• Journal of Software Assessment and Valuation
• /
• v.15 no.2
• /
• pp.111-119
• /
• 2019

The existing smart grid device authentication system is concentrated on DCU, meter reading FEP and MDMS, and the authentication system for smart meters is not established. Although some cryptographic chips have been developed at present, it is difficult to complete the PKI authentication scheme because it is at the low level of simple encryption. Unlike existing power grids, smart grids are based on open two-way communication, increasing the risk of accidents as information security vulnerabilities increase. However, PKI is difficult to apply to smart meters, and there is a possibility of accidents such as system shutdown by sending manipulated packets and sending false information to the operating system. Issuing an existing PKI certificate to smart meters with high hardware constraints makes authentication and certificate renewal difficult, so an ultra-lightweight password authentication protocol that can operate even on the poor performance of smart meters (such as non-IP networks, processors, memory, and storage space) was designed and implemented. As a result of the experiment, lightweight cryptographic authentication protocol was able to be executed quickly in the Cortex-M3 environment, and it is expected that it will help to prepare a more secure authentication system in the smart grid industry.

• Journal of KIISE:Computing Practices and Letters
• /
• v.8 no.2
• /
• pp.231-239
• /
• 2002

This paper gives a comprehensive overview of the SSO solution design on the intranet. SSO described in this paper is based on LDAP, PKI and CA. We designed the data structure to hold many various application services by changing the attribute and DN of LDAP DB. We built LDAP DB using the employee records stored in our organization database. LDAP DB is routinely updated from the database. CA Server that depends on PKI is used to issue the certificates. SHTTP based on SSL is used to protect the data between certificate server and the intranet users.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.45 no.10
• /
• pp.90-98
• /
• 2008

PKI (Public Key Infrastructure) which is used for the security of E-commerce (Electronic-commerce) in wired internet is not suitable for the mobile phone because of the fundamental limitation of performance such as less memory and less powerful CPU. Therefore, we need to develop a wireless PKI (WPKI) that provides the similar security level as the wired PKI supporting mobile phone. In this paper, we propose a lightweight and secure Wireless Certificate Management Protocol (WCMP) that is executable to the mobile phone that has a constrained communication environment and limitation of performance, and show the implementation results of the scheme based on the mobile phone. We minimize data sizes processed in mobile phone, and optimize protocols for the certificate management. This results in the reduced module sizes to be able to install in mobile phone and shows as the same level as the wired CMP.

• Convergence Security Journal
• /
• v.5 no.4
• /
• pp.49-58
• /
• 2005

We propose a specific ubiquitous sensor network (USN) architecture as a promising candidate of the future telemedicine model which offers the patient's mobility and more cost-efficient medical care system. This new USN architecture is a kind of cell-based secure sensor network supporting encrypted multi-casting communications and it has a hybrid routing protocol by adapting flat routing to hierarchical routing. For the patient's privacy and the protection of patient's vital information from eavesdropping, we adopt a lightweight PKI-based secure communication protocol with some formal presentation on its core procedure.

• Journal of Digital Contents Society
• /
• v.19 no.4
• /
• pp.837-844
• /
• 2018

Recently, the cloud technology has made dynamical network changes by enabling the construction of a logical network without building a physical network. Despite recent research on the cloud, it is necessary to study security functions for the identification of fake virtual network functions and the encryption of communication between entities. Because the VNFs are open to subscribers and able to implement service directly, which can make them an attack target. In this paper, we propose a virtual public key infrastructure mechanism that detects a fake VNFs and guarantees data security through mutual authentication between VNFs. To evaluate the virtual PKI, we built a management and orchestration environment to test the performance of authentication and key generation for data security. And we test the detection of a distributed denial of service by using several AI algorithms to enhance the security in NFV.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.04a
• /
• pp.225-227
• /
• 2015

공개 키 기반(PKI)에서 사용되는 표준 인증서인 X.509 인증서 내 정보들은 사람이 읽기 좋은 형태로 이루어져 있지만 기계와 기계 사이의 통신에서는 필요하지 않은 부분이 존재한다. 이 부분은 M2M 통신에서 사용되지 않을 뿐 아니라 통신의 효율성 또한 감소시킨다. 따라서 본 논문 에 서는 X.509 인증서를 경량화 시킨 새로운 구조를 제시함으로써 M2M 통신에서의 효율성을 높이고자 한다.