• Title/Summary/Keyword: secure auto-configuration

Search Result 5, Processing Time 0.018 seconds

The Study on Security Vulnerabilities in IPv6 Autoconfiguration

  • Kim, Myung-Eun;Seo, Dong-Il
    • 제어로봇시스템학회:학술대회논문집
    • /
    • 2005.06a
    • /
    • pp.1545-1549
    • /
    • 2005
  • According as computer is supplied in a lot of homes and offices and Internet use increases, various service based on the Internet. Including wireless PDA in the future, many devices such as Internet telephone, TV, refrigerator and oven will be connected on the Internet and Internet address exhaustion will be raised to serious problem gradually. Today, the IPv4 address exhaustion problem has been solved partially using NAT (Network Address Translation) however, the transition to next Generation Internet will be accelerated because of advantages such as mobility, security service, QoS, and abundant IP addresses. In IPv6, all hosts are designed to create and set their address automatically without manager's intervention using Neighbor Discovery Protocol. But, when an IPv6 host sets its address automatically, there are serious security vulnerabilities. In this paper, we analysis security vulnerabilities in auto-configuration and provide security requirements for secure auto-configuration.

  • PDF

The Modified IPv6 NDP Mechanism for Preventing IP Spoofing (IP 스푸핑 방지를 위한 수정된 IPv6 NDP 메커니즘)

  • Kim Ji-Hong;Nah Jae-Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.16 no.2
    • /
    • pp.95-103
    • /
    • 2006
  • IPv6 is a new version of the Internet protocol, designed as the successor to IPv4. Among the changes from IPv4 to IPv6, we focused on the stateless address auto-configuration mechanism. The address auto-configuration mechanism is used by nodes in an IPv6 network to learn the local topology. The current specifications suggest that IPsec AH may be used to secure the mechanism, but there is no security association during address auto-configuration process because it has no initial IP address. As there are so many suity threats, SEND protocol was designed to counter these threats. In this paper we analyzed the security problems in NDP and SEND protocol. So we proposed the Modified NDP mechanism using PKC and AC in order to solve these problems.

Compatibility for Proposed R.94 PDB Test (PDB 시험에 대한 충돌 상호 안전성)

  • Jang, Eun-Ji;Kim, Joseph;Beom, Hyen-Kyun;Kwon, Sung-Eun
    • Transactions of the Korean Society of Automotive Engineers
    • /
    • v.18 no.3
    • /
    • pp.149-155
    • /
    • 2010
  • Currently various safety tests are being performed in many countries with growing interest in vehicle safety. However the vehicles which have good safety performance in these tests could not secure the good performance in real car to car accident. So new test protocol using progressive deformable barrier (PDB) was proposed by EEVC in Europe, NHTSA in USA and some vehicle manufacturers, etc. The target of PDB test is to control partner protection in addition to self-protection on the same test. The proposal is to update current ECE R.94 frontal ODB test. So barrier, impact speed, overlap are changed to avoid bottoming-out in the test configuration. In this paper 3 different tests (R.94, EuroNCAP and PDB test) were carried out using current production vehicles with same structure. The results of these tests were compared to understand PDB test. As a result PDB test shows the highest vehicle deceleration and dummy injury because PDB offers a progressive increase in stiffness in depth and height. However vehicle intrusion was affected with rather test velocity than stiffness of deformable barrier. PDB deformation data is used for partner protection assessment using PDB software and it shows that the test vehicle is rather not aggressive.

A Design and Implementation of a Mobile Test Device Based-on Embedded System (임베디드 기반의 모바일 LCD 모듈 검사장비 설계 및 구현)

  • Kim, Hong-Kyu;Lee, Ki-Wha;Moon, Seung-Jin
    • Journal of Institute of Control, Robotics and Systems
    • /
    • v.14 no.6
    • /
    • pp.523-529
    • /
    • 2008
  • In this paper, we proposed mobile LCD module test device on embedded based, when operating the existing LCD, divide flicker clearly in full frame, and configuration so as to support between other CPU interface, MDDI, SPI, 24Bit RGB interface, etc. that is based on a high-speed CPU. In addition, when demand to test about each pixel of LCD, it is possible to change IP design of H/W, FPGA, but proposed system is application possible without other design changing. Proposed system is made smaller and equipped with battery, so secure with mobility for effective test the LCD/OLED module and it is able to test the pattern by the client program, for example exiting picture, mpeg, simple pattern test and test per pixel, scale, rotation, Odd/Even pixel per video, etc. From now on, if integrating with independent test system and it is configured that is able to mutual communication and test, it is expected to reduce consumption of human resources and improve productivity for LCD module test.

Integrated Security Management with MCGA in IPv6 Network (IPv6 네트워크 환경에서 MCGA를 고려한 통합적인 보안관리 방안)

  • Oh, Ha-Young;Chae, Ki-Joon;Bang, Hyo-Chan;Na, Jung-Chan
    • The KIPS Transactions:PartC
    • /
    • v.14C no.1 s.111
    • /
    • pp.27-38
    • /
    • 2007
  • IPv6 has appeared for solving the address exhaustion of IPv4 and for guaranteeing the problems of security and QoS. It occurs the unexpected new attacks of IPv6 as well as the existing attacks of IPv4 because of the increasing address space to 128bits and the address hierarchies for efficient network management and additions of the new messages between nodes and routers like neighbor discovery and auto address configuration for the various comfortable services. For the successful transition from IPv4 to IPv6, we should get the secure compatibility between IPv4 hosts or routers working based on secure and systematic policy and IPv6. Network manager should design security technologies for efficient management in IPv4/IPv6 co-existence network and IPv6 network and security management framework designation. In this paper, we inspected the characteristics of IPv4 and IPv6, study on security requirement for efficient security management of various attacks, protocol, service in IPv4/IPv6 co-existence and IPv6 network, and finally suggest integrated solution about security vulnerability of IPv6 network in considering of analysis of IPv6 system, host and application, IPv6 characteristics, modified CGA(MCGA).