• Journal of Digital Convergence
• /
• v.17 no.2
• /
• pp.187-194
• /
• 2019

A security company has been proposed for various healthcare systems. However, there are improvements in order to achieve better efficiency and stability in the various protocols presented. The purpose of this paper is to provide cryptanalysis and solution on Vijayakumar et al.'s secure communication scheme for healthcare system using wearable devices. Especially, it is weak against denial of service attack and it does not provide integrity of the transmitted messages. Thereby, this paper proposes a new secure communication scheme to cope from the problems in Vijayakumar et al.'s scheme. It provides authentication and integrity, which could be the security solution against Vijayakumar et al.'s scheme. Furthermore, it also provides a good computational overhead compared to Vijayakumar et al.'s scheme.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.4
• /
• pp.83-90
• /
• 2017

In the past, when the credit card was delivered to the customer, the postal agreement and receipt were signed by customer. The repossessed documents were sent back to the card company through the reorganization process. The card company checks the error by scanning and keeps it in the document storage room. This process is inefficient in cost and personnel due to delivery time, document print out, document sorting, image scanning, inspection work, and storage. Also, the risk of personal data spill is very high in the process of providing personal information. The proposed system is a service that receives a postal agreement and a receipt to a recipient when signing a credit card, signing the mobile image instead of paper, and automatically sending it to the card company server. We have designed a system that can protect the cost of paper documents, complicated work procedures, delivery times and personal information. In this study, we developed 'u-paperless' and secure credit card delivery system applying electronic document and security system.

• Journal of Communications and Networks
• /
• v.12 no.4
• /
• pp.382-394
• /
• 2010

Cross-domain event information sharing is a topic of great interest in the area of event based network management. In this work we use data sets which represent actual attacks in the operational Internet. We analyze the data sets to understand the dynamics of the attacks and then go onto show the effectiveness of sharing incident related information to contain these attacks. We describe universal data acquisition system for event based management (UniDAS), a novel system for secure and automated cross-domain event information sharing. The system uses a generic, structured data format based on a standardized incident object description and exchange format (IODEF). IODEF is an XML-based extensible data format for security incident information exchange. We propose a simple and effective security model for IODEF and apply it to the secure and automated generic event information sharing system UniDAS. We present the system we have developed and evaluate its effectiveness.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.1
• /
• pp.110-132
• /
• 2019

To ensure reliable and secure communication in heterogeneous cellular network (HCN) with imperfect channel state information (CSI), we proposed a coordinated multipoint (CoMP) transmission scheme based on dual-threshold optimization, in which only base stations (BSs) with good channel conditions are selected for transmission. First, we present a candidate BSs formation policy to increase access efficiency, which provides a candidate region of serving BSs. Then, we design a CoMP networking strategy to select serving BSs from the set of candidate BSs, which degrades the influence of channel estimation errors and guarantees qualities of communication links. Finally, we analyze the performance of the proposed scheme, and present a dual-threshold optimization model to further support the performance. Numerical results are presented to verify our theoretical analysis, which draw a conclusion that the CoMP transmission scheme can ensure reliable and secure communication in dense HCNs with imperfect CSI.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.91-99
• /
• 2003

In this paper, we analyze the current trading systems and suggest two secure electronic trading systems that make a fair exchange for online game items. The system is made up for the weak points in the current item trading system. In the proposed system, a game server issues a certificate each item on the user's request. On the one hand, this certificate is used to recover the item when the system error is occured. On the other hand, the user may exchange it with another item or cyber money. The proposed system supports private and reliable trading. Further, the trading can be completed only by online processing.

• Journal of KIISE
• /
• v.44 no.4
• /
• pp.344-351
• /
• 2017

An attribute based signature system is a cryptographic system where users produce signatures based on some predicate of attributes, using keys issued by one or more attribute authorities. If a private key is leaked during signature generation, the signature can be forged. Therefore, signing operation computations should be performed using secure hardware, which is called tamper resistant hardware in this paper. However, since tamper resistant hardware does not provide high performance, it cannot perform many operations requiring attribute based signatures in a short time frame. This paper proposes a new attribute based signature system using high performance general hardware and low performance tamper resistant hardware. The proposed signature scheme consists of two signature schemes within a existing attribute based signature scheme and a digital signature scheme. In the proposed scheme, although the attribute based signature is performed in insecure environments, the digital signature scheme using tamper resistant hardware guarantees the security of the signature scheme. The proposed scheme improves the performance by 11 times compared to the traditional attribute based signature scheme on a system using only tamper resistant hardware.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.8C
• /
• pp.748-757
• /
• 2002

Cyber-terror trials are increased in nowadays and these attacks are commonly using security vulnerability and information gathering method by variable services grew by the continuous development of Internet Technology. IDS's application environment is affected by this increasing Cyber Terror. General Network based IDS detects intrusion by signature based Intrusion Detection module about inflowing packet through network devices. Up to now security in network is commonly secure host, an regional issue adopted in special security system but these system is vulnerable intrusion about the attack in globally connected Internet systems. Security mechanism should be produced to expand the security in whole networks. In this paper, we analyzer the DARPA's program and study Infusion Detection related Technology. We design policy security framework for policy enforcing in whole network and look at the modules's function. Enforcement of security policy is acted by Intrusion Detection system on gateway system which is located in network packet's inflow point. Additional security policy is operated on-line. We can design and execute central security policy in managed domain in this method.

• The KIPS Transactions:PartC
• /
• v.11C no.7 s.96
• /
• pp.971-980
• /
• 2004

This paper describes the design and implementation of the video conferencing system using public key infrastructure which is used for user authentication and encryption. Public key infrastructure reinforces the authentication process for conference participant, and the symmetric key system blocks malicious access to information and protect conference control information. This paper shows the implementation of the trans portation layer secure protocol in conformity with Korea public key authentication algorithm standard and symmetric encryption algorithm (DES, 3DES and AES) for media stream encryption. In this paper, we deal with two ways of protecting information : transportation layer secure protocol secures user authentication process and the conference control information; while public key-based authentication system protects personal information of users when they connect to the network. When distributing the session keys for encryption, Internet Key Exchange is used for P2P communication, and secure protocol is employed for 1 : N multi-user communication in the way of distributing the public key-based en-cryption key.

• Journal of Internet Computing and Services
• /
• v.2 no.3
• /
• pp.51-62
• /
• 2001

Recently, as computers and networks become popular, distributing information on the Internet is common In our daily life. also, the explosion of the Internet. of wireless digital communication and data exchange on Internet has rapidly changed the way we connect with other people. The e-mail has been commonly used by users as well recognizing It as the standard of manners among users on the Internet. In the past, e-mail has been the primary choice of exchanging Information, but secure mail is gaining popularity abroad and domestically because of their nature of providing security. That is. it has been used a variety of fields such as general mail and e-mail for advertisement. But, As the data transmitted on network can be easily opened or forged with simple operations. most of existing e-mail system don't have any security on the transmitted information. Thus. security mail system need to provide security including message encryption, content Integrity, message origin authentication, and non-repudiation. In this paper, we design implement secure mail system with non-repudiation service and encryption capability to provide services for certification of delivery and certification of content as well as the basic security services. API.

• Journal of Advanced Marine Engineering and Technology
• /
• v.40 no.10
• /
• pp.906-915
• /
• 2016

In this study, a network monitoring system, including a secure 460-Network and a 460-Gateway, is designed and developed according with the requirements of the IEC (International Electro-Technical Commission) 61162-460 network standard for the safety and security of networks on board ships. At present, internal or external unauthorized access to or malicious attack on a ship's on board systems are possible threats to the safe operation of a ship's network. To secure the ship's network, a 460-Network was designed and implemented by using a 460-Switch, 460-Nodes, and a 460-Gateway that contains firewalls and a DMZ (Demilitarized Zone) with various application servers. In addition, a 460-firewall was used to block all traffic from unauthorized networks. 460-NMS (Network Monitoring System) is a network-monitoring software application that was developed by using an simple network management protocol (SNMP) SharpNet library with the .Net 4.5 framework and a backhand SQLite database management system, which is used to manage network information. 460-NMS receives network information from a 460-Switch by utilizing SNMP, SNMP Trap, and Syslog. 460-NMS monitors the 460-Network load, traffic flow, current network status, network failure, and unknown devices connected to the network. It notifies the network administrator via alarms, notifications, or warnings in case any network problem occurs. Once developed, 460-NMS was tested both in a laboratory environment and for a real ship network that had been installed by the manufacturer and was confirmed to comply with the IEC 61162-460 requirements. Network safety and security issues onboard ships could be solved by designing a secure 460-Network along with a 460-Gateway and by constantly monitoring the 460-Network according to the requirements of the IEC 61162-460 network standard.