Journal of Convergence for Information Technology (융합정보논문지)

Convergence Society for SMB (중소기업융합학회)
권호 표지
DOI QR코드

DOI QR Code

A Design of Certificate Management Method for Secure Access Control in IoT-based Cloud Convergence Environment

IoT기반 클라우드 융합환경에서 안전한 접근제어를 위한 인증서 관리기법 설계

  • 박중오 (성결대학교 파이데이아학부)
  • Received : 2020.05.07
  • Accepted : 2020.07.20
  • Published : 2020.07.28
Download PDF
⟨ Previous Next ⟩

Abstract

IoT which is the core IT of the 4th industrial revolution, is providing various services from users in the conversion with other industries. The IoT convergence technology is leading the communication paradigm of communication environment in accordance with the increase of convenience for users. However, it is urgently needed to establish the security measures for the rapidly-developing IoT convergence technology. As IoT is closely related to digital ethics and personal information protection, other industries should establish the measures for coping with threatening elements in accordance with the introduction of IoT. In case when security incidents occur, there could be diverse problems such as information leakage, damage to image, monetary loss, and casualty. Thus, this paper suggests a certificate management technique for safe control over access in IoT-based Cloud convergence environment. This thesis designed the device/user registration, message communication protocol, and device renewal/management technique. On top of performing the analysis on safety in accordance with attack technique and vulnerability, in the results of conducting the evaluation of efficiency compared to the existing PKI-based certificate management technique, it showed about 32% decreased value.

4차 산업혁명의 핵심 IT기술인 사물인터넷은 타산업과 융합되어 사용자로부터 다양한 서비스를 제공하고 있다. IoT 융합기술은 사용자의 편의성 증대에 따른 통신환경에 대한 커뮤니케이션 패러다임을 이끌고 있다. 하지만 빠르게 발전하는 IoT 융합기술에 대한 보안 방안 마련이 시급하다. IoT는 디지털 윤리와 개인정보보호와 밀접한 관계를 가지고 있어, 타 산업에 IoT 도입에 따른 위협요소 대책안을 마련해야한다. 보안사고 발생 시 정보유출, 이미지 실추, 금적적인 손해, 인명피해 등 다양한 문제가 나타날 수 있다. 그러므로 본 논문에서는 IoT기반 클라우드 융합 환경에서 안전한 접근 제어를 위한 인증서 관리기법을 제안한다. 디바이스 및 사용자 등록, 메시지 통신 프로토콜, 디바이스 갱신 및 관리 기법을 설계하였다. 공격기법 및 취약점에 따른 안전성 분석을 수행하였으며, 기존 PKI 기반 인증서 관리기법 대비 효율성 평가결과 약 32%의 감소된 수치를 확인 할 수 있었다.

Keywords

References

  1. H. W. Kim. (2014). Security/Privacy Issues in the Internet of Things Environment. TTA Journal, 153.
  2. H. J, Lee, (2012). Security Consieration for use of Secure Cloud Services.
  3. Y. S. Lee. (2015). N. Security Requirements for Drone-based IoT Services, TTA.
  4. J. I. Lee. (2015). Convergent Case Study of Research and Education: Internet of Things Based Wireless Device Forming Research. Journal of the Korea Convergence Society, 6(4), 1-7. DOI : 10.15207/JKCS.2015.6.4.001
  5. K. H. Lee. (2013). A Security Threats in Wireless Charger Systems in M2M. Journal of the Korea Convergence Society, 4(1), 27-31. DOI : 10.15207/JKCS.2013.4.1.027
  6. S, J. Oh. (2015). A Study on Organizations Adopting Convergence-based Smart Work for Overcoming Constraints and Achieving Performance. Journal of Digital Convergence, 13(6), 113-124. DOI : 10.14400/JDC.2015.13.6.113
  7. Y. J, Park. (2015). Development of a ICT Convergence Business Model based on Smart Phone. Journal of Digital Convergence, 13(6), 81-89. DOI : 10.14400/JDC.2015.13.6.81
  8. Y. S. Jung. (2019). An IoT Information Security Model for Securing Bigdata Information for IoT Users. Journal of Convergence for Information Technology, 9(11), 8-14. DOI : 10.22156/CS4SMB.2019.9.11.008
  9. D. J. Choi. (2019. 9. 18). Next Generation IoT Security in the 5G Era. ITFIND, pp1-15.
  10. I. K. Park & J. Kwak. (2018). Permission Management System for Secure IoT Devices in Android-Based IoT Environment. KIPS Transactions on Computer and Communication Systems, 7(2), 59-66. DOI : 10.3745/KTCCS.2018.7.2.59