• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.731-751
• /
• 2021

The Internet of Things is a huge group of devices communicating each other and the interconnection of objects in the network is a basic requirement. Choosing a reliable device is critical because malicious devices can compromise networks and services. However, it is difficult to create a trust management model due to the mobility and resource constraints of IoT devices. For the centralized approach, there are issues of single point of failure and resource expansion and for the distributed approach, it allows to expand network without additional equipment by interconnecting each other, but it has limitations in data exchange and storage with limited resources and is difficult to ensure consistency. Recently, trust management models using fog nodes and blockchain have been proposed. However, blockchain has problems of low throughput and delay. Therefore, in this paper, a trust management model for selecting reliable devices in a fog-based IoT environment is proposed by applying IOTA, a blockchain technology for the Internet of Things. In this model, Directed Acyclic Graph-based ledger structure manages trust data without falsification and improves the low throughput and scalability problems of blockchain.

• Journal of Internet Computing and Services
• /
• v.20 no.1
• /
• pp.87-96
• /
• 2019

In this paper, we propose a MapReduce-supported clustering technique for collecting and classifying distributed workflow enactment event logs as a preprocessing tool. Especially, we would call the distributed workflow enactment event logs as Workflow BIG-Logs, because they are satisfied with as well as well-fitted to the 5V properties of BIG-Data like Volume, Velocity, Variety, Veracity and Value. The clustering technique we develop in this paper is intentionally devised for the preprocessing phase of a specific workflow process mining and analysis algorithm based upon the workflow BIG-Logs. In other words, It uses the Map-Reduce framework as a Workflow BIG-Logs processing platform, it supports the IEEE XES standard data format, and it is eventually dedicated for the preprocessing phase of the ${\rho}$-Algorithm that is a typical workflow process mining algorithm based on the structured information control nets. More precisely, The Workflow BIG-Logs can be classified into two types: of activity-based clustering patterns and performer-based clustering patterns, and we try to implement an activity-based clustering pattern algorithm based upon the Map-Reduce framework. Finally, we try to verify the proposed clustering technique by carrying out an experimental study on the workflow enactment event log dataset released by the BPI Challenges.

• KIPS Transactions on Computer and Communication Systems
• /
• v.8 no.2
• /
• pp.41-56
• /
• 2019

Cloud manufacturing is a new concept of manufacturing process that works like a single factory with connected multiple factories. The cloud manufacturing system is a kind of large-scale CPS that produces products through the collaboration of distributed manufacturing facilities based on technologies such as cloud computing, IoT, and virtualization. It utilizes diverse and distributed facilities based on centralized information systems, which allows flexible composition user-centric and service-oriented large-scale systems. However, the cloud manufacturing system is composed of a large number of highly heterogeneous subsystems. It has difficulties in interconnection, data exchange, information processing, and system verification for system construction. In this paper, we derive the user requirements of various aspects of the cloud manufacturing system, such as functional, human, trustworthiness, timing, data and composition, based on the CPS Framework, which is the analysis methodology for CPS. Next, by analyzing the user requirements we define the system requirements including scalability, composability, interactivity, dependability, timing, interoperability and intelligence. We map the defined CPS system requirements to the requirements of oneM2M, which is the platform standard for IoT, so that the support of the system requirements at the level of the IoT platform is verified through Mobius, which is the implementation of oneM2M standard. Analyzing the verification result, finally, we propose a large-scale cloud manufacturing platform based on oneM2M that can meet the cloud manufacturing requirements to support the overall features of the Cloud Manufacturing CPS with dependability.

• Journal of Internet Computing and Services
• /
• v.23 no.3
• /
• pp.21-33
• /
• 2022

This paper is to suggest the secure secret sharing system in order to outstandingly reduce the damage caused by the leakage of the corporate secret. This research system is suggested as efficient P2P distributed system kept from the centrally controlled server scheme. Even the bitcoin circulation system is also based on P2P distribution scheme recenly. This research has designed the secure circulation of the secret shares produced by Threshold Shamir Secret Sharing scheme instead of the shares specified in the torrent file using the simple, highly scalable and fast transferring torrent P2P distribution structure and its protocol. In addition, this research has studied to apply both Shamir Threshold Secret Sharing scheme and the securely strong multiple user authentication based on Collaborative Threshold Autentication scheme. The secure transmission of secret data is protected as using the efficient symmetric encryption with the session secret key which is safely exchanged by the public key encryption. Also it is safer against the leakage because the secret key is effectively alive only for short lifetime like a session. Especially the characteristics of this proposed system is effectively to apply the threshold secret sharing scheme into efficient torrent P2P distributed system without modifying its architecture of the torrent system. In addition, this system guaranttes the confidentiality in distributing the secret file using the efficient symmetric encryption scheme, which the session key is securely exchanged using the public key encryption scheme. In this system, the devices to be taken out can be dynamically registered as an user. This scalability allows to apply the confidentiality and the authentication even to dynamically registerred users.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.25 no.5B
• /
• pp.899-912
• /
• 2000

PVM provides users with a single image of high performance parallel computing machine by collecting machines distributed over a network. Low communication overhead is essential to effectively run applications on PVM based platforms. In the original PVM, three times of memory copies are required for a PVM task to send a message to a remote task, which results in performance degradation. We propose a zero-copy model using global shared memory that can be accessed by PVM tasks, PVM daemon, and network interface card(NIC). In the scheme, a task packs data into global shared memory, and notify daemon that the data is ready to be sent, then daemon routes the data to a remote task to which it is sent with no virtual data copy overhead. Experimental result reveals that the message round trip time between two machines is reduced significantly in the proposed zero-copy scheme.

• The Journal of the Korea Contents Association
• /
• v.9 no.4
• /
• pp.131-141
• /
• 2009

An increasing variety of malware, such as worms, spyware and adware, threatens both personal and business computing. Remotely controlled bot networks of compromised systems are growing quickly. This paper proposes an intrusion detection system based outflow traffic analysis. Many research efforts and commercial products have focused on preventing intrusion by filtering known exploits or unknown ones exploiting known vulnerabilities. Complementary to these solutions, the proposed IDS can detect intrusion of unknown new mal ware before their signatures are widely distributed. The proposed IDS is consists of a outflow detector, user monitor, process monitor and network monitor. To infer user intent, the proposed IDS correlates outbound connections with user-driven input at the process level under the assumption that user intent is implied by user-driven input. As a complement to existing prevention system, proposed IDS decreases the danger of information leak and protects computers and networks from more severe damage.

• Journal of KIISE:Computing Practices and Letters
• /
• v.9 no.2
• /
• pp.191-204
• /
• 2003

In the home gateway environment, several characteristics for the user authentication mechanism should be reflected separately from the existing distributed service environment. First, the platform of a home gateway is a component based system that its services are installed dynamically. Second, the convenience that user can use several services by authentication of once should be offered. Finally, the system resources of a home gateway are restricted. However, a user authentication mechanism that reflected these characteristics is not shown at the user admin service specification of the OSGi service platform.(OSGi is the representative standardization organization of hone gateway.) Also, there is no existing authentication protocol that satisfies these qualities at the same time. In this paper, we propose a new user authentication mechanism considering those characteristics for the home gateway environment. We also design and implement an independent authentication service bundle based on the OSGi service platform so that it can perform user authentication operations for each bundle service. We supplement and extend the Kerberos Protocol that can apply.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.6
• /
• pp.1069-1073
• /
• 2016

The Internet of Things (IoT) is the interconnection of uniquely identifiable embedded computing devices within the existing Internet infrastructure. IoT is expected to offer advanced connectivity of devices, systems, and services that goes beyond machine-to-machine communications and covers a variety of protocols, domains, and applications. Key system-level features that IoT needs to support can be summarized as device heterogeneity, scalability, ubiquitous data exchange through proximity wireless technologies, energy optimized solutions, localization and tracking capabilities, self-organization capabilities, semantic interoperability and data management, embedded security and privacy-preserving mechanisms. Time information is a critical piece of infrastructure for any distributed system. Time information and time synchronization are also fundamental building blocks in the IoT. The IoT requires new paradigms for combining time and data. This paper reviews conventional time keeping mechanisms in the Internet and presents issues to be considered for combining time and data in the IoT.

• Journal of Positioning, Navigation, and Timing
• /
• v.4 no.2
• /
• pp.67-72
• /
• 2015

Power grid techniques are distributed over general power systems ranging from power stations to power transmission, power distribution, and users. To monitor and control the elements and performance of a power system in real time in the extensive area of power generation, power transmission, wide-area monitoring (WAM) and control techniques are required (Sattinger et al. 2007). Also, to efficiently operate a power grid, integrated techniques of information and communication technology are required for the application of communication network and relevant equipment, computing, and system control software. WAM should make a precise power grid measurement of more than once per cycle by time synchronization using GPS. By collecting the measurement values of a power grid from substations located at faraway regions through remote communication, the current status of the entire power grid system can be examined. However, for GPS that is used in general national industries, unexpected dangerous situations have occurred due to its deterioration and jamming. Currently, the power grid is based on a synchronization system using GPS. Thus, interruption of the time synchronization system of the power system due to the failure or abnormal condition of GPS would have enormous effects on each field such as economy, security, and the lives of the public due to the destruction of the synchronization system of the national power grid. Developed countries have an emergency substitute system in preparation for this abnormal situation of GPS. Therefore, in Korea, a system that is used to prepare for the interruption of GPS reception should also be established on a long-term basis; but prior to this, it is required that an evaluation technique for the time synchronization performance of a GPS receiver using an atomic clock within the power grid. In this study, a monitoring system of time synchronization based on GPS at a power grid was implemented, and the results were presented.

• KIISE Transactions on Computing Practices
• /
• v.23 no.12
• /
• pp.698-702
• /
• 2017

Since the introduction of Deep Neural Networks to the Natural Language Processing field, two major approaches have been considered for modeling text. One method involved learning embeddings, i.e. the distributed representations containing abstract semantics of words or sentences, with the textual context. The other strategy consisted of composing the embeddings trained by the above to get embeddings of longer texts. However, most studies of the composition methods just adopt word embeddings without consideration of the optimal embedding unit and the optimal method of composition. In this paper, we conducted experiments to analyze the optimal embedding unit and the optimal composition method for modeling longer texts, such as documents. In addition, we suggest a new discourse-based composition to overcome the limitation of the sequential composition method on composing sentence embeddings.