• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.5B
• /
• pp.385-394
• /
• 2012

The tactical mobile communication network, which comprises a part of the next-generation Tactical Information and Communication Network (TICN), provides means of communication and control for Tactical Multi-Functional Terminals (TMFT) belonging to a Mobile Subscriber Access Point (MSAP). The next-generation of MSAP is capable of constructing a backbone network via LCTR and HCTR directional antennas. At the same time, WMN modules are used to create and manage a wireless mesh backbone. When directional antennas are used in mobile environments, seamless services cannot be efficiently supported as the movement of the node prevents the angle of the antenna to constantly match. Therefore, data communication through the wireless mesh networks is required to provide direct communication between mobile MSAPs. Accordingly, mutual authentication and data encryption mechanisms are required to provide reliable data transmission in this environment. To provide efficient mutual authentication between MSAP devices, the process of verifying a certificate of the other MSAP device through its own authentication server is required. This paper proposes mutual authentication mechanisms where the MSAP requiring authentication and the MSAP that permits it initiates low-cost and efficient authentication in a distributed way. More specifically, we propose a method of applying EAP-ELS (Extensible Authentication Protocol-Transport Layer Security) in the next-generation TICN.

• Journal of the Korea Society for Simulation
• /
• v.16 no.1
• /
• pp.11-19
• /
• 2007

Under ubiquitous environment, applications can gather and utilize various sensing information. There are many issues such as energy management, protocol standardization, independency on sensor fields, and security to be resolved for the complete ubiquitous computing. Especially, the independent information access in the sensor field is one of the most important issues to maximize the usability of sensors in various sensor fields. However, existing frameworks are not suitable for the ubiquitous computing environment because of data heterogeneity between data elements in sensor fields. Existing applications are dependent to sensor fields and sensors in the existing ubiquitous computing on environment is dependent to the application in the sensor field. In other word, an application can utilize just information from a specific sensor field. To overcome this restriction, many issues from a hardware or software view must be resolved. In this paper, we provide the design and implementation of the Metadata Registry-based framework (UbiMDR) of the Ubiquitous environment. This framework can provides the semantic interoperability among ubiquitous applications or various sensor fields. In addition, we describe comparison evaluation between conventional Ubiquitous computing framework and UbiMDR framework with data accuracy of interoperability.

• Journal of KIISE:Computer Systems and Theory
• /
• v.31 no.8
• /
• pp.465-472
• /
• 2004

Proxy signatures is a signature scheme that an original signer delegates one's signature capability to a proxy signer, and then the proxy signer creates a signature on behalf of the original signer. Delegation of authority is a common practice in the real world, in particular, it happens naturally in hierarchical groups such as company, bank and army, etc. In this paper, we propose a new dynamic multi-proxy signature scheme allowing repetitive delegations in a hierarchical group. We adopt multi-proxy signatures to enhance the security of proxy signature. In multi-proxy signatures, plural proxy signers can generate a valid proxy signature collectively on behalf of one original signer. In our scheme, the proxy group is not fixed but constructed dynamically according to some situations. Delegations are processed from higher level to lower level in the hierarchy using delegation tickets. When the original signer wants to delegate one's signature authority, the original signer generates a delegation ticket based on secret sharing and Diffie-Hellman problems. The delegation ticket is shared among proxy signers and then all the proxy signers can generate a valid proxy signature collectively by reconstructing the original signer's delegation ticket. If a certain proxy signer can not attend the proxy signature generating protocol, the proxy signer can also delegate repetitively his partial signature authority to the lower level participants, and then the proxies are constructed dynamically.

• 한국정보통신설비학회:학술대회논문집
• /
• 2008.08a
• /
• pp.211-217
• /
• 2008

Recently, there are many efforts to support seamless mobility in 802.11 WLANs using IP Layer mobility protocols. The IP layer mobility protocols are the most efficient mechanism to guarantee the service session continuity when IP subnet is changed during handover. Even if the IP layer mobility protocols are quite efficient, the feature of the protocols that had been designed to consider only L3 layer makes it difficult to improve the performance of hand over more and more. Nowadays, to overcome this limitation of IP mobility protocols, many researchers have worked on the mobility protocols integration of different layers (e.g., L2 layer). In this paper, we propose the enhanced Proxy MIPv4 to minimize the latency of handover using MIH protocol in 802.11 WLANs. The proposed mechanism minimizes the latency of authentication by exchanging security keys between Access Routers during handover. Moreover, it also minimizes packet losses by Inter-AP Tunneling and data forwarding.

• Journal of KIISE:Computer Systems and Theory
• /
• v.30 no.7_8
• /
• pp.408-416
• /
• 2003

An electronic cash system has to provide the security, to prevent the double spending and to support the divisibility of electronic cash for the easy of use. Divisible electronic cash system allows an electronic cash to be divided into subdivisions. Each subdivision is worth any desired value, but all values must add up to the original cash value. Divisible scheme brings some advantages. It reduces to make the change and also there is no necessity that a customer must withdraw a cash of the desired value whenever transactions occur. In this paper, we present an electronic cash protocol which provides the divisibility based on the double hash chain technique. Electronic cash is constructed in the form of coins. Coins, generated by the double hush chain, have different denominations. The divisibility based on the double hash chain technique. Electronic cash is constructed in the form of coins. Coins, generated by the double hash chain, have different denominations. The divisibility of an electronic cash is satisfied by the payment certificate, which is a pair of bank´s proxy signature received from the bank. When a customer pays the coin of subdivision, the fairness of that coin is certified by a customer´s signing instead of a bank. Although the proposed method does not guarantee user´s anonymity, it generates coins which cannot be forged, and the customer can use an electronic cash conveniently and efficiently with its divisibility.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.1
• /
• pp.185-191
• /
• 2015

This paper suggest the safety class communication board in order to design the safety network of the nuclear safety class controller. The reactor protection system use the digitized networks because from analog system to digital system. The communication board shall be provided to pass the required performance and test of the safety class in the digital network used in the nuclear safety class. Communication protocol is composed of physical layer(PHY), data link layer(MAC: Medium Access Control), the application layer in the OSI 7 layer only. The data link layer data package for the cyber security has changed. CRC32 were used for data quality and the using one way communication, not requests and not responses for receiving data, does not affect the nuclear safety system. It has been designed in accordance with requirements, design, verification and procedure for the approving the nuclear safety class. For hardware verification such as electromagnetic test, aging test, inspection, burn-in test, seismic test and environmental test in was performed. FPGA firmware to verify compliance with the life-cycle of IEEE 1074 was performed by the component testing and integration testing.

• Smart Media Journal
• /
• v.13 no.6
• /
• pp.9-15
• /
• 2024

In recent trends, there has been an increase in 'Qshing' attacks, a hybrid form of phishing that exploits fake QR (Quick Response) codes impersonating government agencies to steal personal and financial information. Particularly, this attack method is characterized by its stealthiness, as victims can be redirected to phishing pages or led to download malicious software simply by scanning a QR code, making it difficult for them to realize they have been targeted. In this paper, we have developed a classification technique utilizing machine learning algorithms to identify the maliciousness of URLs embedded in QR codes, and we have explored ways to integrate this with existing QR code readers. To this end, we constructed a dataset from 128,587 malicious URLs and 428,102 benign URLs, extracting 35 different features such as protocol and parameters, and used AutoML to identify the optimal algorithm and hyperparameters, achieving an accuracy of approximately 87.37%. Following this, we designed the integration of the trained classification model with existing QR code readers to implement a service capable of countering Qshing attacks. In conclusion, our findings confirm that deriving an optimized algorithm for classifying malicious URLs in QR codes and integrating it with existing QR code readers presents a viable solution to combat Qshing attacks.

• The KIPS Transactions:PartC
• /
• v.10C no.5
• /
• pp.625-634
• /
• 2003

More than a decade after its initial proposal, deployment of IP Multicast has been limited due to the problem of traffic control in multicast routing, multicast address allocation in global internet, reliable multicast transport techniques etc. Lately, according to increase of multicast application service such as internet broadcast, real time security information service etc., overlay multicast is developed as a new internet multicast technology. In this paper, we describe an overlay multicast protocol and propose fast join mechanism that considers switching of the tree. To find a potential parent, an existing search algorithm descends the tree from the root by one level at a time, and it causes long joining latency. Also, it is try to select the nearest node as a potential parent. However, it can't select the nearest node by the degree limit of the node. As a result, the generated tree has low efficiency. To reduce long joining latency and improve the efficiency of the tree, we propose searching two levels of the tree at a time. This method forwards joining request message to own children node. So, at ordinary times, there is no overhead to keep the tree. But the joining request came, the increasing number of searching messages will reduce a long joining latency. Also searching more nodes will be helpful to construct more efficient trees. In order to evaluate the performance of our fast join mechanism, we measure the metrics such as the search latency and the number of searched node and the number of switching by the number of members and degree limit. The simulation results show that the performance of our mechanism is superior to that of the existing mechanism.

• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.15 no.1
• /
• pp.38-53
• /
• 2007

In a seminal judgment of November 2002 (Case C-476/98) relating to the compatibility with Community laws of the 'nationality clause' in the 1996 amending protocol to the 1955 U.S.-German Air Services Agreement, the European Court of Justice(ECJ) decided that the provision constituted a measure of an intrinsically discriminatory nature and was thus contrary to the principle of national treatment established under Art. 52 of the EC Treaty. The Court, rejecting bluntly the German government' submissions relying on public policy grounds(Art. 56, EC Treaty), seemed content to declare and rule that the protocol provision requiring a contracting state party to ensure substantial ownership and effective control by its nationals of its designated airlines had violated the requirement of national treatment reserved for other Community Members under the salient Treaty provision. The German counterclaims against the Commission, although tantalizing not only from the perusal of the judgment but from the perspective of international air law, were nonetheless invariably correct and to the point. For such a clause has been justified to defend the 'fundamental interests of society from a serious threat' that may result from granting operating licenses or necessary technical authorizations to an airline company of a third country. Indeed, the nationality clause has been inserted in most of the liberal bilaterals to allow the parties to enforce their own national laws and regulations governing aviation safety and security. Such a clause is not targeted as a device for discriminating against the nationals of any third State. It simply acts as the minimum legal safeguards against aviation risk empowering a party to take legal control of the designated airlines. Unfortunately, the German call for the review of such a foremost objective and rationale underlying the nationality clause landed on the deaf ears of the Court which appeared quite happy not to take stock of the potential implications and consequences in its absence and of the legality under international law of the 'national treatment' requirement of Community laws. Again, while US law limits foreign shareholders to 24.9% of its airlines, the European Community limits non-EC ownership to 49%, precluding any ownership and effective control by foreign nationals of EC airlines, let alone any foreign takeover and merger. Given this, it appears inconsistent and unreasonable for the EC to demand, $vis-{\grave{a}}-vis$ a non-EC third State, national treatment for all of its Member States. The ECJ's decision was also wrongly premised on the precedence of Community laws over international law, and in particular, international air law. It simply is another form of asserting and enforcing de facto extraterritorial application of Community laws to a non-EC third country. Again, the ruling runs counter to an established rule of international law that a treaty does not, as a matter of principle, create either obligations or rights for a third State. Aside from the legal problems, the 'national treatment' may not be economically justified either, in light of the free-rider problem and resulting externalities or inefficiency. On the strength of international law and economics, therefore, airlines of Community Members other than the designated German and U.S. air carriers are neither eligible for traffic rights, nor entitled to operate between or 'free-ride' on the U.S. and German points. All in all and in all fairness, the European Court's ruling was nothing short of an outright condemnation of established rules and principles of international law and international air law. Nor is the national treatment requirement justified by the economic logic of deregulation or liberalization of aviation markets. Nor has the requirement much to do with fair competition and increased efficiency.

• Journal of Intelligence and Information Systems
• /
• v.20 no.4
• /
• pp.59-87
• /
• 2014

In MIS field, the researches on payment services are focused on adoption factors of payment service using behavior theories such as TRA(Theory of Reasoned Action), TAM(Technology Acceptance Model), and TPB (Theory of Planned Behavior). The previous researches presented various adoption factors according to types of payment service, nations, culture and so on even though adoption factors of identical payment service were presented differently by researchers. The payment service industry relatively has strong path dependency to the existing payment methods so that the research results on the identical payment service are different due to payment culture of nation. This paper aims to suggest a successful adoption factor of noble payment service regardless of nation's culture and characteristics of payment and prove it. In previous researches, common adoption factors of payment service are convenience, ease of use, security, convenience, speed etc. But real cases prove the fact that adoption factors that the previous researches present are not always critical to success to penetrate a market. For example, PayByPhone, NFC based parking payment service, successfully has penetrated to early market and grown. In contrast, Google Wallet service failed to be adopted to users despite NFC based payment method which provides convenience, security, ease of use. As shown in upper case, there remains an unexplained aspect. Therefore, the present research question emerged from the question: "What is the more essential and fundamental factor that should takes precedence over factors such as provides convenience, security, ease of use for successful penetration to market". With these cases, this paper analyzes four cases predicted on the following hypothesis and demonstrates it. "To successfully penetrate a market and sustainably grow, new payment service should find non-customer of the existing payment service and provide noble payment method so that they can use payment method". We give plausible explanations for the hypothesis using multiple case studies. Diners club, Danal, PayPal, Square were selected as a typical and successful cases in each category of payment service. The discussion on cases is primarily non-customer analysis that noble payment service targets on to find the most crucial factor in the early market, we does not attempt to consider factors for business growth. We clarified three-tier non-customer of the payment method that new payment service targets on and elaborated how new payment service satisfy them. In case of credit card, this payment service target first tier of non-customer who can't pay for because they don't have any cash temporarily but they have regular income. So credit card provides an opportunity which they can do economic activities by delaying the date of payment. In a result of wireless phone payment's case study, this service targets on second of non-customer who can't use online payment because they concern about security or have to take a complex process and learn how to use online payment method. Therefore, wireless phone payment provides very convenient payment method. Especially, it made group of young pay for a little money without a credit card. Case study result of PayPal, online payment service, shows that it targets on second tier of non-customer who reject to use online payment service because of concern about sensitive information leaks such as passwords and credit card details. Accordingly, PayPal service allows users to pay online without a provision of sensitive information. Final Square case result, Mobile POS -based payment service, also shows that it targets on second tier of non-customer who can't individually transact offline because of cash's shortness. Hence, Square provides dongle which function as POS by putting dongle in earphone terminal. As a result, four cases made non-customer their customer so that they could penetrate early market and had been extended their market share. Consequently, all cases supported the hypothesis and it is highly probable according to 'analytic generation' that case study methodology suggests. We present for judging the quality of research designs the following. Construct validity, internal validity, external validity, reliability are common to all social science methods, these have been summarized in numerous textbooks(Yin, 2014). In case study methodology, these also have served as a framework for assessing a large group of case studies (Gibbert, Ruigrok & Wicki, 2008). Construct validity is to identify correct operational measures for the concepts being studied. To satisfy construct validity, we use multiple sources of evidence such as the academic journals, magazine and articles etc. Internal validity is to seek to establish a causal relationship, whereby certain conditions are believed to lead to other conditions, as distinguished from spurious relationships. To satisfy internal validity, we do explanation building through four cases analysis. External validity is to define the domain to which a study's findings can be generalized. To satisfy this, replication logic in multiple case studies is used. Reliability is to demonstrate that the operations of a study -such as the data collection procedures- can be repeated, with the same results. To satisfy this, we use case study protocol. In Korea, the competition among stakeholders over mobile payment industry is intensifying. Not only main three Telecom Companies but also Smartphone companies and service provider like KakaoTalk announced that they would enter into mobile payment industry. Mobile payment industry is getting competitive. But it doesn't still have momentum effect notwithstanding positive presumptions that will grow very fast. Mobile payment services are categorized into various technology based payment service such as IC mobile card and Application payment service of cloud based, NFC, sound wave, BLE(Bluetooth Low Energy), Biometric recognition technology etc. Especially, mobile payment service is discontinuous innovations that users should change their behavior and noble infrastructure should be installed. These require users to learn how to use it and cause infra-installation cost to shopkeepers. Additionally, payment industry has the strong path dependency. In spite of these obstacles, mobile payment service which should provide dramatically improved value as a products and service of discontinuous innovations is focusing on convenience and security, convenience and so on. We suggest the following to success mobile payment service. First, non-customers of the existing payment service need to be identified. Second, needs of them should be taken. Then, noble payment service provides non-customer who can't pay by the previous payment method to payment method. In conclusion, mobile payment service can create new market and will result in extension of payment market.