Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
The KIPS Transactions:PartC
Journal Basic Information
Journal DOI :
Korea Information Processing Society
Editor in Chief :
Volume & Issues
Volume 9C, Issue 6 - Dec 2002
Volume 9C, Issue 5 - Oct 2002
Volume 9C, Issue 4 - Aug 2002
Volume 9C, Issue 3 - Jun 2002
Volume 9C, Issue 2 - Apr 2002
Volume 9C, Issue 1 - Feb 2002
Volume 9, Issue 6 - 00 2002
Volume 9, Issue 5 - 00 2002
Volume 9, Issue 1 - 00 2002
Selecting the target year
An Improved ZS Algorithm for High-Speed Synchronous Stream Ciphers
Lee, Hun-Jae ;
The KIPS Transactions:PartC, volume 9C, issue 3, 2002, Pages 307~312
DOI : 10.3745/KIPSTC.2002.9C.3.307
Among the various zero suppression (ZS) algorithms used in a for synchronous stream cipher system, a ZS-2 exhibits certain good properties, including the omission of the block synchronization, easy implementation, etc., yet also a weakness in channel error propagation. Accordingly, This paper proposes a new method by minimizing the bit-wide substitution in the substitution blocks of ZS-2 to improve the degenerated error property in a noisy channel. As a result, the proposed ZS-3 algorithm can decrease the mean error propagation by about 18.7% over that of ZS-2 at n=8.
A study on Kerberos Authentication and Key Exchange based on PKINIT
Sin, Gwang-Cheol ; Jeong, Il-Yong ; Jeong, Jin-Uk ;
The KIPS Transactions:PartC, volume 9C, issue 3, 2002, Pages 313~322
DOI : 10.3745/KIPSTC.2002.9C.3.313
In this paper, proposes Kerberos certification mechanism that improve certification service of PKINIT base that announce in IETF CAT Working Ggroup. Did to certificate other realm because search position of outside realm through DNS and apply X.509 directory certification system, acquire public key from DNS server by chain (CertPath) between realms by certification and Key exchange way that provide service between realms applying X.509, DS/BNS of PKINIT base. In order to provide regional services, Certification and key exchange between realms use Kerberos' symmetric method and Session connection used Directory service to connection X.509 is designed using an asymmetric method. Excluded random number (
) generation and duplex encryption progress to confirm Client. A Design of Kerberos system that have effect and simplification of certification formality that reduce Overload on communication.
Efficient Group Management Mechanism and Architecture for Secure Multicast
Eun, Sang-A ; Jo, Tae-Nam ; Chae, Gi-Jun ; Lee, Sang-Ho ; Park, Won-Ju ; Na, Jae-Hun ;
The KIPS Transactions:PartC, volume 9C, issue 3, 2002, Pages 323~330
DOI : 10.3745/KIPSTC.2002.9C.3.323
Multicast services are gradually diversified and used widely. Proportionately, they become the center of attackers' attention and there are growing possibilities of an intelligence leak. Therefore, research related to secure multicast should be required to provide multicast service efficiently. This paper presents the architecture for secure multicast which provides efficient group management mechanism in group consists using member's dynamic join and leave. This architecture can provide secure multicast services to many users with regard to security aspects in one-to-many communication. The simulation results show that the proposed architecture achieves an efficient group management and a secure data transmission with low latency compared with the other existing secure multicast architecture.
The Design of Security Protocol for An Efficient Distribution and Renewal Method of Group Key
O, Myeong-Uk ; Kim, Seong-Yeol ; Bae, Yong-Geun ; Jeong, Il-Yong ;
The KIPS Transactions:PartC, volume 9C, issue 3, 2002, Pages 331~336
DOI : 10.3745/KIPSTC.2002.9C.3.331
In this paper, we propose a new distribution and renewal scheme for a group key suitable for secure mobile communications based on identification protocol, in which all members of the group can reshare the new group common key except revoked members by using a key distribution center (a trusted center). The security of this scheme is based on the difficulty of the discrete logarithm problem. The proposed scheme can be appropriately managed in case that terminal's capability of storage and computing power is relatively small and more than one caller are revoked. It also renews a group key easily when the center changes this key intervally for security.
Intranet Security Evaluation Using Hacking Techniques
Seo, Dong-Il ; Choi, Byeong-Choel ; Sohn, Sung-Won ; Lee, Sang-Ho ;
The KIPS Transactions:PartC, volume 9C, issue 3, 2002, Pages 337~342
DOI : 10.3745/KIPSTC.2002.9C.3.337
In this paper, we proposed the ISL for evaluating the security level of Intranet. This method is composed of two parts First, Hacking Scenarios are the hacking stories by hacking/hackers levels. Second, Network Model is composed of the zone and intrusion paths. Our method is very active and practical. We divide ISL into five levels ISL1∼ISL5. Among the levels, ISL5 is the highest security level. Main purpose of this paper is to promote the security of Intranet. In this paper, we designed and analyzed the test-bed for ISL3.
An Implementation of Authentication and Encryption of Multimedia Conference using H.235 Protocol
Sim, Gyu-Bok ; Lee, Keon-Bae ; Seong, Dong-Su ;
The KIPS Transactions:PartC, volume 9C, issue 3, 2002, Pages 343~350
DOI : 10.3745/KIPSTC.2002.9C.3.343
This paper describes the implementation of H.235 protocol for authentication and media stream encryption of multimedia conference systems. H.235 protocol is recommended by ITU-T for H.323 multimedia conference security protocol to prevent from being eavesdropped and modified by an illegal attacker. The implementation in this paper has used password-based with symmetric encryption authentication. Media streams are encrypted using the Diffie-Hellman key exchange algorithm and symmetric encryption algorithms such as RC2, DES and Triple-DES. Also, 128-bit Advanced Encryption Standard and 128-bit Korean standard SEED algorithms are implemented for the future extension. The implemented authentication and media stream encryption has shown that it is possible to identify terminal users without exposing personal information on networks and to preserve security of multimedia conference. Also, encryption delay time and used memory are not increased even though supporting media stream encryption/decryption, thus the performance of multimedia conference system has not deteriorated.
Design and Implementation of the Payment System using One-time Credit Information
Sin, Jong-Cheol ; Park, Jong-Yeol ; Lee, Hyeong-Hyo ; Lee, Dong-Ik ; Yun, Seok-Hwan ;
The KIPS Transactions:PartC, volume 9C, issue 3, 2002, Pages 351~358
DOI : 10.3745/KIPSTC.2002.9C.3.351
Recently, personal business styles have been rapidly changed into e-business due to the rapid progress and deployment of Internet. As a result of the change, new and safe ways of payment such as electronic wallet, electronic money and electronic check have been developed and introduced. In this paper a secure and user-friendly payment method is addressed. One of most important reasons why newly developed safe payment methods are not widely used in e-business is lack of convenience for the users. On the other hand credit card based payment, which is traditional one, is the most prevailing due to the user-friendliness. However this payment also has some problem in sense of security. In this paper, we design and implement a secure credit card-based payment system using one-time credit information. The main features are "payment information must be new", "can use the old credit system", and "do not require client software".
Design and Implementation of A Scan Detection Management System with real time Incidence Response
Park, Su-Jin ; Park, Myeong-Chan ; Lee, Sae-Sae ; Choe, Yong-Rak ;
The KIPS Transactions:PartC, volume 9C, issue 3, 2002, Pages 359~366
DOI : 10.3745/KIPSTC.2002.9C.3.359
Nowadays, the hacking techniques are developed increasingly with wide use of internet. The recent type of scanning attack is appeared in against with multiple target systems on the large scaled domain rather than single network of an organization. The development of scan detection management system which can detect and analyze scan activities is necessary to prevent effectively those attacking at the central system. The scan detection management system is useful for effective utilization of various detection information that received from scan detection agents. Real time scan detection management system that can do the integrated analysis of high lever more that having suitable construction in environment of large scale network is developed.
A Design and Implementation of A Rule-based Security Evaluation System for W Security Engine
Gwon, Hyeok-Chan ; Hyeon, Jeong-Sik ; Kim, Sang-Chun ; Na, Jae-Hun ; Son, Seung-Won ;
The KIPS Transactions:PartC, volume 9C, issue 3, 2002, Pages 367~374
DOI : 10.3745/KIPSTC.2002.9C.3.367
IPsec offers not odd Internet security service such as Internet secure communication and authentication but also the safe key exchange and anti-replay attack mechanism. Recently IPsec is implemented on the various operating systems. But there is no existing tool that checks the servers, which provide IPsec services, work properly and provide their network security services well. In this paper, we design and implement the rule based security evaluation system for IPsec engine. This system operated on Windows and UNX platform. We developed the system using Java and C language.
An Adaptive FEC based Error Control Algorithm for VoIP
Choe, Tae-Uk ; Jeong, Gi-Dong ;
The KIPS Transactions:PartC, volume 9C, issue 3, 2002, Pages 375~384
DOI : 10.3745/KIPSTC.2002.9C.3.375
In the current Internet, the QoS of interactive applications is hardly guaranteed because of variable bandwidth, packet loss and delay. Moreover, VoIP which is becoming an important part of the information infra-structure in these days, is susceptible to network packet loss and end-to-end delay. Therefore, it needs error control mechanisms in network level or application level. The FEC-based error control mechanisms are used for interactive audio application such as VoIP. The FEC sends a main information along with redundant information to recover the lost packets and adjusts redundant information depending on network conditions to reduce the bandwidth overhead. However, because most of the error control mechanisms do not consider end-to-end delay but packet loss rate, their performances are poor. In this paper, we propose a new error control algorithm, SCCRP, considering packet loss rate as well as end-to-end delay. Through experiments, we confirm that the SCCRP has a lower packet loss rate and a lower end-to-end delay after reconstruction.
Performance Analysis of Population-Based Bandwidth Reservation Scheme with Various Request Reservation Ratios
Kwon, Se-Dong ; Han, Man-Yoo ; Park, Hyun-Min ;
The KIPS Transactions:PartC, volume 9C, issue 3, 2002, Pages 385~398
DOI : 10.3745/KIPSTC.2002.9C.3.385
To accommodate the increasing number of mobile terminals in the limited radio spectrum, wireless systems have been designed as micro/picocellular architectures for a higher capacity. This reduced coverage area of a cell has caused a higher rate of hand-off events, and the hand-off technology for efficient process becomes a necessity to provide a stable service. Population-based Bandwidth Reservation(PBR) Scheme is proposed to provide prioritized handling for hand-off calls by dynamically adjusting the amount of reserved bandwidth of a cell according to the amount of cellular traffic in its neighboring cells. We analyze the performance of the PBR scheme according to the changes of a fractional parameter, f, which is the ratio of request reservation to the total amount of bandwidth units required for hand-off calls that will occur for the next period. The vague of this parameter, f should be determined based on QoS(Quality of Service) requirement. To meet the requirement the value of Parameter(f) must be able to be adjusted dynamically according to the changing traffic conditions. The best value of f can be determined by a function of the average speed of mobile stations, average call duration, cell size, and so on. This paper considers the average call duration and the cell size according to the speed of mobile stations. Although some difference exists as per speed, in the range of 0.4
0.6, Blocking Probability, Dropping Probability and Utilization show the best values.
Performance Evaluation of Multiservice Network Switch for Dynamic Constant-and Adaptive-rate Services
Lee, Tae-Jin ;
The KIPS Transactions:PartC, volume 9C, issue 3, 2002, Pages 399~406
DOI : 10.3745/KIPSTC.2002.9C.3.399
We consider design of multiservice network link, in which connections of constant- and adaptive-rate services arrive and leave dynamically. We propose performance analysis and design methods of these dynamic multiservice networks. A multiservice network link is modeled by a Markov chain, and data rates for adaptive-rate connections are derived using QBD (Quasi-Birth-Death) processes and matrix-geometric equations. We estimate average number of adaptive-rate connections, average data rate and average connection delay. The performance of constant-rate connections is determined from the blocking probability of the connections. Based on the performance of constant-and adaptive- rate connections, we propose a design methods of a network link to satisfy performance requirements of constant- and adaptive-rate connections (data rates, delay, blocking probability). Our methods can be used for the analysis and design of network switch supporting dynamic data and voice (video) traffic simultaneously.
Integrated FR traffic policing mechanism in a FR-ATM Interworking
Nam, Yun-Seok ; Gang, Beop-Ju ;
The KIPS Transactions:PartC, volume 9C, issue 3, 2002, Pages 407~412
DOI : 10.3745/KIPSTC.2002.9C.3.407
A FR-ATM interworking function that has FR and ATM interfaces, should guarantee the QoS of both frame relay and ATM networks. The IWF requires the policing mechanisms for FR and ATM respectively, and needs to map the traffic parameters each other. In this case, traffic parameter mapping and policing function are performed independently. In the aspect of FR traffic policing, this function degrades processor performance if it is worked by software, or includes additional hardware function. The best way to solve this is to integrate this function into ATM function because ATM is performed by well defined hardware already. In this paper we propose the integrated traffic control mechanism. That is, frames are segmented to cells first, and then policing mechanism is applied to the cells to guarantee the FR QoS. Therefore proper policing algorithm is essential to the integrated FR traffic mechanism. The evaluations are done with simulations in comparison of existing FR algorithms, ATM VBR and GFR policing algorithms, and the proposed algorithm.
A Study on the Methodology for Application Traffic Management using RMON
Han, Jeong-Su ; An, Seong-Jin ; Jeong, Jin-Uk ;
The KIPS Transactions:PartC, volume 9C, issue 3, 2002, Pages 413~420
DOI : 10.3745/KIPSTC.2002.9C.3.413
With the rapid development of computer networks, how to speed up network services and to guarantee QoS (Quality-of-Service) for users has drawn much attention from computer scientists. So has the need to manage network application services in order to manage network resources more effectively and meet the users' demands. In this paper, we present methodology of determining the traffic of application services on the network, so as to manage network resources effectively and thus to make application services more user-oriented. On the basis of this methodology and by using RMON MIB we develop analysis parameters and their algorithm to manage the traffic of application services on the network, thus realizing Web-based Application Management System which allows network managers to extract and analyze the Internet application service traffic beyond the limitation of time and space.
Design and Implementation of Information Resource Management System with Hierarchical Management Architecture
Lee, Won-Hyuk ; Ahn, Seong-Jin ; Chung, Jin-Wook ;
The KIPS Transactions:PartC, volume 9C, issue 3, 2002, Pages 421~430
DOI : 10.3745/KIPSTC.2002.9C.3.421
In this paper, we propose the integrated management system for computing resource such as personal computers, the interface of router, and server equipment. IRMS defines and analyzes the performance factors for system such as pc and router, also it manages assets for server equipment. Manager can make use of data for understanding conditions whether system is normal or not. We suggest a hierarchical integrated management architecture for resolving problems of scalability and managing efficiency in large domain networks.
An Implementation of Web-Based, Scalable SNMP Network Management System
Min, Gyeong-Ju ; Gwon, Taek-Geun ;
The KIPS Transactions:PartC, volume 9C, issue 3, 2002, Pages 431~438
DOI : 10.3745/KIPSTC.2002.9C.3.431
SNMP is a simple, application layer protocol and that is sending and receiving the management information among network devices. It exchanges the management information by the PDUs that have the management information names and values. Until now, network management is so inconvenience because of console-based management by using SNMP. This paper shows the Web-based SNMP network management system that is using the designed private MIB and GUI. In this paper, we have proposed a virtual SNMP agent supporting scalability of network management. With the virtual agent, large-scale network can be managed simply by trap filtering and hierarchical management.
Cell Interference Analysis and Link Budget for Output Power of Base Station in KOREA Environment of Digital MMDS
Cho, Byung-Lok ;
The KIPS Transactions:PartC, volume 9C, issue 3, 2002, Pages 439~444
DOI : 10.3745/KIPSTC.2002.9C.3.439
In this paper, we present both the link budget analysis according to system parameters and the cell coverage according to transmitter power and modulation scheme of digital MMDS among the wireless CATV system methods which is bated on the wireless internet service. Also, in this paper, we present C/I and number of subscriber according to splitting cell. In this paper, the cell coverage of which obtain the results according to both transmitter power from 0dBW to -9dBW and modulation scheme of QPSK, 16QAM and 64QAM based on link budget was analysis for system parameter of digital MMDS was able to provide from maximum 134km to minimum 4.3km. Also, in this paper, the number of subscriber of which obtain the results according to polarization wave, frequency of frequency reuse and C/I in 4. 6 and 8 sectors was able to provide from maximum 5,200DSI to minimum 1,300DSI.