• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.8
• /
• pp.165-170
• /
• 2020

As the IoT (Internet of Things) era is activated, a lot of information including personal information is being transmitted through IoT devices. For information protection, it is important to perform cryptography communication, and it is required to use a lightweight security protocol due to performance limitations. Currently, most of the encryption methods used in the security protocol use RSA and ECC (Elliptic Curve Cryptography). However, if a high performance quantum computer is developed and the Shor algorithm is used, it can no longer be used because it can easily solve the stability problems based on the previous RSA and ECC. Therefore, in this paper, we designed a security protocol that is resistant to the computational power of quantum computers. The code-based crypto ROLLO, which is undergoing the NIST (National Institute of Standards and Technology) post quantum cryptography standardization, was used, and a hash and XOR computation with low computational consumption were used for mutual communication between IoT devices. Finally, a comparative analysis and safety analysis of the proposed protocol and the existing protocol were performed.

• Journal of KIISE:Information Networking
• /
• v.32 no.3
• /
• pp.327-338
• /
• 2005

Since the IEEE 802.11 wireless LANs were known to have several critical weaknesses in the aspect of security, a lot of works have been done to reduce such weaknesses of the wireless LAN security, Among them IEEE 802.lli may be the ultimate long-term solution that requires new security platform with new wireless LAM products. However, it might not be the best solution for small organizations due to its high cost where the cost is a critical issue. This paper proposes FR-WEP, a light-weight key management for wireless LANs that can be used with small changes of the existing Products. FR-WEP is an extension to a lightweight key management, WEP'(9), which was proposed lately. It makes up for the weak points of WEP' by providing lightweight mutual authentication with both host keys and user keys, and seamless key-refresh for authenticated users with fast re-authentication. It would be a good alternative to the heavy standards for wireless LAN security, especially to small organizations hoping for better security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.31-39
• /
• 2008

Recently, remote user authentication schemes using smart cards has been researched to provide user privacy because of increasing interest and demands. Previously, provided authentication schemes were only concerned about providing user privacy against outside attackers, but the scheme. which guarantees user privacy against both a remote server and outside attackers, has been recently demanded because the user's information has leaked out through the service providers. When the remote server perceives a user doing a malicious act, the server should be able to trace the malicious user by receiving help from a trust agency. In this paper, we suggest a scheme which not only guarantees user privacy against both a remote server and outside attackers, but also provides traceable anonymity authentication.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1247-1260
• /
• 2021

For more efficient energy management of nodes in wireless sensor networks, research has been conducted on mobile sink nodes that deliver data from sensor nodes to server recently. UAV (Unmanned Aerial vehicle) is used as a representative mobile sink node. Also, most studies on UAV propose algorithms for calculating optimal paths and have produced rapid advances in the IoD (Internet of Drones) environment. At the same time, some papers proposed mutual authentication and secure key exchange considering nature of the IoD, which requires efficient creation of multiple nodes and session keys in security perspective. However, most papers that proposed secure communication in mobile sink nodes did not protect end-to-end data privacy. Therefore, in this paper, we propose integrated security model that authentication between mobile sink nodes and sensor nodes to securely relay sensor data to base stations. Also, we show informal security analysis that our scheme is secure from various known attacks. Finally, we compare communication overhead with other key exchange schemes previously proposed.

• Korean Journal of Construction Engineering and Management
• /
• v.19 no.4
• /
• pp.3-11
• /
• 2018

The Construction Workers Mutual Aid Association is carrying out a number of strategic tasks with the goal of "contributing to improving employment and stabilizing the return of workers to construction workers through employment welfare and retirement deduction services." One of them is the retirement deduction system. The retirement allowance system is a system for the retirement income and livelihood security of construction workers who are not adequately protected by the Labor Standards Act, such as retirement allowances due to the nature of day labor. The Construction Workers Mutual Aid Association has promoted the introduction of electronic manpower management. For the efficient management of the pilot sites and the plans for the future, comprehensive evaluation of the pilot sites as well as the evaluation of the status and operation results of each pilot project site are needed. Therefore, in this study, we will develop performance indicators to evaluate the current state of electronic manpower pilot projects and analyze the actual situation of pilot project sites through actual application, and try to derive future implementation strategies.

• Convergence Security Journal
• /
• v.14 no.6_2
• /
• pp.63-72
• /
• 2014

The purpose of this study is to investigate the relationship between organizational culture, job characteristics and job continuance will among police officers. This study targets the police officers dispatched in the Seoul metropolitan area in 2012, and it uses judgment sampling method to analyze 187 samples. This study conducted the statistical analysis, including frequency analysis, factor analysis, reliability analysis and multiple regression analysis, by using SPSS WIN 18.0. The result is as follows. First, the organizational culture among police officers has effects on job characteristics. That is, the feedback increases as the organizational culture becomes more mutual development- or agreement-oriented, or as it becomes more hierarchical; on the other hand, the job importance increases as more hierarchical and rational a culture becomes. Also, self-determination increases as an organization becomes more mutual development- or agreement-oriented. Second, the organizational culture among police officers has effects on the job continuance will. That is, the expected satisfaction increases but intentional insincerity decreases as the organizational culture becomes more mutual development- or agreement-oriented. Also, risk-perceiving behavior increases as an organizational culture becomes more hierarchical. Third, police officers' job characteristics have effects on the job continuance will. That is, the feedback and job importance increases the expected satisfaction while reducing functional diversity. The feedback also reduces the contraction factor. The job importance increases intentional insincerity while reducing functional diversity. The functional diversity not only increase alternative expectation but also increases risk-perceiving factors.

• Korean Security Journal
• /
• no.11
• /
• pp.37-60
• /
• 2006

The area of security service has been maintaining the high growth curve annually by improving security consciousness from increase of the income and the progress of public services's level by the accomplishment in the info-communication field, recently the demand for unmanned security system is extended form commercial purposes into public offices and individual's houses. In addition to, the possible distance of offering services is scheduled to magnify. At the period when security company's influence has been becoming significant, the injustice transaction is the serious factor which obstructs the development of security companies. Therefore, it is urgent thing to devise counterplans to extirpate injustice transactions. There are the legalistic approaches of the breakthroughs against injustice transactions. One thing is settling the standard of the judgment and the other is renovating the provision of injustice transactions. Utilizing the principles of the fair competitions and importing self-obedience programs within the range of trade actions which is permitted by law, acted as the system approach. Moreover, there are such three things which can achieve mutual balances as establishing the range of the permitted action toward business corporations, applying spontaneously the fair competition principles and introducing the system of standard agreements. Gong further, this can establish order of security service areas and control them. Besides, it is possible for every organizations to make and operate the system appropriately by importing the self-observance system.

• Korean Security Journal
• /
• no.14
• /
• pp.195-214
• /
• 2007

The purpose of this research is to suggest a construction device that can transform a public safety, security service, security system on counter-terrorism device system, from government leading type to private management type. There are purpose on this thesis to research for the bringing up counter-terrorism experts certification system and about all sorts of developed device among our country's counter-terrorism situation and through comparing developed country's private security's developing device. This summary of thesis is like below. First we need to establish total counter-terrorism center, like developed country on national corresponding strategy. Second, we need to make an organization as a country security department unified as an America's President directly belonging organization. Third, it is to legislate about an counter-terrorism. Fourth, we need to make a coorperate system according to counter-terrorism duty come under private management, so that can recover a trust among people. Fifth, a terror warning system is necessary. Private security's mutual relationship and developing devices is First, it is necessary to bring up counter-terrorism expert. Second, it is necessary to bring in counter-terrorism experts certification system. Third, counter-terrorism research center that come under private management is necessary. The university, private security related academy, should establish research center for the private security industry's specialization, subdivision. It is considered that various research need to be continued after by bringing up counter-terrorism experts, transforming a consciousness, counter-terrorism education, building an equipment and education center, not for a special group, that can minimize human infringement.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.7
• /
• pp.3487-3494
• /
• 2013

Diverse application service such as mobile payment, access control or smart poster have been provided by using smart devices with built-in Near Field Communication technology. Especially, a mobile payment system can provide convenience to its users, but it also can poses including data disclosure while transmitting. There are vulnerabilities while generating session keys used to encrypt data in transaction processes as proposed in KS X 6928, the standard for mobile payment system. Therefore, in this thesis, I analyzed weaknesses of session keys used to encrypt transaction data and proposed a more secure mobile payment system based on NFC to enhance security. The proposed system will provide security functionalities such as key freshness, mutual authentication and key confirmation.

• Journal of Digital Contents Society
• /
• v.19 no.4
• /
• pp.837-844
• /
• 2018

Recently, the cloud technology has made dynamical network changes by enabling the construction of a logical network without building a physical network. Despite recent research on the cloud, it is necessary to study security functions for the identification of fake virtual network functions and the encryption of communication between entities. Because the VNFs are open to subscribers and able to implement service directly, which can make them an attack target. In this paper, we propose a virtual public key infrastructure mechanism that detects a fake VNFs and guarantees data security through mutual authentication between VNFs. To evaluate the virtual PKI, we built a management and orchestration environment to test the performance of authentication and key generation for data security. And we test the detection of a distributed denial of service by using several AI algorithms to enhance the security in NFV.