• 한국정보통신설비학회:학술대회논문집
• /
• 2009.08a
• /
• pp.208-210
• /
• 2009

Currently, Wireless LAN(WLAN) service is widely deployed to provide high speed wireless Internet access through the mobile stations such as notebook and PDA. To provide enhanced security and user access control in the public WLAN area, WLAN access points should have the capability of IEEE 802.1x-based user authentication and authorization functionality. In this paper, we provide a brief understanding of IEEE 802.1x standards and related protocols like EAPOL(Extended Authentication Protocol Over LAN), EAP, RADIUS and describe how the IEEE 802.1x is designed and implemented in our embedded linux-based WLAN AP which is named i-WiNG. (Intelligent Wireless Internet Gateway). For the network security and user authenti -cation purposes, a supplicant who wants to access Internet should be authorized to access the AP port using the EAPOL.

• Journal of Communications and Networks
• /
• v.8 no.4
• /
• pp.461-474
• /
• 2006

A group key exchange protocol is a cryptographic primitive that describes how a group of parties communicating over a public network can come up with a common secret key. Due to its significance both in network security and cryptography, the design of secure and efficient group key exchange protocols has attracted many researchers' attention over the years. However, despite all the efforts undertaken, there seems to have been no previous systematic look at the growing problem of key exchange over combined wired and wireless networks which consist of both stationary computers with sufficient computational capabilities and mobile devices with relatively restricted computing resources. In this paper, we present the first group key exchange protocol that is specifically designed to be well suited for this rapidly expanding network environment. Our construction meets simplicity, efficiency, and strong notions of security.

• Convergence Security Journal
• /
• v.8 no.1
• /
• pp.43-48
• /
• 2008

Previously, we need to log-in to the target system to check the system log. This is a problem that can not be monitored in real time. This paper designed a syslog real-time monitoring system to solve this problem. The proposed system be able to detect a problem of system in real time without log-in process and be able to solve problems immediately. The proposed syslog real-time monitoring system in this paper is based on Windows OS.

• Journal of National Security and Military Science
• /
• s.7
• /
• pp.233-270
• /
• 2009

Serious game played with a computer in accordance with specific rules, that uses entertainment to further government or corporate training, education, health, public policy, and strategic communication objectives. The main goal of a serious game is usually to train or educate users while giving them an enjoyable experience. Serous games are video games with serious purposes such as teaching or training and whose principal aim is education. The major characteristics of serious games involve pedagogy which are all of the activities that educate, train, or instruct the player. Other characteristics of serious games are that they use entertainment principles, creativity and technology to build games that carry out serious purposes. This study is to introduce a serious game for the military training and to describe the elements of game design for developing it.

• Nuclear Engineering and Technology
• /
• v.45 no.6
• /
• pp.803-810
• /
• 2013

The U.S. Department of Energy's Fuel Cycle Technologies R&D program under the Office of Nuclear Energy is working to advance technologies to enhance both the existing and future fuel cycles. One thrust area is in developing enabling technologies for next generation nuclear materials management under the Materials Protection, Accounting and Control Technologies (MPACT) Campaign where advanced instrumentation, analysis and assessment methods, and security approaches are being developed under a framework of Safeguards and Security by Design. An overview of the MPACT campaign's activities and recent accomplishments is presented along with future plans.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.3
• /
• pp.181-196
• /
• 2014

Cloud computer technology currently provides diverse services based on a comprehensive environment ranging from hardware to solution, network and service. While the target of services has been extended from institutions and corporations to personal infrastructure and issues were made about security problems involved with protection of private information, measures on additional security demands for such service characteristics are insufficient. This paper proposes a multi-session authentication technique based on the characteristics of SaaS (Software as a Service) among cloud services. With no reliable authentication authority, the proposed technique reinforced communication sessions by performing key agreement protocol safe against key exposure and multi-channel session authentication, providing high efficiency of performance through key renewal using optimzied key table. Each formed sessions have resistance against deprivation of individual confirmation and service authority. Suggested confirmation technique that uses these features is expected to provide safe computing service in clouding environment.

• Proceedings of the IEEK Conference
• /
• 2002.06c
• /
• pp.51-54
• /
• 2002

P2P implies direct exchange between peers. If you have something I want, 1 go directly to you and obtain il. There is one of the most advantages of formation of community in P2P. For a specified purpose through P2P, the Peers who make temporary a group delivery a request efficient and safe. And the resources can be jointed common, cooperation and communication. When P2P is developed more, we can expect more formation of online community and development. But to be a safe of personal ID and password in internet, it should be possible to make a key-exchange. In the paper, it suggest P2P security system suitable to personal security that Kerberos be transformed. The user who make community in P2P, have Kerberos Server, and using Physical Address of Ethernet card in personal computer, authenticate users.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.385-389
• /
• 2001

인터넷 기술이 발전되고 활성화됨에 따라 인터넷에 연결된 호스트들과 네트워크는 외부의 악의적인 침입자에 의해 공격받을 수 있는 잠재성이 나날이 증가하고 있다. 이러한 이유로 네트워크 및 호스트 보안에 대한 관심과 연구활동이 활발해 졌으며, 대표적인 보안 솔루션 중의 하나인 침입탐지시스템이 각광을 받고 있다. 탐지 기술적 분류에 따라 크게 네트워크 기반 침입탐지시스템과 호스트 기반 침입탐지시스템이 존재하며, 한편으로 네트워크 규모의 증대로 다수의 침입탐지시스템의 운용이 필요하다. 이와 같이 이질적인 다수의 침입탐지시스템을 운용하는 경우, 관리의 복잡성과 관리비용의 증대라는 문제점을 내포한다. 본 논문에서는 이질적인 다수의 침입탐지에이전트들을 통합 관리하기 위한 중앙통제 시스템의 구현을 설명하고, 여기에 확장성과 유연성을 부여하기 위한 관리 자료 구조의 설계에 대해 기술한다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.07a
• /
• pp.67-70
• /
• 2003

인터넷과 같은 네트워크와 컴퓨터 이용자의 급격한 증가로 인해 컨텐츠 유출 사고 및 개인 정보유출 사고가 빈번하게 발생되고 있다. 이러한 문제를 해결하기 위한 방법 중의 하나가 컨텐츠를 암호화하는 방법이다. 그러나 이 또한 최근에 암호화의 안전성에 많은 문제점을 안고 있다. 이에 렬 논문에서는 비밀키 암호화 방식의 대표인 DES의 문제점에 대해서 분석하고 차세대 암호표준으로 선정한 대칭형 암호알고리즘인 Rijndael을 이용해서 파일의 암호화를 구현하고자 한다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.253-257
• /
• 2001

본 논문은 공개키 암호 시스템에서 사용자의 비밀키를 안전하게 보관할 수 있는 시스템을 제안한다. 키 보관시스템은 사용자가 자신의 비밀키를 저장할 환경을 갖추지 못하였거나 분실하였을 경우 온라인 통신에 의해 안전하게 비밀키를 얻을 수 있는 시스템이다. 키 보관 시스템은 공개키 기반구조(PKI)와 연동하여 운용되는 암호시스템이다. 이 논문에서 비밀키 보관 시스템을 설계하는 방법으로서 비밀키를 메모리에 저장하여 인증기관을 통하여 인증된 사용자에게 발송하는 방법과 마스터 키 개념을 이용한 공개키 연동 키 복구 시스템을 변경하여 사용하는 방법을 제안하고 이들 방법을 안전성과 효율적인 측면에서 비교 분석한다.