• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.229-237
• /
• 2021

Cloud of things (CoTs) is a newer idea which combines cloud computing (CC) with the Internet of Things (IoT). IoT capable of comprehensively producing data, and cloud computing can be presented pathways that allow for the progression towards specific destinations. Integrating these technologies leads to the formation of a separate element referred to as the Cloud of Things (CoTs). It helps implement ideas that make businesses more efficient. This technology is useful for monitoring a device or a machine and managing or connecting them. Since there are a substantial amount of machines that can run the IoT, there is now more data available from the IoT that would have to be stored on a local basis for a provisional period, and this is impossible. CoTs is used to help manage and analyze data to additionally create usable information by permitting and applying the development of advanced technology. However, combining these elements has a few drawbacks in terms of how secure the process is. This investigation aims to recent study literature from the past 3 years that talk about how secure the technology is in terms of protecting by authentication, reliability, availability, confidentiality, and access control. Additionally, this investigation includes a discussion regarding some kinds of potential attacks when using Cloud of Things. It will also cover what the various authors recommend and conclude with as well as how the situation can be approached to prevent an attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.2
• /
• pp.53-64
• /
• 2005

Previous secure routing protocols for wireless sensor networks assume that a sink is static. In many cases, however, a sink operated by man or vehicle is moving. A mobile sink creates a lot of technical problems such as reconfiguration of routing path exposure of sink location. and selection of secure access point node, which are not considered by many previous researches. In this paper, we propose a new secure routing scheme for solving such problems using hi-directional hash chain and delegation nodes of grid structure. This scheme provides a secure routing path and prevents attacker from recognizing the location of a mobile sink in sensor networks. This new method reduces the resource requirements compared to the cashed routing schemes. Simulation results also show that the system is secure and efficient enough.

• Journal of Digital Convergence
• /
• v.12 no.6
• /
• pp.311-316
• /
• 2014

Social network server due to the popularity of smart phones, and data stored in a big usable access data services are increasing. Big Data Big Data processing technology is one of the most important technologies in the service, but a solution to this minor security state. In this paper, the data services provided by the big -sized data is distributed using a double hash user to easily access to data of multiple distributed hash chain based data processing technique is proposed. The proposed method is a kind of big data data, a function, characteristics of the hash chain tied to a high-throughput data are supported. Further, the token and the data node to an eavesdropper that occurs when the security vulnerability to the data attribute information to the connection information by utilizing hash chain of big data access control in a distributed processing.

• Annual Conference of KIPS
• /
• 2011.04a
• /
• pp.871-874
• /
• 2011

The fast emerging of network technology and the high demand of computing resources have prompted many organizations to outsource their storage and computing needs. Cloud based storage services such as Microsoft's Azure and Amazon's S3 allow customers to store and retrieve any amount of data, at anytime from anywhere via internet. The scalable and dynamic of the cloud storage services help their customer to reduce IT administration and maintenance costs. No doubt, cloud based storage services brought a lot of benefits to its customer by significantly reducing cost through optimization increased operating and economic efficiencies. However without appropriate security and privacy solution in place, it could become major issues to the organization. As data get produced, transferred and stored at off premise and multi tenant cloud based storage, it becomes vulnerable to unauthorized disclosure and unauthorized modification. An attacker able to change or modify data while data inflight or when data is stored on disk, so it is very important to secure data during its entire life-cycle. The traditional cryptography primitives for the purpose of data security protection cannot be directly adopted due to user's lose control of data under off premises cloud server. Secondly cloud based storage is not just a third party data warehouse, the data stored in cloud are frequently update by the users and lastly cloud computing is running in a simultaneous, cooperated and distributed manner. In our proposed mechanism we protect the integrity, authentication and confidentiality of cloud based data with the encrypt- then-upload concept. We modified and applied proxy re-encryption protocol in our proposed scheme. The whole process does not reveal the clear data to any third party including the cloud provider at any stage, this helps to make sure only the authorized user who own corresponding token able to access the data as well as preventing data from being shared without any permission from data owner. Besides, preventing the cloud storage providers from unauthorized access and making illegal authorization to access the data, our scheme also protect the data integrity by using hash function.

• The KIPS Transactions:PartC
• /
• v.13C no.3 s.106
• /
• pp.375-382
• /
• 2006

As various kinds of embedded systems (or devices) become widely available, research on home network middleware which can access and control embedded home appliances are actively being progressed. However, there is a significant problem in applying the home network technology to embedded systems because of their limited storage space and low computing power. In this paper, we present a lightweight middleware for home network on embedded systems. Also, we propose a mechanism for mobility management which adopts the anycast technology.

• Journal of Institute of Control, Robotics and Systems
• /
• v.12 no.1
• /
• pp.1-8
• /
• 2006

The home network system guarantees families a safe, economical, socially integrated and healthy life by using information appliances. And it provides a family with domestic safety, control of instruments, controllable energy and health monitoring by connecting to home appliances. This study designs the broadband PLC home controller using broadband PLC(Power Line Communication) technology which can save much cost at a network infrastructure by using the existing power line at home. The broadband PLC home controller consists of the broadband PLC module, the embedded main controller module and I/O module. The broadband PLC home controller can control various domestic appliances such as an auto door-lock, a boiler, an oven, etc., because it has various I/O specifications. In this study, selected home network middleware for the broadband PLC home controller is Jini surrogate using Jini technology designed by means of access to easily a home network system without a limitation of the devices. And a client application program is supported java servlet program to manage and monitor the broadband PLC home controller via web browser of a PC or a PDA, etc. Finally, for an application, we implemented and tested a home security system using one broadband PLC home controller.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.229-232
• /
• 2010

Smart Phone is the increasing use. Smart Phone can be run on that New or videos you want to connect to the Internet for downloading and viewing applications. But the wireless Internet have been found that Due to the vulnerability of the Internet, Smart Phone security vulnerabilities. This paper analyzes the vulnerability. Smart Phone droid that occur when connecting to the Internet. For information on Smart Phone to use to analyze network packet analysis and packet capture tools. Analysis is based on information from the Internet when you use Smart Phone Hack will demonstrate the process. Messenger, ID, to confirm the password, the actual internet ID, password access to the personal information that can be seized. In this study, hacking and security of the Smart Phone will contribute to the research process that Internet information and communication powers to strengthen the security of Korea.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.10
• /
• pp.2121-2128
• /
• 2009

The application range of IEEE 802.11 wireless LAN has rapidly expanding from campus, enterprise to the public network of Hot Spot area due to the advantages of easiness of construction, mobility of wireless client station, convenience of usage and so on. However the security of WLAN(Wireless LAN) is vulnerable inherently because of using RF as a medium, and so the dangers of infringement of personal information and inside data of enterprises have increased and wardriving attack searching for security vulnerability in wireless LAN has become more serious especially. In this paper, we find out the overview of various procedures and preparatory stages for wardriving attack against wireless LAN, and propose complementary methods to prevent information infringement accidents from wardriving attack in wireless LAN. For this purpose, we make an equipment which is suitable for wardriving in wireless LAN and show security vulnerability of AP(Access Point) operation in WLAN around Yangjae-Dong in Seoul as a result of using the equipment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.85-96
• /
• 2003

Wireless LAM in itself is vulnerable to eavesdropping and modification attack, and thus, IEEE 802.11i and IEEE 802. 1x/1aa have been defined to secure the wireless channel. These protocols accompanied by RADIUS and EAP-TLS provide users of wireless LAM with integrity and confidentiality services, and also they perform authentication and access control of wireless ports. In this paper, we suggest a method to implement accounting session using authentication session of IEEE 802. 1x and accounting state machine is designed with the accounting session. Also, we propose a key exchange mechanism to establish secure channel between stations and an access point. The mechanism is designed to be inter-operable with IEEE 802. 1aa.

• Journal of Positioning, Navigation, and Timing
• /
• v.12 no.4
• /
• pp.437-445
• /
• 2023

A space system refers to a network of sensors, ground systems, and space-craft operating in space. The security of space systems relies on information systems and networks that support the design, launch, and operation of space missions. Characteristics of space operations, including command and control (C2) between space-craft (including satellites) and ground communication, also depend on wireless frequency and communication channels. Attackers can potentially engage in malicious activities such as destruction, disruption, and degradation of systems, networks, communication channels, and space operations. These malicious cyber activities include sensor spoofing, system damage, denial of service attacks, jamming of unauthorized commands, and injection of malicious code. Such activities ultimately lead to a decrease in the lifespan and functionality of space systems, and may result in damage to space-craft and, lead to loss of control. The Cybersecurity Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) matrix, proposed by Massachusetts Institute of Technology Research and Engineering (MITRE), consists of the following stages: Reconnaissance, Resource Development, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Command & Control, Exfiltration, and Impact. This paper identifies cybersecurity activities in space systems and satellite navigation systems through the National Institute of Standards and Technology (NIST)'s standard documents, former U.S. President Trump's executive orders, and presents risk management activities. This paper also explores cybersecurity's tactics attack techniques within the context of space systems (space-craft) by referencing the Sparta ATT&CK Matrix. In this paper, security threats in space systems analyzed, focusing on the cybersecurity attack tactics, techniques, and countermeasures of space-craft presented by Space Attack Research and Tactic Analysis (SPARTA). Through this study, cybersecurity attack tactics, techniques, and countermeasures existing in space-craft are identified, and an understanding of the direction of application in the design and implementation of safe small satellites is provided.