTP. The reasons for differences in the SIP performances are given.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.3
• /
• pp.73-80
• /
• 2018

Due to the popularity of smartphones and the simplification of financial services, the number of mobile financial services is increasing. However, the security keypads developed for existing financial services are susceptible to probability analysis attacks and have security vulnerabilities. In this paper, we propose and implement a security keypad based on dual touch. Prior to the proposal, we examined the existing types of security keypads used in the mobile banking and mobile payment systems of Korean mobile financial businesses and analyzed the vulnerabilities. In addition, we compared the security of the proposed dual touch keypad as well as existing keypads using the authentication framework and the existing keypad attack types (Brute Force Attack, Smudge Attack, Key Logging Attack, and Shoulder Surfing Attack, Joseph Bonneau). Based on the results, we can confirm that the proposed security keypad with dual touch presented in this paper shows a high level of security. The security keypad with dual touch can provide more secure financial services, and it can be applied to other mobile services to enhance their security.

• Journal of Internet Computing and Services
• /
• v.17 no.3
• /
• pp.55-66
• /
• 2016

A local storage of HTML5 is a Web Storage, which is stored permanently on a local computer in the form of files. The contents of the storage can be easily accessed and modified because it is stored as plaintext. Moreover, because the internet browser classifies the local storages of each domain using file names, the malicious attacker can abuse victim's local storage files by changing file names. In the paper, we propose a scheme to maintain the integrity and the confidentiality of the local storage's source domain and source device. The key idea is that the client encrypts the data stored in the local storage with cipher key, which is managed by the web server. On the step of requesting the cipher key, the web server authenticates whether the client is legal source of local storage or not. Finally, we showed that our method can detect an abnormal access to the local storage through experiments according to the proposed method.

• Journal of Internet Computing and Services
• /
• v.7 no.1
• /
• pp.17-30
• /
• 2006

With the wide acceptance of the Internet and the Web, volumes of information and related users have increased and companies have become to need security mechanisms to effectively protect important information for business activities and security problems have become increasingly difficult. This paper proposes a improved access control model for access control enforcement in enterprise environments through the integration of the temporal constraint character of the GT-RBAC model. sub-role hierarchies concept and PBDM(Permission Based Delegation Model). The proposed model. called Extended GT-RBAC(Extended Generalized Temporal Role Based Access Control) delegation Model. supports characteristics of GTRBAC model such as of temporal constraint, various time-constrained cardinality, control flow dependency and separation of duty constraints (SoDs). Also it supports conditional inheritance based on the degree of inheritance and business characteristics by using sub-roles hierarchies and supports permission based delegation, user to user delegation, role to role delegation, multi-step delegation and temporal delegation by using PBDM.

• Journal of Digital Convergence
• /
• v.15 no.1
• /
• pp.381-391
• /
• 2017

Biometric technology is a technology for authenticating a user using the physical or behavioral features of the inherent characteristics of the individual. With the necessity and efficiency of the technology in the fields of finance, security, access control, medical welfare, inspection, and entertainment, the service range has been expanding. Biometrics using biometric information such as fingerprints and faces have been exposed to counterfeit and disguised threats and become a social problem. Recent studies using a bio-signal from the inside of the body other than the bio-information of the external body are being developed. This paper analyzes the recent research and technology of biometric systems using bio-signals, ECG, heart sounds, EEG, and EMG to present the skills needed for the development direction. In the future, utilizing the deep learning to build and analyze database to manage bio-signal based big data for the complex condition of individuals, biometrics technologies suitable for real time environment are expected to be researched.

• Journal of The Korean Association of Information Education
• /
• v.16 no.3
• /
• pp.283-289
• /
• 2012

A distance learning is diffusing rapidly in society. It is more difficult to confirm a learner's identity and learning processing in a distance learning. Distance learning has a checking attendance system because a teacher and student do not meet face to face. There are some checking attendance systems such as login check, SMS authenticating system, unexpected quiz, and so on. However, existing checking attendance system has some problems to check learner's attendance in a whole lesson. Therefore, this study designed and developed learner's attendance system based on PC camera's shot of certification in a whole lesson. This attendance checking system can judge real attendance of learners in a distance learning and distance evaluation. The system is expected to make trust of a distance learning higher.