• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.7
• /
• pp.3369-3385
• /
• 2019

There are various research challenges in vehicular ad hoc networks (VANETs) that need to be focused until an extensive deployment of it becomes conceivable. Design and development of a scalable routing algorithm for VANETs is one of the critical issue due to frequent path disruptions caused by the vehicle's mobility. This study aims to provide a novel road-aware routing protocol for vehicular networks named as Two-level hierarchical Hybrid Road-Aware (THERA) routing for vehicular ad hoc networks. The proposed protocol is designed explicitly for inter-vehicle communication. In THERA, roads are distributed into non-overlapping road segments to reduce the routing overhead. Unlike other protocols, discovery process does not flood the network with packet broadcasts. Instead, THERA uses the concept of Gateway Vehicles (GV) for the discovery process. In addition, a route between source and destination is flexible to changing topology, as THERA only requires road segment ID and destination ID for the communication. Furthermore, Road-Aware routing reduces the traffic congestion, bypasses the single point of failure, and facilitates the network management. Finally yet importantly, this paper also proposes a probabilistical model to estimate a path duration for each road segment using the highway mobility model. The flexibility of the proposed protocol is evaluated by performing extensive simulations in NS3. We have used SUMO simulator to generate real time vehicular traffic on the roads of Gangnam, South Korea. Comparative analysis of the results confirm that routing overhead for maintaining the network topology is smaller than few previously proposed routing algorithms.

• Journal of Internet Computing and Services
• /
• v.15 no.3
• /
• pp.79-90
• /
• 2014

User authentication based on ID and PW has been widely used. As the Internet has become a growing part of people' lives, input times of ID/PW have been increased for a variety of services. People have already learned enough to perform the authentication procedure and have entered ID/PW while ones are unconscious. This is referred to as the adaptive unconscious, a set of mental processes incoming information and producing judgements and behaviors without our conscious awareness and within a second. Most people have joined up for various websites with a small number of IDs/PWs, because they relied on their memory for managing IDs/PWs. Human memory decays with the passing of time and knowledges in human memory tend to interfere with each other. For that reason, there is the potential for people to enter an invalid ID/PW. Therefore, these characteristics above mentioned regarding of user authentication with ID/PW can lead to human vulnerabilities: people use a few PWs for various websites, manage IDs/PWs depending on their memory, and enter ID/PW unconsciously. Based on the vulnerability of human factors, a variety of information leakage attacks such as phishing and pharming attacks have been increasing exponentially. In the past, information leakage attacks exploited vulnerabilities of hardware, operating system, software and so on. However, most of current attacks tend to exploit the vulnerabilities of the human factors. These attacks based on the vulnerability of the human factor are called social-engineering attacks. Recently, malicious social-engineering technique such as phishing and pharming attacks is one of the biggest security problems. Phishing is an attack of attempting to obtain valuable information such as ID/PW and pharming is an attack intended to steal personal data by redirecting a website's traffic to a fraudulent copy of a legitimate website. Screens of fraudulent copies used for both phishing and pharming attacks are almost identical to those of legitimate websites, and even the pharming can include the deceptive URL address. Therefore, without the supports of prevention and detection techniques such as vaccines and reputation system, it is difficult for users to determine intuitively whether the site is the phishing and pharming sites or legitimate site. The previous researches in terms of phishing and pharming attacks have mainly studied on technical solutions. In this paper, we focus on human behaviour when users are confronted by phishing and pharming attacks without knowing them. We conducted an attack experiment in order to find out how many IDs/PWs are leaked from pharming and phishing attack. We firstly configured the experimental settings in the same condition of phishing and pharming attacks and build a phishing site for the experiment. We then recruited 64 voluntary participants and asked them to log in our experimental site. For each participant, we conducted a questionnaire survey with regard to the experiment. Through the attack experiment and survey, we observed whether their password are leaked out when logging in the experimental phishing site, and how many different passwords are leaked among the total number of passwords of each participant. Consequently, we found out that most participants unconsciously logged in the site and the ID/PW management dependent on human memory caused the leakage of multiple passwords. The user should actively utilize repudiation systems and the service provider with online site should support prevention techniques that the user can intuitively determined whether the site is phishing.

• Journal of National Security and Military Science
• /
• s.1
• /
• pp.71-111
• /
• 2003

The key lessons of the very complex modern war can be dangerously misleading to the outsiders. The efforts trying to draw lessons learned from the Iraq War (OIF : Operation Iraqi Freedom) may be biased by the view of point by Americans, because most of war episodes have been come from the Western media coverage. More serious bias can be committed thanks to the differences of warfighting doctrines and military technology between US forces and ROK forces. However, OIF-fought allied commanders and outside military experts said this campaign exemplified 21st-century warfare: swift, agile and decisive, employing overpowering technology to bring relentless violence to bear in many places at once. Even though the campaign evolved differently than anticipated, allied forces regrouped and regained the initiative remarkably quickly, thanks in large part to a new command flexibility, tied to new technology that made possible the more rapid sharing of data. These factors permitted "new air-land dynamic". The things that compel that are good sensors networked with good intelligence disseminated through a robust networking system, which then yields speed. Speed turns out to be a very important factor for conducting "Rapid Decisive Operations" relied on joint "Mass of Effects". ROK forces facing the heaviest ground threat in the world may learn more from Cold War era-typed US Army 3rd Infantry Division (3ID), which operating considerably beyond existing doctrine. 3ID flew its personnel into Kuwait to meet up with equipment already located in the region as pre-positioned stock. During OIF, the division conducted continuous offensive operations over 230km deep battlespace for 21 days. The lessons learned for ROK army to prepare tomorrow's war may be found from 3ID in its training, command and control, task organization, firepower and battlespace management, and logistics.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.3
• /
• pp.1229-1248
• /
• 2016

With the feature of convenience and low cost, remote healthcare monitoring (RHM) has been extensively used in modern disease management to improve the quality of life. Due to the privacy of health data, it is of great importance to implement RHM based on a secure and dependable network. However, the network connectivity of existing RHM systems is unreliable in disaster area because of the unforeseeable damage to the communication infrastructure. To design a secure RHM system in disaster area, this paper presents a Secure VANET-Assisted Remote Healthcare Monitoring System (SVC) by utilizing the unique "store-carry-forward" transmission mode of vehicular ad hoc network (VANET). To improve the network performance, the VANET in SVC is designed to be a two-level network consisting of two kinds of vehicles. Specially, an innovative two-level key management model by mixing certificate-based cryptography and ID-based cryptography is customized to manage the trust of vehicles. In addition, the strong privacy of the health information including context privacy is taken into account in our scheme by combining searchable public-key encryption and broadcast techniques. Finally, comprehensive security and performance analysis demonstrate the scheme is secure and efficient.

• International Journal of Contents
• /
• v.3 no.3
• /
• pp.6-14
• /
• 2007

In this paper, we design and implement a XML Repository System(XRS) that exploits the advantages of DBMSs and IRSs. Our scheme uses BRS to support full text indexing and content-based queries efficiently, and ORACLE to store XML documents, multimedia data, DTD and structure information. We design databases to manage XML documents including audio, video, images as well as text. We employ the non-composition model when storing XML documents into ORACLE. We represent structured information as ETID(Element Type Id), SORD(Sibling ORDer) and SSORD(Same Sibling ORDer). ETID is a unique value assigned to each element of DTD. SORD and SSORD represent an order information between sibling nodes and an order information among the sibling nodes with the same element respectively. In order to show superiority of our XRS, we perform various experiments in terms of the document loading time, document extracting time and contents retrieval time. It is shown through experiments that our XRS outperforms the existing XML document management systems. We also show that it supports various types of queries through performance experiments.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.3
• /
• pp.175-184
• /
• 2009

We are entering into a era of enterprise computing that is characterized by an emphasis on broadband convergence, knowledge s haring, and calm services. Some people refer to this as the "ubiquitous" computing because its focus is on a high degree of connectivity between a company and its customers, suppliers, and channel partners. Ubiquitous computing technology, "RF" stands for "radio frequency"; the "ID" means "identifer". The tag itself of a computer chip and an antenna. The shortest metaphor is that RFID is like a bar-code but is read with an electromagnetic field rather than by a laser beam. Much has already been written about the use of RFID. But there is no has written about the use of RFID in the convention industry. Therefore this study have specific objectives as follows. 1. To give details on the use of RFID in convention. 2. To introduces the key concepts behind RFID technology. 3. To identify advantage & disadvantage of RFID technology using a BEXCO CASE study. 4. To study on ubiquitous convention using RFID and effective operation methods such as entrance identification system, session management, machine management, CRM management, visitor management, and contents management. This results provide into the current status of ubiquitous computing technology in convention industries. Specific advantages by using ubiquitous computing technology(RFID) are one-stop differentiate service, wireless internet service, use of visitor management system, entrance by tag, and U-logistics. On other side, disadvantages are security, stabilization of RFID system, higher price of RFID tag, and commercial scale. Convention by using of RFID technology is currently at an early stage. Convention company as BEXCO need to have the capabilities to adapt, to customize, to commercialize, and to modify technology to suit our circumstances.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.2B
• /
• pp.263-268
• /
• 2010

This paper shows the key management system in a small metallic cabinet using a small UHF RFID tags. Each key chain with a key has a custom-designed small RFID tag antenna. There are 6 metallic racks in the small cabinet, and each rack can hold 60 key chains. Therefore, the small cabinet can hold 360 key chains with tags. The 360 key chains with RFID tags in a cabinet are recognized by RFID key chain management system. Even though it is hard to recognize 360 tags in the a cabinet, this RFID key management system with small custom designed RFID tags can recognize all the tags in the small cabinet. To read the all the tags, the locations of antennas and tag shapes are optimized. The reading rates based on the bios-version of the reader and the locations of the reader antennas are compared.

• Journal of the Korean BIBLIA Society for library and Information Science
• /
• v.29 no.3
• /
• pp.139-155
• /
• 2018

This study proposed an integrated management system model of researcher identifiers using the ISNI(International Standard Name Identifier) that can prevent duplicate issuance of identifiers and can be used to reorganize the authors' information. We looked at the metadata structure and management system of the ISNI that can be applied in various fields among identifiers. And we have designed the integrated ID system and system model that can manage the identifiers issued by each institute based on the ISNI. This model consists of data structure layer, platform layer, application layer, management and security layer (4 layers) and we have presented some of the key features and issues to consider when managing the integrations.

• Journal of Korea Entertainment Industry Association
• /
• v.15 no.7
• /
• pp.249-257
• /
• 2021

Recently, interest and demand for facial information processing technology that can provide non-face-to-face identity authentication and access management service using smart devices, which is an essential environmental improvement for multi-use facilities, is increasing as a way to prevent the spread of infectious diseases worldwide and to cope with social measures. This study defines a multi-use facility classification system and applied service field to establish a continuous access control system, and measures to improve the usability of the service platform considering scalability through a dual access control system and personal/measurement information type analysis, and accordingly We would like to propose a service roadmap. In addition, it aims to improve the physical access management system service platform, which is a multi-use facility application service that requires one-time and multiple-use authentication according to usage. It is expected that the methodology of this study can be applied as a service platform of a logical access control system type in the future.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2003.11a
• /
• pp.154-157
• /
• 2003

네트워크 상에서 송수신되는 데이터를 외부의 침입으로부터 보호하는 것은 매우 중요하며, 그 중 데이터의 무결성을 검증하고 보장하기 위한 방법으로 SSL(Secure Socket Layer)을 사용한다. 본 논문에서는 웹 환경에서 클라이언트와 서버간에 송수신되는 데이터의 무결성이 위배되었을 경우, 그 정보를 검증 및 관리할 수 있는 무결성 위배 데이터 검증 및 관리 시스템을 OpenSSL을 이용하여 구성하고, 꾑 서버를 통해 기록된 무결성 위배 로그 데이터는 IDS(Intrusion Detection System)로 전송하여 침입 탐지 정보와 항께 데이터의 무결성 검증 정보를 통합적으로 관리할 수 있도록 IDS와 연계된 무결성 정보 통합관리 시스템을 제안 및 설계하고자 한다.