• ETRI Journal
• /
• v.39 no.1
• /
• pp.135-144
• /
• 2017

Recently, mobile phones have been recognized as the most convenient type of mobile payment device. However, they have some security problems; therefore, mobile devices cannot be used for unauthorized transactions using anonymous data by unauthenticated users in a cloud environment. This paper suggests a mobile payment system that uses a certificate mode in which a user receives a paperless receipt of a product purchase in a cloud environment. To address mobile payment system security, we propose the transaction certificate mode (TCM), which supports mutual authentication and key management for transaction parties. TCM provides a software token, the transaction certificate token (TCT), which interacts with a cloud self-proxy server (CSPS). The CSPS shares key management with the TCT and provides simple data authentication without complex encryption. The proposed self-creating protocol supports TCM, which can interactively communicate with the transaction parties without accessing a user's personal information. Therefore, the system can support verification for anonymous data and transaction parties and provides user-based mobile payments with a paperless receipt.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.11a
• /
• pp.1300-1302
• /
• 2008

최근 위성을 통한 위치정보서비스를 이용하여 응용서비스를 제공하려는 움직임이 늘고 있다. 이처럼 위치기반서비스(LBS: Location Based Service)를 제공하려는 현재의 추세를 볼 때에 단말에 위치기반을 위한 기능은 필수적인 추가사항이며 이를 위한 단말의 부담은 고려해야 할 사항이다. 그러나 A-GPS(Assisted GPS) 기술 중 A-GPS Server(Assistance GPS Server)을 이용함으로써 단말에 부담을 적게 하면서 위치기반의 서비스를 제공받을 수 있고, 핸드오버 지연을 효과적으로 줄일 수 있다면 1 석 2 조의 효과를 얻을 수 있게 된다. 본 논문에서는 기존 PMIPv6(Proxy Mobile IPv6) 메커니즘에 A-GPS Server 를 두어서 효과적인 핸드오버 수행과정을 거치고, 위치기반서비스(LBS)를 제공하는 메커니즘을 제안한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.147-155
• /
• 2013

Proxy re-encryption scheme has advantage where plaintext does not get exposed during re-encryption process. This scheme is popular for sharing server-saved data in case of cloud computing or mobile office that uses server to save data. Since previous proxy re-encryption schemes can use re-encryption key over and over again, it may abuse re-encryption. To solve this problem, conditional proxy re-encryption scheme was proposed. But, it is computationally expensive generate the same number of re-encryption key with the number of condition values. In this paper, we propose an efficient conditional proxy re-encryption scheme in terms of re-encryption key generation. The proposed scheme uses only encryption and decryption process. Therefore it has advantage to generate one re-encryption key for one person. The proposed scheme is secure against chosen-ciphertext attack.

• Journal of KIISE:Information Networking
• /
• v.33 no.3
• /
• pp.231-246
• /
• 2006

A server load balancer is used to accept and distribute client requests to one of servers in a wireless internet proxy server cluster. LVS(Linux Virtual Server), a software based server load balancer, can support several load balancing algorithms where client requests are distributed to servers in a round robin way, in a hashing-based way or in a way to assign first to the server with the least number of its concurrent connections to LVS. An improved load balancing algorithm to consider server performance was proposed where they check upper and lower limits of concurrent connection numbers to be allowed within each maximum server performance in advance and apply the static limits to load balancing. However, they do not apply run-time server load information dynamically to load balancing. In this paper, we propose a dynamic load balancing scheme where the load balancer keeps each server CPU load information at run time and assigns a new client request first to the server with the lowest load. Using a cluster consisting of 16 PCs, we performed experiments with static content(image and HTML). Compared to the existing schemes, experimental results show performance improvement in the cases of client requests requiring CPU-intensive processing and a cluster consisting of servers with difference performance.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.10 no.1
• /
• pp.107-112
• /
• 2010

In this paper, we design and implement the contents transferring the location information between a customer and a proxy driver by utilizing 'WIPI.' Customers are able to request a call-service through a client in order to call a proxy driver. And, once a proxy driver who is most adjacent to the customer accepts the order of a call-service from him or her through a location-management server using the concepts of LBS and GPS, 'WIPI' sends the information about the location of the customer to the driver, and also sends information to the custome by calculating the distance from the driver to the customer. This content was modeled based on how information is transferred between a customer and a proxy driver under the mobile circumstance, and also a server and a client, made up from JAVA, were modeled by using SKT emulator.

• Convergence Security Journal
• /
• v.13 no.1
• /
• pp.79-86
• /
• 2013

The objective of DDoS Attacks is to simply disturb the services. In recent years, the DDoS attacks have been evolved into Multi-Vector Attacks which use diversified and mixed attacking techniques. Multi-Vector Attacks start from DDoS Attack and Malware Infection, obtain inside information, and make zombie PC to reuse for the next DDoS attacks. These forms of Multi-Vector Attacks are unable to be prevented by the existing security strategies for DDoS Attacks and Malware Infection. This paper presents an approach to effectively defend against diversified Multi-Vector attacks by using Reverse Proxy Group and PMS(Patch Management Server).

• Journal of Industrial Technology
• /
• v.29 no.B
• /
• pp.33-39
• /
• 2009

The need for end-to-end security has been increased with the widespread use of mobile devices in wireless internet access applications such as mobile commerce. The WAP1.x has an end-to-end security problem that the message transmitted between the mobile device and the Web server is decrypted inside the gateway within a short time. To overcome this problem, several protocols including WAP2.0 has been proposed. These protocols require that the heavy modules such as TLS or data compression modules should be installed on the mobile device with limited resources. This paper proposes a new WTLSW(WTLS-TLS at Web server) protocol and a new WAP2.0 proxy model in order to ensure end-to-end security between the mobile device and the Web server and to be appropriate for mobile devices with limited resources.

• Journal of KIISE:Information Networking
• /
• v.28 no.2
• /
• pp.229-235
• /
• 2001

With the explosive popularity of the World Wide Web, the low penonnance of network often leads web clients to wait a long time for web server's response. To resolve this problem, web caching (proxy) has been considered as the most efficient technique for web server to handle this problem. The placement of web proxy is critical to the overall penonnance, and Li et al. showed the optimal placement of proxies for a web server in the internet with the linear and tree topology when the number of proxies, ]M, is given [4, 5]. They focused on minimizing the over all access time. However, it is also considerable for target web server to minimize the total number of proxies while each proxy server guarantees not to exceed certain res(Xlnse time for each request from its clients. In this paper, we consider the problem of finding the optimal number and placement of web proxies with the lin~ar and tree topology under the given threshold cost for delay time.

• Journal of KIISE:Information Networking
• /
• v.32 no.3
• /
• pp.415-426
• /
• 2005

Wireless internet, which becomes a hot social issue, has limitations due to the following characteristics, as different from wired internet. It has low bandwidth, frequent disconnection, low computing power, and small screen in user terminal. Also, it has technical issues to Improve in terms of user mobility, network protocol, security, and etc. Wireless internet server should be scalable to handle a large scale traffic due to rapidly growing users. In this paper, wireless internet proxy server clusters are used for the wireless Internet because their caching, distillation, and clustering functions are helpful to overcome the above limitations and needs. TranSend was proposed as a clustering based wireless internet proxy server but it has disadvantages; 1) its scalability is difficult to achieve because there is no systematic way to do it and 2) its structure is complex because of the inefficient communication structure among modules. In our former research, we proposed the All-in-one structure which can be scalable in a systematic way but it also has disadvantages; 1) data sharing among cache servers is not allowed and 2) its communication structure among modules is complex. In this paper, we proposed its improved scheme which has an efficient communication structure among modules and allows data to be shared among cache servers. We performed experiments using 16 PCs and experimental results show 54.86$\%$ and 4.70$\%$ performance improvement of the proposed system compared to TranSend and All-in-one system respectively Due to data sharing amount cache servers, the proposed scheme has an advantage of keeping a fixed size of the total cache memory regardless of cache server numbers. On the contrary, in All-in-one, the total cache memory size increases proportional to the number of cache servers since each cache server should keep all cache data, respectively.

• The KIPS Transactions:PartA
• /
• v.12A no.5 s.95
• /
• pp.341-354
• /
• 2005

The main bottleneck for large scale VOD systems is bandwidth of storage or network I/O due to the large number of client requests simultaneously, and then efficient techniques are required to solve the bottleneck problem of the VOD system. Patching is one of the most efficient techniques to overcome the bottleneck of the VOD system through the use of multicast scheme. In this paper, we propose a new patching scheme, called P2P proxy patching, for improving the typical patching technique by jointly using the prefix caching and P2P proxy. In our proposed scheme, each client plays a role in a proxy to multicast a regular stream to other clients that request the same video stream. Due to the use of the P2P proxy and the prefix caching, the client requests that ive out of the patching window range can receive the regular stream from other clients in the previous patching group without allocating the new regular channels from the VOD server to the clients. In the performance study, we show that our patching scheme can reduce the server bandwidth requirement about $33\%$ less than that of the existing patching technique with respect to prefix size and request interval.