• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.2
• /
• pp.53-64
• /
• 2005

Previous secure routing protocols for wireless sensor networks assume that a sink is static. In many cases, however, a sink operated by man or vehicle is moving. A mobile sink creates a lot of technical problems such as reconfiguration of routing path exposure of sink location. and selection of secure access point node, which are not considered by many previous researches. In this paper, we propose a new secure routing scheme for solving such problems using hi-directional hash chain and delegation nodes of grid structure. This scheme provides a secure routing path and prevents attacker from recognizing the location of a mobile sink in sensor networks. This new method reduces the resource requirements compared to the cashed routing schemes. Simulation results also show that the system is secure and efficient enough.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.891-898
• /
• 2022

Along with global interest, drones are expanding the base of utilization such as transportation of goods, forest protection, and safety management, and cluster flights are being applied in various fields such as military operations and environmental monitoring. Currently, specialized networks such as e-UM 5G for services in specific industries are being established in Korea. In this regard, drone systems are also moving to establish specialized networks to provide services that are fused with AI and autonomous flight. As drones converge with various services, various security threats in various environments are also subordinated, and in response, requirements and guidelines for drone security are being prepared in Korea. In this paper, we propose a technology method for peer identification and safe information provision between cluster flight drones by utilizing a cryptographic module equipped with wireless LAN and quantum entropy-based random number generator in a cluster flight system and a mobile communication network such as e-UM 5G.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.1
• /
• pp.91-96
• /
• 2014

According to the spread of computers and the development of the information society, people are focused on privacy information. As the development of its associated policy and technology, it has been tried various attempts to protect their personal information. In this paper, we proposed anti-screen capture modules to protect personal information or a company's confidential information for agencies and departments that keeps top security. As a result, we can prevent an illegal use or a stealing of another person's information in a public agency or personal computer. Also modules can stop exposures of top security data and personal information during they communicate with others in their institution's sever system.

• Journal of Internet Computing and Services
• /
• v.5 no.1
• /
• pp.99-111
• /
• 2004

Two general security measures in computing networks are secure data transmission and user authentication, These problems are still critical in the wireless LAN environments. Thus security becomes most significant issue in personal network environments and ubiquitous networks based on wireless LANs. We purpose a new authentication system for these kind of environments, and coined it UPMA(Ubiquitous Personal Mutual Authen-tication) model. UPMA supports authenticating configurations which provides personal verification for each system. It guarantees secure communications through the session key setup, and provides mutual authentication by verifying each user and his/her station. UPMA solves security problems in ubiquitous networks without accessing authentication server, Instead it performs mutual authentication between terminals or between systems. It is a global authentication system which enables global roaming service through the Internet or other public networks, It can be used to guarantee safe and convenient access to a company Intranet or to a home network.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.5
• /
• pp.195-201
• /
• 2013

The government has invested much budget for 5years to do the Smart-education and operate digital textbook services since 2011. The private enterprises also decided to focus on constructing Smart learning system by investing much budget. If these systems are constructed nationwide and therefore can access to cyber university by using smart devices, we can reduce the information gap and study online lectures to get a grade whenever, whoever and wherever we want to. However, these convenient systems can cause serious problems like falsifying grades by hacking if security systems are weak. In this paper, we formulated cyber university which is secured in terms of security. For this, we simulated the smart-learning system which strengthened the security, considering code algorithm and encryption technique.

• Convergence Security Journal
• /
• v.13 no.6
• /
• pp.91-98
• /
• 2013

Cyber attacks threaten the national security in this day and age. The government of the Republic of Korea recently released the National Cyber Security Comprehensive Countermeasures as a new cybersecurity policy. But current legal system cannot provide legal basis for the implementation of such measures. The current legal system related to cybersecurity is applied in each sector, thus the governance system in cybersecurity is separate. So there are many problems in the governance system in cybersecurity. To solve these problems fundamentally, it is righter to make a new cybersecurity law than to revise existing laws. Meanwhile, lawmakers proposed some bills in Congress to strengthen the cybersecurity in Korea in 2013. It will increase possibility of legislation of cybersecurity act to make a law through the analysis of these bills and to derive the essential elements from those. and to reflect these in the new cybersecurity act.

• Journal of Internet Computing and Services
• /
• v.14 no.2
• /
• pp.61-71
• /
• 2013

Until now, there have been various studies against Internet worms. Most of intrusion detection and prevention systems against Internet worms use detection rules, but these systems cannot respond to new Internet worms. For this reason, a malicious process control system which uses the fact that Internet worms multicast malicious packets was proposed. However, the greater the number of servers to be protected increases the cost of the malicious process control system, and the probability of detecting Internet worms attacking only some predetermined IP addresses is low. This paper presents a security framework that can reduce the cost of the malicious process control system and increase the probability of detecting Internet worms attacking only some predetermined IP addresses. In the proposed security framework, virtual machines are used to reduce the cost of control servers and unused IP addresses are used to increase the probability of detecting Internet worms attacking only some predetermined IP addresses. Therefore the proposed security framework can effectively respond to a variety of new Internet worms at lower cost.

• Journal of Internet Computing and Services
• /
• v.20 no.5
• /
• pp.121-132
• /
• 2019

As the 4th industrial age enters, the number of IoT devices is exploding. Accordingly, the importance of security is also increasing in proportion to the increasing number of security incidents of IoT devices. However, due to the limited performance of IoT devices, there are limitations to applying existing security solutions. Therefore, a new automatic firmware distribution solution is needed to solve this problem. To solve this problem, we propose a new automatic firmware update system that uses a hybrid blockchain that combines a public blockchain and a private blockchain. The public blockchain allows various firmware providers to distribute firmware using a common system. Private blockchain solves the transaction overload problem of the public blockchain and facilitates the management of IoT devices. It also uses distributed file storage to ensure high availability without failing. Therefore, this system is expected to be very effective for improving the security of IoT devices.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.9
• /
• pp.2040-2048
• /
• 2010

In contemporary society, though convenience and efficiency of work using information system is growing high, adverse effect problems of malignant code, system hacking, information leak by insiders due to the development of the network are raising their head daily. Because of this, enormous work forces and expenses for the recovery and management of system is needed. The existing system can be divided into two aspects: security solution which surveils and treats virus and malignant codes, and network management solution which observes the system of computer, and practices maintenance and repair such as management, recovery, backup. This treatise applied Active Write Filter mechanism and the technology based on NFS and complemented the maintenance problems of user data of the existing system and designed the system which enables solving problems of intellectual property right such as information protection and illegal work.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.4
• /
• pp.975-983
• /
• 1998

In these days, information communication systems are based on both open distributed computing technologies and object-oriented techniques like inheritance, encapsulation and object reuse to support various system configuration and application. As information systems are interconnected through unsecure networks, the need for the secure information exchange is more critical than before. In this paper, we have designed and implemented a transparent CORBA-basce Security infrastructure with authentication, security context association, access control and security information management to support a secure applications in distributed object environment. SESAME Ver. 4 was adopted as an external security service to manage user privilege attributes and to distribute keys for data encryption, decryption and integrity. Using filter and transformer with an interface to Object Request Broker, it provides a transparent security service to applications. The filter objects are special classes that allow additional parameters to be inserted into messages before they are sent and removed just after they are received. The transformer objects are special classes that allow direct access to the byte stream of every messages for encryption and decryption before it is sent and just after it is received. This study is to implement the access control interceptor(ACI) and the secure invocation interceptor(SII) of secure ORB defined in CORBA using filter and transformer.