• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.353-360
• /
• 2017

The Internet of Things(IoT) security has more need than a technical problem as it needs series of regulations and faultless security system for common purposes. So, this study proposes an efficient key management in order that can be trusted IoT data in cloud computing. In contrast with a key distribution center of existing sensor networks, the proposed a federation key management of cloud proxy key server is not central point of administration and enables an active key recovery and update. The proposed key management is not a method of predetermined secret keys but sharing key information of a cloud proxy key server in autonomous cloud, which can reduce key generation and space complexity. In addition, In contrast with previous IoT key researches, a federation key of cloud proxy key server provides an extraction ability from meaningful information while moving data.

• Journal of Digital Convergence
• /
• v.18 no.10
• /
• pp.233-238
• /
• 2020

In the cloud environment, IoT devices using sensors and wearable devices are being applied in various environments, and technologies that accurately determine the information generated by IoT devices are being actively studied. However, due to limitations in the IoT environment such as power and security, information generated by IoT devices is very weak, so financial damage and human casualties are increasing. To accurately collect and analyze IoT information, this paper proposes a topographic information-based key management technique that considers IoT information errors. The proposed technique allows IoT layout errors and groups topographic information into groups of dogs in order to secure connectivity of IoT devices in the event of arbitrary deployment of IoT devices in the cloud environment. In particular, each grouped terrain information is assigned random selected keys from the entire key pool, and the key of the terrain information contained in the IoT information and the probability-high key values are secured with the connectivity of the IoT device. In particular, the proposed technique can reduce information errors about IoT devices because the key of IoT terrain information is extracted by seed using probabilistic deep learning.

• Journal of the Korea Convergence Society
• /
• v.8 no.12
• /
• pp.9-14
• /
• 2017

Recently, the Internet of Things are developing in accordance with the technology of implementation in low-cost, small-size, low power consumption and smart sensor that can communicate using the internet. Especially, key management researches for secure information transmission based on the Internet of Things (IoT) are actively performing. But, Internet of Things(IoT) are uses sensor. Therefore low-power consumption and small-memory are restrictive condition. As a result, managing the key is difficult as a general security measure. However, The problem of secure key management is an essential challenge For the continuous development of the Internet of things. In this paper, we propose a key distribution and management technique in secure Internet of things. In the key generation and management stage, it satisfies the conditions and without physically constrained for IoT based communication.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.1
• /
• pp.35-41
• /
• 2016

Internet of Things (IoT) services are widely used in appliances of daily life and industries. IoT services also provide various conveniences to users and are expected to affect value added of all industries and national competitiveness. However, a variety of security threats are increased in IoT environments and lowers reliability of IoT devices and services that make some obstacles for commercialization. The attacks arising in IoT environments are making industrial and normal life accidents unlike existing information leak and monetary damages, and can expand damage scale of leakage of personal information and privacy more than existing them. To solve these problems, we design a session key based access control scheme for secure communications in IoT environments. The proposed scheme reinforces message security by generating session key between device and access control network system. We analyzed the stability of the proposed access scheme in terms of data forgery and corruption, unauthorized access, information disclosure, privacy violations, and denial of service attacks. And we also evaluated the proposed scheme in terms of permission settings, privacy indemnity, data confidentiality and integrity, authentication, and access control.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.12 no.4
• /
• pp.671-678
• /
• 2017

Recent advances in Internet of Things (IoT) encourage us to use IoT devices in daily living areas. However, as IoT devices are being ubiquitously used, concerns onsecurity and privacy of IoT devices are getting grown. Key management is an important and fundamental task to provide security services. For better security, we should restrict reusing a same key in sequential authentication sessions, but it is difficult to manually update and memorize keys. In this paper, we propose a hardware security module(HSM) for automated key management in IoT devices. Our HSM is attached to an IoT device and communicates with the device. It provides an automated, secure key update process without any user intervention. The secure keys provided by our HSM can be used in the user and device authentications for any internet services.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.11
• /
• pp.2656-2664
• /
• 2015

IoT management hub has to request the WLAN AP list of the accessible areas in a place that is installed, or choose a specific WLAN AP you want to connect in order to be connected to the Internet. the specific method also is required to input the password when the security key was set. As that way, IoT management hub needs both the display device and the input device to see the list of WLAN AP and to input the security key. If the IoT management hub is consist of them, It is difficult to achieve the objective of the miniaturization and cost reduction. In this paper, we propose a method to connect to a WLAN AP network using a smart-phone without the display device and the input device.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.1
• /
• pp.13-26
• /
• 2016

Service and technology for the future hyper-connected society, which is every information receive through the mobile internet, will be an Internet of Things. Thus, it is mandatory to derive key standardization work item and establish strategy for the global business with the standardization of device and service platform by the application service. In this study, by analyzing the domestic and international market trends, state of technical development, and standardization of technology, we identified the open platform is the stepping stone for achieving the goal which is establishing the virtuous circulation of IoT ecosystem. Also, we defined emphasized key standardization work item for achieving the open platform are network, server, access authentication, billing system, and software platform. After that, we proposed future strategy direction of standardization. This research could be contribute to the IoT service diffusion by realizing IP communication among low power wireless terminals and implementing light-weight standard internet protocol.

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.121-127
• /
• 2016

Recently, the popularity of smart devices such as Wi-Fi and LTE has increased the use ratio of wireless dramatically. On the other hand, the use ratio of wired internet is decreasing. The IoT(Internet of Things) is not only for people but also for communication between people and things, and communication between things and things by connecting to a wireless without choosing a place. Along with the rapid spread of the IoT there is a growing concern about the threat of IoT security. In this paper, the proposed scheme is a efficiency group key agreement in IoT environment that guarantees secure communication among light-weight devices. The proposed scheme securely be able to communication with the group devices who share a group key, generated by own secret value and the public value. Such property is suitable to the environment which are required a local area and a group.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1243-1257
• /
• 2019

With the emergence of the IoT environment, various smart devices provide consumers with the convenience and various services. However, as security threats such as invasion of privacy have been reported, the importance of security issues in the IoT environment has emerged, and in particular, the security problem of key management has been discussed, and the PUF has been discussed as a countermeasure. In relation to the key management problem, a protocol using MIPUF has been proposed for the security problem of the group key management system. The system can be applied to lightweight IoT environments and the safety of the PUF ensures the safety of the entire system. However, in some processes, it shows vulnerabilities in terms of safety and efficiency of operation. This paper improves the existing protocol by adding authentication for members, ensuring data independence, reducing unnecessary operations, and increasing the efficiency of database searches. Safety analysis is performed for a specific attack and efficiency analysis results are presented by comparing the computational quantities. Through this, this paper shows that the reliability of data can be improved and our proposed method is lighter than existing protocol.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.11
• /
• pp.303-309
• /
• 2018

Internet of Things technology is an intelligent service that connects all objects to the Internet and interacts with them. It is a technology that can be used in various fields, such as device management, process management, monitoring of restricted areas for industrial systems, as well as for navigation in military theaters of operation. However, because all devices are connected to the Internet, various attacks using security vulnerabilities can cause a variety of damage, such as economic loss, personal information leaks, and risks to life from vulnerability attacks against medical services or for military purposes. Therefore, in this paper, a mutual authentication method and a key-generation and update system are applied by applying S/Key technology based on a hash chain in the communications process. A mutual authentication method is studied, which can cope with various security threats. The proposed protocol can be applied to inter-peer security communications, and we confirm it is robust against replay attacks and man-in-the-middle attacks, providing data integrity against well-known attacks in the IoT environment.