• Smart Media Journal
• /
• v.9 no.1
• /
• pp.30-37
• /
• 2020

Enforcing additional authentication to password-based authentication, in addition to attempting to increase the security of the password itself, helps to improve the security of the password authentication scheme. For a well-known problem of using strong passwords that differ from site to site, we propose a scheme for password generation and management with an inherent supplementary authentication. Like the so-called password manager, the scheme retrieves and presents a strong site-specific password whenever requested without requiring the user to remember multiple passwords. Unlike the existing methods, however, the scheme permits the password retrieval process to proceed only through the authenticated user's ownership verified smartphone. Hence, even for sites not enforcing or supporting two-factor authentication, the logon process can benefit from the scheme's assurance of enhanced security with its two-factor equivalent authentication. The scheme can also prevent an attacker from impersonating a user or stealing secrets even when the stored information of the server for password retrieval service or the user's smartphone is leaked.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.4
• /
• pp.61-74
• /
• 2007

In Common Criteria evaluation scheme, sponsor and evaluator should estimate evaluation cost and duration of IT security system evaluation in contracting the evaluation project. In this paper, We analyzed study result that achieve at 2003 and 2005, and utilized part of study result. And we empirically estimate relative evaluation effort ratios among evaluation assurance levels($EAL1{\sim}EAL7$) in CC v2.3 and CC v3.1. Also, we estimate the ratios from 'developer action elements', adjusted 'content and presentation of evidence elements', and 'evaluator action elements 'for each assurance component. We, especially, use ratio of amount of effort for each 'evaluator action elements', that was obtained from real evaluators in KISA in 2003. Our result will useful for TOE sponsor as well as evaluation project manager who should estimate evaluation cost and duration for a specific EAL and type of TOE, in a new CC v3.1 based evaluation schem.

• Journal of the military operations research society of Korea
• /
• v.30 no.1
• /
• pp.107-134
• /
• 2004

Today's Internet is providing a single service which is so-called "best-effort service". Now, multimedia and real-time applications are not only demanding large bandwidth but also requiring high QoS. For this, MPLS and DiffServ technology can be adopted to support more scalability and QoS for data traffic engineering. The DISN(Defense Information Systems Network) supports CBR service for voice traffic and VBR service for data traffic which is best-effort service. We propose how to adopt MPLS and DiffServ technology to support traffic engineering and guarantee QoS in the DISN. A traffic analysis according to prioritized traffic classes is done using OPNET simulation tool for assuring QoS. The result shows that low priority packets are delayed a little bit, but high priority packets are transferred more efficiently than without traffic engineering.gineering.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.103-108
• /
• 2004

A Home Location Register(HLR) database system manages each subscriber's location information, which continuously changes in a cellular network. For this purpose, the HLR database system provides table management, index management, and backup management facilities. In this thesis, I propose using a two-level index method for the mobile directory number(MDN) as a suitable method and a chained bucket hashing method for the electronic serial number(ESN). Both the MDN and the ESN are used as keys in the HLR database system. I also propose an efficient backup method that takes into account the characteristics of HLR database transactions. The retrieval speed and the memory usage of the two-level index method are better than those of the T-tree index method. The insertion and deletion overhead of the chained bucket hashing method is less than that of the modified linear hashing method. In the proposed backup method, I use two kinds of dirty flags in order to solvethe performance degradation problem caused by frequent registration-location operations. I also propose using additional attributes in the HLR database scheme for location information secrecy as a suitable security method.

• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 2003.05a
• /
• pp.208-216
• /
• 2003

ISO 14649 (data model for STEP-NC) is a new interface scheme or language for CAD-CAM-CNC chain under established by ISO TC184 SCI. Up to this point, the new language is mainly made for milling and turning, and other processes such as EDM will be completed in the future. Upon completion, it will be used as the international standard language for e-manufacturing paradigm by replacing the old machine-level language, so called M&G code used since 1950's. With the rich information contents included in the new language, various intelligent functions can be made by the CNC as the CNC knows what-to-make and how-to-make. In particular, On-Machine Inspection required for quality assurance in the machine level, can be done based on the information of feature­based tolerance graph. Previously, On-Machine inspection has been investigated mainly for milling operation, and only a few researches were made for turning operation without addressing the data model. In this thesis, we present a feature-based on-machine inspection process by the 4 Tasks: 1) proposing a new schema for STEP-NC data model, 2) converting the conventional tolerance scheme into that of STEP-NC, 3) modifying the tolerance graph such that the tolerance can be effectively measured by the touch probe on the machine, and 4) generating collision-free tool path for actual measurement. Task 1 is required for the incorporation of the presented method in the ISO 14649, whose current version does not much include the detailed schema for tolerance. Based on the presented schema, the tolerance represented in the conventional drafting can be changed to that of STEP-NC (Task 2). A special emphasis was given to Task 3 to make the represented tolerance accurately measurable by the touch probe on the machine even if the part setup is changed. Finally, Task 4 is converting the result of Task into the motion of touch probe. The developed schema and algorithms were illustrated by several examples including that of ISO 14649 Part 12.

• Transactions of the Korean Society for Noise and Vibration Engineering
• /
• v.23 no.1
• /
• pp.84-91
• /
• 2013

Ultrasonic flip-chip bonding needs a precise bonding tool which delivers ultrasonic energy into chip bumps effectively to use the selected resonance mode and frequency of the horn structure. The bonding tool is excited at the resonance frequency and the input and output ports should locate at the anti-nodal points of the resonance mode. In this study, we propose new design method with topology optimization for ultrasonic bonding tools. The SIMP(solid isotropic material with penalization) method is used to formulate topology optimization and OC(optimal criteria) algorithm is adopted for the update scheme. MAC(modal assurance criterion) tracking is used for the target frequency and mode. We fabricate two prototypes of ultrasonic tools which are based on 3D optimization models after reviewing 2D and 3D topology optimization results. The prototypes are satisfied with the ultrasonic frequency and vibration amplitude as the ultrasonic bonding tools.

• Structural Monitoring and Maintenance
• /
• v.2 no.2
• /
• pp.95-113
• /
• 2015

The knowledge of the behavior of any roller compacted concrete (RCC) dam and its foundation is gained by studying the service action of the dam and its foundation using measurements of an external and internal nature. The information by which a continuing assurance of structural safety of the RCC dam can be gauged is of primary importance. Similarly, the fact that the information on structural and thermal behavior and the properties of concrete that may be used to give added criteria for use in the design of future RCC dams is of secondary importance. Wide spread attention is now being given to the installation of more expensive instrumentation for studying the behavior of concrete dams and reservoirs and forecasting of any adverse trends. In view of this, the paper traces installation and need of the comprehensive instrumentation scheme implemented to monitor the structural and thermal behavior of 102.4 m high RCC dam constructed near Mumbai in India. An attempt is made in the present paper to emphasize the need to undertake an instrumentation program and evaluate their performance during construction and post construction stage of RCC structures. Few typical results, regarding the thermal and structural behavior of the dam, obtained through instrumentation installed at the dam site are presented and compared with the design considerations. The fair agreement is seen in the response observed through instrumentation with that governing the design criteria.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.3B
• /
• pp.135-143
• /
• 2008

In this paper, we propose a QoS guaranteed and energy-efficient transmission scheme for Wireless Personal Area Networks (WPANs), which operate in conjunction with contention-based access protocols such as CSMA/CA. Energy consumption is one of the most important issues in WPAN systems, because WPAN devices are often required to operate under limited battery capacity. Furthermore, if the WPAN adopts a contention-based medium access protocol, the energy consumption problem becomes even more critical due to the collisions caused by independent channel access trials. Therefore, in this paper, we propose an algorithm that selects the optimum fragment size, modulation level, and transmission power, in order to minimize the energy consumption and guaranteethe QoS (Quality of Service) requirements, simultaneously. Our simulation results show that the proposed algorithm has better performance than the previous ones.

• Journal of KIISE
• /
• v.42 no.1
• /
• pp.97-106
• /
• 2015

Recently, research on database encryption for data protection and query result authentication methods has been performed more actively in the database outsourcing environment. Existing database encryption schemes are vulnerable to order matching and counting attack of intruders who have background knowledge of the original database domain. Existing query result integrity auditing methods suffer from the transmission overhead of verification object. To resolve these problems, we propose a group-order preserving encryption index and a query result authentication method based on the encryption index. Our group-order preserving encryption index groups the original data for data encryption and support query processing without data decryption. We generate group ids by using the Hilbert-curve so that we can protect the group information while processing a query. Finally, our periodic function based data grouping and query result authentication scheme can reduce the data size of the query result verification. Through performance evaluation, we show that our method achieves better performance than an existing bucket-based verification scheme, it is 1.6 times faster in terms of query processing time and produces verification data that is 20 times smaller.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.51 no.8
• /
• pp.58-65
• /
• 2014

A recent issued Internet of Things (IoT) is based on the service that everything around us is exchanging the information and reacting upon these information. These IoT services are mainly dealing with the information that was generated by the information nodes of IoT networks such as sensors, where the way how the information from information nodes should be dealt with is very important in terms of service reliability in IoT networks. This paper introduces a new scheme for service reliability and energy efficiency that is reducing the energy consumption of actuator node reacting upon the request messages from the information nodes in IoT networks.