• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.45-55
• /
• 2003

Wireless LAM has the advantage of extension, flexibility and easiness of installation and maintenance. However, due to the characteristics of wireless media, it is vulnerable to security attacks. PKI(Public Key Infrastructure) is estimated to be a good solution offering security function to wireless LAM including global roaming. It offers high security functions as authentication confidentiality and digital signature while it generates big overheads such as CRL search and certificate verification. The overheads can not be avoided during the initial authentication. However, when we consider the case of handoff, it can be minimized through the fast handoff. In this paper, we design a fast handoff authentication mechanism based on PKI in the wireless LAM and analyze the performance of the scheme.

• Convergence Security Journal
• /
• v.14 no.4
• /
• pp.3-8
• /
• 2014

Wireless Ad hoc Network is threatened from many types of attacks because of its open structure, dynamic topology and the absence of infrastructure. Attacks by malicious nodes inside the network destroy communication path and discard packet. The damage is quite large and detecting attacks are difficult. In this paper, we proposed attack detection technique using secure authentication infrastructure for efficient detection and prevention of internal attack nodes. Cluster structure is used in the proposed method so that each nodes act as a certificate authority and the public key is issued in cluster head through trust evaluation of nodes. Symmetric Key is shared for integrity of data between the nodes and the structure which adds authentication message to the RREQ packet is used. ns-2 simulator is used to evaluate performance of proposed method and excellent performance can be performed through the experiment.

• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.3-10
• /
• 2017

Standard Protocol Optimized for Resource-Constrained IoT Environment Constrained Application Protocol (CoAP) supports web-based communication between a sensor node in the IoT environment and a client on the Internet. The CoAP is a Request / Response model that responds to the client's CoAP Request message by responding with a CoAP Response message from the server. CoAP recommends the use of CoAP-DTLS for message protection. However, validation of the use of DTLS in the IoT environment is underway. We analyze CoAP and DTLS security mode, evaluate performance of secure channel creation time, security channel creation step time, and RAM / ROM consumption through Cooja simulator and evaluate the possibility of real environment application.

• Journal of Distribution Science
• /
• v.10 no.7
• /
• pp.23-31
• /
• 2012

The purpose of this study is to investigate existing world economic science theories and concepts of sustainable development as well as create original system of criteria and indicators to assess potential and conditions for sustainable development from a regional perspective and based on the above justify proposals for public authorities to improve methods of economic regulation for regional development. To achieve the goal evolution process of existing theories and concepts of sustainable development and "green growth" have been studied in terms of its adaptation to the spatial development of Kazakhstan, comparative dynamics of natural resources consumption in the Asia-Pacific region and Kazakhstan were investigated as well. Methodology. World best theory and practice methods for assessment of the level of sustainable development of the country and some of its territories were also studied. We selected the best system of criteria and indicators for assessment of economic, social and environmental sustainability of regional systems. Methods offered in this article are based on traditional and new factors of economic development and conditions for operation of regional systems. Indicators are chosen with a glance to basic goals for future development of regions in Kazakhstan. It is recommended to use two levels of methodology offered by author, namely national and regional, and at the local level later (districts, municipalities, cities). The results. Method offered by the author has been tested based on materials and statistics of regions in Kazakhstan. Suitability and usability of the proposed system of criteria and indicators for measuring of economic, social and environmental sustainability of regional systems was proved. Based on this analysis it was found out that there are regions in Kazakhstan that differ from each other by most of key indicators of sustainable regional development and this tendency is increasing. Conclusions and recommendations. As a result of this analysis, the authors have substantiated a number of proposals on methods of analysis to be used, improvement of methods of regional development, implementation of institutional reforms, as well as improvement of regional statistics. This article provides recommendations that can be successfully used in the management practices by public authorities to implement a new regional strategy focused on sustainable development in future.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.12C
• /
• pp.1692-1706
• /
• 2004

Recently, there are rapid development of information and communication and rapid growth of e-business users. Therefore we try to solve security problem on the internet environment which charges from wire internet to wireless internet or wire/wireless internet. Since the wireless mobile environment is limited, researches such as small size, end-to-end and privacy security are performed by many people. Wireless e-business adopts credit card WPP protocol and AIP protocol proposed by ASPeCT. WAP, one of the protocol used by WPP has weakness of leaking out information from WG which conned wire and wireless communication. certification chain based AIP protocol requires a lot of computation time and user IDs are known to others. We propose a Micro-Payment protocol based on credit card. Our protocol use the encryption techniques of the public key with ID to ensure the secret of transaction in the step of session key generation. IDs are generated using ECC based Weil Paring. We also use the certification with hidden electronic sign to transmit the payment result. The proposed protocol solves the privacy protection and Non-repudiation p개blem. We solve not only the safety and efficiency problem but also independent of specific wireless platform. The protocol requires the certification organization attent the certification process of payment. Therefore, other domain provide also receive an efficient and safe service.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.46 no.8
• /
• pp.22-33
• /
• 2009

Mobile Ad Hoc Networks (MANETs) are self-organized networks that do not rely in their operation on wired infrastructure. As in any networking technology, security is an essential element in MANET as well, for proliferation of this type of networks. But supporting secure communication in MANETs proved to be a significant challenge, mainly due to the fact that the set of nodes in the network can change frequently and rapidly and due to the lack of access to the wired infrastructure. In particular, the trust model and the authentication protocols, which were developed for wired and infrastructure-based networks, cannot be used in MANETs. In [1], we addressed the problem of efficient authentication of distributed mobile users in geographically large networks and proposed a new authentication scheme for this case of MANETs. The proposed scheme exploits randomized groups to efficiently share authentication information among nodes that together implement the function of a distributive Certification Authority(CA). In this paper, we analyze numerically the performance of authentication method using randomized groups and compare with the simulation result.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.42 no.4 s.304
• /
• pp.25-32
• /
• 2005

The spread of mobile devices, PDAs and sensors has enabled the construction of ubiquitous computing environments, transforming regular physical spaces into 'Smart space' augmented with intelligence and enhanced with services. However, the deployment of this computing paradigm in real-life is disturbed by poor security, particularly, the lack of proper authentication and authorization techniques. Also, it is very important not only to find security measures but also to preserve user privacy in ubiquitous computing environments. In this Paper, we propose efficient user authentication and authorization model with anonymity for the privacy-preserving for ubiquitous computing environments. Our model is suitable for distributed environments with the computational constrained devices by using MAC-based anonymous certificate and security association token instead of using Public key encryption technique. And our Proposed Protocol is better than Kerberos system in sense of cryptographic computation processing.

• Journal of KIISE:Databases
• /
• v.36 no.5
• /
• pp.352-365
• /
• 2009

Recently, data access control policies have not been applied for authorized or unauthorized persons properly and information leakage incidents have occurred due to database security vulnerabilities. In the traditional database access control methods, administrators grant permissions for accessing database objects to users. However, these methods couldn't be applied for diverse access control policies to the database. In addition, another database security method which uses data encryption is difficult to utilize data indexing. Thus, this paper proposes an enhanced database access control system via a packet analysis method between client and database server in network to apply diverse security policies. The proposed security system can be applied the applications with access control policies related to specific factors such as date, time, SQL string, the number of result data and etc. And it also assures integrity via a public key certificate and MAC (Message Authentication Code) to prevent modification of user information and query sentences.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.479-490
• /
• 2013

Recently, the number of attacks by malicious application has significantly increased, targeting Android-platform mobile terminal such as Samsung Galaxy Note and Galaxy Tab 10.1. The malicious application can be distributed to currently used mobile devices through open market masquerading as an normal application. An attacker inserts malicious code into an application, which might threaten privacy by rooting attack. Once the rooting attack is successful, malicious code can collect and steal private data stored in mobile terminal, for example, SMS messages, contacts list, and public key certificate for banking. To protect the private information from the malicious attack, malicious code detection, rooting attack detection and countermeasure method are required. To meet this end, this paper investigates rooting attack mechanism for Android-platform mobile terminal. Based on that, this paper proposes countermeasure system that enables to extract and collect events related to attacks occurring from mobile terminal, which contributes to active protection from malicious attacks.

• The Journal of the Korea Contents Association
• /
• v.5 no.5
• /
• pp.43-50
• /
• 2005

POS system that become that is supply net administration and computerization fetters of customer management that become point in istribution network constructed database and use XML-Encryption that is certificate techniques of PKI and standard of security for security that is XML's shortcoming and design distributed processing POS system using XML for data integration by introduction of Ubiquitous concept. This POS system has four advantages. First, Because there is no server, need not to attempt authentication and data transmission every time. Second, can integrate data base by XML and improve portability of program itself. Third, XML data in data transmission because transmit data after encryption data safe .Fourth, After encode whenever process data for data breakup anger of POS system client program and elevation of the processing speed, transmit at because gathering data at data transmission.