• Review of KIISC
• /
• v.13 no.1
• /
• pp.77-91
• /
• 2003

무선랜에서의 보안문제는 크게 두가지 측면에서 지적할 수 있는데, 첫 번째는 승인된 사용자에게만 접속을 허용하는 접속에 관한 보안이며, 다른 하나는 스니퍼 등을 이용해 무선랜을 통해 전송되는 내용 자체를 몰래 보는 도청 행위를 방어할 수 있는 보안이다. 특히 유선 네트워크와 달리 무선랜에서는 AP(Access Point)만 설치되어 있는 곳이면 누구나 쉽게 AP를 통해 네트워크를 이용할 수 있다. 이에 따라 무선랜에서 보다 중요성이 강조되는 보안문제는 접속에 관한 보안, 즉 사용자 인증이라고 할 수 있다. 그러나 무선랜 표준인 IEEE802.11b에서의 인증은 사용자 인증이 아닌 디바이스 인증에 머물고 있는 실정이며, 이 또한 매우 취약하다. 이에 따라 IEEE802.1x가 강력한 사용자 인증을 제공할 수 있는 메커니즘으로 개발되었다. IEEE802.1x에서는 EAP-TLS, LEAP, PEAP 등의 다양한 사용자 인증 메커니즘의 사용이 가능하다. 이러한 사용자 인증메커니즘은 모두 공개키 암호기술을 이용하고 있어 무선랜 환경에서의 PKI 구축이 요구된다. 본 고에서는 무선랜에서의 사용자 인증 메커니즘에 대해서 알아보고, 유선 네트워크와는 다른 특성을 갖는 무선랜 환경에서 PKI 구축시 고려해야 할 사항들에 대해서 분석하였다.

• Proceedings of the Korean Institute of Communication Sciences Conference
• /
• 2004.07a
• /
• pp.93-93
• /
• 2004

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.9
• /
• pp.271-282
• /
• 2015

In the business environment BYOD(Bring Your Own Device) is used and being expanded continuously. According to a survey conducted by Cisco in 2012 on 600 companies, 95% of them are already permitting the use of BYOD in their work environments so that productivity of their employees has improved as a result. Gartner predicted that the use of BYOD will be caused new security threat. They also suggested to introduce NAC(Network Access Control) to resolve this threat, to separate network zone based on importance of their business, to establish the policy to consider user authority and device type, and to enforce the policy. The purpose of this paper is to design and implement the NAC for granular access control based on IEEE(Institute of Electrical and Electronics Engineers) 802.1X and DHCP(Dynamic Host Configuration Protocol) fingerprinting, and to analyze the performance on BYOD environment.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.47 no.1
• /
• pp.19-24
• /
• 2010

This paper proposes a unified time-domain channel estimator (UTD-CE) for ubiquitous wireless broadband access based on orthogonal frequency division multiplexing (OFDM) systems. As a part of a software radio platform for ubiquitous services, the proposed UTD-CE can be exploited with the simply changeable parameters, pilot symbols and pilot subcarriers allocation, which are usually different according to the system specifications such as IEEE802.11x WiFI, IEEE802.16x WiMAX, DMB, Media FLO, DVB-H, etc. Given the pilot information, the channel frequency responses (CFRs) of data subcarriers will be analogously estimated by Wiener filtering and discrete Fourier transform (DFT)-based interpolation in the UTD-CE. Simulation results indicate that the proposed method significantly outperforms the conventional time-domain channel estimator when the pilot information is changed.

• Journal of Korea Multimedia Society
• /
• v.11 no.8
• /
• pp.1101-1110
• /
• 2008

Nespot provides a convenient wireless internet connection service. The existing IEEE 802.1X EAP-MD5 authentication mechanism can be achieved based on ID/password information for a wireless connection. The Nespot system offers an advanced accounting and authorization procedure for providing wireless user authentication mechanism. However, many problems were found on the existing Nespot EAP-MD5 mechanism such as a ill value exposure, a leakage of personal information on wireless authentication procedure and a weakness on Nespot mutual authentication mechanism. Therefore, we analyzed the limitation of the existing IEEE 802.1X EAP-MD5 certification system, and suggested a one-time session key based authentication mechanism. And then we offered a simplified encryption function on the Nespot certification process for providing secure mutual authentication process.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.11b
• /
• pp.1329-1332
• /
• 2002

최근에 공공장소에서의 보다 안정적이고 고속의 무선 인터넷 접속에 대한 욕구가 커지면서 무선랜에 대한 수요가 많아지고 있고, 유무선 사업자들은 무선랜 시장을 선점하기 위해서 서비스를 서두르고 있다. 이와 같은 무선랜환경에서 안전하게 사용자를 인증하고 서비스를 제공하기 위해서 802.1x 표준이 정의되었다. 이와 같은 802.1x 표준의 관리를 위한 MIB 구조가 IEEE 802.1x MIB에 정의되어 있다. 본 논문에서는 무선단말 사용자를 인증시켜 주고 무선랜서비스를 허가해주는 authenticator의 입장에서 AP를 관리하기 위한 관리 시스템을 위의 MIB 을 기준으로 해서 설계하고 구현하였다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.6C
• /
• pp.601-606
• /
• 2005

Recently with the high expectation of voice over WLAN service, to supped fast inter-AP security transition in WLAN AP is one of the most actively investigating issues. It is also very important to minimize inter-AP security transition latency, while maintaining constantly the secure association from old AP when a station transits to new AP. Hence, this paper first defines secure transition latency as a primary performance metric of AP system in WLAN supporting IEEE802.11i, 802.1x, and 802.11f, and then presents low latency inter-AP security transition mechanism and its security FSM whose objective is to minimize inter-AP transition latency. Experiment shows that the proposed scheme outperforms the legacy 802.1X AP up to $79\%$ with regard to the transition latency.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.15 no.1
• /
• pp.95-101
• /
• 2016

Vehicular communications is system which can be applied for transmission of various safety messages or Intelligent Transportation Systems(ITS) applications by combining vehicle/road technology with Information and Communication Technology(ICT). In recent years, a variety of ITS services are available such as driving information, road conditions, V2X messages as well as navigation and traffic jams notification. In general, vehicular communications can be used for vehicle-to-vehicle and vehicle-to-infrastructure communication by adopting IEEE802.11p/1609 standard which is commonly known as wireless access in vehicular environments. In this paper, WAVE communication standard based on the IEEE802.11p is explained and signal characteristics in WAVE communication is introduced. Also, The H/W and S/W characteristics in Road Side Station and On Board Equipment for the Vehicle to Everything communication are analyzed. Received Signal Strength which is power of receiving signal of communication equipment is measured in test road to estimate the real WAVE communication's performance. It is shown that the implemented WAVE communication technology is satisfactory to provide ITS services.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.11 s.353
• /
• pp.149-158
• /
• 2006

We proposed a method for improving a performance of TCP downstream between a desktop PC as a fixed host and a PDA as a mobile host in a wired and wireless network based on IEEE 802.11x wireless LAN. With data transmission between these heterogeneous terminals a receiving time during downstream is slower than that during upstream by 20% at maximum. The reason is that their congestion window size will be oscillated due to a significantly lower packet processing rate at receiver compared to a packet sending rate at sender. Thus it will cause to increase the number of control packets to negotiate their window size. To mitigate these allergies, we proposed two distinct methods. First, by increasing a buffer size of a PDA at application layer an internal processing speed of a socket receive buffer of TCP becomes faster and then the window size is more stable. However, a file access time in a PDA is kept nearly constant as the buffer size increases. With the buffer size of 32,768bytes the receiving time is faster by 32% than with that of 512bytes. Second, a delay between packets to be transmitted at sender should be given. With an inter-packet delay of 5ms at sender a resulting receiving time is faster by 7% than without such a delay.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.10a
• /
• pp.700-702
• /
• 2003

최근 고속 무선 네트워크에 대한 사용자의 요구가 증가함에 따라, 낮은 전송속도를 가지는 이동통신 시스템의 대안으로 무선 네트워크 시스템이 부각되고 있다. 무선 네트워크 기술의 보안 취약점은 무선 네트워크 사용의 중요한 장애요인이다. IEEE 802.1x, IEEE 802.11i에서는 인증과 데이터 프라이버시 제공을 위한 표준을 내고 있으나, 무선 네트워크 보안을 완벽하게 지원하지는 않는다. 본 논문에서는 무선 네트워크 환경의 트래픽을 모니터링하고. 통합 관리 서버를 통하여 여러 무선 네트워크를 통합적으로 관리하는 시스템을 설계하고 구현한다.