• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2018.05a
• /
• pp.279-280
• /
• 2018

This study examines the status of Korea's information security industry through mutual comparison between Korea and the world, and also suggests policy implications. In the world information security industry, we find that the service market is far greater in sales and the market attractiveness than the product market, but in Korea, the opposite result is obtained. The results of this study suggest that it is urgent to take measures to increase the value added of information security products with weak income generation capability and it is necessary to introduce the restructuring of the main market of information security industry from product market to service market.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.12
• /
• pp.6169-6187
• /
• 2017

With the fast growth of mobile services, Mobile Cloud Computing(MCC) has gained a great deal of attention from researchers in the academic and industrial field. User authentication and privacy are significant issues in MCC environment. Recently, Tsai and Lo proposed a privacy-aware authentication scheme for distributed MCC services, which claimed to support mutual authentication and user anonymity. However, Irshad et.al. pointed out this scheme cannot achieve desired security goals and improved it. Unfortunately, this paper shall show that security features of Irshad et.al.'s scheme are achieved at the price of multiple time-consuming operations, such as three bilinear pairing operations, one map-to-point hash function operation, etc. Besides, it still suffers from two minor design flaws, including incapability of achieving three-factor security and no user revocation and re-registration. To address these issues, an enhanced and provably secure authentication scheme for distributed MCC services will be designed in this work. The proposed scheme can meet all desirable security requirements and is able to resist against various kinds of attacks. Moreover, compared with previously proposed schemes, the proposed scheme provides more security features while achieving lower computation and communication costs.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.12
• /
• pp.4987-5014
• /
• 2015

The bilinear pairing, also known as Weil pairing or Tate pairing, is widely used in cryptography and its properties help to construct cryptographic schemes for different applications in which the security of the transmitted data is a major concern. In remote login authentication schemes, there are two major requirements: i) proving the identity of a user and the server for legitimacy without exposing their private keys and ii) freedom for a user to choose and change his password (private key) efficiently. Most of the existing methods based on the bilinear property have some security breaches due to the lack of features and the design issues. In this paper, we develop a new scheme using the bilinear property of an elliptic point and the biometric characteristics. Our method provides many features along with three major goals. a) Checking the correctness of the password before sending the authentication message, which prevents the wastage of communication cost; b) Efficient password change phase in which the user is asked to give a new password after checking the correctness of the current password without involving the server; c) User anonymity - enforcing the suitability of our scheme for applications in which a user does not want to disclose his identity. We use BAN logic to ensure the mutual authentication and session key agreement properties. The paper provides informal security analysis to illustrate that our scheme resists all the security attacks. Furthermore, we use the AVISPA tool for formal security verification of our scheme.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.1B
• /
• pp.29-36
• /
• 2011

Near Field Communication is an emerging short-range wireless connectivity technology that offers proximity and different operating modes. Particularly, NFC technology has the potential to revolutionize mobile applications like payment and ticketing because NFC is more complex and mutual connectivity than RFID as the simple tag reader. Finally, NFC security technology defines the robust security protocols. This paper will specify and analyze the NFC security technology, and study the chance and its beneficial effect of the UICC card as the NFC Secure Element.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.623-630
• /
• 2016

Heterogeneous IoT devices must satisfy a certain level of security for mutual connections and communications. However, a performance degradation of cryptographic algorithms in resource constrained devices is inevitable and so an optimization or efficient implementation method is necessary. In this paper, we study an efficient implementation method for rotation operations regarding registers for running ARX lightweight block ciphers. In a practical sense, we investigate the performance of modified rotation operations through experiments using real experiment devices. We show the improved performance of modified rotation operations and discover the significant difference in measured performance between simulations and real experiments, particularly for 16-bit MSP microcontrollers.

• Convergence Security Journal
• /
• v.11 no.3
• /
• pp.25-30
• /
• 2011

WEP is proposed networks dominate the market in the future wireless LAN encryption and authentication features to provide a secure protocol. However, WEP does not suggest a specific measures when generating the initial values used for the creation cipher text, the initial value problem because tile size and no-encryption if you have been raised about the safety issue. In this paper pointed out the vulnerabilities of WEP and the proposed improvement plan for this improvement was proposed based on the initial value to avoid re-creating the initial value of the system and using a block cipher in CBC mode for confidentiality and to provide mutual authentication New WLAN security model was proposed.

• Convergence Security Journal
• /
• v.8 no.4
• /
• pp.199-207
• /
• 2008

Web service has many security weekness because it is exposure to outside and connected with various application. Especially, as new technology developed new type of security weakness has occured consistently. In this paper, we construct webserver and honeyweb by using virtual reality on a basis these weakness. So it cannot be influenced by any attack to the hardware of the system. By using honey web, it disigned and embodied web server secutiry system to collect the data about new attack. Through this, it can provide proper secutiry in a web environment of mutual communication.

• The Journal of the Convergence on Culture Technology
• /
• v.6 no.1
• /
• pp.441-448
• /
• 2020

With help of Vehicle-to-Grid(V2G) technology battery in electric vehicle can be used as distributed energy resource and energy storage in a smart grid environment. Several problems of security vulnerability and privacy preservation can be occurred because V2G network supports 2 way communication among all components. This paper explains and makes analysis of architecture, privacy sensitive data, security vulnerability and security requirement of V2G system. Furthermore efficient architecture and operating scheme for V2G system are proposed. This scheme uses symmetric cryptosystem and hash algorithm to support privacy preservation and mutual authentication.

• Journal of KIISE:Information Networking
• /
• v.30 no.1
• /
• pp.82-96
• /
• 2003

The Internet has evolved into the global computer network due to the openness of its protocol, but such evolution brings about new risks and threats. To protect computer networks safely, it is the best way that preventing an attacher from intruding beforehand. However, to provision against all attacks causes the degradation of network performance as well as to prevent unknown attacks is very hard. Secure Combination, the framework which establishes a mutual collaboration and cooperation between the trusted zones, could protect systems from the potential attacks. This frameworks can predict attacks by exchanging security information and cooperating with each zone. It is a dynamic and powerful security architecture that rapidly enables updating security policy and deploying response modules.

• Annual Conference of KIPS
• /
• 2011.04a
• /
• pp.844-847
• /
• 2011

Wireless mesh network (WMN) is a type of mobile ad-hoc network consists of wireless router, mobile clients and gateway which connects the network with the Internet. To provide security in the network it is required to encrypt the message sent among the communicating nodes in such way so that only legitimate user can retrieve the original data. Several security mechanisms have been proposed so far to enhance the security of WMN. However, there still exists a need for a comprehensive mechanism to prevent attacks in data communication. Considering the characteristic of mesh network, in this paper we proposed a public key cryptography based security architecture to establish a secure key agreement among communicating nodes in mesh network. The proposed security architecture consists of two major sections: client data protection and network data protection. Client data protection deals with the mutual authentication between the client and the access router and provide client to access router encryption for data confidentiality using standard IEEE 802.11i protocol. On the other hand, network data protection ensures encrypted routing and data transfer in the multi hop backbone network. For the network data protection, we used the pre-distributed public key to form a secure backbone infrastructure.