• ETRI Journal
• /
• v.36 no.1
• /
• pp.141-150
• /
• 2014

A fully integrated CMOS security-enhanced passive (SEP) tag that compensates the security weakness of ISO/IEC 18000-6C is presented in this paper. For this purpose, we propose a security-enhanced protocol that provides mutual authentication between tag and reader. We show that the proposed protocol meets the security demands of the ongoing international standard for RFID secure systems, ISO/IEC 29167-6. This paper fabricates the SEP tag with a 0.18-${\mu}m$ CMOS technology and suggests the optimal operating frequency of the CMOS SEP tag to comply with ISO/IEC 18000-6C. Furthermore, we measure the SEP tag under a wireless environment. The measured results show that communications between the SEP tag and reader are successfully executed in both conventional passive and SEP modes, which follow ISO/IEC 18000-6C and the proposed security enhanced protocol, respectively. In particular, this paper shows that the SEP tag satisfies the timing link requirement specified in ISO/IEC 18000-6C.

• The Journal of Industrial Distribution & Business
• /
• v.11 no.2
• /
• pp.25-31
• /
• 2020

Purpose: The AEO (Authorized Economic Operator) program, created in 2001 in the United States due to 9.11 terrorist's attack, fundamentally changed the trade environment. Korea, which introduced AEO program in 2009, has become one of the world's top countries in the program by ranking 6th in the number of AEO certified companies and the world's No. 1 in MRA (Mutual Recognition Agreement) conclusions. In this paper, we examined what trade-economic and non-economic effects the AEO program and its MRA have in Korea. Research design, data and methodology: In this study we developed a model to verify the impact between utilization of AEO and trade-economic effects of the AEO and its MRA. After analyzing the validity and reliability of the model through Structural Equation Model we conducted a survey to request AEO companies to respond their experience on the effects of AEO program and MRA. As a result, 196 responses were received from 176 AEO companies and utilized in the analysis. Results: With regard to economic effects, the AEO program and the MRA have not been directly linked to financial performance, such as increased sales, increased export and import volumes, reduced management costs, and increased operating profit margins. However, it was analyzed that the positive effects of supply chain management were evident, such as strengthening self-security, monitoring and evaluating risks regularly, strengthening cooperation with trading companies, enhancing cargo tracking capabilities, and reducing the time required for export and import. Conclusions: When it comes to the trade-economic effects of AEO program and its MRA, AEO companies did not satisfy with direct effects, such as increased sales and volume of imports and exports, reduced logistics costs. However, non-economic effects, such as reduced time in customs clearance, freight tracking capability, enhanced security in supply chain are still appears to be big for them. In a rapidly changing trade environment the AEO and MRA are still useful. Therefore the government needs to encourage non-AEO companies to join the AEO program, expand MRA conclusion with AEO adopted countries especially developing ones and help AEO companies make good use of AEO and MRA.

• The Journal of Society for e-Business Studies
• /
• v.17 no.4
• /
• pp.1-16
• /
• 2012

Shieh and Wang [10] recently proposed an efficient mutual authentication scheme that combined the cost-effectiveness of operations of Lee et al. [6]. scheme and the security and key agreement of Chen and Yeh scheme. Shieh and Wang [10] scheme, however, does not satisfy the security requirements against a third party (the man-in the middle, attacker) that have to be considered in remote user authentication scheme using password-based smart cards. Shieh and Wang weaknesses are the inappropriateness that it cannot verify the forged message in 3-way handshaking mutual authentication, and the vulnerability that the system (server) secret key can easily be exposed. This paper investigates the problems of Shieh and Wang scheme in the verification procedure of the forged messages intercepted by the eavesdrop. An enhanced two-way remote user authentication scheme is proposed that is safe and strong against multiple attacks by adding the ability to perform integrity check on the server and proposed scheme is not expose user password information and the system's confidential information.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.10
• /
• pp.79-88
• /
• 2012

In this paper, we design a mutual authentication protocol which divided sessions from an authenticated session are updated periodically. And in order to minimize the traffic overhead for session authentication, we also introduce dynamic session management according to sampling rate of medical sensor type. And randomize the divided session time. This model has the effect of blocking the integrity and confidentiality intrusion of rogue gateway. Moreover, efficiency is provided through medical data to be transmitted have different sampling rate. In order to evaluate this model, it was embodied and experimented in TinyOS 2.1 environment. The result, we got an overall validity from three types of experiment.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.10
• /
• pp.1958-1968
• /
• 2015

Things intelligence communication (M2M or IoT) service activation and global company of OneM2M-related business on aggressive investing and has led to the acceleration of change in the ICT market. But a variety of hacking security technology because of the possibility of secure communication (data exposure, theft, modification, deletion, etc.) has been issued as an important requirement. In this paper, we propose a mutual authentication protocol for secure communications chameleon hash based on the M2M environment. The results of performance analysis efficiency is encryption and decryption an average of 0.7%, calculated rate showed good results as compared to the target algorithm, equivalent to a 3%(Average 0.003 seconds) difference, mutual authentication and encryption region by using the key update advantage of ECC(Elliptic Curve Cryptography)based Chameleon hash function is signed of the operational efficiency, using a collision message verifiable properties demonstrated strong security of the communication section.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.3 s.35
• /
• pp.237-247
• /
• 2005

Ubiquitous Sensor Network(USN) is the very core of a technology for the Ubiquitous environments. There is the weakness from various security attacks such that tapping of sensor informations, flowing of abnormal packets, data modification and Denial of Service(DoS) etc. And it's required counterplan with them. Especially it's restricted by the capacity of battery and computing. By reasons of theses. positively, USN security technology needs the lightweighted design for the low electric energy and the minimum computing. In this paper, we propose lightweight USN mutual authentication methology based on trust model to solve above problems. The proposed authentication model can minimize the measure of computing because it authenticates the sensor nodes based on trust information represented by subjective logic model. So it can economize battery consumption and resultingly increse the lifetime of sensor nodes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.931-939
• /
• 2014

The Web or Mobile channel of previous Web access authentication system for a payment only provides the authentication of remote users, and does not provide the authentication between a user and a bank/financial institution. Therefore, this paper proposes the Transaction Certificate Mode(TCM) for a payment which can preserve the mutual authentication between a user and a bank/financial institution for Web-based payment systems. The proposed system has designed for wireless network instead of Secure Electronic Transaction (SET) designed for wired electronic transaction. In addition, this system with TCM is able to support an account-based transaction for wireless networks instead of a disadvantage of SET such as a card-based transaction for wired networks. Therefore, customers can check their balances without logging on their bank's web site again due to mutual authentication between a customer and his bank/financial institution.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.9
• /
• pp.707-714
• /
• 2013

IoT, which can be regarded as an enhanced version of M2M communication technology, was proposed to realize intelligent thing to thing communications by utilizing Internet connectivity. Things in IoT are generally heterogeneous and resource constrained. Also such things are connected with each other over LLN(low power and lossy Network). Confidentiality, mutual authentication and message origin authentication are required to make a secure service in IoT. Security protocols used in traditional IP Networks cannot be directly adopted to resource constrained devices in IoT. Under the respect, a IETF standard group proposes to use lightweight version of DTLS protocol for supporting security services in IoT environments. However, the protocol can not cover up all of very constrained devices. To solve the problem, we propose a scheme which tends to support mutual authentication and session key agreement between devices that contain only a single crypto primitive module such as hash function or cipher function because of resource constrained property. The proposed scheme enhances performance by pre-computing a session key and is able to defend various attacks.

• The KIPS Transactions:PartC
• /
• v.17C no.6
• /
• pp.441-450
• /
• 2010

Recently, a lot of interest is increased in sensor network which gathers various data through many sensor nodes deployed in wired and wireless network environment. However, because of the limitation in memory, computation, and energy of the sensor nodes, security problem is very important issue. In sensor network, not only the security problem, but also computing power should be seriously considered. In this paper, considering these characteristics, we make the sensor network consist of normal sensor nodes and clusterheaders with enough space and computing power, and propose a group key rekeying scheme adopting PCGR(Predistribution and local Collaborationbased Group Rekeying) for secure group communication. In our proposal, we enhance the security by minimizing the risk to safety of the entire network through verifying the new key value from clusterheader by sensor nodes. That is, to update the group keys, clusterheaders confirm sensor nodes through verifying the information from sensor nodes and send the new group keys back to authentic member nodes. The group keys sent back by the clusterheaders are verified again by sensor nodes. Through this mutual authentication, we can check if clusterheaders are compromised or not. Qualnet simulation result shows that our scheme not only guarantees secure group key rekeying but also decreasesstorage and communication overhead.

• The KIPS Transactions:PartC
• /
• v.14C no.5
• /
• pp.431-438
• /
• 2007

RFID system is core technology that construct ubiquitous environment for replacement of barcode technology. Use ratio of RFID system rapidly increase because the technology has many good points such as identification speed, storage space, convenience etc. But low-cost tag operates easily by query of reader, so the system happened user privacy violent problem by tag information exposure. The system studied many ways for security application, but operation capability of low-cost tag is about $5K{\sim}10K$ gates, but only $250{\sim}3K$ gates allocated security part. So it is difficult to apply security to the system. Therefore, this scheme uses dividing 64 bits and reduces arithmetic, so proposed scheme provide mutual authentication that can apply to low-cost RFID system. Existing methods divide by 4 and used 96 bits. However, that reduces 32 bits length for lightweight and reduced from communication number of times of 7 times to 5 times. Also, because offer security by random number than existing scheme that generate two random numbers, that is more efficient. However, uses hash function for integrity that was not offered by XOR arithmetic and added extension of proposed scheme. Extended scheme is not offered efficiency than methods that use XOR arithmetic, but identification distance is mode that is proposed secure so that can use in for RFID system.