• The Journal of the Korea Contents Association
• /
• v.6 no.8
• /
• pp.30-37
• /
• 2006

At the present, Short Messaging Transfer Protocol Standard described under TIA/EIA/IS-637-A does not cover the measures for security at all. Sequentially, in case of necessity, it seems to be a better idea that security functions are made up for current short messaging transfer protocol. This paper proposes security mechanisms including algorithms and protocols for Short Messaging Services(SMS) which present not only high levels of confidentiality and integrity but also appropriate level of authentication.

• Journal of Advanced Navigation Technology
• /
• v.13 no.2
• /
• pp.280-286
• /
• 2009

A policy of instant messaging usage is offered in this article. First, a brief introduction of instant messaging system structure is described. The main threats and vulnerabilities of Instant messenger (IM) are described in the second part of the paper. Instant messaging applications offer so many advantages in so many different fields that they're fast becoming the preferred communication tool for a number of different professional scenarios. When properly implemented, instant messaging can be a true asset to the business by making communications easier throughout the organization. If instant messaging is carelessly implemented, though, it can cause problems with privacy and may expose the organization to various forms of malware. The solution offered in this paper is one of the effective ways against threats of IM. However, the system cannot be secured entirely. All we can do is reducing the risks.

• Proceedings of the Korean Institute of Intelligent Systems Conference
• /
• 2001.12a
• /
• pp.41-45
• /
• 2001

In the case of mobile internet service using WAP, It was connected to http protocol using WAP Gateway. So, Users take increased cost of mobile internet service. and it was generated inner security problem because it watched user information in the WAP Gateway. To solve this problem we use java language. Which is independant of platform and low cost and intensely security and downloadable application. Additional, Using socket connection, Multi Messaging System(MMS) will connect real time between PC-Client and Mobile-Client, Mobile-Client and Mobile-Client, and so on. In this paper, as design and implementation o( multi messaging used SK-VM based on .12ME, It will be foundation to develop various mobile application in the future.

• Journal of the Korea Computer Industry Society
• /
• v.2 no.9
• /
• pp.1233-1238
• /
• 2001

Security is very important at EC(Electronic Commerce) Environments. The reason is that exchanged data(that is user private information(accounts, card-no, password), transaction items, etc) is various and is very sensitive. In this paper, we propose the Secure-XML Messaging System(S-XMS) which is implemented to support Message Level Security, Encryption and Digital Signature. And we implement Message Confidentiality Service, User Authentication & Message Integrity Service and Non-Repudiation Service among the various Security Services.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.11 no.6
• /
• pp.543-548
• /
• 2001

In the case of mobile internet service using WAP it was connected to http protocol using WAP Gateway, So users take increased cost of mobile internet service. And it was generated inner security problem because it watched user information in the WAP Gateway. To solve this problem we use java language Which is independant of platform and low cost and intensely security an downloadable application. Additional , Using socket connection. Wire.Wireless Messaging system(WWMS) will connect real time between PC-Client and Mobile-Client, Mobile-Client and Mobile-Client, and so on. In this paper, as design and implementation of multi-platform wire.wireless messaging use J2Me. It will be foundation do develop various mobile application in the future.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.255-266
• /
• 2022

Messenger applications applied end-to-end encryption on their own to prevent message exposure to servers. Standardization of a group messaging protocol called Message Layer Security (MLS) with end-to-end encryption is being discussed for secure and efficient message communication. This paper performs safety checks based on the operation process and security requirements of MLS. Confidentiality to a middleman server, which is an essential security requirement in messenger communication, can be easily violated by a server administrator. We define a server administrator who is curious about the group's communication content as a curious admin and present an attack in which the admin obtains a group key from MLS. Reminds messenger application users that the server can view your communication content at any time. We discuss ways to authenticate between users without going through the server to prevent curious admin attacks.

• Convergence Security Journal
• /
• v.2 no.2
• /
• pp.109-121
• /
• 2002

As the development of information technology and thus the growth of security incidents, there has been increasing demand on developing a system for centralized security management, also known as Enterprise Security Management(ESM), uniting functions of various security systems such as firewall, intrusion detection system, virtual private network and so on. Unfortunately, however, developers have been suffering with a lack of related standard. Although ISTF recently announced firewall system and intrusion detection system log format, it still needs for truly efficient ESM further development of the related standard including event and control messaging. This paper analyses ISTF standard and further suggests an additional event and control messaging standard for firewall and intrusion detection systems. It is expected that this effort would be helpful for the development of ESM and further related standard.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.2
• /
• pp.39-49
• /
• 2009

In this paper, we classify web-based social network into two types: open and community, and model user behavior in social activities. After that, we also propose the combination of instant messaging and web system as the method of support asynchronous/synchronous social activities. Furthermore, we introduce ImCoWeb prototype system that supports both asynchronous social activities (ex. social bookmark, comment, rate, and data share) and synchronous ones (ex. real-time communication, file transfer, co-browsing, and co-work). Because it is built on the existing instant messaging, it reduces costs by reusing the facilities such as session management, user management, and security of instant messaging.

• Journal of the Korea society of information convergence
• /
• v.5 no.2
• /
• pp.67-76
• /
• 2012

XML-based open protocol, XMPP users to pass messages to other users, which means that a decentralized communication network is the network infrastructure and enable it. In addition, XMPP servers using a professional server-to-server protocol to communicate with each other and decentralized social networks and collaboration framework provides an important possibility. In this paper, the features of XMPP messaging protocol is applicable to automotive telematics terminals XMPP-based platform design, and presence of two-way communication point for the problem, point-to-point session setup issues, security issues, compatibility issues, and to solve the scalability problem XMPP-based messaging system was implemented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1505-1511
• /
• 2016

Live streaming is a method to provide media service by sending recoded media to a user's video player. In order to provide video and audio contents in real-time for a large number of users simultaneously, live streaming compatible protocols such as RTMP (Real Time Messaging Protocol), HLS (Http Live Streaming), are required. In this paper, we analyzed vulnerability of paid live streaming services with the captured packets from the applications used by six major OTT (over-the-top) companies in Korea supporting live streaming services. We found that streaming channels were not encrypted and access control mechanisms were not properly used. Thus, guest users can freely use paid live streaming services.