• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.3C
• /
• pp.220-225
• /
• 2002

Mobile IP aims to support mobility within the Internet. This paper concerned with the security aspect of Mobile IP. We show that current registration protocol has a possible replay attack despite the use of authenticated registration message and replay protection. We propose a public-key based registration protocol that also distributes a session-key distribution protocol in AAA. Proposed protocol provides authentication of mobile node and session-key distribution simultaneously. It also provides non-repudiation of service request.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.2 no.2
• /
• pp.95-100
• /
• 2007

Recently ubiquitous application services are developed plentifully using RFID techniques in the field of distribution and security industries. However, except these field the applications using RFID are not mature yet. In this study, we proposed a real-time context service model of the u-conference based on the real-time contextual information acquired from conference and exposition. With collection of real-time contextual information for u-conference, the model can provide a lot of information services on the state of session attendee, doorway control, affairs, user certification, presentation progress etc. For the verification of proposed real-time context service model of u-conference, we design and implement the conference progress state service included the state of session attendee, user certification and presentation progress etc. This service provides the presentation state information included the current presenter, the paper list, the number of session attendee, the schedule and place of each session using the collecting RFID tag and the related information.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.7
• /
• pp.3487-3494
• /
• 2013

Diverse application service such as mobile payment, access control or smart poster have been provided by using smart devices with built-in Near Field Communication technology. Especially, a mobile payment system can provide convenience to its users, but it also can poses including data disclosure while transmitting. There are vulnerabilities while generating session keys used to encrypt data in transaction processes as proposed in KS X 6928, the standard for mobile payment system. Therefore, in this thesis, I analyzed weaknesses of session keys used to encrypt transaction data and proposed a more secure mobile payment system based on NFC to enhance security. The proposed system will provide security functionalities such as key freshness, mutual authentication and key confirmation.

• Journal of KIISE:Information Networking
• /
• v.29 no.1
• /
• pp.77-85
• /
• 2002

The surge in use of networks has recently increased demands for cryptography. Cryptography, however, can cause various problems because of difficulty of key management. A lot of researchers have been concentrating on the key recovery technique to eliminate the reverse effect of using these kinds of security and to promote positive aspects of using it. They have suggested many key recovery techniques up to the present. we propose a mechanism as a solution, which are employed to reduce the time needed to reconnect SG and the host in Host-to-Gateway in VPNs supporting IPsec, in case they are disconnected. This new mechanism using KRFSH stores information at each session in advance so that users can recall the session information when needed to rebuild the tunnel between SG and the host in a VPN. As a result, the mechanism built into SG will solve the problems above in host-to-gateway VPNs using IPsec.

• The Journal of Korean Association of Computer Education
• /
• v.10 no.3
• /
• pp.57-66
• /
• 2007

E-mail system is considered as a most important communication media, which can be used to transmit personal information by internet. But e-mail attack also has been increased by spoofing e-mail sender address. Therefore, this work proposes sender verification faculty for spam mail protection at sender's MTA by using security card for protection forged sender and also for authenticating legal sender. Sender's mail MT A requests security card's code number to sender. Then sender input code number and generate session key after sender verification. Session key is used to encrypt sender's signature and secure message transmission. This work can provide efficient and secure e-mail sender authentication with sender verification and message encryption.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.4
• /
• pp.47-60
• /
• 2015

In this paper, we propose a simple and useful method using a port role to visualize the network attacks. The port role defines the behavior of the port from the source and destination port number of network session. Based on the port role, the port provides the brief security features of each node as an attacker, a victim, a server, and a normal host. We have automatically classified and identified the type of node based on the port role and security features. We detected and visualized the network attacks using these features of the node by the port role. In addition, we are intended to solve the problems with existing visualization technologies which are the reflection problem caused an undirected network session and the problem caused decreasing of distinct appearance when occurs a large amount of the sessions. The proposed method monitors anomalies occurring in an entire network and displays detailed information of the attacker, victim, server, and hosts. In addition, by providing a categorized analysis of network attacks, this method can more precisely detect and distinguish them from normal sessions.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.6
• /
• pp.1022-1025
• /
• 2008

Session Initiation Protocol (SIP) has become the call control protocol of choice for Voice over IP (VoIP) networks because of its open and extensible nature. However, the integrity of call signaling between sites is of utmost importance, and SIP is vulnerable to attackers when left unprotected. Currently a herby-hop security model is prevalent, wherein intermediaries forward a request towards the destination user agent sewer (UAS) without a user agent client (UAC) knowing whether or not the intermediary behaved in a trusted manner. This paper presents an integrated security model for SIP-based VoIP network by combining hop-by-hop security and end-to-end security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.2
• /
• pp.107-114
• /
• 2003

In this paper, we propose an efficient mutual authentication and key distribution protocol for cdma2000 packet data service which uses Mobile U access method with DIAMETER AAA(Authentication, Authorization and Accounting) infrastructure. The proposed scheme provides an efficient mutual authentication between MN(Mobile Node) and AAAH(home AAA server), and a secure session-key distribution among Mobile If entities. The proposed protocol improves the efficiency of DIAMETER AAA and satisfies the security requirements for authentication and key distribution protocol. Also, the key distributed by the proposed scheme can be used to generate keys for packet data security over 1xEV-DO wireless interface, in order to avoid a session hijacking attack for 1xEV-DO packet data service.

• The KIPS Transactions:PartC
• /
• v.14C no.1 s.111
• /
• pp.55-64
• /
• 2007

Behind the popularity of VoIP in these days, it may present significant security challenges in privacy and accounting. Authentication and message encryption are considered to be essential mechanisms in VoIP to be comparable to PSTN. SIP is responsible for setting up a secure call in VoIP. SIP employs TLS, DTLS or IPSec combined with TCP, UDP or SCTP as a security protocol in VoIP. These security mechanisms may introduce additional overheads into the SIP performance. However, this overhead has not been understood in detail by the community. In this paper we present the effect of the security protocol on the performance of SIP by comparing the call setup delays among security protocols. We implement a simulation of the various combinations of three security protocols and three transport layer protocols suggested for SIP. UDP with any combination of security protocols performs a lot better than the combination of TCP. TLS over SCTP may impose higher impact on the performance in average because TLS might have to open secure channels as the same number of streams in SCTP. The reasons for differences in the SIP performances are given.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.825-830
• /
• 2013

CA Arcot corporation in U.S.A has secure on-line financial trade solution and patent that verify whether transaction had change using virtual session. But, VPS(Virtual Private Session) has another vulnerability by way to construct CAPTCHA. We can't fully trust safety of VPS, Cause it could be attacked by using color information of CAPTCHA. In this paper, We suggest the method of attack VPS, and also point out the vulnerability of VPS though simulation.