• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1225-1241
• /
• 2014

Recently, Financial companies implement DLP(Data Leaks Prevention) security products and enforce internal controls to prevent customer information leaks. Accidental data leaks in financial business increase more and more because internal controls are insufficient. Security officials and IT operation staffs struggle to plan countermeasures to respond to all kinds of accidental data leaks. It is difficult to prevent data leaks and to control information flow in business without research applications that handle business and privacy information. Therefore this paper describes business and privacy information flow on applications and how to plan and deploy security container based OS-level and Hypervisor virtualization technology to enforce internal controls for applications. After building security container, it was verified to implement internal controls and to prevent customer information leaks. With security policies additional security functions was implemented in security container and With recycling security container costs and time of response to security vulnerabilities was reduced.

• Journal of Internet Computing and Services
• /
• v.7 no.2
• /
• pp.161-172
• /
• 2006

As the innovative technologies related to ubiquitous computing are being rapidly developed in recent IT trend, the concern for IT dysfunction(e.g., personal information abuse, information risk, threat, vulnerability, etc.) are also increasing. In our study, we suggested how to design and implement to multiple schemes for strong authentication mechanism in real system environments. We introduce the systematic and secure authentication technologies that resolve the threats incurring from the abuse and illegal duplication of financial transaction card in the public and financial institutions. The multiple schemes for strong authentication mechanism applied to java technology, so various application programs can be embedded, Independent of different platforms, to the smartcard by applying the consolidated authentication technologies based on encryption and biometrics(e.g., finger print identification). We also introduce the appropriate guidelines which can be easily implemented by the system developer and utilized from the software engineering standpoint of view. Further, we proposed ways to utilize java card based biometrics by developing and applying the 'smartcard class library' in order for the developer and engineers involved in real system environment(Secure entrance system) to easily understand the program. Lastly, we briefly introduced the potential for its future business application.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1059-1068
• /
• 2022

A Post-Quantum Cryptographic algorithm NTRU, which is designed by considering the computational power of quantum computers, satisfies the mathematically security level. However, it should consider the characteristics of side-channel attacks such as power analysis attacks in hardware implementation. In this paper, we verify that the private key can be recovered by analyzing the power signal generated during the decryption process of NTRU. To recover the private keys, the Simple Power Analysis (SPA), Correlation Power Analysis (CPA) and Differential Deep Learning Analysis (DDLA) were all applicable. There is a shuffling technique as a basic countermeasure to counter such a power side-channel attack. Neverthe less, we propose a more effective method. The proposed method can prevent CPA and DDLA attacks by preventing leakage of power information for multiplication operations by only performing addition after accumulating each coefficient, rather than performing accumulation after multiplication for each index.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.2
• /
• pp.371-378
• /
• 2004

As an agent is applied into various fields, it is suggested as the paradigm of new application technology in the area of computer communication. However, the mobile agent brines the problem of security on an agent due to mobility. This study proposals the mobile agent protection protocol framework for more effective protection and safety. The designed Framework of protocol uses the public ky, the private key and the digital signature in PKI environment based on JAVA. This is the mechanism accomplishing safely the work of an agent by tracking the pattern of execution and the mobility plan through the VS(verification server). This also secures the suity and the flawlessness of an agent through the VS guaranteeing safety from malicious attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.1
• /
• pp.67-75
• /
• 2008

RFID(Radio Frequency Identification) system is an automated identification system that consists of tags and readers. They communicate with each other by RF signal. As a reader can identify many tags in contactless manner using RF signal, RFID system is expected to do a new technology to substitute a bar-code system. But RFID system creates new threats to the security and privacy of individuals, Because tags and readers communicate with each other in insecure channel using RF signal. So many people are trying to study various manners to solve privacy problems against attacks, but it is difficult to apply to RFID system based on low-cost Gen2. Therefore, We will propose a new encryption scheme using matrix based on Gen2 in RFID system in paper, and We will analyze our encryption scheme in view of the security and efficiency through a simulation and investigate application environments to use our encryption scheme.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.46 no.1
• /
• pp.39-44
• /
• 2009

The advance of communication and networking technology enables high bandwidth multimedia data transmission. The development of high performance compression technology such as H.264 also encourages high quality video and audio data transmission. The trend requires efficient protection system for digital media rights. We propose an efficient digital media protection system using elliptic curve cryptography. Only key parameters are encrypted to reduce the burden of complex encryption and decryption in the proposed system, and the digital media are not played back or the quality is degraded if the encrypted information is missing. We need a playback system with an ECC processor to implement the proposed system. We implement an H.264 decoding system with a configurable ECC processor to verify the proposed protection system We verify that the H.264 movie is not decoded without the decrypted information.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.1071-1082
• /
• 2021

COVID-19 has changed a lot in our daily lives, where school classes and remote classes have been combined or converted to remote classes. Many students spent more time online, and cyberbullying, such as indiscriminate disclosure of their personal information, bullying of their classmates online, increased. In this paper, we propose an online education program as a countermeasure against cyberbullying. This program is designed for elementary, middle, and high school students and can also be used for informatics or ethics classes in the 2015 curriculum. The proposed program is divided into four major themes: 'Cyberbullying,' 'Information Security,' 'Cyber Crime,' and 'Language Violence,' and is divided into a total of ten topics according to its connection. It was organized to teach the topics evenly by grade. Also, the program's feasibility was verified by experts on the selection of educational contents and organizing of contents. In the future, it will be necessary to apply for this program and conduct an effectiveness analysis to measure whether it has effectively contributed to the decrease in cyberbullying rates among students and the improvement of coping skills.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.613-616
• /
• 2015

최근 스마트폰 기기의 보급 및 소셜 서비스 산업의 고도화로 인해, 빅데이터가 등장하였다. 한편 빅데이터에서 효율적으로 정보를 분석하는 대표적인 플랫폼으로 하둡이 존재한다. 하둡은 클러스터 환경에 기반한 우수한 확장성, 장애 복구 기능 및 사용자가 기능을 정의할 수 있는 맵리듀스 프레임워크 등을 지원한다. 아울러 하둡은 개인정보나 위치 데이터 등의 민감한 정보를 보호하기 위해 Kerberos를 통한 사용자 인증 기법을 제공하고, HDFS 압축 코덱을 활용한 AES 코덱 기반 데이터 암호화를 지원하고 있다. 그러나 하둡 기반 소프트웨어를 사용하고 있는 국내 기관 및 기업은 국내 ARIA 데이터 암호화를 적용하지 못하고 있다. 이를 해결하기 위해 본 논문에서는 하둡을 기반으로 ARIA 암호화를 지원하는 HDFS 데이터 암호화 기법을 제안한다.

• Information Systems Review
• /
• v.15 no.2
• /
• pp.1-19
• /
• 2013

Smart working sparked by iPhone3 opens a revolution in smart ways of working at any time, regardless of location and environment. Also, It provide real-time information processing and analysis, rapid decision-making and the productivity of businesses, including through the timely response and the opportunity to increase the efficiency. As a result, every company are developing mobile information systems. But company data is accessed from the outside, it has problems to solve like security, hacking and information leakage. Also, Mobile devices such as smart phones belonging to the privately-owned asset can't be always controlled to archive company security policy. In the meantime, public smart phones owned by company was always applied security policy. But it can't not apply to privately-owned smart phones. Thus, this paper is focused to archive company security policy, but also enable the individual's free to use of smart phones when we use mobile information systems. So, when we use smart phone as individual purpose, the normal operation of all smart phone functions. But, when we use smart phone as company purpose like mobile information systems, the smart phone functions are blocked like screen capture, Wi-Fi, camera to protect company data. In this study, we suggest the design and implementation of real time control and management of mobile device using MDM(Mobile Device Management) solution. As a result, we can archive company security policy and individual using of smart phone and it is the optimal solution in the BYOD(Bring Your Own Device) era.

• The KIPS Transactions:PartC
• /
• v.11C no.6 s.95
• /
• pp.731-738
• /
• 2004

With the increase of digital content usages, the protection for digital content and intellectual property becomes more important. The DRM(digital rights management) technologies are applicable to protect not only any kind of digital contents but also intellectual property. Besides such techniques are required for recorded digital broadcasting contents due to introduction of digital broadcasting techniques and storage devices such as personal video recorder. The conventional protection scheme for broadcasting content is the CAS(conditional access system) by which the access of viewer is controlled on the specific channels or programs. The CAS prohibits the viewer from delivering the digital broadcasting content to other person, so it results in restriction of superdistribution on the digital broadcasting content. In this paper, for broadcast targeting unspecfic many people, we will design the service model of the protection and distribution of digital broadcasting content using encryption and license by employing the concept of DRM. The results of implementation are also shown to verify some functions of each component. An implemented system of this paper has some advantages that the recording of broadcast content is allowed on set-top-box and superdistribution is available by consumer. Hence it provides content providers and consumers with trustworthy environment for content protection and distribution.