Jong-Wook Han

Optical image encryption based on XOR operations

We propose a new optical image encryption technique based on exclusive-OR (XOR) operations for a security system that controls the entrance of authorized persons. The basic idea is that we convert a gray-level image to eight bit planes for image encryption. We use the XOR operation that is commonly used such as the well-known encryption method. The input image is encrypted by performing optical xOr operations with the key bit stream that are generated by digital encryption algorithms. The gray level input image is converted to eight bit planes, which are represented on a liquid crystal device (LCD). The key data represented on different LCDs is reproduced to eight bit planes by a lenslet array. The optical XOR operations between the key data and the bit planes are performed by the polarization encoding method. The results of XOR operations, which are detected by a CCD camera, are converted to an encrypted gray-level image and the image is used as an input to the binary phase extraction joint transform correlator (BPEJTC) for comparison with reference images. We present some simulation results that verify the proposed method.

Hybrid security protocol for wireless body area networks

Wireless body area networks (WBANs) are receiving a significant interest as an emerging technology in next generation wireless networks. Security challenges as well as this interest are also beginning to rise to the surface. We derived specific security requirements from WBANs, and proposed a new hybrid security protocol for WBANs which satisfies these requirements. This proposed protocol dealt with the overall security including up to the in- on-, and out-body, and utilized two heterogeneous cryptosystems (the symmetric and asymmetric) for diverse environments of WBANs. Our protocol shows that it satisfies more security requirements than existing security protocols including the overall coverage of WBANs. Copyright

Two Layered PKI Model for Device Authentication in Multi-Domain Home Networks

With the growing number of home network deployment, the security issues in home networks have been focused on as one of the challenging problems. We present a multi-domain device registration and authentication model that uses two-layered PKI approach in order to make the communication efficient and user intervention minimized. The two layers of our model are Global PKI layer and Localized PKI layer. Global PKI layer use conventional PKI model. There are only one global root CA and certificate verification is performed by validating the certificate-chain linked to the root CA. Otherwise, in Localized PKI layer, each home gateway take a role of root CA which is responsible for issuing device certificates to the devices belong to its domain. We use Global PKI layer for device registration and authentication of inter-home-network, but use Localized PKI layer to authenticate each end-device. Based on this separating, our model provides secure, efficient and user friendly multi-domain device authentication protocols

Optical key bit stream generator

A new optical stream cipher system based on a threshold generator used as a random key bit stream generator is presented. To implement the threshold generator optically, we use conventional twisted nematic type spatial light modulators (SLMs). This proposed system is based on the shadow casting technique for the AND operation between taps and register stages. It is also based on the proposed polarization multiplication by rotation and shift (PMRS) method for modulo-2 addition. The proposed PMRS method uses the property of light polarization on a liquid crystal device (LCD) and can be implemented optically using one LCD and some mirrors. One of the major advantages of the proposed system is that the programmable tapping points can be realized easily by updating the pixel value represented on LCD. We present some simula- tion results that verify this proposed method.

The Efficient Security Architecture for Authentication and Authorization in the Home Network

Most people say that home network will become one of the most important things in the future industries and create high profit. Home network will grow to the direction that improves human life more conveniently. In the near future, the intelligent home environment where diverse home services are provided, there are various devices connected to the network and people can roam between homes will emerge in the human life. However, due to such a complexity of the home network, it will become more difficult for us to find an appropriate security mechanism for home network. In this paper, we present the efficient authentication and authorization architecture for smart home network. To achieve our goal, we consider the various characteristics of home network such as performance of home appliances, roaming between homes, privacy, etc.

User authentication mechanism using authentication server in home network

User authentication is an essential component for secured home network service. It enables non-authorized persons not to use the home network. User authentication mechanisms supplying various authentication methods can provide user convenience in user authentication. To add to this, the use of the home gateway included in the authentication server function enable users to be authenticated in the home gateway, the users can use all authorized home network service and Internet contents services. It is possible by the authentication agent of the home gateway. This paper describes user authentication mechanism using authentication server

On the Challenges of Applying Selective Encryption on Region-of-Interest in H.264 Video Coding

Selective encryption of video data is not a new idea and various techniques proposed in previous literatures can effectively protect sensitive data from unauthorized access. After the initial appearance of selective encryption, some principles have become well known and widely adopted. One of the principles is the standard format compliance, which means that unauthorized users can decode and process the encrypted video without knowing the content. In the context of ROI encryption, this allows unauthorized users to decode and view the video except for the encrypted region containing sensitive information. However, there are some challenges for providing format compliance in H.264 video coding when applying encryption on certain regions and it is very important to address this issue in some applications such as privacy masking in video surveillance system. In this work, we describe the challenges and introduce some approaches to address these. Due to the bulky size, applying standard ciphers to multimedia data tends to be inefficient for real-time processing scenarios. Therefore, selective encryption initially appeared as means to relieve computational cost and some principles for designing selective encryption scheme have become widely adopted. Those principles include security, time efficiency, format compliance, compression performance and error robustness. The format compliance means that the encryption process does not change the encoded bitstreams data format in order to support such direct operations as browsing, playing, cutting, copying and so on. In the past decade, several selective encryption algorithms supporting format compliance have been reported, most of which are based on MPEG and H.264 video codec. In the context of ROI encryption, format compliant encryption algorithm allows unauthorized users to decode and view the video except for the encrypted region containing sensitive information. In the application of video surveillance system, the problem of privacy invasion can be addressed by encrypting only a privacy sensitive region and, if the encryption algorithm guarantees format compliance, a person with a lower level of security clearance can only get the non- sensitive information, and all the privacy information can be entirely unperceivable to him/her. Although ROI encryption supporting format compliance is simply the application of established selective encryption algorithm on a given region, ROI encryption in currently prevailing video codec, such as H.264 and MPEG4, has a number of unique challenges. The challenges are all about confining the degradation of visual quality to the specified region and keeping the other parts intact. However, most of the consisting elements in the encoded video do have little meaning in itself and can reconstruct a valid data only when combined with other elements. When a consisting element outside a ROI is dependent upon the element inside a ROI and the related element is encrypted, the reconstructed value outside a ROI can be unexpected one and can introduce artifacts in decoded video. As every video codec specifies different encoding algorithm, the challenges are dependent on the employed codec. In case of MPEG4, two challenges are identified and the solutions are described in (1). Coding schemes for independent ROI encryption in scalable video coding are presented in (2).

Considerations on security model of home network

As various mobile sensing technologies, remote control and ubiquitous infrastructure are developing and expectations on quality of life are increasing, a lot of researches and developments on home network technologies and services are actively on going. Until now, we have focused on how to provide users with high-level home network services, while not many researches on home network security for guaranteeing safety are progressing. So, in this paper, we propose an access control model specific to home network that provides various kinds of users with home network services up to ones characteristics and features, and protects home network systems from illegal/unnecessary accesses or intrusions

Intelligent Pervasive Network Authentication: S/Key Based Device Authentication

The intelligent pervasive network environment is thing which invisible computer that is not shown linked mutually through network so that user may use computer always is been pervasive. As a number of pervasive network services are available and smart environment is expanding into ubiquitous computing environment, we need to protect intelligent pervasive environment system from illegal accesses and a variety of threats. Intelligent pervasive environment is exposed to various cyber attacks of Internet, involves hacking, malicious codes, worms, viruses, DoS attacks, and eavesdropping since it is connected to Internet. So in this paper, we propose authentication in a intelligent pervasive environment security for guaranteeing reliability and availability including authentication, authorization system. We proposed S/Key based authentication, scheme for secure remote access in intelligent pervasive environments. Furthermore, we describes smart environment authentication which is the basic and essential element in the pervasive network security. And our device authentication concept can offer pervasive network service users convenience and security.

Home Device Authentication Method Based on PKI

As home network service is popularized, the kind of smart device is rising up and home appliances are becoming intelligent. Device authentication process is necessary that we safely use these devices and construct secure home network environment. In this paper, we proposed home device authentication framework and home device certificate profile. And also we describe home device registration process and home device certificate issuing process. Our home device certificate profile is based on the internet X.509 version 3 certificate. And our device authentication framework adheres to basic concept of general PKI.