• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.3
• /
• pp.1273-1288
• /
• 2016

With the swift growth of wireless technologies, an increasing number of users rely on the mobile services which can exchange information in mobile networks. Security is of key issue when a user tries to access those services in this network environment. Many authentication schemes have been presented with the purpose of authenticating entities and wishing to communicate securely. Recently, Chou et al. and Farash-Attari presented two ID authentication schemes. They both claimed that their scheme could withstand various attacks. However, we find that the two authentication schemes are vulnerable to trace attack while having a problem of clock synchronization. Additionally, we show that Farash-Attari's scheme is still susceptible to key-compromise impersonation attack. Therefore, we present an enhanced scheme to remedy the security weaknesses which are troubled in these schemes. We also demonstrate the completeness of the enhanced scheme through the Burrow-Abadi-Needham (BAN) logic. Security analysis shows that our scheme prevents the drawbacks found in the two authentication schemes while supporting better secure attributes. In addition, our scheme owns low computation overheads compared with other related schemes. As a result, our enhanced scheme seems to be more practical and suitable for resource-constrained mobile devices in mobile networks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.1
• /
• pp.282-304
• /
• 2014

Each cloud service has numerous owners and tenants, so it is necessary to construct a privacy preserving identity management and access control mechanism for cloud computing. On one hand, cloud service providers (CSP) depend on tenant's identity information to enforce appropriate access control so that cloud resources are only accessed by the authorized tenants who are willing to pay. On the other hand, tenants wish to protect their personalized service access patterns, identity privacy information and accessing newfangled cloud services by on-demand ways within the scope of their permissions. There are many identity authentication and access control schemes to address these challenges to some degree, however, there are still some limitations. In this paper, we propose a new comprehensive approach, called Privacy pReserving Identity and Access Management scheme, referred to as PRIAM, which is able to satisfy all the desirable security requirements in cloud computing. The main contributions of the proposed PRIAM scheme are threefold. First, it leverages blind signature and hash chain to protect tenant's identity privacy and implement secure mutual authentication. Second, it employs the service-level agreements to provide flexible and on-demand access control for both tenants and cloud services. Third, it makes use of the BAN logic to formally verify the correctness of the proposed protocols. As a result, our proposed PRIAM scheme is suitable to cloud computing thanks to its simplicity, correctness, low overhead, and efficiency.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.3
• /
• pp.801-825
• /
• 2024

For Internet of Things, it is more preferred to have immediate access to environment information from sensor nodes (SNs) rather than from gateway nodes (GWNs). To fulfill the goal, mutual authentication scheme between user and SNs with session key (SK) negotiation is more suitable. However, this is a challenging task due to the constrained power, computation, communication and storage resources of SNs. Though lots of authentication schemes with SK negotiation have been designed to deal with it, they are still insufficiently secure and/or efficient, and some even have serious vulnerabilities. Therefore, we design an efficient secure authentication scheme with session key negotiation (eSAS2KN) for wireless sensor networks (WSNs) utilizing fuzzy extractor technique, hash function and bitwise exclusive-or lightweight operations. In the eSAS2KN, user and SNs are mutually authenticated with anonymity, and an SK is negotiated for their direct and instant communications subsequently. To prove the security of eSAS2KN, we give detailed informal security analysis, carry out logical verification by applying BAN logic, present formal security proof by employing Real-Or-Random (ROR) model, and implement formal security verification by using AVISPA tool. Finally, computation and communication costs comparison show the eSAS2kN is more efficient and secure for practical application.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.3
• /
• pp.517-526
• /
• 2008

A one-chip DC-DC converter circuit for OLED(Organic Light-Emitting Diode) display module of automotive clusters is newly proposed. OLED panel driving voltage circuit, which is a charge-pump type, has improved characteristics in miniaturization, low cost and EMI(Electro-Magnetic Interference) compared with DC-DC converter of PWM(Pulse Width Modulator) type. By using bulk-potential biasing circuit, charge loss due to parasitic PNP BJT formed in charge pumping, is prevented. In addition, the current dissipation in start-up circuit of band-gap reference voltage generator is reduced by 42% and the layout area of ring oscillator is reduced by using a logic voltage VLP in ring oscillator circuit using VDD supply voltage. The driving current of VDD, OLED driving voltage, is over 40mA, which is required in OLED panels. The test chip is being manufactured using $0.25{\mu}m$ high-voltage process and the layout area is $477{\mu}m{\times}653{\mu}m$.

• Journal of the Economic Geographical Society of Korea
• /
• v.23 no.4
• /
• pp.373-394
• /
• 2020

The strengthening of multilateral international sanctions against North Korea has raised questions as to how effective they are in exerting pressure on the country's economy. In this paper, we address this question by examining their impact on the country's integration into regional and global apparel production networks. North Korea has in the past decade become an increasingly competitive exporter of apparel on the basis of consignment-based processing arrangements. Official trade data shows a sharp drop in North Korean exports of clothing since the sectoral ban in 2017. There is evidence to suggest, however, that exports have continued on a more informal and clandestine basis. North Korea's integration into apparel production networks has also taken the form of the dispatch of workers to factories in China's northeastern border regions. Yet there is evidence that the recent sanctions imposed on such practices has similarly led to illicit practices such as working on visitors' visas, often with the help of Chinese enterprises and local government. The resilience of North Korea's integration into apparel production networks follows a capitalist logic and is result of the highly profitable nature of apparel production for all actors concerned and a correspondingly strong desire to evade sanctions. As such, the analysis contributes to the literature on sanctions that suggests that the measures may contribute to emergence of growing informal and illicit practices and to the role of the clandestine economy.

• The Korean Society of Law and Medicine
• /
• v.23 no.3
• /
• pp.139-207
• /
• 2022

As various state restrictions on individual freedom were imposed during the COVID-19 pandemic, concerns have been raised that excessive infringements on fundamental rights were indiscriminately permitted based on the public interest of preventing infectious diseases. Therefore, the question of how to set acceptable limits of liberty restrictions on individuals has emerged. However, since the phenomenon of infections spreading to the population is only predicted statistically, how to deal with the risk of the infected individual as a subject of legal analysis has become a problem. In the absence of a theoretical framework of legal analysis of risk, the risk of infected individuals during the pandemic was not analyzed strictly, and proportionality review of infection prevention measures was often only an abstract comparison of the importance of public interest and individual rights. Therefore, this research aims to conduct a theoretical review on how risk can be conceptualized legally in a public health crisis, and to develop a theoretical framework for proportionality review of the risk of liberty-limiting measures during a pandemic. Chapter 2 analyzes the legal philosophical concepts of risk, which are the basis for liberty restrictions during a public health crisis, and applies and extends them to the pandemic. Chapter 3 reviews previous studies related to liberty restriction measures in the context of the COVID-19 pandemic, and points out they have a limitation that specific criteria for the proportionality review of public health measures in the pandemic have not been presented. Accordingly, Chapter 3 specifies the methodological framework for proportionality review, referring to the theoretical discussion on risks in Chapter 2. Chapter 4 reviews the legitimacy of gathering restriction orders, applying the theoretical discussion in Chapter 2 and the criteria for proportionality review established in Chapter 3. In particular, Section 4 examines logic of proportionality review in judicial precedents over the ban on gathering restrictions implemented in the COVID-19 pandemic. In analyzing the precedents, the logic of proportionality review in each case is critically reviewed and reconstructed based on the theoretical framework presented in this research.