• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.79-92
• /
• 2021

In a society where ICT technology is converged, the use of various network-connected devices such as IoT is spreading. Network-connected devices are inevitably exposed to the threat of hacking such as information leakage, and countermeasures need to be prepared to respond. Security certification system for IoT devices has been introduced to promote security of IoT products, and for this purpose, legalization and standardization of certification standards and methods are in progress. In line with this, in Korea, as the Information and Communication Network Act was revised in 2020, ICT convergence devices connected to the network were newly defined as "information and communication network connected devices," and the basis for the security certification system is being established. We summarized related domestic and foreign trends and suggest specific considerations for implementing the security certification system for IoT devices in South Korea.

• International Journal of Internet, Broadcasting and Communication
• /
• v.12 no.2
• /
• pp.77-82
• /
• 2020

IoT devices frequently require input resources to communicate with various sensors or IoT platforms. IoT device wastes a lot of time as idle time or waiting time to check the data of the input resource and use the input resource. In addition, IoT devices use various input resources. We compares and analyzes input idle time and input waiting time generated from hardware serial input resource, software serial input resource, digital port input resource, and analog port input resource using Arduino widely used as IoT device. In order to design the IoT device framework, it is necessary to understand the characteristics of input resources and to design them to minimize unnecessary input idle time and input waiting time. The analog input wait time has a much larger input wait time than the digital input wait time, so it must be designed to receive analog information periodically at the appropriate timing. The characteristics of the input resources analyzed in this way help to design an efficient IoT device.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.10 no.4
• /
• pp.199-206
• /
• 2015

In this paper, we present the implementation of a secure OTP(One Time Password) generator for IoT(Internet of Things) devices. Basically, MTM(Mobile Trusted Module) is used and expanded considering secure IoT services. We combine the MTM architecture with a new hardware-based OTP generation engine. The new architecture is more secure, offering not only the security of devices but also that of the OTP service. We have implemented and verified the MTM-based OTP generator on a real mobile platform embedded with the MTM chip. The proposed method can be used as a solution for enhancing security of IoT devices and services.

• Annual Conference of KIPS
• /
• 2023.05a
• /
• pp.101-103
• /
• 2023

With the recent advances in communication technology and Internet of Things (IoT) infrastructure, home automation systems have emerged as a new paradigm for providing users with convenient smart home services. The IoT ecosystem has merged digital systems with the physical world, dramatically changing the way people live and work. However, at the same time, security remains one of the most significant research issues in IoT, as the deployment and application of high-availability systems come with various security risks that cause serious threats to users. Among them, the security issues arising from the interaction among devices/applications should not be underestimated. Attackers can exploit interactions among devices/applications to hack into the user's home. In this paper, we present a survey of research on detecting various types of interactions among devices/applications in IoT.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.14 no.4
• /
• pp.300-306
• /
• 2021

Due to the development of IT technology, hardware technologies applied to IoT equipment have recently been developed, so smart systems using low-cost, high-performance RF and computing devices are being developed. However, in the infrastructure environment where a large amount of IoT devices are installed, big data collection causes a load on the collection server due to a bottleneck between the transmitted data. As a result, data transmitted to the data collection server causes packet loss and reduced data throughput. Therefore, there is a need for an efficient big data collection technique in an infrastructure environment where a large amount of IoT devices are installed. Therefore, in this paper, we propose an efficient big data collection technique in an infrastructure environment where a vast amount of IoT devices are installed. As a result of the performance evaluation, the packet loss and data throughput of the proposed technique are completed without loss of the transmitted file. In the future, the system needs to be implemented based on this design.

• Journal of Internet Computing and Services
• /
• v.20 no.5
• /
• pp.121-132
• /
• 2019

As the 4th industrial age enters, the number of IoT devices is exploding. Accordingly, the importance of security is also increasing in proportion to the increasing number of security incidents of IoT devices. However, due to the limited performance of IoT devices, there are limitations to applying existing security solutions. Therefore, a new automatic firmware distribution solution is needed to solve this problem. To solve this problem, we propose a new automatic firmware update system that uses a hybrid blockchain that combines a public blockchain and a private blockchain. The public blockchain allows various firmware providers to distribute firmware using a common system. Private blockchain solves the transaction overload problem of the public blockchain and facilitates the management of IoT devices. It also uses distributed file storage to ensure high availability without failing. Therefore, this system is expected to be very effective for improving the security of IoT devices.

• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.99-107
• /
• 2022

The use of smart home appliances and Internet of Things (IoT) devices is growing, enabling new interactions and automation in the home. This technology relies heavily on mobile services which leaves it vulnerable to the increasing threat of hacking, identity theft, information leakage, serious infringement of personal privacy, abnormal access, and erroneous operation. Confirming or proving such security breaches have occurred is also currently insufficient. Furthermore, due to the restricted nature of IoT devices, such as their specifications and operating environments, it is difficult to provide the same level of internet security as personal computers. Therefore, to increase the security on smart home IoT devices, attention is needed on (1) preventing hacking and user authority theft; (2) disabling abnormal manipulation; and (3) strengthening audit records for device operation. In response to this, we present a plan to build a cloud security authentication platform which features security authentication management functionality between mobile terminals and IoT devices.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.607-615
• /
• 2017

Recently, IoT products with various functions are being developed. Through the combination of objects and information technology, convenient services that have not been imagined before are emerging. For a secure IoT environment, product security must be considered. However, the existing IoT products have various problems such as security vulnerability. In order to secure the security of IoT products, technical countermeasures as well as policy responses are needed. However, the legislation related to current IoT products has a limit to guarantee safety in IoT environment. In this paper, we analyze the limitations of the current legal system of IoT, and suggests ways to improve it.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.2
• /
• pp.445-466
• /
• 2022

As everything linking to the internet, people can subscribe to various services from a service provider to facilitate their lives through the Internet of Things (IoT). An obligatory thing for the service provider is that they should push the service data safely and timely to multiple IoT terminal devices regularly after the IoT devices accomplishing the service subscription. In order to control the service message received by the legal devices as while as keep the confidentiality of the data, the public key encryption algorithm is utilized. While the existing public encryption algorithms for push service are too complicated for IoT devices, and almost of the current subscription schemes based on push mode are relying on centralized organization which may suffer from centralized entity corruption or single point of failure. To address these issues, we design a secure subscription-push service scheme based on blockchain and edge computing in this article, which is decentralized with secure architecture for the subscription and push of service. Furthermore, inspired by broadcast encryption and multicast encryption, a new encryption algorithm is designed to manage the permissions of IoT devices together with smart contract, and to protect the confidentiality of push messages, which is suitable for IoT devices. The edge computing nodes, in the new system architecture, maintain the blockchain to ensure the impartiality and traceability of service subscriptions and push messages, meanwhile undertake some calculations for IoT devices with limited computing power. The legalities of subscription services are guaranteed by verifying subscription tags on the smart contract. Lastly, the analysis indicates that the scheme is reliable, and the proposed encryption algorithm is safe and efficient.

• Journal of Practical Engineering Education
• /
• v.12 no.1
• /
• pp.85-91
• /
• 2020

SW which controls IoT devices using wireless communication technology must operate without errors. In order for IoT devices to be widely used, the technical skills of engineers who design such software must be improved. Compared to designing the input / output SW of a single device, the SW Flowchart design and Java SW programming process that clearly define various input / output relations between the transmitter and the receiver are complicated. In this paper, we proposed a SW Flowchart design method for controlling IoT devices based on wireless communication. In this process, it is explained that the entire control algorithm is implemented through a problem division process. In addition, we proposed an educational method for programming the designed SW Flowchart into Java SW using Microbits, which are educational IoT devices. In the course to which this education method was applied, the results of satisfaction evaluation of students were analyzed, and the effectiveness of the IoT device control SW education method using Microbits was analyzed.