• International Journal of Computer Science & Network Security
• /
• v.21 no.7
• /
• pp.331-340
• /
• 2021

The Internet of Things (IoT) is a rapidly growing physical network that depends on objects, vehicles, sensors, and smart devices. IoT has recently become an important research topic as it autonomously acquires, integrates, communicates, and shares data directly across each other. The centralized architecture of IoT makes it complex to concurrently access control them and presents a new set of technological limitations when trying to manage them globally. This paper proposes a new decentralized access control architecture to manage IoT devices using blockchain, that proposes a solution to concurrency management problems and enhances resource locking to reduce the transaction conflict and avoids deadlock problems. In addition, the proposed algorithm improves performance using a fully distributed access control system for IoT based on blockchain technology. Finally, a performance comparison is provided between the proposed solution and the existing access management solutions in IoT. Deadlock detection is evaluated with the latency of requesting in order to examine various configurations of our solution for increasing scalability. The main goal of the proposed solution is concurrency problem avoidance in decentralized access control management for IoT devices.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.9
• /
• pp.271-282
• /
• 2015

In the business environment BYOD(Bring Your Own Device) is used and being expanded continuously. According to a survey conducted by Cisco in 2012 on 600 companies, 95% of them are already permitting the use of BYOD in their work environments so that productivity of their employees has improved as a result. Gartner predicted that the use of BYOD will be caused new security threat. They also suggested to introduce NAC(Network Access Control) to resolve this threat, to separate network zone based on importance of their business, to establish the policy to consider user authority and device type, and to enforce the policy. The purpose of this paper is to design and implement the NAC for granular access control based on IEEE(Institute of Electrical and Electronics Engineers) 802.1X and DHCP(Dynamic Host Configuration Protocol) fingerprinting, and to analyze the performance on BYOD environment.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.10
• /
• pp.361-372
• /
• 2016

Identity Privacy issues such as exposures of IMSIs(International Mobile Subscriber Identities) in access network have been consistently raised throughout GSM, UMTS, LTE in 3GPP. The 3GPP specification uses temporary identities instead of IMSI to ensure anonymity of the user. Even if temporary identities are disclosed, Identity Privacy may be maintained at a safe level by security policies such as no linkability and periodic update. But in case of IMSI, it cannot be changed even though it is exposed. There still exist some situations that IMSI is used in clear text for the authentication. Therefore, a protective mechanism for the identity confidentiality is needed. In this paper we propose a protocol based on IBE(Identity-based Encryption) to protect permanent identities in access network. By simplifying the scheme, this protocol has minimized the system impact on current 3GPP environment. And this scheme can be applied to all kind of permanent identities and 3GPP AKA(Authentication and Key Agreement) protocols in access network.

• Journal of KIISE:Information Networking
• /
• v.32 no.2
• /
• pp.156-166
• /
• 2005

Ethernet passive optical network is an economical and efficient access network that has received significant research attention in recent years. A MAC(Media Access Control) protocol of PON, the next generation access network, is based on TDMA(Time Division Multiple Access) basically. In this thesis, we addressed the problem of dynamic bandwidth allocation in QoS based Ethernet PONs. We augmented the bandwidth allocation to support QoS in a differentiated services framework. Our differentiated bandwidth guarantee allocation(DBGA) allocates effectively and fairly bandwidths among end users. Moreover, we showed that DBGA that perform weighted bandwidth allocation for high priority packets result in better performance in terms of average and maximum packet delay, as well as network throughput compared with existing dynamic bandwidth allocations. We used simulation experiments to study the performance and validate the effectiveness of the proposed bandwidth allocations.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.6
• /
• pp.778-785
• /
• 2020

Wireless mesh networks consist of mesh clients, mesh routers and mesh access points. The mesh router connects wireless network services to the mesh client, and the mesh access point connects to the backbone network using a wired link and provides Internet access to the mesh client. In this paper, a limited number of mesh routers and mesh access points are used to propose optimization algorithms for network design for wireless mesh networks. The optimization algorithm in this paper has been applied with a sub-subscription algorithm, which is one of the meta-heuristic methods, and is designed to minimize the transmission delay for the placement of mesh routers and mesh access points, and produce optimal results within a reasonable time. The proposed algorithm was evaluated in terms of transmission delay and time to perform the algorithm for the placement of mesh routers and mesh access points, and the performance evaluation results showed superior performance compared to the previous meta-heuristic methods.

• The KIPS Transactions:PartC
• /
• v.14C no.6
• /
• pp.537-544
• /
• 2007

A home network is a residential local area network in which digital home appliances are connected with each other. Applying the mobile agent technology to the home network is expected to provide a new computing model. In particular, mobility and asynchronous ability of mobile agent can be used to reduce network traffic generated for managing home appliances. However, in order to apply the mobile agent concept to the home network, access control for mobile agents is necessary. In the existing home network system, there is one special server, sometimes called home server This server generally has mapping tables to be updated periodically, which describes access control lists between users' authorities and corresponding devices. In this paper, we propose a role-based access control framework with mobile agents in home networks. This framework, called Secure KAgent framework, is designed and implemented based on KAgent system. It has two main characteristics: to control access permissions based on Role-Based Access Control(RBAC) scheme and to safety assign roles to mobile agents by role tickets.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.3-17
• /
• 2007

Receiver access control scheme is proposed to protect multicast distribution tree from DoS(Denial-of Service) attack induced by unauthorized use of IGMP(Internet group management protocol), by extending the security-related functionality of IGMP. Based on a specific network and business model adopted for commercial deployment of IP multicast applications, key management scheme is also presented for bootstrapping the proposed access control as well as accounting and billing for CP(Content Provider), NSP(Network Service Provider), and group members.

• Journal of Broadcast Engineering
• /
• v.28 no.1
• /
• pp.149-152
• /
• 2023

In this paper, I present an approach to implement a real-time video transceiver using software-defined radio (SDR). Through this, it is expected that it will be able to lower the access threshold and provide new perspectives and insights to researchers who want to study the recently spotlighted Open Radio Access Network (O-RAN) and implement it through SDR devices and open software.

• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 1998.10a
• /
• pp.239-244
• /
• 1998

The environment of the access network service market is characterized by uncertain demand and various competing alternative technologies. In Korea, despite the introduction of competition, dominant Public Network Operator(PNO) still leads the market. Therefore, the decision of PNO has a great impact on the access network evolution. In this paper, we propose an model which aims to reduce risks and both investment and operating costs, to cope with the uncertain demand and technology evolution. We expect this model to provide a tool analyze risks and evaluate various strategies on the network evolution.

• Proceedings of the Korea Technology Innovation Society Conference
• /
• 2002.11a
• /
• pp.31-43
• /
• 2002

As the deregulation and the introduction of competition, the methodology of counting access charge for interconnection among carriers is becoming more important. The network costing is the basis for deciding the access charge, but that can be varied by the models and criteria used in the network costing. This study attempts to analyze the network costing methodologies and criteria and then will suggest a few policy directions for reasonable network costing.