• Korean Security Journal
• /
• no.16
• /
• pp.283-304
• /
• 2008

The development of IT technology help citizens demand information and public services through internet that they want, and the changes also help the government converge public opinions and become important measures for citizens to participate in deciding governmental policies. So, this thesis makes an overture of a possibility for utilizing PCRM, a way for citizens to participate in Police Administration, by utilizing IT technologies in which everybody can participate without difficulty. The utilization ways are, on a large scale, classified with a macroscopic aspect and microscopic aspect. One of the macroscopic aspects is, first, the consideration of access to services and convenience in utilization. Second, services should have a both-sidedproperty. Ultimately, citizens'participation should have a positive mutual participation level. One of the microscopic aspects is, first, that the police organizations have to establish a strategy to analyze and fractionate customers. Second, the police organizations have to make an effort to develop policy services and P.R strategies. Third, police organizations have to make an effort to manage customers. Fourth, police organizations have to execute customer management in general. So, all of the police organizations have to maintain unity, to some extent, about citizen participation plazas. In addition, at the same time, consciousness aspects have to be accompanied for the reasonable utilization of PCRM. Citizens have to cultivate citizen consciousness, ownership consciousness for society, and positive participation consciousness to solve social problems.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.1
• /
• pp.282-304
• /
• 2014

Each cloud service has numerous owners and tenants, so it is necessary to construct a privacy preserving identity management and access control mechanism for cloud computing. On one hand, cloud service providers (CSP) depend on tenant's identity information to enforce appropriate access control so that cloud resources are only accessed by the authorized tenants who are willing to pay. On the other hand, tenants wish to protect their personalized service access patterns, identity privacy information and accessing newfangled cloud services by on-demand ways within the scope of their permissions. There are many identity authentication and access control schemes to address these challenges to some degree, however, there are still some limitations. In this paper, we propose a new comprehensive approach, called Privacy pReserving Identity and Access Management scheme, referred to as PRIAM, which is able to satisfy all the desirable security requirements in cloud computing. The main contributions of the proposed PRIAM scheme are threefold. First, it leverages blind signature and hash chain to protect tenant's identity privacy and implement secure mutual authentication. Second, it employs the service-level agreements to provide flexible and on-demand access control for both tenants and cloud services. Third, it makes use of the BAN logic to formally verify the correctness of the proposed protocols. As a result, our proposed PRIAM scheme is suitable to cloud computing thanks to its simplicity, correctness, low overhead, and efficiency.

• The Korean Journal of Archival Studies
• /
• no.20
• /
• pp.3-32
• /
• 2009

When the record management faces to the information environment, the practices based on self-judgment needs more open and considerate policies. New viewpoint that treat records as information and treat information as records will produce new mutual-conscious behavior that create records based on the value of information usage and maintain information data based on the reliability as an record. As the internal aspect how to create records well, how to transfer them well, and how to archives them well used to be the focus of record management, existing legislation, guidelines, and training seem to be mainly related to this front steps. We should also address issues according to the succeeding information services, including opening to the relevant, sharing, duplicating, information security, privacy protection, and constructing collections with continual supplement. This paper observe the confusion of the viewpoints in the recent reports, explain the need of fusion viewpoint, and suggest interconnecting feedback cycle between record management system and general information system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.99-109
• /
• 2007

Lee et al. recently proposed an RFID mutual authentication scheme based on synchronized secret information. However, we found that their protocol is vulnerable to a spoofing attack in which an adversary can impersonate a legal tag to the reader by sending a malicious random number. To remedy this vulnerability, we propose two RFID authentication protocols which are secure against all possible threats including backward and forward traceability. Furthermore, one of the two proposed protocols requires only three hash operations(but, $[m/2]{\cdot}2+3$ operations in resynchronization state, m is the number of tags) in the database to authenticate a tag, hence it is well suitable fur large scale RFID systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.103-113
• /
• 2008

Reducing handoff latency is essential in providing seamless multimedia service in Wireless LAN based on the IEEE 802.11 standard. Reducing authentication delay is critical in reducing handoff latency. To this end, several authentication protocols for fBst handoff have been proposed. Mishra et al. used proactive key distribution to improve the authentication delay incurred in the current standard and Park et al. proposed a new authentication protocol based on Blom's key pre-distribution scheme. In this paper, we propose an enhanced authentication protocol based on Bresson et al.'s group key protocol. If a mobile node has previously access the network, our proposed protocol only requires simple hash operations in providing mutual authentication between a mobile node and access points. Our protocol is more efficient than Park et al.'s and Mishra et al.'s technique can be used in our protocol to further enhance our protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.67-75
• /
• 2003

The development of mobile phone is growing fast in the all over the world. Besides the basic voice communication, many multimedia services and global roaming service are capable in the 3rd generation mobile telecommunication. Because mobile phone has been the essential tool to communicate, the protection of privacy and the safe transmission are critical ones. In synchronous, asynchronous mode IMT2000 service, the mechanism of mutual authentication and generation of cipher key and integrity key are implemented in smart card chip called UIM, USIM. In this paper, we describe the authentication mechanism of 3GPP and 3CPP2 and its implementation results. Then, we specify a few problems which are not defined in standard.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.151-156
• /
• 2023

Currently, ICT is widely used in caring for the elderly living alone and preventing the disappearance of the elderly with dementia. Therefore, in this study, based on the government policy direction for the 4th industrial revolution, the use of AI technology-based care services, which are gradually increasing in community care, was sought to explore the current status and prospects for utilization and activation.AI speakers and caring robots, services that can be used for community care, help solve various problems experienced by the elderly, and are also used to relieve lack of conversation or loneliness by adding emotional functions. In order to activate community care using AI technology in the future: First, there is a need for continuous education to familiarize the elderly with AI devices and 'user experience (UX) design' for the elderly. Second, it is necessary to use human-centered technology that has a complementary relationship and enables emotional mutual relationships rather than using function-oriented technology. Third, it is necessary to solve ethical problems such as guaranteeing the user's right to self-determination and protecting privacy.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.43-52
• /
• 2023

Many businesses and organizations use smartcard-based user authentication for remote access. In the meantime, through various studies, dynamic ID-based remote user authentication protocols for distributed multi-server environments have been proposed to protect the connection between users and servers. Among them, Qiu et al. proposed an efficient smart card-based remote user authentication system that provides mutual authentication and key agreement, user anonymity, and resistance to various types of attacks. Later, Andola et al. found various vulnerabilities in the authentication scheme proposed by Qiu et al., and overcame the flaws in their authentication scheme, and whenever the user wants to log in to the server, the user ID is dynamically changed before logging in. An improved authentication protocol is proposed. In this paper, by analyzing the operation process and vulnerabilities of the protocol proposed by Andola et al., it was revealed that the protocol proposed by Andola et al. was vulnerable to offline smart card attack, dos attack, lack of perfect forward secrecy, and session key attack.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.5
• /
• pp.394-400
• /
• 2013

WoT (Web of Things) was proposed to realize intelligent thing to thing communications using WEB standard technology. It is difficult to adapt security protocols suited for existing Internet communications into WoT directly because WoT includes LLN(Low-power, Lossy Network) and resource constrained sensor devices. Recently, IETF standard group propose to use DTLS protocol for supporting security services in WoT environments. However, DTLS protocol is not an efficient solution for supporting end to end security in WoT since it introduces complex handshaking procedures and high communication overheads. We, therefore, divide WoT environment into two areas- one is DTLS enabled area and the other is an area using lightweight security scheme in order to improve them. Then we propose a mutual authentication scheme and a session key distribution scheme for the second area. The proposed system utilizes a smart device as a mobile gateway and WoT proxy. In the proposed authentication scheme, we modify the ISO 9798 standard to reduce both communication overhead and computing time of cryptographic primitives. In addition, our scheme is able to defend against replay attacks, spoofing attacks, select plaintext/ciphertext attacks, and DoS attacks, etc.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.789-801
• /
• 2018

Currently widely used IP cameras provide the ability to control IP cameras remotely via mobile devices. To do so, the IP camera software is installed on the website specified by the camera manufacturer, and authentication is performed through the password between the IP camera and the mobile device. However, many products currently used do not provide a secure channel between the IP camera and the mobile device, so that all IDs and passwords transmitted between the two parties are exposed. To solve these problems, we propose an authentication and key exchange protocol using ID-based signature scheme. The proposed protocol is characterized in that (1) mutual authentication is performed using ID and password built in IP camera together with ID-based signature, (2) ID and password capable of specifying IP camera are not exposed, (3) provide forward-secrecy using Diffie-Hellman key exchange, and (4) provide security against external attacks as well as an honest-but-curious manufacturer with the master secret key of the ID-based signature.