• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.2
• /
• pp.343-350
• /
• 2010

In the existing design of web server architecture, data encryption technique is used to keep the reliability, stability, and safety of web service. But the use of data encryption technique wastes the work of cpu while decreasing throughput of web server and increasing average response time so that it shows negative effect on the capacity of web application server. Also, the latest web applications require security and safety for the safe internet communication. Therefore, this paper suggests the improved web server which uses thread pool and Non-blocking I/O adding new web service modules to the existing web server for the safe web service, provides reliability and safety to show the safe web service capacity. And we compare and evaluate the safety and capacity through experiment on the existing traditional Tomcat based web server and the proposed system to evaluate the safety and capacity of the proposed web server system.

• Journal of KIISE:Computer Systems and Theory
• /
• v.32 no.3
• /
• pp.115-124
• /
• 2005

When the application code is downloaded into the mobile device, it is important to provide authentication. Usually, mobile code execution is overlapped with downloading to reduce transfer delay. To the best of our knowledge, there has not been any algorithm to authenticate the mobile code in this environment. In this paper, we present two efficient code authentication schemes that permit overlapping of execution and downloading under the two cases: the first is when the order of transmission of code chunks is determined before the transmission and the second is when this order is determined during the transmission. The proposed methods are based on hash chaining and authentication trees, respectively. Especially, the latter scheme utilizes previously received authentication informations to verify the currently received chunk, which reduces both communication overhead and verification delay. When the application code consists of n chunks, communication overheads of the both schemes are 0(n) and verification delays of these two schemes are O(1) and O(log n), respectively.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.12
• /
• pp.2891-2898
• /
• 2013

CCSDS Standard is widely used in international space telecommunication area. In this standard, Encryption is realized using a unique hierarchical encryption protocol and satisfied security requirements of communication channels. For synchronization, encryption sync is attached in the beginning of encrypted data. But exceptional case(timing jittering, abnormal system shutdown, etc.) is occurred, receiving equipment cannot decrypt received data. In this paper, we propose a SES Alarmed link encryption synchronization method for sending warning signal to the transmitter when some problems have been occurred during the transmission and we also suggest optimum conditions for SES Alarm signal through performance analysis.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.4
• /
• pp.1911-1918
• /
• 2011

Internet banking, electronic financial services and internet telephony service can be available on smart phone recently. In this case, more robust authentication mechanisms should be provided for enhancing security on it. In this study, a facial biometric ID based one-time password generation mechanism is designed and implemented for enhancing user authentication on smart phone. After capturing a facial biometric data using camera module on smart phone, it is sent to server to generate one-time biometric ID. Finally one-time password will be generated by client module after receiving the one time biometric ID based challenge token from the server. Using proposed biometric ID based one-time password mechanism, it is possible for us to provide more secure user authentication service on smart phone for SIP protocol.

• Journal of KIISE:Computing Practices and Letters
• /
• v.11 no.2
• /
• pp.165-179
• /
• 2005

Close collaboration among businesses is required in B2B EC environment. Furthermore, emergency requests or critical information among businesses should be processed in an immediate mode. Most current systems, however, due to firewalls for the systems' security and autonomy, can not handle these requirements appropriately, but handle them in an ad hoc manner In this paper a method of timely collaboration among businesses and an active functionality component to support it in B2B EC environment are proposed. Since the active functionality component supports high level ECA rule patterns and event-based immediate processing, system administrators and programmers can easily program and maintain the timely collaboration independently to the application logic. The proposed active functionality component uses HTTP protocol to be applied through firewalls and is designed using a commercial DBMS for practical purpose.

• Safety and Health at Work
• /
• v.2 no.2
• /
• pp.105-121
• /
• 2011

Objectives: This paper presents the framework and protocol design for a construction industry risk management toolbox. The construction industry needs a comprehensive, systematic approach to assess and control occupational risks. These risks span several professional health and safety disciplines, emphasized by multiple international occupational research agenda projects including: falls, electrocution, noise, silica, welding fumes, and musculoskeletal disorders. Yet, the International Social Security Association says, "whereas progress has been made in safety and health, the construction industry is still a high risk sector." Methods: Small- and medium-sized enterprises (SMEs) employ about 80% of the world's construction workers. In recent years a strategy for qualitative occupational risk management, known as Control Banding (CB) has gained international attention as a simplified approach for reducing work-related risks. CB groups hazards into stratified risk 'bands', identifying commensurate controls to reduce the level of risk and promote worker health and safety. We review these qualitative solutions-based approaches and identify strengths and weaknesses toward designing a simplified CB 'toolbox' approach for use by SMEs in construction trades. Results: This toolbox design proposal includes international input on multidisciplinary approaches for performing a qualitative risk assessment determining a risk 'band' for a given project. Risk bands are used to identify the appropriate level of training to oversee construction work, leading to commensurate and appropriate control methods to perform the work safely. Conclusion: The Construction Toolbox presents a review-generated format to harness multiple solutions-based national programs and publications for controlling construction-related risks with simplified approaches across the occupational safety, health and hygiene professions.

• Journal of Korea Multimedia Society
• /
• v.7 no.5
• /
• pp.721-736
• /
• 2004

Because of increasing the notebook computer and PDA, users' requirement with respect to mobility is growing more and more. However, current IP protocol is not changed IP address and can not deliver IP packets on new location of host in case moving another network. To solve this problem, the IETF has proposed mobile IP. Today users want to be provided suitable QoS in the internet since demand of services is variety. The policy-based network management is method which can solve various problems of QoS, security, and complication of management in IP networks. This paper presents the network topology constitution, operation procedure and architecture of policy-based network management for providing internet DiffServ on mobile IP environment. In this paper we propose policy classes of policy-based DiffServ network management on mobile environment and create policy scenarios using the proposed policy description language to represent the policy classes. Finally, we implemented a policy-based DiffServ network management system on mobile IP environment.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.7
• /
• pp.1367-1372
• /
• 2007

This paper suggests One-time Password key exchange authentication technique for a strong authentication based on MANET and through identify wireless environment security vulnerabilities, analyzes current authentication techniques. The suggested authentication technique consists of 3 steps: Routing, Registration, and Running. The Routing step sets a safe route using AODV protocol. The Registration and Running step apply the One-time password S/key and the DH-EKE based on the password, for source node authentication. In setting the Session key for safe packet transmission and data encryption, the suggested authentication technique encrypts message as H(pwd) verifiers, performs key exchange and utilizes One time password for the password possession verification and the efficiency enhancement. EKE sets end to end session key using the DH-EKE in which it expounds the identifier to hash function with the modula exponent. A safe session key exchange is possible through encryption of the H(pwd) verifier. The suggested authentication technique requires exponentiation and is applicable in the wireless network environment because it transmits data at a time for key sharing, which proves it is a strong and reliable authentication technique based on the complete MANET.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.3
• /
• pp.478-484
• /
• 2008

When a mobile node moves, MIPv6 operates an authentication process for the new connection. These kinds of frequent binding update and authentication processes cause much traffic and delay the service. To solve this problem, PMIPv6 provides a network-based mobility protocol in order to lessen the load on a mobile node. However, when it is moved from a domain to a domain or in a domain, there still lies a need fDr a new address, so MIPv6's demerit still exists. In IPsec, too, a new negotiation should be made when it is moved to WAN(Wide Area Network). This causes load to the mobile node. In this paper suggests MBB(Make Before Break) system to eliminate disconnections or delays resulted from the address change or renegotiation for security. When the mobile node receives a CoA address, IPsec negotiation gets operated. Its identity is authenticated by sending the identifier used for the prior negotiation to CN(Correspondent Node) through the BID message suggested. After that, negotiation Bets simplified that disconnections can be eliminated, and in the IPsec negotiation, the load on the mobile node can be lessened as well; moreover, two addresses are used for the communication simultaneously, so the probability of packet loss can be reduced.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.2
• /
• pp.173-178
• /
• 2019

Recently, the types and amount of data generated, collected, and measured in IoT such as smart home, security, and factory are increasing. The technologies for IoT service include sensor devices to measure desired data, embedded software to control the devices such as signal processing, wireless network protocol to transmit and receive the measured data, and big data and AI-based analysis. In this paper, we focused on developing a gateway for interfacing heterogeneous sensor network protocols that are used in various IoT devices and propose a heterogeneous network interface IoT gateway. We utilized a OpenWrt-based wireless routers and used 6LoWAN stack for IP-based communication via BLE and IEEE 802.15.4 adapters. We developed a software to convert Z-Wave and LoRa packets into IP packet using our Python-based middleware. We expect the IoT gateway to be used as an effective device for collecting IoT big data.