• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.131-138
• /
• 2003

With the Internet winning a huge popularity, there rise urgent problems which are related to Network Security Managements such as Protecting Network and Communication from un-authorized user. Accordingly, Using Security equipments have been common lately such as Intrusion Detection Systems, Firewalls and VPNs. Those systems. however, operate in individual system which are independent to me another. Their usage are so limited according to their vendors that they can not provide a corporate Security Solution. In this paper, we present a Hierarchical Security Management Model which can be applicable to a Network Security Policies consistently. We also propose a Policy Negotiation Mechanism and a Prototype which help us to manage Security Policies and Negotiations easier. The results of this research also can be one of the useful guides to developing a Security Policy Server or Security Techniques which can be useful in different environments. This study also shows that it is also possible to improve a Security Characteristics as a whole network and also to support Policy Associations among hosts using our mechanisms.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.11-18
• /
• 2003

As the Internet moves to mobile environment, one of the most serious problems for the security is to required a new security Protocol with safety and efficiency. To solve the problem. we Propose a new Protocol that reduces the communication franc and solves the problem associated with the private security keys supplied by the trusted third party. The protocol is a non-Interactive oblivious transfer protocol, based on the EIGamal public-key algorithm. Due to its Non-Interactive oblivious transfer protocol, it can effectively reduce communication traffic in server-client environment. And it is also possible to increase the efficiency of protocol through the mechanism that authentication probability becomes lower utilizing a challenge selection bit. The protocol complexity becomes higher because it utilizes double exponentiation. This means that the protocol is difficult rather than the existing discrete logarithm or factorization in prime factors. Therefore this can raise the stability of protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.5
• /
• pp.3-10
• /
• 2004

A Wireless Lan has an importance of access control, because we can use wireless Internet via AP(Access Point). Moreover, to use wireless LAN, we will go through authentication process of EAP. DoS(Denial of Service) attack is one of the fatal attack about these AP access and authentication process. That is, if malicious attacker keeps away access of AP or consumes memory of server and calculation ability of CPU and etc. compulsorily in authentication process, legal user can't get any services. In this paper, we presents the way of protection against the each attack that is classified into access control, allocation of resource, attack on authentication protocol. The first thing, attack to access control, is improved by pre-verification and the parameter of security level. The second, attack of allocation of resource, is done by partial stateless protocol. And the weak of protocol is done by time-stamp and parameter of access limitation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.139-144
• /
• 2007

Due to the increasing use of Internet and spread of ubiquitous environment the security of private information became an important issue. For this reason, many suggestions have been made in order to protect the privacy of users. In the study of authentication system using a smart card which is one of the methods for protecting private information, the main idea is to offer user anonymity. In 2004, Das et al. suggested an authentication system that guarantees anonymity by using a dynamic ID for the first time. However, this scheme couldn't guarantee complete anonymity as the identity of the user became revealed at log-in phase. In 2005, Chien at al. suggested a authentication system that guarantees anonymity, but this was only safe to the outsider(attacker). In this paper, we propose a scheme that enables the mutual authentication between the user and the sewer by using a smart card. For the protection of the user privacy, we suggest an efficient user authentication system that guarantees perfect anonymity to both the outsider and remote server.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.113-124
• /
• 2009

Recently, lots of anti-phishing schemes have been developed. Several products identify phishing sites and show the results on the address bar of the internet browser, but they determine only by domain names or IP addresses. Although this kind of method is effective against recent DNS pharming attacks, there is still a possibility that hidden attacks which modifies HTML codes could incapacitate those anti-phishing programs. In this paper, the cognitive approach which compares images to decide phishing or pharming is presented, using system tray and balloon tips that are hard to fake with pop-ups or flash in order for users to compare pictures from connecting sites and system tray. It differs from an old method that a program analyzes IP or domains to judge if it is phishing or pharming, but observes if there were HTML code changing between plug-ins and a server.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.155-163
• /
• 2011

Rumor or abusive web postings in internet has become a social issue. Web postings may be proposed on evidence in form of a screenshot in libel suit, but a screenshot can be easily modified by computer programs. A person can make ill use of the screenshot which is modified deliberately original contents to opposite meaning in a lawsuit. That makes an innocent person to be punished because it can have difficulties to verify despite analyzing the server data. A screenshot of web postings is likely to fail to prove its authenticity and it is not able to reflect the fact. If notarization for web postings is offered, clear and convincing evidence can be submitted in a court. So, related techniques and policies should be established In this paper, we propose some technical and legal conditions and design for notarization and archive system of web postings for litigation.

• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.107-118
• /
• 2021

The deployment of 5G is in full swing, with a significant yearly growth in the data traffic expected to reach 26% by the year and data consumption to reach 122 EB per month by 2022 [10]. In parallel, the idea of smart cities has been implemented by various governments and private organizations. One of the main objectives of 5G deployment is to help develop and realize smart cities. 5G can support the enhanced data delivery requirements and the mass connection requirements of a smart city environment. However, for specific high-demanding applications like tactile Internet, transportation, and augmented reality, the cloud-based 5G infrastructure cannot deliver the required quality of services. We suggest using multi-access edge computing (MEC) technology for smart cities' environments to provide the necessary support. In cloud computing, the dependency on a central server for computation and storage adds extra cost in terms of higher latency. We present a few scenarios to demonstrate how the MEC, with its distributed architecture and closer proximity to the end nodes can significantly improve the quality of services by reducing the latency. This paper has surveyed the existing work in MEC for 5G and highlights various challenges and opportunities. Moreover, we propose a unique framework based on the use of MEC for 5G in a smart city environment. This framework works at multiple levels, where each level has its own defined functionalities. The proposed framework uses the MEC and introduces edge-sub levels to keep the computing infrastructure much closer to the end nodes.

• International Journal of Computer Science & Network Security
• /
• v.21 no.1
• /
• pp.137-142
• /
• 2021

The Internet of Things (IoT) paradigm is at the forefront of present and future research activities. The huge amount of sensing data from IoT devices needing to be processed is increasing dramatically in volume, variety, and velocity. In response, cloud computing was involved in handling the challenges of collecting, storing, and processing jobs. The fog computing technology is a model that is used to support cloud computing by implementing pre-processing jobs close to the end-user for realizing low latency, less power consumption in the cloud side, and high scalability. However, it may be that some resources in fog computing networks are not suitable for some kind of jobs, or the number of requests increases outside capacity. So, it is more efficient to decrease sending jobs to the cloud. Hence some other fog resources are idle, and it is better to be federated rather than forwarding them to the cloud server. Obviously, this issue affects the performance of the fog environment when dealing with big data applications or applications that are sensitive to time processing. This research aims to build a fog topology job scheduling (FTJS) to schedule the incoming jobs which are generated from the IoT devices and discover all available fog nodes with their capabilities. Also, the fog topology job placement algorithm is introduced to deploy jobs into appropriate resources in the network effectively. Finally, by comparing our result with the state-of-art first come first serve (FCFS) scheduling technique, the overall execution time is reduced significantly by approximately 20%, the energy consumption in the cloud side is reduced by 18%.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.1
• /
• pp.124-133
• /
• 2021

Smart factory is a future factory that collects, analyzes, and monitors various data in real time by attaching sensors to equipment in the factory. In a smart factory, it is very important to inquire and generate the status and history of equipment in real time, and the emergence of various smart devices enables this to be performed more efficiently. This paper proposes a multi device-based system that can create, search, and delete equipment status and history in real time. The proposed system uses the Android system and the smart glass system at the same time in consideration of the special environment of the factory. The smart glass system uses a QR code for equipment recognition and provides a more efficient work environment by using a voice recognition function. We designed a system structure for real time equipment monitoring based on multi devices, and we show practicality by implementing and Android system, a smart glass system, and a web application server.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.3
• /
• pp.433-439
• /
• 2021

In this paper, we propose a method to implement an IoT-based sensor network for each workplace of a shipyard. Here, at the most common welding workplace in shipyards, the shipbuilding blocks are used as a communication medium to transmit information such as the worker's location, welding progress, and working hour to a server using LoRa and powerline communication. To achieve the data communication, inductive couplers and hybrid modems have been manufactured and installed on wire feeders and pin jigs to establish a sensor network. As a result of field test, the proposed system shows a success rate of data transmission and a rate of successful recognition of worker's location of about 98% or more. In addition, the process management system platform can record and display the work process data generated at the field in real time. The proposed system can be a starting point for enhancing the competitiveness of Korean shipbuilding industry through the establishment of a smart shipyard.