Deok-Gyu Lee

A study on secure RFID mutual authentication scheme in pervasive computing environment

RFID, a core technology that can be used to create a ubiquitous society, is a non-contact recognition system in which a small chip attached to various types of products transmits and processes information regarding the product and the surrounding environment via wireless communication. As a wireless recognition technology, RFID consumes little power, is small, and allows one to communicate in virtually any environment. It is thus expected to be very convenient. However, due to these characteristics of RFID systems, it may also pose a serious threat to privacy. A number of studies are currently being conducted to address this problem. Most of these studies use secure communication channels between a database and a reader, and insecure communication channels between a reader and a tag. However, this paper proposes a secure authentication protocol to provide information to an authorized entity by applying recognition technology in an insecure communication channel even for the communication between the database and the reader.

Protection Method for Data Communication between ADS-B Sensor and Next-Generation Air Traffic Control Systems

Communications, Navigation, Surveillance/Air Traffic Management (CNS/ATM) systems utilize digital technologies, satellite systems, and various levels of automation to facilitate seamless global air traffic management. Automatic Dependent Surveillance-Broadcast (ADS-B), the core component of CNS/ATM, broadcasts important monitoring information, such as the location, altitude, and direction of aircraft, to the ground. However, ADS-B data are transmitted in an unencrypted (or unprotected) communication channel between ADS-B sensors and Air Traffic Control (ATC). Consequently, these data are vulnerable to security threats, such as spoofing, eavesdropping, and data modification. In this paper, we propose a method that protects the ADS-B data transmitted between ADS-B sensors and ATC using Simple Public Key Infrastructure (SPKI) certificates and symmetric cryptography. The SPKI certificates are used to grant transmission authorization to the ADS-B sensors, while symmetric cryptography is used to encrypt/decrypt the ADS-B data transmitted between the ADS-B sensors and ATC. The proposed security framework comprises an ADS-B sensor authentication module, an encrypted data processing module, and an ADS-B sensor information management module. We believe that application of the proposed security framework to CNS/ATM will enable it to effectively obviate security threats, such as ground station flood denial, ground station target ghost injection, and ADS-B data modification.

Intelligent home network authentication: S/key-based home device authentication

The intelligent home network environment is thing which invisible computer that is not shown linked mutually through network so that user may use computer always is been pervasive. As home network service is popularized, the interest in home network security is going up. Many people interested in home network security usually consider user authentication and authorization. But the consideration about home device authentication almost doesnt exist. In this paper, we describes home device authentication which is the basic and essential element in the home network security. We proposed S/Key based authentication, scheme for secure remote access in smart home networks. And our device authentication concept can offer home network service users convenience and security.

The ADS-B Protection Method for Next-Generation Air Traffic Management System

ADS-B data is an important data to effectively utilize limited airspace as it contains main flight information including the location, altitude, speed, and others of plane but it is very vulnerable to hacking attack such as Ground Station Flood Denial, Ground Station Target Ghost Injection, etc. Therefore, the purpose of this study lies in proposing ground-to-ground security framework using SPKI certificate to protect ADS-B data received from the plane. In security framework proposed in this study, each ADS-B sensor connected to ATC is authenticated using SPKI certificate and creates encrypted ADS-B data using the authenticated data. Also, the verification on validity of transmission delayed ADS-B is conducted using timer information.

U-multimedia framework: a secure and intelligent multimedia service framework based on context information in U-home

In the last few years, intelligent secured multimedia services play a vital role along with ubiquitous home environment (Park et al. in Lecture Notes in Computer Science, vol.xa04097, pp.xa0660–670, [2006]; Lecture Notes in Computer Science, vol.xa04159, pp.xa0893–901, [2006]; IEICE Trans. Inf. Syst. E89-D(12):2831–2837, [2006]; Lecture Notes in Artificial Intelligence, vol.xa04252, pp.xa0777–784, [2006]; Lecture Notes in Artificial Intelligence, vol.xa03801, pp.xa0313–320, [2005]). There are certain constrains and limitations in providing effective and efficient services in U-home. The mechanism and applications are integrated to realize such services. Three different kinds of ubiquitous multimedia services are proposed in the framework. Based on the temporal and spatial context information, the surrounding situations are recognized. The contexts are collected and well analyzed with the preconditions to provide the final services. The proposed framework provides efficient services in the multimedia based deices based on the current context information.

Mobile Network Service Using Ticket Issuance in the AAA System

A ubiquitous network environment is a system where the user can avail of the networkpsilas services anytime, anywhere. This service is referred to as authentication, authorization, accounting (AAA), and its aspects have been consistently studied. On the other hand, existing studies have been promoted with the authentication and efficiency of the mobile device. In a one method is that is required the mobile device contacts to the home authentication server through the external authentication server every time. Another one is to use a medium server to provide authentication between them. Thus, this paper aims to determine the best method to use ticketing, where tickets are provided through a mobile device by completing authentication and authorization features. Also, it can efficiently provide mobile verification processing.

Intelligent home network authentication: home device authentication using device certification

The intelligent home network environment is thing which invisible computer that is not shown linked mutually through network so that user may use computer always is been pervasive. As home network service is popularized, the interest in home network security is going up. Many people interested in home network security usually consider user authentication and authorization. But the consideration about home device authentication almost doesnt exist. In this paper, we describes home device authentication which is the basic and essential element in the home network security. We propose home device authentication, registration of certificate of home device and issuing method of certificate of home device. Our profile of certificate of home device is based on the X.509v3 certificate. And our device authentication concept can offer home network service users convenience and security.

A hybrid intelligent multimedia service framework in next generation home network environment

In Next Generation Home network Environment (NGHE), multimedia service will be a key concept of advanced intelligent and secure services which are different from the existing ones. In this paper, we propose a Hybrid Intelligent Multimedia Service Framework (HIMSF) which is mixed with application technologies like intelligent home Infrastructure or multimedia protection management through the ubiquitous sensor network based technology to provide a proper multimedia service suitable for NGHE. The proposed framework provides an interoperability among heterogeneous equipments regarding home network appliances like wireless devices, electronic appliances, PC. In addition, it provides adaptive application services.

The Traceback Method about DoS Attack in Open Grid Computing Environment

DoS attack is a critical threat to Grid Web service. Recently too many technologies of the detection and prevention have developed, but it is difficult that the IDS distinguishes normal traffic from the DoS attack. Therefore, when the DoS attack is detected by IDS, the firewall just discards all over-bounded traffic for a victim of absolutely decreases the threshold of the router. Also, attacker use spoofing IP address. So we introduce DoS vulnerability of SSO and SAML in Web service. To solve DoS vulnerability in Web service, we analyze DoS in SAML and introduce agent to prevent DoS attacks.

Privacy Preservation in SAT (Single Authentication Through)

In SAT (Single Authentication Through) scheme, each smart camera is capable of identifying, tracking identified objects, and delivering associate ID information to sibling subjects. So in this paper, we suggest a privacy preservation scheme for preventing privacy infringement during propagation of sensitive information.