Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
KIPS Transactions on Computer and Communication Systems
Journal Basic Information
Journal DOI :
Korea Information Processing Society
Editor in Chief :
Volume & Issues
Volume 2, Issue 12 - Dec 2013
Volume 2, Issue 11 - Nov 2013
Volume 2, Issue 10 - Oct 2013
Volume 2, Issue 9 - Sep 2013
Volume 2, Issue 8 - Aug 2013
Volume 2, Issue 7 - Jul 2013
Volume 2, Issue 6 - Jun 2013
Volume 2, Issue 5 - May 2013
Volume 2, Issue 4 - Apr 2013
Volume 2, Issue 3 - Mar 2013
Volume 2, Issue 2 - Feb 2013
Volume 2, Issue 1 - Jan 2013
Selecting the target year
A Study on the Next Generation Identification System of Mobile-Based using Anonymous Authentication Scheme
Park, Jeong Hyo ; Jung, Yong Hoon ; Jun, Moon Seog ;
KIPS Transactions on Computer and Communication Systems, volume 2, issue 12, 2013, Pages 511~516
DOI : 10.3745/KTCCS.2013.2.12.511
The cases of identification forgery and counterfeiting are increasing under the current identification system, which was established based on social conditions and administrative environments over 20 years ago. This leads to an increase of various criminal acts including illegal loan using fake ID and a number of damages caused out of good intentions that result in interference with the operations of public organizations. In addition, according to the advancement of information society, privacy protection has emerged as an important issue. However, ID card exposes individuals' personal information, such as names, resident registration numbers, photos, addresses and fingerprints, and thus the incidents associated with illegal use of personal information are increasing continuously. Accordingly, this study aimed at examining the issues of ID card forgery/counterfeiting and privacy protection and at proposing a next-generation identification system to supplement such weaknesses. The top priority has been set as prevention of forgery/counterfeiting and privacy protection in order to ensure the most important function of national identification system, which is user identification.
Zero-knowledge Based User Remote Authentication Over Elliptic Curve
Choi, Jongseok ; Kim, Howon ;
KIPS Transactions on Computer and Communication Systems, volume 2, issue 12, 2013, Pages 517~524
DOI : 10.3745/KTCCS.2013.2.12.517
Although password-based authentication as known as knowledge-based authentication was commonly used but intrinsic problems such as dictionary attack remain unsolved. For that the study on possession-based authentication was required. User remote authentication using smartcard is proceeding actively since Lee et al. proposed user remote authentication using knowledge-based information(password) and possession-base information(smartcard) in 2002. in 2009, Xu et al. proposed a new protocol preserving user anonymity and Shin et al. proposed enhanced scheme with analysis of its vulnerabilities on user anonymity and masquerading attack in 2012. In this paper, we analyze Shin et al. scheme on forward secrecy and insider attack and present novel user authentication based on elliptic curve cryptosystem which is secure against forward secrecy, insider attack, user anonymity and masquerading attack.
A Study on the SmartPhone GPS based Graphical Password Approach
Kim, Tae Eun ; Kim, Hyeon Hong ; Jun, Moon Seog ;
KIPS Transactions on Computer and Communication Systems, volume 2, issue 12, 2013, Pages 525~532
DOI : 10.3745/KTCCS.2013.2.12.525
Recently smartphones, tablet, etc. Various types of smart terminal is due to the increased security in mobile devices are becoming an issue. How to enter the password in this environment is a very important issue. Difficult to have a secure password input device on various types of mobile devices. In addition you enter on the touch screen the password of character, uncomfortable and it is vulnerable to SSA attack. Therefore, in this paper provide for defense the SSA(Shoulder Surfing Attacks) and useful password input mechanism is proposed with Smartphone GPS uses a value generated via a graphical password techniques.
Extraction of System-Wide Sybil-Resistant Trust Value embedded in Online Social Network Graph
Kim, Kyungbaek ;
KIPS Transactions on Computer and Communication Systems, volume 2, issue 12, 2013, Pages 533~540
DOI : 10.3745/KTCCS.2013.2.12.533
Anonymity is the one of main reasons for substantial improvement of Internet. It encourages various users to express their opinion freely and helps Internet based distributed systems vitalize. But, anonymity can cause unexpected threats because personal information of an online user is hidden. Especially, distributed systems are threatened by Sybil attack, where one malicious user creates and manages multiple fake online identities. To prevent Sybil attack, the traditional solutions include increasing the complexity of identity generation and mapping online identities to real-world identities. But, even though the high complexity of identity generation increases the generation cost of Sybil identities, eventually they are generated and there is no further way to suppress their activity. Also, the mapping between online identities and real identities may cause high possibility of losing anonymity. Recently, some methods using online social network to prevent Sybil attack are researched. In this paper, a new method is proposed for extracting a user's system-wide Sybil-resistant trust value by using the properties embedded in online social network graphs. The proposed method can be categorized into 3 types based on sampling and decision strategies. By using graphs sampled from Facebook, the performance of the 3 types of the proposed method is evaluated. Moreover, the impact of Sybil attack on nodes with different characteristics is evaluated in order to understand the behavior of Sybil attack.
An Integrative Method of FTA and FMEA for Software Security Analysis of a Smart Phone
Kim, Myong-Hee ; Toyib, Wildan ; Park, Man-Gon ;
KIPS Transactions on Computer and Communication Systems, volume 2, issue 12, 2013, Pages 541~552
DOI : 10.3745/KTCCS.2013.2.12.541
Recently software security of the smart phone is an important issue in the field of information science and technology due to fast propagation of smart technology in our life. The smart phone as the security critical systems which are utilizing in terminal systems of the banking, ubiquitous home management, airline passengers screening, and so on are related to the risk of costs, risk of loss, risk of availability, and risk by usage. For the security issues, software hazard analysis of smart phone is the key approaching method by use of observed failures. In this paper, we propose an efficient integrative framework for software security analysis of the smart phone using Fault Tree Analysis (FTA) and Failure Mode Effect Analysis (FMEA) to gain a convergence security and reliability analysis technique on hand handle devices. And we discuss about that if a failure mode effect analysis performs simpler, not only for improving security but also reducing failure effects on this smart device, the proposed integrative framework is a key solution.
Design and Implementation of DRM Proxy for DRM Cloud Service
Lee, Hyejoo ; Heo, Changsoo ; Seo, Changho ; Shin, Sang Uk ;
KIPS Transactions on Computer and Communication Systems, volume 2, issue 12, 2013, Pages 553~560
DOI : 10.3745/KTCCS.2013.2.12.553
The development of cloud computing technology and smart devices have increasingly been expanding the influence in various fields. Although DRM(Digital Rights Management) is a very important technology for secure content services, interoperability among DRM technologies must be addressed in order to provide the service without the constraints of time and place on various smart devices. In this paper, we study DRM Cloud which provides DRM functions as a service in cloud computing environment, and address interoperability problem by providing different DRM technologies as a cloud service. That is, when a user wants to play contents with the different DRM technologies on a smart device, the usage of the content is controlled by providing the corresponding DRM module and function as SaaS from DRM cloud. To do this, we define the functions and structure of DRM Proxy which performs smooth service call and provision between DRM cloud user and DRM cloud, and finally we describe the experimental implementation result.
Design of Uni-directional Optical Communication Structure Satisfying Defense-In-Depth Characteristics against Cyber Attack
Jeong, Kwang Il ; Lee, Joon Ku ; Park, Geun Ok ;
KIPS Transactions on Computer and Communication Systems, volume 2, issue 12, 2013, Pages 561~568
DOI : 10.3745/KTCCS.2013.2.12.561
Instrumentation and control system in nuclear power plant performs protecting, controling and monitoring safety operation of Nuclear Power Plant. As cyber attack to the control equipment of instrumentation and control system can cause reactor shutdown and radiation release, it is required to design the instrumentation and control system considering cyber security in accordance with regulatory guides and industrial standards. In this paper, we proposed a design method of uni-directional communication structure which is required in the design of defense-in-depth model according to regulatory guides and industrial standards and we implemented a communication board with the proposed method. This communication board was tested in various test environments and test items and we concluded it can provide uni-directional communication structure required to design of defense-in-depth model against cyber attack by analyzing the results. The proposed method and implemented communication board were applied in the design of SMART (system-integrated modular advanced reactor) I&C (instrumentation and control) systems.
A Study on Data Storage and Recovery in Hadoop Environment
Kim, Su-Hyun ; Lee, Im-Yeong ;
KIPS Transactions on Computer and Communication Systems, volume 2, issue 12, 2013, Pages 569~576
DOI : 10.3745/KTCCS.2013.2.12.569
Cloud computing has been receiving increasing attention recently. Despite this attention, security is the main problem that still needs to be addressed for cloud computing. In general, a cloud computing environment protects data by using distributed servers for data storage. When the amount of data is too high, however, different pieces of a secret key (if used) may be divided among hundreds of distributed servers. Thus, the management of a distributed server may be very difficult simply in terms of its authentication, encryption, and decryption processes, which incur vast overheads. In this paper, we proposed a efficiently data storage and recovery scheme using XOR and RAID in Hadoop environment.