A Certification Authority issues X.509 public key certificates to bind a public key to a subject. The subject is specified through one or more subject names in the 'subject' or 'subjectAltName' fields of a certificate. In... more
A Certification Authority issues X.509 public key certificates to bind a public key to a subject. The subject is specified through one or more subject names in the 'subject' or 'subjectAltName' fields of a certificate. In reality, however, there are individuals that have the same or similar names. This ambiguity can be resolved by including a 'permanent identifier' in all certificates issued to the same subject, which is unique across multiple CAs. But, a person's unique identifier is regarded as a sensitive personal data. Such an identifier cannot simply be included as part of the subject field, since its disclosure may lead to misuse. We present a new method for secure and accurate user authentication through the PEPSI included in the standard certificate extension of a X.509 certificate. The PEPSI can be served not only for user authentication but also for the user anonymity without divulging personal information.
Research Interests:
Research Interests:
Research Interests:
Research Interests:
The online office is one of web application. We can easily use the online office through a web browser with internet connected PC. The online office has the advantage of using environment regardless of location or time. When users want to... more
The online office is one of web application. We can easily use the online office through a web browser with internet connected PC. The online office has the advantage of using environment regardless of location or time. When users want to use the online office, they access the online office server and use their content. However, recently developed and launched online office has the weakness of insufficient consideration. In this paper, we analyze the security vulnerabilities of the online office. In addition, we propose the evaluation criteria to make secure online office using Common Criteria. This evaluation criteria can be used to establish trust between the online office server and the user. The online office market will be more active than before.
Research Interests:
Research Interests:
One of Bitcoins core security guarantees is that, for an attacker to be able to successfully interfere with the Bitcoin network and reverse transactions, they need to control 51% of total hash power. Eyal et al., however, significantly... more
One of Bitcoins core security guarantees is that, for an attacker to be able to successfully interfere with the Bitcoin network and reverse transactions, they need to control 51% of total hash power. Eyal et al., however, significantly reduces Bitcoins security guarantee by introducing another type of attack, called “Selfish Mining”. The key idea behind selfish mining is for a miner to keep its discovered blocks private, thereby intentionally forking the chain. As a result of a selfish mining attack, even a miner with 25% of the computation power can bias the agreed chain with its blocks. After Eyal’s original paper, the concept of selfish mining has been actively studied within the Bitcoin community for several years. This paper studies a fundamental problem regarding the selfish mining strategy under the existence of mining pools. For this, we propose a new attack strategy, called “Detective Mining”, and show that selfish mining pool is not profitable anymore when other miners use...
Research Interests:
Research Interests:
Research Interests:
IoT is gaining importance in our lives and in the military too. With the application of IoT paradigm in the military and the weapon system’s connectivity to the network, this facilitates the commanders to make real-time decisions.... more
IoT is gaining importance in our lives and in the military too. With the application of IoT paradigm in the military and the weapon system’s connectivity to the network, this facilitates the commanders to make real-time decisions. However, cybersecurity threats to weapon systems intensify along with the growing of IoT’s benefits. Coping with these cybersecurity threats nowadays, we require the implementation of “security by design” concept during weapon system development throughout the system lifecycle, but not traditional security solutions. Since only developed countries are capable of developing systems on their own, they adopt “security by design” when developing new weapon systems; another approach to acquire weapon systems is through import if a country cannot develop the whole weapon system. However, few studies have been done on the security evaluation framework that could be used upon purchase and integration of the developed weapon system. In this paper, we proposed a nov...
Research Interests:
Research Interests:
Research Interests:
Research Interests:
There has been an explosive increase in the population of the OSN (online social network) in recent years. The OSN provides users with many opportunities to communicate among friends and family. Further, it facilitates developing new... more
There has been an explosive increase in the population of the OSN (online social network) in recent years. The OSN provides users with many opportunities to communicate among friends and family. Further, it facilitates developing new relationships with previously unknown people having similar beliefs or interests. However, the OSN can expose users to adverse effects such as privacy breaches, the disclosing of uncontrolled material, and the disseminating of false information. Traditional access control models such as MAC, DAC, and RBAC are applied to the OSN to address these problems. However, these models are not suitable for the dynamic OSN environment because user behavior in the OSN is unpredictable and static access control imposes a burden on the users to change the access control rules individually. We propose a dynamic trust-based access control for the OSN to address the problems of the traditional static access control. Moreover, we provide novel criteria to evaluate trust ...
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
In this study, the performance of an Archimedes spiral wind turbine is analyzed by simulation and validated by a field test. It is characterized as a horizontal-axis drag-type wind turbine. This type of wind turbine cannot be analyzed by... more
In this study, the performance of an Archimedes spiral wind turbine is analyzed by simulation and validated by a field test. It is characterized as a horizontal-axis drag-type wind turbine. This type of wind turbine cannot be analyzed by the well-known Blade Element Momentum(BEM) theory or Double Stream Tube Method(DSTM) commonly used to analyze the performance of lift-type wind turbines. Therefore, the computational fluid dynamics (CFD) method was applied. From the simulation, the power coefficient, known as the mechanical efficiency of the rotor, the tip speed ratio was obtained. The maximum power coefficient, and the corresponding tip speed ratio were found to be 0.293 and 2.19, respectively. In addition, the electrical efficiency with respect to the rotational speed of the generator was obtained through generator–controller test. The obtained mechanical and electrical efficiencies were used to predict the power curve of the wind turbine. Finally, the predicted performance of the...
Research Interests:
In this study, an off-grid–type small wind turbine for street lighting was designed and analyzed. Its performance was predicted using a computational fluid dynamics model. The proposed wind turbine has two blades with a radius of 0.29 m... more
In this study, an off-grid–type small wind turbine for street lighting was designed and analyzed. Its performance was predicted using a computational fluid dynamics model. The proposed wind turbine has two blades with a radius of 0.29 m and a height of 1.30 m. Ansys Fluent, a commercial computational fluid dynamics solver, was used to predict the performance, and the k-omega SST model was used as the turbulence model. The simulation result revealed a tip-speed ratio of 0.54 with a maximum power coefficient, or an aerodynamic rotor efficiency of 0.17. A wind turbine was installed at a measurement site to validate the simulation, and a performance test was used to measure the power production. To compare the simulation results obtained from the CFD simulation with the measured electrical power performance, the efficiencies of the generator and the controller were measured using a motor-generator testbed. Also, the control strategy of the controller was found from the field test and ap...
Research Interests:
Very recently, Jung, Paeng and Kim [IEEE Communications Letters, Vol 8, No 7, pp 446–448, July 2004] have demonstrated the insecurity of Xu and Tilborg’s ID-based conference key distribution scheme, and in addition, have revised the... more
Very recently, Jung, Paeng and Kim [IEEE Communications Letters, Vol 8, No 7, pp 446–448, July 2004] have demonstrated the insecurity of Xu and Tilborg’s ID-based conference key distribution scheme, and in addition, have revised the scheme to fix the security flaws discovered by them. However, in this paper, we show that Jung-Paeng-Kim’s revised scheme is still insecure since it is vulnerable to an active attack of colluding adversaries. We also show that our attack can be easily thwarted by a simple patch.
Research Interests:
ABSTRACT
Research Interests:
Research Interests:
ABSTRACT
Research Interests:
... Search for Sung-Ming Yen Search for Seungjoo Kim Search for Seongan Lim Search for SangJaeMoon. ... 10. Marc Joye , Jean-Jacques Quisquater , Feng Bao , Robert H. Deng, RSA-type Signatures in the Presence of Transient Faults,... more
... Search for Sung-Ming Yen Search for Seungjoo Kim Search for Seongan Lim Search for SangJaeMoon. ... 10. Marc Joye , Jean-Jacques Quisquater , Feng Bao , Robert H. Deng, RSA-type Signatures in the Presence of Transient Faults, Proceedings of the 6th IMA International ...