• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.5
• /
• pp.581-591
• /
• 2016

RFID(Radio Frequency IDentification) is a key technology in ubiquitous computing and is expected to be employed in more fields in the near future. Nevertheless, the RFID system is vulnerable to attacks by eavesdropping or altering of the messages transmitted in wireless channels. In 2013, Oh et al. proposed a mutual authentication protocol between a tag and a reader in RFID systems. Their protocol is designed to resist location tracking for privacy protection. However, all tags and readers use only one network-wide key in their protocol and tags are usually vulnerable to physical attacks. We found that their protocol is still vulnerable to tag/reader impersonation attacks and location tracking if an attacker obtains the network-wide key from a tag. In this paper, we propose a security improved authentication protocol for privacy protection in RFID systems. In addition, we demonstrate that the proposed scheme is efficient in terms of computation and communication costs.

• The Journal of Society for e-Business Studies
• /
• v.17 no.3
• /
• pp.129-147
• /
• 2012

In this paper, we research on the personal information protection system in smart-phone based on mobile environment. This paper proposes the enhanced personal location privacy mechanism in location-based service environment of a smart phone operating system(iOS, Android) for the relevant regulations on location-based protection and utilization. Also, the result verified that possibility on a self-control mechanism of the personal information protection system's subject in the window platform throughout the experiment. Therefore, this study have drew a method that user positively can cope with a protection of personal location information by having a user's self-control method in the system under development or done by illegal location-based service providers and illegal application developer.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.2B
• /
• pp.164-173
• /
• 2006

It is essential to ensure public use of and privacy of location information for promoting the location based services. The grade designation for location information is required to accomplish them. The grade designation for location information can increase the reliability of location information and reinforce the right of choice for user. Therefore the institution of grade designation for location information should be introduced rapidly to keep up with the growth of the location based services industry.

• International Journal of Computer Science & Network Security
• /
• v.22 no.3
• /
• pp.285-291
• /
• 2022

WSN is the major component for information transfer in IoT environments. Source Location Privacy (SLP) has attracted attention in WSN environments. Effective SLP can avoid adversaries to backtrack and capture source nodes. This work presents a Two-Level Randomized Sector-based Routing (TLRSR) model to ensure SLP in wireless environments. Sector creation is the initial process, where the nodes in the network are grouped into defined sectors. The first level routing process identifies sector-based route to the destination node, which is performed by Ant Colony Optimization (ACO). The second level performs route extraction, which identifies the actual nodes for transmission. The route extraction is randomized and is performed using Simulated Annealing. This process is distributed between the nodes, hence ensures even charge depletion across the network. Randomized node selection process ensures SLP and also avoids depletion of certain specific nodes, resulting in increased network lifetime. Experiments and comparisons indicate faster route detection and optimal paths by the TLRSR model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.1069-1076
• /
• 2017

Recently $Pok\acute{e}mon$ GO implements an online game with location-based real time augmented reality on mobile. The correct play of this game should be based on collecting the $Pok\acute{e}mon$ that appears as the user moves around by foot, but as the popularity increases, it appears an abuse to play easily. Many people have used an application that provides a mock location service such as Fake GPS, and these applications can be judged to be cheating in online games because they can play games in the house without moving. Detection of such cheating from a client point of view (mobile device) can consume a large amount of resources, which can reduce the speed of the game. It is difficult for developers to apply detection methods that negatively affect game usage and user's satisfaction. Therefore, in this paper, we propose a method to detect users abusing mock location service in online game by route analysis using GPS location record from the server point of view.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.569-573
• /
• 2006

Radio Frequency Identification (RFID) 시스템은 기존의 바코드를 대신하면서 생산, 공급망 관리, 재고 관리등의 분야에서 중요한 역할을 할 것으로 기대되어지고 있다. 뿐만 아니라, 일상 생활에서도 RFID의 활용 분야는 다양하여 가까운 미래에는 우리 사회 전반에서 중요한 요소로 자리 잡을 것이다. 하지만, RFID 시스템에는 아직 해결해야 될 문제가 남아 있다. 태그로 부터의 원하지 않은 정보 유출로 인한 privacy와 security 문제가 여기에 해당된다. 이 문제를 해결하기 위해서 많은 RFID 인증 프로토콜들이 제안 되었지만, 다소의 문제점들을 가지고 있었다. 본 논문에서는 기존에 제안된 해쉬 함수 기반의 인증 프로토콜들의 문제점들을 분석하고, spoofing 공격 및 location privacy등에 대해 안전하고 효율적인 새로운 프로토콜을 제안한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.57-68
• /
• 2004

Recently, Radio Frequency Identification (RFID) systems stands in the spotlight of industry as a common and useful tool in manufacturing, supply chain management (SCM) and stock management. In the near future, low-cost RFID Electronic Product Code; (EPC) or smart-labels may be a practical replacement for optical barcodes on consumer items. However, manufacturing cheap and small RFID tags, and developing secure RFID authentication Protocols are problems which need to be solved. In spite of advances in semiconductor technology, computation and storage ability of the tag are so limited that it is difficult and too expensive to apply existing crypto-systems to RFID tags. Thus it is necessary to create a new protocol which would require less storage space and lower computation costs and that is secure in the RFID system's environments. In this paper, we propose a RFID authentication protocol that is secure against location tracking and spoofing attacks. Our protocol can be used as a practical solution for privacy protection because it requires less computations in database than the previous RFID authentication protocol.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.11a
• /
• pp.377-379
• /
• 2022

POI refers to the point of Interest in Location-Based Social Networks (LBSNs). With the rapid development of mobile devices, GPS, and the Web (web2.0 and 3.0), LBSNs have attracted many users to share their information, physical location (real-time location), and interesting places. The tremendous demand of the user in LBSNs leads the recommendation systems (RSs) to become more widespread attention. Recommendation systems assist users in discovering interesting local attractions or facilities and help social network service (SNS) providers based on user locations. Therefore, it plays a vital role in LBSNs, namely POI recommendation system. In the machine learning model, most of the training data are stored in the centralized data storage, so information that belongs to the user will store in the centralized storage, and users may face privacy issues. Moreover, sharing the information may have safety concerns because of uploading or sharing their real-time location with others through social network media. According to the privacy concern issue, the paper proposes a recommendation model to prevent user privacy and eliminate traditional RS problems such as cold-start and data sparsity.

• 한국공간정보시스템학회:학술대회논문집
• /
• 2005.05a
• /
• pp.73-78
• /
• 2005

최근 측위 장치와 모바일 단말 장치, 이동 통신 기술이 발달함에 따라 위치기반서비스에 대한 요구가 증가하고 있다. 그러나 위치기반서비스는 이용자에게 편리하고 유용한 정보를 제공하지만 개인의 프라이버시를 침해할 수 있는 가능성을 함께 가지고 있다. 특히 개인이 깨닫지 못하는 사이에 측위 장치가 탑재되어, 개인의 위치가 제3자에 의해 추적된다면 심각한 프라이버시 침해라 할 수 있다. 이러한 개인 위치정보를 보호하기 위해서는 법적인 규제와 기술적인 장치가 함께 마련되어야 한다. 이 논문에서는 위치정보를 보호하기 위한 위치정보보호시스템을 제시한다. 제시된 위치정보보호시스템은 법적인 규제와 표준 그리고 위치정보를 보호하기 위한 방법들이 설계 및 구현되어 있다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.623-626
• /
• 2006

위치 정보 기반 서비스는 휴대 무선 통신 기기 사용의 확대에 따라 서비스의 범위가 크게 확장될 것으로 예상되고 있다. 그러나 단순한 정보 제공이 아닌 원격 제어, 콘텐츠 서비스 등의 경우에서 위치 정보에 대한 위변조 문제와 사용자의 프라이버시 문제가 발생할 것으로 예상된다. 기존의 위치 정보 보호에 대한 연구는 프라이버시 보호 측면을 위주로 하고 있으며, 인증에 대한 연구는 특정 센싱 기술에 특화되어 있거나, 네트워크상의 DNS를 통한 논리적인 위치 인증에 치우치고 있다. 본 연구에서는 위치 정보 기반 서비스에서의 보안 요구 사항을 분석하여, 기존의 위치 정보 보호 모델을 기반으로 위치 정보를 관리하는 신뢰되는 기관의 필요성을 논하며, 이를 토대로 타임스탬프나 키 갱신을 이용하는 두 가지 프로토콜을 제안한다.