• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.147-152
• /
• 2016

Wireless sensor networks that are easy to deploy and install are ideal for building a system that monitors the condition of the equipment in a factory environment where wiring is difficult. The ZigBee has characteristics of low price and low power compared with other wireless communication protocols and is suitable for a monitoring system requiring a plurality of nodes. ZigBee communication requires encryption security between devices because all protocol layers are based on OTM trusted by each other. In the communication between nodes, node authentication must be guaranteed and exposure of confidential information managed by each node should be minimized. The facilities of the factory are regular and stationary in distribution location. In order to protect the information gathered from the sensor in the factory environment and the actuator control information connected to the sensor node, we propose a cryptosystem based on the two - dimensional grid - based key distribution method similar to the distribution environment of the facility.

• Journal of KIISE:Computer Systems and Theory
• /
• v.26 no.11
• /
• pp.1363-1372
• /
• 1999

에이전트 기반 이동 컴퓨팅 환경에서 전자 상거래를 구현하기 위해 가장 필요로 하는 것은 안전한 지불 구조를 제공하는 것이다. 본 연구에서는 불확정 전송 기법 1,2 을 사용한 비대화형 엔티티 인증 기법과 Horster 기법 4,5 을 기반으로 메시지 복원 기능을 제공하는 공정 은닉 서명 기법을 제시한다. 또한 이를 직접 Brands가 제시한 오프-라인 전자 지불 시스템 3,6 에 접목한다. 인증 단계가 비대화형으로 수행되므로 이동 엔티티 인증에 효율적이고, 메시지 복원 기능을 갖고 공개 검증 기능을 제공하는 은닉 서명을 적용하기 때문에 카운터 방식을 사용한 스마트 카드 기반 전자 지불 시스템 6 에 효과적으로 적용할 수 있었다. 전자 화폐에 대해서 신뢰 센터에 의한 공정성 검토 기능을 추가로 제공하므로 전자 지불 시스템의 신뢰성을 향상시킬 수 있다.Abstract The primary requirements for realizing the electronic commerce in agent based mobile computing environments are to implement the compatible secure payment framework. In this paper, we propose both the non-interactive entity authentication scheme that is combined with oblivious transfer protocol 1,2 and the message recovery fair blind signature based on Horster scheme 4,5 . And these techniques are directly applied to the Brand's off-line electronic payment system 3,6 . As the authentication processes are done by non-interactive manner, we can also get efficiency for mobile entity authentication. Additionally, as the used signature scheme provides a message recovery function with publicly verifiable properties, it is efficiently applicable to a counter based off-line electronic payment scheme 6 based on the additional device like smart card. Therefore, we can enhance the reliability of proposed electronic payment system based on the publicly verifiable fairness in its electronic cash by a trusted judge.

• Journal of Internet Computing and Services
• /
• v.5 no.3
• /
• pp.25-33
• /
• 2004

Mobile IP Low Latency Handoffs(l) allow greater support for real-time services on a Mobile IP network by minimizing the period of time when a mobile node is unable to send or receive IP packets due to the delay in the Mobile IP Registration process. However, on Mobile IP network with AAA servers that are capable of performing Authentication, Authorization, and Accounting(AAA) services, every Registration has to be traversed to the home network to achieve new session keys, that are distributed by home AAA server, for a new Mobile IP session. This communication delay is the time taken to re-authentication the mobile node and to traverse between foreign and home network even if the mobile node has been previously authorized to old foreign agent. In order to reduce these extra time overheads, we present a method that performs Low Latency Handoffs without requiring further involvement by home AAA server. The method re-uses the previously assigned session keys. To provide confidentiality and integrity of session keys in the phase of key exchange between agents, it uses a key sharing method by gateway foreign agent that performs a trusted thirty party. The proposed method allows the mobile node to perform Low Latency Handoffs with fast as well as secure operation.

• Journal of Internet Computing and Services
• /
• v.18 no.1
• /
• pp.27-35
• /
• 2017

In near future, IoT data is expected to be a major portion of Big Data. Moreover, sensor data is expected to be major portion of IoT data, and its' research is actively carried out currently. However, processed results may not be trusted and used if outlier data is included in the processing of sensor data. Therefore, method for detection and deletion of those outlier data before processing is studied in this paper. Moreover, we used Spark which is memory based distributed processing environment for fast processing of big sensor data. The detection and deletion of outlier data consist of four stages, and each stage is implemented with Mapper and Reducer operation. The proposed method is compared in three different processing environments, and it is expected that the outlier detection and deletion performance is best in the distributed Spark environment as data volume is increasing.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.3
• /
• pp.13-19
• /
• 2016

The PSK (Pre-shared Secret Key) based method is appropriate for the IoT environment consisting of lightweight devices since this method requires less computing time and energy than the method to configure the session key based on the public key algorithm. A fundamental prerequisite for the PSK based method is that PSK should have been configured between the communication entities safely in advance. However, in case of a small sensor or actuator, no input and output interface such as keyboard and monitor required for configuration exists, so it is more difficult to configure PSK for such lightweight devices safely in the IoT environment than the previous Internet devices. Especially, normal users lack expertise in security so they face difficulty in configuration. Therefore, the default value configured at the time of manufacturing at factories is used or the device installer configures PSK in most cases. In such case, it is a matter for consideration whether all installers and manufacturers can be trusted or not. In order to solve such problem, this paper proposes a secure bootstrapping scheme, which utilizes the NFC (Near Field Communication) as an OOB (Out-Of-Band) channel, for lightweight devices with limited resources.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.11
• /
• pp.5537-5555
• /
• 2017

Having the characteristics of unlinkability, anonymity, and unforgeability, blind signatures are widely used for privacy-related applications such as electronic cash, electronic voting and electronic auction systems where to maintain the anonymity of the participants. Among these applications, the blinded message is needed for a certain purpose by which users delegate signing operation and communicate with each other in a trusted manner. This application leads to the need of proxy blind signature schemes. Proxy blind signature is an important type of cryptographic primitive to realize the properties of both blind signature and proxy signature. Over the past years, many proxy blind signature algorithms have been adopted to fulfill such task based on the discrete logarithm problem (DLP) and the elliptic curve discrete log problem (ECDLP), and most of the existing studies mainly aim to provide effective models to satisfy the security requirements concerning a single blinded message. Unlike many previous works, the proposed scheme applies the signcryption paradigm to the proxy blind signature technology for handling multiple blinded messages at a time based on elliptic curve cryptography (ECC). This innovative method thus has a higher level of security to achieve the security goals of both blind signature and proxy signature. Moreover, the evaluation results show that this proposed protocol is more efficient, consuming low communication overhead while increasing the volume of digital messages compared to the performance from other solutions. Due to these features, this design is able to be implemented in small low-power intelligent devices and very suitable and easily adoptable for e-system applications in pervasive mobile computing environment.

• Journal of Digital Convergence
• /
• v.11 no.7
• /
• pp.215-223
• /
• 2013

As cloud computing is activated, a variety of cloud services are being distributed. However, to use each different cloud service, you must perform a individual user authentication process to service. Therefore, not only the procedure is cumbersome but also due to repeated authentication process performance, it can cause password exposure or database overload that needs to have user's authentication information each cloud server. Moreover, there is high probability of security problem that being occurred by phishing attacks that result from different authentication schemes and input scheme for each service. Thus, when you want to use a variety of cloud service, we proposed OpenID based user authentication scheme that can be applied to a multi-cloud environment by the trusted user's verify ID provider.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.987-997
• /
• 2018

Blockchain has tamper-free, so many applications are developing to leverage tamper-free features of blockchain. MIT Media Labs proposed BlockCerts, educational certificate blockchain System, to solve problems of legacy certificate verifications. Existing educational certificate blockchain Systems are based on public blockchain such as bitcoin, Ethereum, so any entity can participate educational institute in principal. Moreover, the exisitng educational certricate blockchain system utilizes the integrity of blockchain, but the confidentiality of the educational certificate is not provided. This paper propose a digital certificate system based on private blockchain, name HyperCerts. Therefore, only trusted entity can participate in the private blockchain network, Hyperledger, as the issuer of digital certificate. Furthermore, the practical byzantine fault tolerance is used as consensus algorithm, HyperCerts reduce dramatically the latency of issuing digital certificate and required computing power. HyperCerts stores the hash value of digital certificate into the ledger, so breach of personal information by malicious entity in the private blockchain is protected.

• Journal of KIISE:Databases
• /
• v.37 no.6
• /
• pp.324-332
• /
• 2010

The majority of event detection in real-time embedded sensor network systems is based on data fusion that uses noisy sensor data collected from complicated real-world environments. Current research has produced several excellent low-level mechanisms to collect sensor data and perform aggregation. However, solutions that enable these systems to provide real-time data processing using readings from heterogeneous sensors and subsequently detect complex events of interest in real-time fashion need further research. We are developing real-time event detection approaches which allow light-weight data fusion and do not require significant computing resources. Underlying the event detection framework is a collection of real-time monitoring and fusion mechanisms that are invoked upon the arrival of sensor data. The combination of these mechanisms and the framework has the potential to significantly improve the timeliness and reduce the resource requirements of embedded sensor networks. In addition to that, we discuss about a privacy that is foundation technique for trusted embedded sensor network system and explain anonymization technique to ensure privacy.

• Journal of Convergence for Information Technology
• /
• v.8 no.6
• /
• pp.173-186
• /
• 2018

While cloud services are expanding, many users are having difficulty in adopting cloud services. This is because there is no information as to which cloud services can be trusted by users. loud service level agreement (Cloud SLA) is an agreement between cloud service providers and cloud service consumers using qualitative and quantitative indicators including quality and performance, etc. of cloud services. In this study, we propose a framework for cloud SLA that can be applied to the domestic cloud industry to improve service levels for cloud service providers and to protect users and also derive the detailed components of cloud SLA applicable to the domestic cloud industry using the proposed framework. Through this result, it is expected that the government will utilize the policy to enhance the reliability between cloud service providers and users under "the Act on the Development of Cloud Computing and Protection of Users", and eventually to activate cloud services by improving the quality and performance level of domestic cloud services and building a user trust.