• Journal of the Korea Society of Computer and Information
• /
• v.28 no.11
• /
• pp.73-80
• /
• 2023

In this paper, a technology to protect important information from access in order to revitalize the cloud service market. A technology is proposed to solve the risk of leakage of important confidential and personal information stored in cloud systems, which is one of the various obstacles to the cloud service market. To protect important information, access control rights to cloud resources are granted to cloud service providers and general users. The system administrator has superuser authority to maintain and manage the system. Client computing services are managed by an external cloud service provider, and information is also stored in an external system. To protect important in-house information within the company, all users, it was designed to provide access authority with users including cloud service providers, only after they are authenticated. It is expected that the confidentiality of cloud computing resources and service reliability achieved through the proposed access control technology will contribute to revitalizing the cloud service market.

• Journal of Internet Computing and Services
• /
• v.16 no.1
• /
• pp.47-55
• /
• 2015

Recently, the environment of a hospital information system is a trend to combine various SMART technologies. Accordingly, various smart devices, such as a smart phone, Tablet PC is utilized in the medical information system. Also, these environments consist of various applications executing on heterogeneous sensors, devices, systems and networks. In these hospital information system environment, applying a security service by traditional access control method cause a problems. Most of the existing security system uses the access control list structure. It is only permitted access defined by an access control matrix such as client name, service object method name. The major problem with the static approach cannot quickly adapt to changed situations. Hence, we needs to new security mechanisms which provides more flexible and can be easily adapted to various environments with very different security requirements. In addition, for addressing the changing of service medical treatment of the patient, the researching is needed. In this paper, we suggest a dynamic approach to medical information systems in smart mobile environments. We focus on how to access medical information systems according to dynamic access control methods based on the existence of the hospital's information system environments. The physical environments consist of a mobile x-ray imaging devices, dedicated mobile/general smart devices, PACS, EMR server and authorization server. The software environment was developed based on the .Net Framework for synchronization and monitoring services based on mobile X-ray imaging equipment Windows7 OS. And dedicated a smart device application, we implemented a dynamic access services through JSP and Java SDK is based on the Android OS. PACS and mobile X-ray image devices in hospital, medical information between the dedicated smart devices are based on the DICOM medical image standard information. In addition, EMR information is based on H7. In order to providing dynamic access control service, we classify the context of the patients according to conditions of bio-information such as oxygen saturation, heart rate, BP and body temperature etc. It shows event trace diagrams which divided into two parts like general situation, emergency situation. And, we designed the dynamic approach of the medical care information by authentication method. The authentication Information are contained ID/PWD, the roles, position and working hours, emergency certification codes for emergency patients. General situations of dynamic access control method may have access to medical information by the value of the authentication information. In the case of an emergency, was to have access to medical information by an emergency code, without the authentication information. And, we constructed the medical information integration database scheme that is consist medical information, patient, medical staff and medical image information according to medical information standards.y Finally, we show the usefulness of the dynamic access application service based on the smart devices for execution results of the proposed system according to patient contexts such as general and emergency situation. Especially, the proposed systems are providing effective medical information services with smart devices in emergency situation by dynamic access control methods. As results, we expect the proposed systems to be useful for u-hospital information systems and services.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.11 no.4
• /
• pp.436-444
• /
• 2018

Currently, the new substation automation uses the international standard IEC 61850 communication protocol. KEPCO is also constructing a new substation based on IEC 61850 from 2013 through the pilot application and research and development starting from 2007. However, there are few cases where existing substations(Transformer, T/L GIS, D/L GIS, etc.) have been used, and RTU based substations operating systems have been changed to SA substations based on IEC 61850. Therefore, the introduction of IEC 61850 in existing substation facilities has the advantage of enhancing the substantiality of the substation by reusing existing facilities, improving the interoperability with the latest substations introduced, and converting existing substations into systems suitable for unmanned operation. In this paper, we introduce a case of changing the existing RTU based substation operation system to digital substation using IEC 61850 field information processor, Ethernet switch and SA operation system. Also, IEC 61850 client authentication program and Wireshark, which is a packet analysis tool, verify IEC 61850 conformance and its feasibility.

• The Journal of Society for e-Business Studies
• /
• v.22 no.2
• /
• pp.169-185
• /
• 2017

Juliano Rizzo and Thai Duong, the authors of the BEAST attack [11, 12] on SSL, have proposed a new attack named CRIME [13] which is Compression Ratio Info-leak Made Easy. The CRIME exploits how data compression and encryption interact to discover secret information about the underlying encrypted data. Repeating this method allows an attacker to eventually decrypt the data and recover HTTP session cookies. This security weakness targets in SPDY and SSL/TLS compression. The attack becomes effective because the attacker is enable to choose different input data and observe the length of the encrypted data that comes out. Since Transport Layer Security (TLS) ensures integrity of data transmitted between two parties (server and client) and provides strong authentication for both parties, in the last few years, it has a wide range of attacks on SSL/TLS which have exploited various features in the TLS mechanism. In this paper, we will discuss about the CRIME and other versions of SSL/TLS attacks along with countermeasures, implementations. We also present direction for SSL/TLS attacks resistance in practice.

• 한국정보통신설비학회:학술대회논문집
• /
• 2008.08a
• /
• pp.211-217
• /
• 2008

Recently, there are many efforts to support seamless mobility in 802.11 WLANs using IP Layer mobility protocols. The IP layer mobility protocols are the most efficient mechanism to guarantee the service session continuity when IP subnet is changed during handover. Even if the IP layer mobility protocols are quite efficient, the feature of the protocols that had been designed to consider only L3 layer makes it difficult to improve the performance of hand over more and more. Nowadays, to overcome this limitation of IP mobility protocols, many researchers have worked on the mobility protocols integration of different layers (e.g., L2 layer). In this paper, we propose the enhanced Proxy MIPv4 to minimize the latency of handover using MIH protocol in 802.11 WLANs. The proposed mechanism minimizes the latency of authentication by exchanging security keys between Access Routers during handover. Moreover, it also minimizes packet losses by Inter-AP Tunneling and data forwarding.