• The KIPS Transactions:PartC
• /
• v.16C no.3
• /
• pp.335-346
• /
• 2009

Mobile environments are evolving the main communication environment as a develops of communication technology. In mobile environments, sensitive information can be compromised on-line, so demand for security has increased. Also, mobile devices that provide various services are in danger from malware and illegal devices, phishing and sniffing etc, and the privacy. Therefore, MTM(Mobile Trusted Module) is developed and promoted by TCG(Trusted Computing Group), which is an industry standard body to enhance the security level in the mobile computing environment. MTM protects user privacy and platform integrity, because it is embedded in the platform, and it is physically secure. However, a security approach is required when secret data is migrated elsewhere, because MTM provides strong security functions. In this paper, we analyze the TCG standard and migration method for cryptographic key, then we propose a secure migration scheme for cryptographic key using key Backup/Recovery method.

• The KIPS Transactions:PartC
• /
• v.18C no.3
• /
• pp.151-156
• /
• 2011

Google Android, which is one of the popular smart phone platforms, employs a security model based on application permissions. This model intends to reduce security threats by protecting inappropriate accesses to system resources from applications, but this model has a few problems. First, permission requested by an application cannot be granted selectively. Second, once the permission has been granted it is maintained until the application is uninstalled. Third, applications may acquire powerful permissions through user ID sharing without any notice to users. In order to overcome these limitations, we designed and implemented a flexible application permission management scheme. The goal of our scheme is to enhance security and user convenience while keeping compatibility to original platform. We also verified the operation of our scheme with real applications on Android emulator.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2019.05a
• /
• pp.290-292
• /
• 2019

Since the advent of blockchain and bitcoin, decentralization has been accelerating around the world as a public blockchain ethereum with smartcontract has begun. Developers can use Ethereum's blockchain development platform to develop "distributed applications" (DApp) running on a decentralized P2P network, and various types of devices from IoT to mobile can participate in a block-chain distributed environment have. Using Ethereum's blockchain development platform, developers can develop "Decentralized Application (DApp)" that run on a decentralized P2P network and various types of devices from IOT to mobile can participate in distributed blockchain environments. There are many ways to interact with the blockchain and the smart contract, but users tend to prefer the mobile methods due to their convenience and accessibility advantages. Therefore, the author developed an Android based voting DApp and researched related issues. Since the current development methods of DApp are not adequately researched and standardized, efficient methods for developing user-friendly DApp were studied. Because DApp has to spend a certain amount of fees to interact with blockchain, it has intensively investigated the gas problem of Smart Contract code and the security problem of code, and author would like to introduce it in this paper.

• Journal of Platform Technology
• /
• v.11 no.3
• /
• pp.76-82
• /
• 2023

Starting from the 4th industrial revolution, core technologies were applied to industries to build various smart environments. Smart factories in the manufacturing industry produce high-quality products by applying IIoT as a core technology that can collect and control a wide range of data for customized production. However, the network environment of the smart factory converted to open through IIoT was exposed to various security risks. In accordance with security breaches, IIoT has shown degradation in the quality of manufactured products and production processes due to network disturbance, use and maintenance of forged IIoT, and can cause reliability problems in business. Accordingly, in this study, a method for safe connection and utilization of IIoT was studied during the initial establishment of a smart factory. Specifically, a study was conducted to check the IIoT connection situation so that the practicality of the IIoT connected to the smart factory could be confirmed and the harmless environment established.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.445-446
• /
• 2021

Union file system is a technology that can be used as a single file system by integrating various files and directories. It has the advantage of maintaining the source file/directory used for integration, so it is used in many applications like container platform. When using the union file system, the user accesses the write-able layer, to which the security technology provided by the operating system can be applied. However, there is a disadvantage in that it is difficult to apply a separate security technology to the source file and directory used to create the union file system. In this study, we intend to propose an access control mechanism to deny security threats to source file/directory that may occur when using the union file system. In order to verify the effectiveness of the access control mechanism, it was confirmed that the access control mechanism proposed in this study can protect the source file/directory while maintaining the advantages of the union file system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.989-1000
• /
• 2023

In order to respond to supply chain threats, active research and development efforts are underway for software tamper prevention technologies such as Secure Boot and management systems like Software Bill of Materials(SBOM). Particularly, the Trusted Computing Group (TCG) is introducing standards for Trusted Platform Module(TPM) to provide a secure and trustworthy computing boot environment. This paper emphasizes the need for introducing secure booting technology for cryptographic modules to ensure that they remain safe and provide reliable functionality even in the face of supply chain threats. Furthermore, it analyzes vulnerabilities in cryptographic modules verified by the ISO/IEC 19790 standard and proposes security requirements for secure booting of cryptographic modules to address these vulnerabilities.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.155-167
• /
• 2012

Cloud computing service is a next generation IT service which has pay-per-use billing model and supports elastically provisioning IT infra according to user demand. However it has many potential threats originating from outsourcing/supporting service structure that customers 'outsource' their own data and provider 'supports' infra, platform, application services, the complexity of applied technology, resource sharing and compliance with a law, etc. In activation of Cloud service, we need objective assessment standard to ensure safety and reliability which is one of the biggest obstacles to adopt cloud service. So far information security management system has been used as a security standard for a security management and IT operation within an organization. As for Cloud computing service it needs new security management and assessment different from those of the existing in-house IT environment. In this paper, to make a Information Security Management System considering cloud characteristics key components from threat management system are drawn and all control domain of existing information security management system as a control components are included. Especially we designed service security management to support service usage in an on-line self service environment and service contract and business status.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.919-943
• /
• 2019

Distributed ledger technology, which is attracting attention as an emerging technology related to the 4th Industrial Revolution, is implemented as an open source based distributed ledger technology system and widely used for development with various applications (or services), but the security functions provided by the distributed general ledger system are very insufficient. This paper proposes security enhancements for distributed ledger technology systems based on open source. To do so, potential security threats that may occur under running an open source based distributed ledger technology systems are identified and security functional requirements against the security threats identified are provided by analyzing legislation and security certification criteria (ISMS-P). In addition, it proposes a method to implement the security functions required for an open source based distributed ledger technology systems through analysis of security functional components of Common Criteria (CC), an international standard.

• Journal of information and communication convergence engineering
• /
• v.8 no.2
• /
• pp.129-135
• /
• 2010

Wireless sensor networks (WSNs) are an emerging technology and offers economically viable monitoring solution to many challenging applications. However, deploying new technology in hostile environment, without considering security in mind has often proved to be unreasonably unsecured. Apparently, security techniques face many critical challenges in WSNs like data security and secrecy due to its hostile deployment nature. In order to resolve security in WSNs, we propose a novel and efficient secure framework called TriSec: a secure data framework for wireless sensor networks to attain high level of security. TriSec provides data confidentiality, authentication and data integrity to sensor networks. TriSec supports node-to-node encryption using PingPong-128 stream cipher based-privacy. A new PingPong-MAC (PP-MAC) is incorporated with PingPong stream cipher to make TriSec framework more secure. PingPong-128 is fast keystream generation and it is very suitable for sensor network environment. We have implemented the proposed scheme on wireless sensor platform and our result shows their feasibility.

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.3-11
• /
• 2016

With repid development of optical networking technology, Software-Defined Network (SDN) and Network Function Virtualization (NFV), high performance networking service, collaboration platform that enables collaborative research globally, drastically National Research Network (NRN) including Internet Service has changed. Therefore we compared and analyzed several world-class NRNs and took a view of future development strategy of the NRN. Also we suggest high speed security environment in super high bandwidth network with 40Gbps and 100Gbps optical transmission technology, network separation of NRN with Science DMZ to support high performance network transmission for science big data, building security environment for last-mile in campus network that supports programmability of IDS using BRO framework.