• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.654-656
• /
• 2016

MACsec is a cryptographic function that operates on Layer 2. As industries such as IoT(Internet of Things) devices are receiving attention recently are connected to the network and Internet traffic is increasing rapidly. Because of today, Becoming the increase in traffic and complex situations to protect the overall traffic, not just certain parts. The MACsec technology has received attention. In this paper, Layer 2 security technology to MACsec. Design the technology MACsec adapter that can easily and readily added to existing Layer 2 network.

• The Journal of Society for e-Business Studies
• /
• v.24 no.2
• /
• pp.55-70
• /
• 2019

It is essential to consider the relationships between each component in the communication infrastructure in order to build and optimize the infrastructure. In this paper, based on the major factors to consider for the optimized communication infrastructure, we propose an enhanced MACSec-based deployment mechanism for communication infrastructure. The proposed MACSec mechanism can replace the IPSec without the additional devices and redesign of the communication infrastructure. In addition, we evaluate the performance of MACSec and IPSec in terms of the major factors such as message overhead, encryption processing, and host mobility. According to the evaluation results, we can say that MACSec is superior to IPSec with regard to mobility as well as hop delay and message overhead.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.5
• /
• pp.972-978
• /
• 2016

MACsec is a cryptographic function that operates on Layer 2, the international standard defined in the IEEE 802.1AE. As industries such as IoT(Internet of Things) devices are receiving attention recently are connected to the network and Internet traffic is increasing rapidly, and is exposed to the risk of a variety of Internet attacks. Traditional network security technologies were often made in Layer 3, such as IPsec. However, to be increased as rapidly as the current traffic situation is complicated, and became interested in the security function of protecting the entire traffic instead of for a specific application or protocol. It appeared as these technologies is technology MACsec technology to protect all traffic in Layer 2. In this paper, we propose a Layer 2 security technology adapter MACsec MACsec a technology that allows you to simply and easily add them to the existing Layer 2 networks.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.11a
• /
• pp.1271-1274
• /
• 2010

MACsec 프로토콜은 Layer2 통신에서 유용한 데이터 암호화 솔루션이다. 하지만 다른 네트워크상에 존재하는 호스트와의 암호화 통신을 위해서는 게이트웨이에서 복호화와 암호화 과정을 반복해야 하는 어려움이 있다. 본 논문은 다른 네트워크 상에 존재하는 호스트와 추가 VLAN을 구성하여 MACsec 통신이 별도 복호화와 암호화 과정을 반복하지 않고 수행될 수 있는 방안을 제시할 것이며, 이를 수행하기 위한 구체적인 시스템 설계와 부가적인 네트워크 구성에 대해 추가적으로 설명할 것이다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.04a
• /
• pp.804-807
• /
• 2010

네트워크를 통해 고객의 신용카드 및 매출정보를 전송하는 대형마켓의 경우, 데이터링크 레이어 보안은 매우 중요하다. 본 논문은 현재 WPA/WPA2 형태로 무선 네트워크에 국한되어 있는 데이터링크 레이어 보안수준을 MACsec(IEEE 802.11AE)를 이용하여 전체 데이터링크 레이어 구간으로 확대하고, 나아가 SecY(MAC Security Entity)의 Secure Frame의 처리 방식을 응용한 무선랜 인증방안을 제시하고자 한다.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.5
• /
• pp.39-48
• /
• 2016

One of the major trends of automotive networking architecture is the introduction of automotive Ethernet. Ethernet is already used in single automotive applications (e.g. to connect high-data-rate sources as video cameras), it is expected that the ongoing standardization at IEEE (IEEE802.3bw - 100BASE-T1, respectively IEEE P802.3bp - 1000BASE-T1) will lead to a much broader adoption in future. Those applications will not be limited to simple point-to-point connections, but may affect Electric/Electronic(EE) Architectures as a whole. It is agreed that IP based traffic via Ethernet could be secured by application of well-established IP security protocols (e.g., IPSec, TLS) combined with additional components like, e.g., automotive firewall or IDS. In the case of safety and real-time related applications on resource constraint devices, the IP based communication is not the favorite option to be used with complicated and performance demanding TLS or IPSec. Those applications will be foreseeable incorporate Layer-2 based communication protocols as, e.g., currently standardized at IEEE[13]. The present paper reflects the state-of-the-art communication concepts with respect to security and identifies architectural challenges and potential solutions for future Ethernet Switch-based EE-Architectures. It also gives an overview and provide insights into the ongoing security relevant standardization activities concerning automotive Ethernet. Furthermore, the properties of non-automotive Ethernet security mechanisms as, e.g., IEEE 802.1AE aka. MACsec or 802.1X Port-based Network Access Control, will be evaluated and the applicability for automotive applications will be assessed.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.8
• /
• pp.63-72
• /
• 2017

In this paper, we propose a security architecture for HDLC-based T4 class common data link. The common data links are composed of point-to-point, multi-to-point, and point-to-multi mode. For multi-to-point mode, one node has a bundle of point-to-point links with different end-point on the other side of the links. Thus multi-to-point mode can be considered as a bundle of point-to-point mode. Point-to-multi mode is broadcasting link. For point-to-point mode we adopted robust security network scheme to establish a secure data link, and for multi-to-point mode we use broadcast encryption scheme based on ID-based cryptography to distribute encryption key for broadcasting message encryption. We also included MACsec technology for point-to-point data link security. Computational and communicational complexity analysis on the broadcast encryption have been done.