A scalable and efficient key escrow model for lawful interception of IDBC‐based secure communication

Han, Kyusuk,Yeun, Chan Yeob,Shon, Taeshik,Park, Jonghyuk,Kim, Kwangjo John Wiley Sons, Ltd. 2011 International Journal of Communication Systems Vol.24 No.4

<P><B>Abstract</B></P><P>Key escrowing is one of the core technologies for the lawful interception (LI) of secure communications in the wired and wireless networks. Although many previous studies on the key escrowing have been done before, they are insufficient to be deployed in practical networks due to conflicts with the LI requirements. Moreover, there is lack of consideration on the LI of ID‐based cryptosystem (IDBC)‐based secure communication because the interest of the LI was moved to the industries and IDBC has the inherent key escrowing property. However, the inherent property of IDBC cannot prevent ‘illegal’ eavesdropping of all the communications in the networks from the law enforcement agency with the ‘legally’ obtained key. Thus, we propose a new key escrow model that satisfies the requirements of LI and overcomes the potential threats of IDBC. Our contributions enable the scalable and efficient key escrowing for the LI of secure one‐way and two‐pass communication in the mobile networks. Copyright © 2010 John Wiley & Sons, Ltd.</P>

Ensuring Anonymity for LBSs in Smartphone Environment

Alzaabi, Mohammed,Yeun, Chan-Yeob,Martin, Thomas Anthony Korea Information Processing Society 2011 Journal of information processing systems Vol.7 No.1

With the rapid growth of GPS-enable Smartphones, the interest on using Location Based Services (LBSs) has increased significantly. The evolution in the functionalities provided by those smartphones has enabled them to accurately pinpoint the location of a user. Because location information is what all LBSs depend on to process user's request, it should be properly protected from attackers or malicious service providers (SP). Additionally, maintaining user's privacy and confidentiality are imperative challenges to be overcome. A possible solution for these challenges is to provide user anonymity, which means to ensure that a user initiating a request to the SP should be indistinguishable from a group of people by any adversary who had access to the request. Most of the proposals that maintain user's anonymity are based on location obfuscation. It mainly focuses on adjusting the resolution of the user's location information. In this paper, we present a new protocol that is focused on using cryptographic techniques to provide anonymity for LBSs users in the smartphone environment. This protocol makes use of a trusted third party called the Anonymity Server (AS) that ensures anonymous communication between the user and the service provider.

New Distributed SDN Framework for Mitigating DDoS Attacks

Alshehhi, Ahmed,Yeun, Chan Yeob,Damiani, Ernesto The Korean Institute of Electrical Engineers 2017 전기학회논문지 Vol.66 No.12

Software Defined Networking creates totally new concept of networking and its applications which is based on separating the application and control layer from the networking infrastructure as a result it yields new opportunities in improving the network security and making it more automated in robust way, one of these applications is Denial of Service attack mitigation but due to the dynamic nature of Denial of Service attack it would require dynamic response which can mitigate the attack with the minimum false positive. In this paper we will propose a new mitigation Framework for DDoS attacks using Software Defined Networking technology to protect online services e.g. websites, DNS and email services against DoS and DDoS attacks.

Ensuring Anonymity for LBSs in Smartphone Environment

( Mohammed Alzaabi ),( Chan Yeob Yeun ),( Thomas Anthony Martin ) 한국정보처리학회 2011 Journal of information processing systems Vol.7 No.1

With the rapid growth of GPS-enable Smartphones, the interest on using Location Based Services (LBSs) has increased significantly. The evolution in the functionalities provided by those smartphones has enabled them to accurately pinpoint the location of a user. Because location information is what all LBSs depend on to process user`s request, it should be properly protected from attackers or malicious service providers (SP). Additionally, maintaining user`s privacy and confidentiality are imperative challenges to be overcome. A possible solution for these challenges is to provide user anonymity, which means to ensure that a user initiating a request to the SP should be indistinguishable from a group of people by any adversary who had access to the request. Most of the proposals that maintain user`s anonymity are based on location obfuscation. It mainly focuses on adjusting the resolution of the user`s location information. In this paper, we present a new protocol that is focused on using cryptographic techniques to provide anonymity for LBSs users in the smartphone environment. This protocol makes use of a trusted third party called the Anonymity Server (AS) that ensures anonymous communication between the user and the service provider.

Enhanced Secure Transaction Protocol for IoT Devices via LTE Network

Ebrahim AL-Alkeem,Chan Yeob Yeun,Yousef Al Hammadi,Hyun Ku Yeun,Young-Ji Byon 대한전기학회 2017 전기학회논문지 Vol.66 No.12

Internet of Thing (IoT) and NFC (Near Field Communication) have got a good adaptable structure that it can be easily combined with any wireless network. Since IoT/NFC can be used to communicate wirelessly with all the transactions that can be done remotely without any physical connections. In this paper, we propose an enhanced secure IoT/NFC protocol based on LTE network that enhances the original security level provided by the LTE. Our approach is new in a sense that it covers LTE in contrast to old networks like GSM and 3G, which substantially treated in the literature. Moreover, both GSM and 3G have several drawbacks when they are combined with the NFC technology, which has potential weakness in confidentiality, integrity, and authentication. Hence our new approach will resolve the security of the new LTE system. We expect that our protocol will result in new secure applications for the smart phone markets.

Security Framework for RFID-based Applications in Smart Home Environment

( Divyan M. Konidala ),( Dae Young Kim ),( Chan Yeob Yeun ),( Byoung Cheon Lee ) 한국정보처리학회 2011 Journal of information processing systems Vol.7 No.1

The concept of Smart-Homes is becoming more and more popular. It is anticipated that Radio Frequency IDentification (RFID) technology will play a major role in such environments. We can find many previously proposed schemes that focus solely on: authentication between the RFID tags and readers, and user privacy protection from malicious readers. There has also been much talk of a very popular RFID application: a refrigerator/bookshelf that can scan and list out the details of its items on its display screen. Realizing such an application is not as straight forward as it seems to be, especially in securely deploying such RFID-based applications in a smart home environment. Therefore this paper describes some of the RFID-based applications that are applicable to smart home environments. We then identify their related privacy and security threats and security requirements and also propose a secure approach, where RFID-tagged consumer items, RFID-reader enabled appliances (e.g., refrigerators), and RFID-based applications would securely interact among one another. At the moment our approach is just a conceptual idea, but it sheds light on very important security issues related to RFID-based applications that are beneficial for consumers.

Security Framework for RFID-based Applications in Smart Home Environment

Konidala, Divyan M.,Kim, Dae-Young,Yeun, Chan-Yeob,Lee, Byoung-Cheon Korea Information Processing Society 2011 Journal of information processing systems Vol.7 No.1

The concept of Smart-Homes is becoming more and more popular. It is anticipated that Radio Frequency IDentification (RFID) technology will play a major role in such environments. We can find many previously proposed schemes that focus solely on: authentication between the RFID tags and readers, and user privacy protection from malicious readers. There has also been much talk of a very popular RFID application: a refrigerator/bookshelf that can scan and list out the details of its items on its display screen. Realizing such an application is not as straight forward as it seems to be, especially in securely deploying such RFID-based applications in a smart home environment. Therefore this paper describes some of the RFID-based applications that are applicable to smart home environments. We then identify their related privacy and security threats and security requirements and also propose a secure approach, where RFID-tagged consumer items, RFID-reader enabled appliances (e.g., refrigerators), and RFID-based applications would securely interact among one another. At the moment our approach is just a conceptual idea, but it sheds light on very important security issues related to RFID-based applications that are beneficial for consumers.