• The Journal of Korean Association of Computer Education
• /
• v.14 no.1
• /
• pp.175-185
• /
• 2011

Recently RFID systems have been introduced in place of barcode systems to industries such as logistics, distribution, and manufacturing. Due to security vulnerabilities in wireless communication between the reader and tags, however, the authentication protocols for the communication have also been researched extensively. In order to solve the vulnerability of previously proposed protocols, this paper thus proposes an authentication protocol that satisfies the security requirements in the RFID system and minimizes the quantity of computation such as random number generation, transmitting the micro-time of databases. In addition, it is expected that the proposed cross authentication protocol is safe against replay attack, spoofing attack, traffic analysis, and eavesdropping attack when it is applied to the RFID system. Also, it has advantages such as providing a high level of security at a lower manufacturing cost.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.2
• /
• pp.183-191
• /
• 2011

Recently Wang-Li proposed the remote user authentication scheme using smart cards. But the proposed scheme has not been satisfied security requirements considering in the user authentication scheme using the password based smart card. In this paper, we described the Wang-Li and Yoon et al.'s authentication scheme simply, and we prove that the Wang-Li's scheme is vulnerable to a password guessing attack and impersonation attack in case that the attacker steals the user's smart card and extracts the information in the smart card. Accordingly, we propose the improved user authentication scheme based on the hash function and generalized ElGamal signature scheme that can withstand many possible attacks including a password guessing attack, impersonation attack and replay attack, and that can offer the function of forward secrecy. The result of comparative analysis, the our proposed scheme is much more secure and efficient than the Wang-Li and Yoon et al.'s scheme.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.4
• /
• pp.101-110
• /
• 2011

A smart grid networks delivers electricity from suppliers to consumers using digital technology with two-way communications to control appliances at consumers' homes to save energy, reduce cost and increase reliability and transparency. Security is critically important for smart grid networks that are usually used for the electric power network and IT environments that are opened to attacks, such as, eavesdroping, replay attacks of abnormal messages, forgery of the messages to name a few. ZigBee has emerged as a strong contender for smart grid networks. ZigBee is used for low data rate and low power wireless network applications. To deploy smart grid networks, the collected information requires protection from an adversary over the network in many cases. The security mechanism should be provided for collecting the information over the network. However, the ZigBee protocol has some security weaknesses. In this paper, these weaknesses are discussed and a method to improve security aspect of the ZigBee protocol is presented along with a comparison of the message complexity of the proposed security protocol with that of the current ZigBee protocol.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.5
• /
• pp.131-137
• /
• 2011

Recently Lin et al. proposed a simple remote user authentication scheme using smart cards. But the proposed scheme has not satisfied security requirements which should be considered in the user authentication scheme using the password based smart card. In this paper, we show that Lin et al.'s scheme is insecure against off-line password guessing attack. In their scheme, any legal user's password may be derived from the password guessing when his/her smart card is stolen and the secret information is leaked from the smart card by an attacker. Accordingly, we demonstrate the vulnerability of their scheme and present an enhancement to resolve such security weakness. Our proposed scheme can withstand various possible attacks including password guessing attack. Furthermore, this improved scheme can provide mutual authentication to improve the security robustness. Performance evaluation shows that the proposed scheme is relatively more effective than Lin et al.'s scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.831-847
• /
• 2013

The various types of data are being created in large quantities resulting from the spread of social media and the mobile popularization. Many companies want to obtain valuable business information through the analysis of these large data. As a result, it is a trend to integrate the big data technologies into the company work. Especially, Hadoop is regarded as the most representative big data technology due to its terabytes of storage capacity, inexpensive construction cost, and fast data processing speed. However, the authentication token system of Hadoop Distributed File System(HDFS) for the user authentication is currently vulnerable to the replay attack and the datanode hacking attack. This can cause that the company secrets or the personal information of customers on HDFS are exposed. In this paper, we analyze the possible security threats to HDFS when tokens or datanodes are exposed to the attackers. Finally, we propose the secure authentication protocol in HDFS based on hash chain.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.803-813
• /
• 2013

As the developments of smart devices and social network services, the amount of data has been exploding. The world is facing Big data era. For these reasons, the Big data processing technology which is a new technology that can handle such data has attracted much attention. One of the most representative technologies is Hadoop. Hadoop Distributed File System(HDFS) designed to run on commercial Linux server is an open source framework and can store many terabytes of data. The initial version of Hadoop did not consider security because it only focused on efficient Big data processing. As the number of users rapidly increases, a lot of sensitive data including personal information were stored on HDFS. So Hadoop announced a new version that introduces Kerberos and token system in 2009. However, this system is vulnerable to the replay attack, impersonation attack and other attacks. In this paper, we analyze these vulnerabilities of HDFS security and propose a new protocol which complements these vulnerabilities and maintains the performance of Hadoop.

• The Journal of the Korea Contents Association
• /
• v.2 no.4
• /
• pp.1-8
• /
• 2002

In this paper, we propose a novel branch method which improve learning effects of the digital contents using a user-friendly access method by taking any conceptual object as the unit of interface. The conceptual objects may exist as a part of one or more contents pages, and we can access them to repeat, replay or return to the original branch point, that elevates the interactions of the digital contents. This method is useful for all kinds of digital contents, but it is especially effective to make educational contents in the field of science, engineering, and language courses because they contain various conceptual elements such as blocks of modeling, mathematical equations, and memorizing units. In addition, if we realize the blanch method proposed in this paper with the conventional page-branch or title-branch methods in the same contents, user interaction will be maximized and learning effects of the contents maybe beautifully improved.

• Journal of Korea Multimedia Society
• /
• v.9 no.10
• /
• pp.1322-1331
• /
• 2006

Concurrency control is one of the important factors to maintain consistent conditions of a game because most participants of the game should be shared information to play the game through a distributed network system. replay delay times should establish in every event and the received event should be saved and performed simultaneously for Concurrency Control. However, it is not easy to practice the event with same speed in environment having various moving speed. Therefore, expansion have to be provided. In other words, one of the most important factors of a game's efficiency is the process of bandwidth and delay. the process of concurrency control method based on scalable prediction for Multi-platform games would minimize the loss rate of a event and then would improve the interaction capacity of a game. It also might get reliability between clients. This paper analyzes some problems in terms of a layout of a game that integrates a cable and a wireless system. In addition, this paper provides methods to expand bandwidth and delay that might be an obstacle of a On-line game and to ensure reliability between a server and a client.

• Journal of Korea Multimedia Society
• /
• v.10 no.3
• /
• pp.381-390
• /
• 2007

3D object contents are used for various applications in the Web virtual space, where the main concerns are to navigate the 3D virtual space and visualize 3D objects. The techniques to manipulate 3D objects like disassembling and assembling and to record the manipulation process are the very first step. Until now, we can record only the result of 3D object manipulation. Thus, we have tried to study the representation technique to record meaningfully and replay the manipulation process of 3D structured objects. We analyzed the structures and their relations between components to construct 3D objects that are described in XML or VRML. Compared to the previous method, we studied a XML based annotation technique to record and store selectively by user. This technique makes 3D structured objects be used in the various applications by the selective recording and also selective replaying.

• Journal of Korea Multimedia Society
• /
• v.9 no.2
• /
• pp.189-196
• /
• 2006

This paper proposes a priority based AOI management model as a method to effectively process message traffic for collaboration in virtual environments. Where message traffic reaches the maximum capacity of the message replay server in DVE, some of the events might be delayed to be updated at the remote clients. Because existing AOI models depend only on the occurrence time of events, they have a problem that more important events in the context might be processed later than less serious ones. Close Interactions with other participants are relatively more important than simple events which happen at a distance from the participant. This study classifies the priorities of events according to the degree of interest, and proposes a method to reduce processing delay time of events highly interested by a user. The proposed model offers a way to effectively utilize limited capacity of a server using a priority queue mechanism, which is able to handle different kinds of events. To prevent from starvation of simple events and to give fairness to the proposed algorithm, event occurrence time is also considered as well as degree of interest when processing events.