• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.7 no.2
• /
• pp.43-54
• /
• 1997

In this paper, we introduce a secure and minimal protocol for authenticated key distribution over the CDMA mobile communication network. The CDMA mobile communication network has been developed the security protocol that provides a means for user authentication and subsequent protection of user traffic. However, this model has no security assumptions for the intermediate, fixed networks. To avoiding these drawbacks, we introduce a minimal authenticated key distribution protocol. This protocol provides the security of the intermediate and fixed network in mobile environment, and maintains the confidentiality of user identification and the minimum size of information flow compared with the existing protocols.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.109-127
• /
• 2011

Mobile Office is a new type of working method in the workplace that can be used at any time or anywhere by connecting to the network with mobile devices. This allows people to do their jobs without their physical presence in their offices to use computers. The elements in mobile office environment are advancing. They include the widespread distribution of the smart phones, the network enhancing strategy in a ubiquitous environment and expansion of the wireless internet; however, there are not enough security guidelines or policies against these threats on the new environment, the mobile office, although there is the revitalization policy of smart work supported by the government. CERT and ISAC, the known security system as of now, could be used for the secure mobile office, In this paper, suggestions are to be provided for strengthening the security of smart mobile office by analysing the functions of CERT and ISAC.

• Smart Media Journal
• /
• v.9 no.3
• /
• pp.71-79
• /
• 2020

Mobile network is used by many users worldwide for diverse services, including phone-call, messaging and data transfer over the Internet. However, this network may experience massive damage if it is exposed to cyber-attacks or denial-of-service attacks via wireless communication interference. Because the mobile network is also used as an emergency network in cases of disaster, evaluation or verification for security and safety is necessary as an important nation-wide asset. However, it is not easy to analyze the mobile core network because it's built and serviced by private service providers, exclusively operated, and there is even no separate network for testing. Thus, in this paper, a virtual mobile network is built using OpenAirInterface, which is implemented based on 3GPP standards and provided as an open source software, and the structure and protocols of the core network are analyzed. In particular, the S1AP protocol messages captured on S1-MME, the interface between the base station eNodeB and the mobility manager MME, are analyzed to identify potential security threats by evaluating the effect of the messages sent from the user terminal UE to the mobile core network.

• Proceedings of the KSRS Conference
• /
• 2005.10a
• /
• pp.678-682
• /
• 2005

IETF suggested AAA for safe and reliable user authentication on various network and protocol caused by development in internet and increase in users. Diameter standard authentication system does not provide mutual authentication and non-repudiation. AAA authentication system using public key was suggested to supplement such Diameter authentication but application in mobile service control nodes is difficult due to overhead of communication and arithmetic. ID based AAA authentication system was suggested to overcome such weak point but it still has the weak point against collusion attack or forgery attack. In this thesis, new ID based AAA authentication system is suggested which is safe against collusion attack and forgery attack and reduces arithmetic quantity of mobile nodes with insufficient arithmetic and power performance. In this thesis, cryptological safety and arithmetical efficiency is tested to test the suggested system through comparison and assessment of current systems. Suggested system uses two random numbers to provide stability at authentication of mobile nodes. Also, in terms of power, it provides the advantage of seamless service by reducing authentication executing time by the performance of server through improving efficiency with reduced arithmetic at nodes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.177-186
• /
• 2011

Mobile services which are applied PC performance and mobile characteristics are increased with spread of the smartphone. Recently, mobile cloud service is getting the spotlight as a solution of mobile service problems that mobile device is lack of memory, computing power and storage and mobile services are subordinate to a particular mobile device platform. However, mobile cloud service has more potential security threats by the threat inheritance of mobile service, wireless network and cloud computing service. Therefore, security threats of mobile cloud service has to be removed in order to deploy secure mobile cloud services and user and manager should be able to respond appropriately in the event of threat. In this paper, We define mobile cloud service threats by threat analysis of mobile device, wireless network and cloud computing and we propose mobile cloud service countermeasures in order to respond mobile cloud service threats and threat scenarios in order to respond and predict to potential mobile cloud service threats.

• Convergence Security Journal
• /
• v.9 no.4
• /
• pp.29-34
• /
• 2009

The many transaction occurs because of service will not be able to trust in mobile Ad-hoc Network. Overcomes like this problem point with the plan for, This paper proposes the trust evaluation mechanism which is the possibility becoming the standard of the node selection which provides a better service by using the transaction message which is basic occurs from within the mobile Ad-hoc network and in the transaction message which is additional. At last, this paper embodies the trust mechanism which proposes, confirms the trust value which is evaluated with NS2 simulator.

• Journal of information and communication convergence engineering
• /
• v.9 no.5
• /
• pp.562-566
• /
• 2011

As telecommunication technologies in telemedicine services are developed, the expeditious development of wireless and mobile networks has stimulated wide applications of mobile electronic healthcare systems. However, security is an essential system requirement since many patients have privacy concerns when it comes to releasing their personal information over the open wireless channels. Due to the invisible feature of mobile signals, hackers have easier access to hospital networks than wired network systems. This may result in several security incidents unless security protocols are well prepared. In this paper, we analyzed authentication and authorization procedures for healthcare system architecture to apply secure M-health systems in the hospital environment. From the analyses, we estimate optimal requirements as a countermeasure to its vulnerabilities.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.397-408
• /
• 2017

As mobile traffic increases rapidly, DMM (Distributed Mobility Management) has been proposed as a mobility management technology for seamless communication of mobile devices as mobile traffic increases rapidly. the DMM distributes mobility management from the core network to the edge network, enabling stable binding updates with low latency. However, the DMM still have network delay and security problems for sessions. In this paper, we point out the problems existing in the DMM and propose a new protocol in which the MN (Mobile Node) directly participates in authentication and mutual authentication is correctly performed to solve this problem. We demonstrate not only security improvements but also performance improvements with performance analysis.

• The KIPS Transactions:PartC
• /
• v.11C no.2
• /
• pp.171-176
• /
• 2004

This paper presents the design of a certain highly efficient security policy negotiation of SPS(Security Policy System) for secure network management using mobile agent system. The conventional IP security systems for secure network management have some problems. A drawback to these systems is that the required policy between each security area is different. Another problem is not possible to guarantee whether a packet is transmitted through the same path by both directions and is protected by the same policy due to the topology of the network. Unlike conventional systems, the model developed herein can be resolved by using a mobile agent technology. If each domain needs a negotiation of security policy, a mobile agent manages the result of the negotiation in the form of a passport and guarantees the authentication and reliability each other by using the passport.

• Convergence Security Journal
• /
• v.8 no.2
• /
• pp.51-56
• /
• 2008

In this paper presents the method of the Optimal Mobile Router Designation (OMRD) using QM(Quality of service Manager) in the nested mobile network. QM is positioned on TLMR (Top Level Mobile Router) in the nested mobile network and manages the information of all MRs in the mobile network. When MN (Mobile Node) moves to a new MR, OMRD (Optimal Mobile Router Designation) selects the candidate MRs group and decides an optimal MR considering the mobile characteristics. OMRD reduces maximally the production of handover and removes the transmission delay of a new call and a handover call resulted from the wireless insufficient resource. Also, it prevents the concentration in a specific MR and maintains equally the load of the whole network.