• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.715-718
• /
• 2006

e-seal은 RFID 기술을 사용하여 원격에서 자동으로 봉인상태를 확인할 수 있는 컨테이너 봉인 장치를 말한다. RFID의 특징상 반도체 칩에 기록된 정보를 제 삼자가 쉽게 판독 및 변조할 수 있다는 취약점이 있는 실정이다. ISO에서는 RFID의 취약점을 보안하기 위한 표준작업(ISO 18185)을 진행 중이다. 이 중, ISO 18185-4는 e-seal에 저장되는 자료나 리더와의 RF통신에서 데이터 보호를 위한 표준이며, 관련된 연구로는 Active-RFID 인증 프로토콜과 ISO 18185-4를 위한 보고서로 제출된 보안 프로토콜 등이 있다. 제안된 e-seal 보안 프로토콜을 적용하기 위해서는 e-seal과 리더 간의 데이터를 암/복호화 키를 Pseudorandom Function(PRF)을 이용하여 마스터 키로부터 MTK(Mutual Transient Key)를 유도하고, MTK를 암/복호화 키로 사용해야 할 필요가 있다. 본 논문에서는 현재 보안 프로토콜에서 사용되고 있는 PRF에 대해 살펴보고, e-seal 환경에서 PRF를 소프트웨어로 구현하였다. 구현 결과 해시 함수를 기반으로 하는 PFR보다 암호화 알고리즘 AES를 기반으로 하는 PRF이 더 좋은 성능을 보였으며, 블록 암호화 알고리즘인 AES-128을 어셈블리어로 구현함으로써 PRF를 최적화하였다.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.6
• /
• pp.201-206
• /
• 2007

Development of Information and Communication technology coming to activity of internet banking and electronic business, and smart card of medium is generalized prevailing for user authentication of electronic signature certificate management center with cyber cash, traffic card, exit and entrance card. In field that using public network, security of smart cart and privacy of card possessor's is very important. Point of smart card security is use safety for smart card by user authentication. Anonymous establishment for privacy protection and denial of service attack for availability is need to provision. In this paper, after analyze for Hwang-Li, Sun's, L-H-Y scheme, password identify element is a change of safety using one time password hash function. We proposed an efficient new smart card authentication protocol against anonymity and denial of service.

• Journal of Digital Contents Society
• /
• v.5 no.2
• /
• pp.95-100
• /
• 2004

For improve level of information security, the necessity of evaluation and certification of Information Security System(ISS) in increasing. Evalustion and Certification Institute have evaluated ISS for risk prevention of information dysfunction in an advanced countries. But, the problem of the time and cost occurred when it is caused by with application of unlike evaluation criteria each other. The result of effort to solution, Common Criteria(CC) and Common Evaluation Methodology(CEM) is using for evaluation of ISS and mutual recognition. Evaluation participant is needed flexible and active interpretation of CC and CEM for an efficient evaluation preparation and performance.

• Journal of Korean Society of Disaster and Security
• /
• v.6 no.1
• /
• pp.29-34
• /
• 2013

Recently, scale and complexity of disaster are increasing by natural social factor, and there is limit for emergency response by single agency thereby. Therefore, when multi-agency conduct a response for disaster together at the scene, they need preparation for joint response in the advance for systematic mutual cooperation. Preparedness consist of various factors such as planning, securing of Organizations and resource, continuous education and training. This paper focus on emergency response plan and examine the existing state and problem of various plans and manuals. Also submit development way for establishing emergency response plan that had effectiveness through the foreign case analysis.

• Journal of Internet of Things and Convergence
• /
• v.2 no.1
• /
• pp.1-6
• /
• 2016

The IOT environment, people connected to the network, object, everything such as space (Things) generates data in real time. The information between the object collecting, sharing, are utilized. Currently health care, research in various fields such as smart home has been promoted. Also appeared concepts emphasized all things(IOE) Internet connection between the geographic space and the Internet. Human, while important connections between the objects, such as objects, studies of efficient and secure authentication technologies have been developed. In this paper, we propose a RADIUS (Remote Authentication Dial In User Service) protocol for improved mutual authentication between each object in the IOT environment.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.11C
• /
• pp.1090-1096
• /
• 2002

The HTTP does not support continuity for browser-server interaction between successive visits or a user due to a stateless feature. Cookies were invented to maintain continuity and state on the Web. Because cookies are transmitted in plain and contain text-character strings encoding relevant information about the user, the attacker can easily copy and modify them for his undue profit. In this paper, we design a secure cookies scheme based on X.509 public key certificate for solving these security weakness of typical web cookies. Our secure cookies scheme provides not only mutual authentication between client and server but also confidentiality and integrity of user information. Additionally, we implement our secure cookies scheme and compare it to the performance with SSL(Secure Socket Layer) protocol that is widely used for security of HTTP environment.

• Journal of Korea Society of Industrial Information Systems
• /
• v.17 no.6
• /
• pp.1-9
• /
• 2012

Low-cost RFID tags are used in many applications. However, since it has very limited power of computation and storage, it's not easy to make a RFID mutual authentication protocol which can resist from the various security attacks. Quite recently, Tian et al. proposed a new ultralightweight authentication protocol (RAPP) for low-cost RFID tags using the low computation cost operations; XOR, rotation, and permutation operations, which is able to resist from the various security attacks. In this paper, we show that RAPP is vulnerable to the de-synchronization attack and present an improved RAPP which overcomes the vulnerability of RAPP.

• Journal of National Security and Military Science
• /
• s.3
• /
• pp.169-196
• /
• 2005

The point of Bush administraion’s foreign policy is to support the promotion and stability of Democracy in Iraq and counter terrorism and spread of WMD with his strong propulsive force caused by his reelection. In such an environment, there are his leadership, his team, himself, Kim Jung Il, and a new understanding of North Korea after September 11 as the effective factors of Bush administration’s policy toward Pyongyang. Bush administration’s foreign policy of North Korea also shows the process of North Korea’s nuclear weapon program and the future scenario of the Korean Peninsula with "the persistence of solving North Korea’s nuclear weapon program such as the method having done in Lybia", "the holding unconditional talks with Pyongyang, and "the continual concerns with human rights in North Korea." The purpose of Bush administration’s foreign policy of North Korea is to make North Korea do not support terrorism rather than remove the nuclear weapon in North Korea. The process of outlining South Korea’s policy toward North Korea must be considered for "national interest" with reasonable analyses not just hopes For this, South Korea must access systematically human rights of North Korea, prepare projects for a daring approach on North Korea, and strengthen South Korea’s defense ability toward North Korea with deep alliance with U.S and systematize the mutual understanding channel between U.S and South Korea. In conclusion, South Korea must try to get specific methods and practices about Bush administration’s foreign policy of North Korea with national wisdom

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.41 no.9
• /
• pp.1-7
• /
• 2004

This thesis shows embodiment of lock system design for combination of usefulness, convenient of Barcode and cellular phone. This thesis consists of Lock system design using cellular phone and product introduction, including details from formation of barcode scanner to scanner design. When this research is applied to security system a general idea of physical key disappears and it is Possible that cellular phone becomes the center of security and we can expect that cellular phone use for payment will increase due to mutual direction service. After, we should study its application to various practical field and develop high sensitive equipment.

• Journal of Internet Computing and Services
• /
• v.10 no.2
• /
• pp.41-51
• /
• 2009

Recently, there are many researches on security to remove vulnerability which is caused by wireless communication in wireless sensor networks. To guarantee secure communication, we should basically provide key management for each node, mutual authentication and key agreement protocol between two nodes. Although many protocols are presented to supply these security services, some of them require plentiful storage memory, powerful computation and communication capacity. In this paper, we propose a lightweight and efficient authentication and key agreement protocol between two sensor nodes, which is an enhanced version of Juang's scheme. In Juang's protocol, sensor node's information used to share a secret key should be transmitted to registration center via a base station. On the contrary, since node's information in our protocol is transmitted up to only base station, the proposed scheme can decrease computation and communication cost for establishing the shared key between two nodes.