• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.1
• /
• pp.35-41
• /
• 2016

Internet of Things (IoT) services are widely used in appliances of daily life and industries. IoT services also provide various conveniences to users and are expected to affect value added of all industries and national competitiveness. However, a variety of security threats are increased in IoT environments and lowers reliability of IoT devices and services that make some obstacles for commercialization. The attacks arising in IoT environments are making industrial and normal life accidents unlike existing information leak and monetary damages, and can expand damage scale of leakage of personal information and privacy more than existing them. To solve these problems, we design a session key based access control scheme for secure communications in IoT environments. The proposed scheme reinforces message security by generating session key between device and access control network system. We analyzed the stability of the proposed access scheme in terms of data forgery and corruption, unauthorized access, information disclosure, privacy violations, and denial of service attacks. And we also evaluated the proposed scheme in terms of permission settings, privacy indemnity, data confidentiality and integrity, authentication, and access control.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.1
• /
• pp.97-107
• /
• 2013

The recent increase in smartphone usage has ignited the development of new applications which have changed the way of living in this internet era in the world. Almost all users which have smartphone have used many kinds of applications for lots of part. Especially, Social Network Service is the most popular part for smartphone users. The greater part of smartphone users take messenger service for smartphone. This kinds of applications provide to manage as deactivation of user or change of device. When users take to manage their information, their information would be deleted securely. If secure deletion didn't work correctly and released, their personal information can be easily abused to by others through various means such as internet phishing. In this paper, we analysis that the messenger application's management function keeps on the Personal Information Protection Act and suggest to prevent legally and technically for user's personal information and privacy.

• Proceedings of the KIEE Conference
• /
• 1998.07e
• /
• pp.1852-1854
• /
• 1998

In this paper, we design an effective and secure optical subscriber loop to offer multimedia service to apartment residents. The designed subscriber loop has the following properties. First, a proxy is connected to HDT(Host Digital Termination) which is a switching device, in order to effectively support multimedia services. Second, a scheduler of HDT dynamically manages bandwidth allocation and reallocation to a subscriber considering the situation of communication traffic. Finally, three alternations are used for safety.

• Proceedings of the IEEK Conference
• /
• 2008.06a
• /
• pp.359-360
• /
• 2008

As broadband wireless access systems are widely accepted, VoIP service over the wireless network is being requested. Because previous VoIP implementations are designed to provide service over wired network, they does not consider security problem sufficiently that is one of the most vulnerable aspects of wireless communication. Therefore, this paper describes how to implement secure VoIP service over wireless network with minimum overhead.

• Journal of KIISE
• /
• v.43 no.10
• /
• pp.1094-1103
• /
• 2016

Physical Web and Eddystone can be serviced by a single integrated application on the device by using their servers' URL. However, they have a limitation that their servers must be customized for service characteristics on a case by case basis. In other words, regardless of the service selected for BLE, it should have a modified linkage application for each device. Hence, we think that a new integrated service platform, which is able to link and support its Beacon from the central server and is also able to support its application, is needed for achieving better service quality. This platform consists of push (Broadcasting for Beacon service) parts and pull (Connection) parts to establish communication. Especially, Pull should be operated and controlled under the authorization (secure) management for safe and trustable communication. It means that BLE must have its new authorization communications protocol to protect its data as much as possible. In this paper, we propose a BLE integrated authorization protocol for a BLE device control server based on Physical Web and Eddystone.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.1
• /
• pp.31-39
• /
• 2011

VoIP service uses packet network of ip-based because that has eavesdropping, interception, illegal user as vulnerable elements. In addition, PSTN of existing telephone network is subordinate line but VoIP service using the ip packet provide mobility. so The user authentication and VoIP user's account service using VoIP has emerged as a problem. To solve the vulnerability of SIP, when you use VoIP services with SIP, this paper has made it possible to authenticate user's terminal by using proxy server and proxy server by using authentication server. In conclusion, sender and receiver are mutually authenticated. In the mutual authentication process, the new session key is distributed after exchanging for the key between sender and receiver. It is proposed to minimize of service delay while the additional authentication. The new session key is able to authenticate about abnormal messages on the phone. This paper has made it possible to solve the vulnerability of existing SIP authentication by using mutual authentication between user and proxy server and suggest efficient VoIP service which simplify authentication procedures through key distribution after authentication.

• The Journal of Society for e-Business Studies
• /
• v.8 no.3
• /
• pp.241-257
• /
• 2003

XML is a global standard for the Internet and e-business, and its use is growing in proportion to the spreading speed of e-Commerce. Thus, a policy for providing more safe security service for exchanging e-documents within e-Commerce is necessary. XKMS, one of XML security specification, defines the protocol for distributing and registering public keys for verifying electronic signatures and enciphering e-documents of e-Commerce applications with various and complicate functions. In this paper, we propose X-KISS service reference model and implement service component based on standard specification. Also describes the analysis and security of XML key information service for safe e-Commerce, paying attention to the features of XML based security service. This reference model supported include public key location by given identifier information, the binding of such keys to identifier information. The client service component controls the number of locate threads and validate threads to analyze the minimum requirements of real-time key retrievals. This service modeling offers the security construction guideline for future domestic e-business frameworks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.111-122
• /
• 2008

Web service is defined to support interoperable machine to machine interaction over a network and defined as distributed technologies. Recently in web service environment, security has become one of the most critical issues. An attacker may expose user privacy and service information without authentication. Furthermore, the users of web services must temporarily delegate some or all of their behalf. This results in the exposure of user privacy information by agents. We propose a delegation model for providing safety of web service and user privacy in ubiquitous computing environments. In order to provide safety of web service and user privacy, XML-based encryption and a digital signature mechanism need to be efficiently integrated. In this paper, we propose web service management server based on XACML, in order to manage services and policies of web service providers. For this purpose, we extend SAML to declare delegation assertions transferred to web service providers by delegation among agents.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.12
• /
• pp.235-246
• /
• 2011

We are living in the era of globalization, convergence of multi technologies and dual service system especially in the cultural, social, political, economical and technical aspects. These waves are making us go beyond Information Society and urge to enter the Smart Society. In the past, we have focused only on creating, proceeding and accumulating vast amount of information. Where as today, we are hoping to be provided with more intellectual, cheep, and converged form with the help of stored information without any space and time constraints. In this thesis, with consideration of the knowledge based society service integration paradigm, we will first look at the concept of Smart Service with various case studies, proposition strategy implementation on Smart Platform by analysing the service the implementing aspect, looking at the roles of each related divisions, and measuring the secure elements etc.

• Journal of the Korean Society for Library and Information Science
• /
• v.50 no.4
• /
• pp.283-310
• /
• 2016

The present study aims to develop measures to enhance user service at Chungnam Representative Library by establishing Chungnam Representative Library Operation Master Plan. To this end, I conducted a literature review, analysis of services of other representative libraries, and a survey. The study results suggested six measures for user service enhancement. The first measure is space-specific programs, such as children's materials room, general materials room, electronic materials room, auditorium, multipurpose room, outdoor stage, exhibition room, and book café. The second measure is the services specific user types, such as children, adolescents, adults, the disabled, and multicultural families. The third measure is information service specific for information type, such as print material service and digital material service. The fourth measure is the service for the Information-Poor including the expansion of mobile library service, the service for information users in special environment, and the development of mobile library rules. Fifth measure is information service for Chungcheongnam-do residents, such as Baekje Studies specialized service that incorporates local characteristics, specialized information service for Chungcheong Studies and local materials, and information service for administrative and policy materials. The last measure is the measure to secure initial users and early stage service enhancement.