• Title/Summary/Keyword: H/W vulnerability

Search Result 4, Processing Time 0.012 seconds

Vulnerabilities Analysis of the OTP Implemented on a PC (PC에 탑재된 OTP의 취약점 분석)

  • Hong, Woo-Chan;Lee, Kwang-Woo;Kim, Seung-Joo;Won, Dong-Ho
    • The KIPS Transactions:PartC
    • /
    • v.17C no.4
    • /
    • pp.361-370
    • /
    • 2010
  • OTP(One Time Password) is a user authentication using secure mechanism to authenticate each other in a way to generate a password, an attacker could intercept the password to masquerade as legitimate users is a way to prevent attacks. The OTP can be implemented as H/W or S/W. Token and card type OTP, implemented as H/W, is difficult to popularize because of having problem with deployment and usability. As a way to replace it implemented as S/W on Mobile or PC is introduced. However, S/W products can be target of malicious attacks if S/W products have vulnerability of implementation. In fact, FSA said the OTP implemented on a mobile have vulnerability of implementation. However, the OTP implemented on a PC have no case about analysis of vulnerability. So, in this paper derive security review and vulnerabilities analysis of implemented on a PC.

Countermeasures to the Vulnerability of the Keyboard Hardware (키보드컨트롤러의 하드웨어 취약점에 대한 대응 방안)

  • Jeong, Tae-Young;Yim, Kang-Bin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.4
    • /
    • pp.187-194
    • /
    • 2008
  • This paper proposes an effective countermeasure to an intrinsic hardware vulnerability of the keyboard controller that causes sniffing problem on the password authentication system based on the keyboard input string. Through the vulnerability, some possible attacker is able to snoop whole the password string input from the keyboard even when any of the existing keyboard protection software is running. However, it will be impossible for attackers to gather the exact password strings if the proposed policy is applied to the authentication system though they can sniff the keyboard hardware protocol. It is expected that people can use secure Internet commerce after implementing and applying the proposed policy to the real environment.

JTAG fault injection methodology for reliability verification of defense embedded systems (국방용 임베디드 시스템의 고신뢰성 검증을 위한 JTAG 결함주입 방법론 연구)

  • Lee, Hak-Jae;Park, Jang-Won
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.14 no.10
    • /
    • pp.5123-5129
    • /
    • 2013
  • In this paper, it is proposed that JTAG fault injection environment and the results of the classification techniques that the reliability of embedded systems can be tested. As applying these, this is possible to quantitative analysis of vulnerable factor for system. The quantitative analysis for the degree of vulnerability of system is evaluated by faults errors, and failures classification schemes. When applying these schemes, it is possible to verify process and classify for fault that might occur in the system.

The use of SMA wire dampers to enhance the seismic performance of two historical Islamic minarets

  • El-Attar, Adel;Saleh, Ahmed;El-Habbal, Islam;Zaghw, Abdel Hamid;Osman, Ashraf
    • Smart Structures and Systems
    • /
    • v.4 no.2
    • /
    • pp.221-232
    • /
    • 2008
  • This paper represents the final results of a research program sponsored by the European Commission through project WIND-CHIME ($\underline{W}$ide Range Non-$\underline{IN}$trusive $\underline{D}$evices toward $\underline{C}$onservation of $\underline{HI}$storical Monuments in the $\underline{ME}$diterranean Area), in which the possibility of using advanced seismic protection technologies to preserve historical monuments in the Mediterranean area is investigated. In the current research, the dynamic characteristics of two outstanding Mamluk-Style minarets, which similar minarets were reported to experience extensive damage during Dahshur 1992 earthquake, are investigated. The first minaret is the Qusun minaret (1337 A.D, 736 Hijri Date (H.D)) located in El-Suyuti cemetery on the southern side of the Salah El-Din citadel. The minaret is currently separated from the surrounding building and is directly resting on the ground (no vaults underneath). The total height of the minaret is 40.28 meters with a base rectangular shaft of about 5.42 ${\times}$ 5.20 m. The second minaret is the southern minaret of Al-Sultaniya (1340 A.D, 739 H.D). It is located about 30.0 meters from Qusun minaret, and it is now standing alone but it seems that it used to be attached to a huge unidentified structure. The style of the minaret and its size attribute it to the first half of the fourteenth century. The minaret total height is 36.69 meters and has a 4.48 ${\times}$ 4.48 m rectangular base. Field investigations were conducted to obtain: (a) geometrical description of the minarets, (b) material properties of the minarets' stones, and (c) soil conditions at the minarets' location. Ambient vibration tests were performed to determine the modal parameters of the minarets such as natural frequencies and mode shapes. A $1/16^{th}$ scale model of Qusun minaret was constructed at Cairo University Concrete Research Laboratory and tested under free vibration with and without SMA wire dampers. The contribution of SMA wire dampers to the structural damping coefficient was evaluated under different vertical loads and vibration amplitudes. Experimental results were used along with the field investigation data to develop a realistic 3-D finite element model that can be used for seismic risk evaluation of the minarets. Examining the updated finite element models under different seismic excitations indicated the vulnerability of such structures to earthquakes with medium to high a/v ratio. The use of SMA wire dampers was found feasible for reducing the seismic risk for this type of structures.