• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.7
• /
• pp.2719-2735
• /
• 2015

In the cloud environment, users pay more attentions to their data security since all of them are stored in the cloud server. Researchers have proposed many mutual authentication schemes for the access control of the cloud server by using the smart card to protect the sensitive data. However, few of them can resist from the smart card lost problem and provide both of the forward security and the backward security. In this paper, we propose a novel authentication scheme for cloud computing which can address these problems and also provide the anonymity for the user. The trick we use is using the password, the smart card and the public key technique to protect the processes of the user's authentication and key exchange. Under the Elliptic Curve Diffie-Hellman (ECDH) assumption, it is provably secure in the random oracle model. Compared with the existing smart card based authentication schemes in the cloud computing, the proposed scheme can provide better security degree.

• Information Systems Review
• /
• v.22 no.4
• /
• pp.185-203
• /
• 2020

With the advent of 4th industrial revolution, the manufacturing industry is converging with ICT and changing into the era of smart manufacturing. In the smart factory, all machines and facilities are connected based on ICT, and thus security should be further strengthened as it is exposed to complex security threats that were not previously recognized. To reduce the risk of security incidents and successfully implement smart factories, it is necessary to identify key security factors to be applied, taking into account the characteristics of the industrial environment of smart factories utilizing ICT. In this study, we propose a 'hierarchical classification model of security factors in smart factory' that includes terminal, network, platform/service categories and analyze the importance of security factors to be applied when developing smart factories. We conducted an assessment of importance of security factors to the groups of smart factories and security experts. In this study, the relative importance of security factors of smart factory was derived by using AHP technique, and the priority among the security factors is presented. Based on the results of this research, it contributes to building the smart factory more securely and establishing information security required in the era of smart manufacturing.

• Convergence Security Journal
• /
• v.20 no.2
• /
• pp.15-28
• /
• 2020

Smart City is highly anticipated to solve the problems of existing cities and create new added value, but there is also increasing concern about security risks. The negative view of smart city according to security risk awareness is a problem that needs to be improved in order to activate the fourth industrial revolution technology and develop smart city. This study examined risk factors in smart cities based on perceived risk and user resistance theory, and empirically analyzed the relationship with resistance attitudes. According to the empirical analysis with 288 research samples, security, social, and physical risk factors directly affect smart city resistance, while financial, performance, and privacy risk have no significant effect. In addition, it was verified that the security risk can is an antecedent factor for other risk factors, and it was confirmed that it is required to separately discuss the security and privacy risk in the smart city environment. This study shows that it is necessary to prepare policy supports for social interactions as well as security and physical safety issues in order to activate smart city by discussing the risk factors that negatively affect smart city perception from the public's point of view.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.14 no.3
• /
• pp.11-20
• /
• 2018

Smart devices refer to various devices and control equipment such as health care devices, imaging devices, motor devices and wearable devices that use wireless network communication (e.g., Wi-fi, Bluetooth, LTE). Commercial services using such devices are found in a wide range of fields, including home networks, health care and medical services, entertainment and toys. Studies on smart devices have also been actively undertaken by academia and industry alike, as the penetration rate of smartphones grew and the technological progress made with the fourth industrial revolution bring about great convenience for users. While services offered through smart devices come with convenience, there is also various security threats that can lead to financial loss or even a loss of life in the case of terrorist attacks. As attacks that are committed through smart devices tend to pick up where attacks based on wireless internet left off, more research is needed on related security topics. As such, this paper seeks to design an access control method for reinforced security for smart devices. After registering and authenticating the smart device from the user's smart phone and service provider, a safe communication protocol is designed. Then to secure the integrity and confidentiality of the communication data, a management process such as for device renewal or cancellation is designed. Safety and security of the existing systems against attacks are also evaluated. In doing so, an improved efficiency by approximately 44% compared to the encryption processing speed of the existing system was verified.

• Journal of Digital Convergence
• /
• v.9 no.4
• /
• pp.29-40
• /
• 2011

This research suggests the effective countermeasures for the security threats on 'Smart Work 2.0'. It is important to discuss the Smart Work 2.0 security issues and threats at the point of evolving form Smart Work 1.0 into 2.0. In this research, first, the security issues, threats and countermeasures of telecommunication working, mobile office and smart work center are discussed. Second, we explore the security issues derived from co-working or creativity as major concepts of Smart Work 2.0.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2011.06a
• /
• pp.165-169
• /
• 2011

저탄소 녹색성장 정책의 일환으로 추진되는 Smart Grid 사업은, 전력인프라와 IT인프라가 융합 되면서 지능화된 전기 에너지의 효율성 향상을 목적으로 전기망 내 송배전을 실시간으로 관리할 수 있게 운영하는 지능형 전기망이다. 하지만 기존의 인터넷망과 IT 통신 인프라와 융합되면서 Smart Grid 인프라에서도 IT보안 취약점 문제가 존재한다. 본 논문에서는 Smart Grid 인프라를 요소별로 분석한다. 그리고 Smart Grid 인프라의 보안성 분석을 통하여 보안의 취약점을 가져 올 수 있는 Smart Grid에 대한 보안 이슈를 분석한다. 그리고 Smart Grid 보안성 기준에 따른 보안기술정책을 연구하고, 보안 표준과 보안 방안을 제시한다. 본 연구를 통하여 안전한 Smart Grid 보안기술정책을 위한 법 제정에 기초자료가 될 것이다.

• International Journal of Computer Science & Network Security
• /
• v.22 no.3
• /
• pp.303-311
• /
• 2022

The tremendous growth of the Internet of things is unbelievable. Many IoT devices have emerged on the market over the last decade. This has made our everyday life easier inside our homes. The technology used at home has changed significantly over the past several decades, leading to what is known today as the smart home. However, this growth has also brought new challenges to our home security and privacy. With the smart home becoming more mainstream, cybersecurity issues have become a fundamental concern. The smart home is an environment where heterogeneous devices and appliances are interconnected through the Internet of Things (IoT) to provide smart services to residents. These services include home climate control, energy management, video on demand, music on-demand, remote healthcare, remote control, and other similar services in a ubiquitous manner. Smart home devices can be controlled via the Internet using smartphones. However, connecting smart home appliances to wireless networks and the Internet makes individuals vulnerable to malicious attacks. Remote access within the same environment or over the Internet requires an effective access control mechanism. This paper intends to shed light on how smart home devices are working as well as the type of security and privacy threats of the smart home. It also illustrated the types of authentication methods that can be used with smart home devices. In addition, a comparison of Smart home IoT-based security protocols was presented along with a security countermeasure that can be used in a smart home environment. Finally, a few open problems were mentioned as future research directions for researchers.

• Journal of Digital Convergence
• /
• v.14 no.11
• /
• pp.501-505
• /
• 2016

Recently, the frequency of dealing important information regarding financial services like paying through smart device or internet banking on smart device has been increasing. Also, with the development of smart device execution environment towards open software environment, it became easier for users to download and use random application software, and its security aspect appears to be weakening. This study inspects features of hardware-based smart device security technology. Furthermore, this study proposes a realization method in MTM hardware-based secure smart device execution environment for an application software that runs in smart devices. While existing MTM provides the root of trust function only for the mobile device, the MTM-based mobile security environment technology proposed in this paper can provide numerous security functions that application program needs in mobile device. The further researches on IoT devices that are compatible with security hardware, gateway security technology and methods that secure reliability and security applicable to varied IoT devices by advancing security hardware are the next plan to proceed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1335-1348
• /
• 2016

Smart factory of Manufacturing sector is rapidly spreading, globally. In case of domestic, it is on going based on KOSF. It is neither lack of invest nor security of information due to it has been spread from manufacturing sector. Hence, that's very difficult to efficiency prevent from new type of intimidation and security accident happened sometimes from this situation. According to research information security condition with recognized new menace, there is a most efficient way is provide education of information security without any extra budget to safely spread smart factory. Thus, this study of research has developed security awareness training curriculum from international standard, requirement of the industry, and curriculum of educational institution based on NCS (National Competency Standard). It is be very helpful to spread smart factory safely due to expert group has been test of validity.

• Smart Media Journal
• /
• v.5 no.4
• /
• pp.116-123
• /
• 2016

Recently, important information related with smart work such as office and video conference are handled in smart device quite a lot compare with before. Also, execution environment of smart devices is getting developed as open software environment. It brought convenience to download and use any kind of application software. By that, security side of smart devices became vulnerable. This paper will discuss characteristics of smart device security technology based on virtualization that is a mobile device platform with isolated secure execution area based on TEE (Trusted Execution Environment). Also, this paper will suggest an implementation method about safe smart device security platform based on domain separation for application software which can be executed in smart devices.