Donghyun Choi

Advanced Key-Management Architecture for Secure SCADA Communications

Supervisory control and data-acquisition (SCADA) systems are control systems for many national infrastructures. In the past, SCADA systems were designed without security functionality because of the closed operating environment. However, the security of SCADA systems has become an issue with connection to open networks becoming more common. Any damage to the SCADA system can have a widespread negative effect to society. In this paper, we review constraints and security requirements for SCADA systems and then investigate whether the existing key-management protocols for the SCADA systems satisfy these requirements. Afterward, we propose an advanced key-management architecture fitted for secure SCADA communications. The contributions of our work are two-fold. First, our scheme supports both message broadcasting and secure communication. Second, by evenly spreading much of the total amount of computation across high power nodes (MTU or SUB-MTU), our protocol avoids any potential performance bottleneck of the system while keeping the burden on low power nodes (RTU) at minimal.

Efficient Secure Group Communications for SCADA

Modern industrial facilities have command and control systems. These industrial command and control systems are commonly called supervisory control and data acquisition (SCADA). In the past, SCADA system has the closed operating environment, so this system were designed without security functionality. These days, as a demand for connecting the SCADA system to the open network increases, the study of SCADA system security is an issue. A key-management scheme is essential for secure SCADA communications. Several key-management schemes for SCADA also have been proposed. Recently, advanced SCADA key-management architecture (ASKMA) was proposed. While previous studies do not support message broadcasting and secure communications, ASKMA supports it. Although the overall performance of ASKMA has many advantages compared to previous studies, it can be less efficient during multicast. In this paper, we propose ASKMA+ which is a more efficient scheme that decreases the computational cost for multicast communication. ASKMA+ reduces the number of keys to be stored in a remote terminal unit and provides multicast and broadcast communications.

Hybrid Key Management Architecture for Robust SCADA Systems

Recently, as a demand for connecting Supervisory Control and Data Acquisition (SCADA) systems to open networks increases, the study of SCADA system security becomes an issue. Many researchers have proposed key management schemes for SCADA systems. However, previous studies lack the proper considerations for availability. In this paper, we build up cryptographic security requirements for robust SCADA systems. In addition, we propose a hybrid key management architecture for robust SCADA systems which supports replace protocol for availability and reduces the number of keys to be stored in a master terminal unit.

Protection Profile for Connected Interoperable DRM Framework

Nowadays, interoperability of DRM is an issue in market. It can be achieved by three different approaches: full-format, configuration-driven and connected interoperability. In particular, the connected interoperability refers to devices that contact an online translation service. When the consumers want to transfer content to a different device, they access the online translation server and rely upon online services. The connected interoperability does not need defining one standard and has the ability to monitor. Therefore, the connected interoperability is used more than others in market. However, in the connected interoperability, even though two distinct DRM systems want to share the content, they cannot share the content if the online translation server does not guarantee reliability. In this paper, we propose a protection profile for connected interoperable DRM framework to solve the problem. This PP can be used to establish trust between the DRM provider and the online translation server for interoperability. If that happens, the connected interoperable DRM market will be more active than before.

Security analysis on commercial online music streaming service and countermeasures

Nowadays, the music industry is moving from analog to digital. Most of the big portal sites provide commercial online music streaming services. In this paper, we analyzed the security of the Korean commercial online music streaming services which are provided by the Koreas major portal sites(Dosirak, Cyworld, and Naver). We will show attacks on commercial online music streaming services that lead to an infringement of the copyright and we will also propose countermeasures for online commercial music streaming services.

Advanced Key Management Architecture Based on Tree Structure for Secure SCADA Communications

The SCADA(Supervisory Control And Data Acquisition) system is a control system for infrastructure of nation. In the past, the SCADA system was designed without security function because of its closed operating environment. However, the security of the SCADA system has become an issue with connection to the open network caused by improved technology. In this paper we review the constraints and security requirements for SCADA system and propose advanced key management architecture for secure SCADA communications. The contributions of the present work are that our scheme support both message broadcasting and secure communications, while the existing key management schemes for SCADA system don`t support message broadcasting. Moreover, by evenly spreading much of the total amount of computation across high power nodes (MTU or SUB-MTU), our protocol avoids any potential performance bottleneck of the system while keeping the burden on low power (RTU) nodes at minimal.