• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.21 no.2
• /
• pp.15-26
• /
• 2021

Recently, as the introduction of cloud, mobile, and IoT has become active, there is a growing need for technology development that can supplement the limitations of traditional security solutions based on fixed perimeters such as firewalls and Network Access Control (NAC). In response to this, SDP (Software Defined Perimeter) has recently emerged as a new base technology. Unlike existing security technologies, SDP can sets security boundaries (install Gateway S/W) regardless of the location of the protected resources (servers, IoT gateways, etc.) and neutralize most of the network-based hacking attacks that are becoming increasingly sofiscated. In particular, SDP is regarded as a security technology suitable for the cloud and IoT fields. In this study, a new access control system was proposed by combining SDP and hash tree-based large-scale data high-speed signature technology. Through the process authentication function using large-scale data high-speed signature technology, it prevents the threat of unknown malware intruding into the endpoint in advance, and implements a kernel-level security technology that makes it impossible for user-level attacks during the backup and recovery of major data. As a result, endpoint security, which is a weak part of SDP, has been strengthened. The proposed system was developed as a prototype, and the performance test was completed through a test of an authorized testing agency (TTA V&V Test). The SDP-based access control solution is a technology with high potential that can be used in smart car security.

• Journal of the Korea Convergence Society
• /
• v.8 no.11
• /
• pp.21-27
• /
• 2017

Internet of Things(IoT), which is developing for the hyper connection society, is based on OSHW (Open Source Hardware) such as Arduino and various small products are emerging. Because of the limitation of low performance and low memory, the IoT is causing serious information security problem that it is difficult to apply strong security technology. In this paper, we analyze the vulnerability that can occur as a result of compiling and loading the application program of Arduino on the host computer. And we propose a new attack method that allows an attacker to arbitrarily change the value input from the sensor of the arduino board. Such as a proposed attack method may cause the arduino board to misinterpret environmental information and render it inoperable. By understanding these attack techniques, it is possible to consider how to build a secure development environment and cope with these attacks.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.23 no.1
• /
• pp.177-182
• /
• 2023

The Act on the Promotion of Mobility for the Transportation Vulnerable stipulates that the transportation vulnerable should be able to enjoy convenience when using public transportation. However, this law is not being implemented properly enough to bring up a petition saying, "Please allow the visually impaired to take a bus." Even if you try to use a call taxi for the disabled instead of public transportation, you have to apply and wait two to three hours. Therefore, this paper aims to design and implement systems for the vulnerable and their guardians, such as increasing the opening time of the ticket gate more than usual if the cane rings a notification on the bus and subway station designated using Bluetooth. Accordingly, it is expected to bring about effects such as the availability of public transportation, economic savings, safety guarantees, and prevention of missing children for the vulnerable.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.1117-1127
• /
• 2017

With the advent of Internet of Things (IoT), the number of devices connected to Internet has rapidly increased, but the security for IoT is still vulnerable. It is difficult to integrate existing security technologies due to generating a large amount of traffic by using different protocols to use various IoT devices according to purposes and to operate in a low power environment. Therefore, in this paper, we propose a normal network behavior profiling method based on big data analysis techniques. The proposed method utilizes a Hadoop/Hive for Big Data analytics and an R for statistical computing. Also we verify the effectiveness of the proposed method through a simulation.

• Proceedings of the Korea Contents Association Conference
• /
• 2017.05a
• /
• pp.371-372
• /
• 2017

최근 IoT 디바이스가 증가함에 따라 IoT 환경에서 사용되고 있는 임베디드 시스템에 대한 보안의 중요성이 대두되고 있다. SELinux는 Linux 의 보안성을 강화시키는 보안 강화 커널로, 시스템의 취약점을 이용한 공격을 방지할 수 있는 Linux 시스템 보안의 핵심적인 요소이다. 본 논문에서는 임베디드 리눅스 빌드 시스템중 가장 활발히 진행되고 있는 Yocto 프로젝트를 활용하여 임베디드 리눅스 시스템에 SELinux를 적용하는 방법을 연구하고자 한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.245-248
• /
• 2013

본 논문에서는 현대사회의 복잡성으로 인해 각자 흩어져 살고 있는 가족 구성원들을 메타버스 기반의 가상공간을 통해 서로 연결시켜주어 가족애를 증진시켜주고 특히 안전에 취약한 타지에 살고 있는 노부모를 가상공간을 통해 모니터링하여 신속한 대응을 할 수 있도록 홈가상화 서비스를 위한 물리홈 안전센서와 제어장치를 제안한다. 홈가상화를 통한 홈안전시스템은 메타버스 서버와 클라이언트, 홈가상 플랫폼 게이트웨이와 물리홈 센서와 제어장치로 구성되며, 본 논문에서는 하부구조인 홈가상 플랫폼 게이트웨이와 센서 및 제어장치간의 프로토콜 및 이의 프로토타입을 구성하도록 한다. 이를 통해 가상 공간에서 실공간의 홈센서 및 제어장치와 교신할 수 있어 가상공간을 통한 홈안전서비스를 구현할 수 있다.

• Review of KIISC
• /
• v.32 no.2
• /
• pp.5-16
• /
• 2022

수많은 사물들의 센서 정보를 인터넷을 통해 수집하고 분석하여 고객 맞춤형 서비스를 제공하는 사물인터넷 (Internet of Things, IoT) 서비스의 규모와 범위가 점차 확대됨에 따라 그 이점과 함께 사물인터넷이 가진 원천적인 확장성 문제와 개인정보 보안의 취약성 등에 대한 논의가 활발히 진행되고 있다. 최근에는 사물인터넷이 가진 문제점을 극복하기 위한 하나의 도구로써 블록체인을 사물인터넷에 접목하는 방안이 제시되고 있다. 본 고에서는 블록체인을 통해 사물인터넷이 가진 한계점을 극복하고 신뢰성 높은 사물인터넷 서비스를 제공하기 위해 필요한 블록체인의 합의 알고리즘들의 최신 동향에 대해 확인해 보도록 한다.

• Proceedings of the Korean Society of Disaster Information Conference
• /
• 2022.10a
• /
• pp.139-140
• /
• 2022

본 연구는 재난발생 시 현장 상황 판단 및 대응 능력이 현저히 떨어지는 안전취약계층 중 장애인과 노인이 재난정보를 받고 안전하게 대피·대응할 수 있도록 지원하는 시스템의 시범적용에 대한 것이다. 재난정보 전달 및 대피지원 시스템은 재난에 취약한 장애인과 노인이 재난상황에서 각각의 취약 특성을 고려하여 재난 위기상황에 대응하도록 설계 하였으며, 실내 위치측정에 관한 공간정보 표준 및 데이터 구축과 개발한 시스템을 설치하고 구현할 수 있는 실내 공간을 선정하여 시범적으로 적용하였다. 재난정보 및 대피지원 시스템의 시범적용을 위해 선정된 시설의 실내 공간정보 구축 및 현행화를 통해 실내 대피경로를 구축하고, 실제 시범적용을 통해 보완하는 과정을 수행하였다. 장애인·노인 대상 재난정보 전달 및 대피지원 서비스 구축을 위해 실내에서 재난발생 시 재난정보 데이터를 실시간으로 수집하고 스마트폰과 연계할 수 있는 연계 모듈을 개발하였다. 또한 재난정보를 스마트폰에 알릴 수 있는 알람 푸시 모듈, 재난정보 및 대피 안내 모듈과 시각 장애인의 실내 공간 인지를 위한 음성안내 모듈을 개발하였다. 본 연구의 목적은 IoT 기반의 통합관제 기술을 활용하는 서비스 제공을 통해서 정보전달의 사각지대를 해소하고 장애인·노인의 효율적 재난 대응을 위해 맞춤형 재난정보 전달 및 대피지원 서비스를 구축하고 시범적용의 과정을 통해 문제점을 보완하여 최종적으로 재난으로부터 안전취약계층의 안전성을 향상시키는데 목적이 있다.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.7 no.6
• /
• pp.871-880
• /
• 2017

Recently, service based on internet is inter-connected and integrated with a variety of connection. This kind of internet of things consist of heterogenous devices such as sensor node, devices and end-to end equipment which used in conventional protocols and services. The representative system is healthcare system. From healthcare appliance used by IoT, patient and doctor can utilize healthcare information with safety and high speed management. It is very convenient management to operate mobility. But it induced security and vulnerability issues because it has small memory capacity, low power supply and low computing power. This made impossible to implement security algorithm with embedded engine based on hardware. Nowdays, we can't realize conventional standard algorithm due to these kinds of reasons. From the critical issues, it occurred security and vulnerability issues. Therefore, we analysed and compared with conventional method and proposed techniques. Finally, we evaluated security issues and requirement for end-to-end point healthcare system based on internet of things.

• Convergence Security Journal
• /
• v.24 no.1
• /
• pp.11-20
• /
• 2024

Recently, smart buildings that can efficiently manage energy using ICT technology and operate and control through the building automation system by collecting data from a large number of IoT sensors in real time are attracting attention. However, as data management is carried out through an open environment, the safety of smart buildings is threatened by the security vulnerability of the existing building automation protocol. Therefore, in this paper, we analyze the major data link technology of BACnet, which is used universally, and propose OWE-based efficient BACnet/SC that can ensure the reliability of data in a wireless environment. The proposed protocol enables safe communication even in an open network by applying OWE and provides the same level of security as BACnet/SC in a TLS environment. As a result, it reduces the connection process twice and reduces the average time required by 40%, enabling more efficient communication than before.