• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.77-82
• /
• 2004

The notion of a certificate was introduced by Kohnfelder in his 1978 MIT bachelor's thesis. The idea, now common, was that a certificate is a digitally signed statement binding the key-holder's name to a public key. With the increasing acceptance of digital certificate, there has been a gaining impetus for methods to nullify the compromised digital certificates and enable the end user to receive this information before be trusts a revoked certificate. The problem of certificate revocation is getting more and more crucial with the development of wide spread PKIs. In this paper, we investigate recent trend of certificate revocation mechanism.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1131-1139
• /
• 2020

The static analysis of the source code is to find the remaining security weaknesses for a wide range of source codes. The static analysis tool is used to check the result, and the static analysis expert performs spying and false detection analysis on the result. In this process, the amount of analysis is large and the rate of false positives is high, so a lot of time and effort is required, and a method of efficient analysis is required. In addition, it is rare for experts to analyze only the source code of the line where the defect occurred when performing positive/false detection analysis. Depending on the type of defect, the surrounding source code is analyzed together and the final analysis result is delivered. In order to solve the difficulty of experts discriminating positive and false positives using these static analysis tools, this paper proposes a method of determining whether or not the security weakness found by the static analysis tools is a spy detection through artificial intelligence rather than an expert. In addition, the optimal size was confirmed through an experiment to see how the size of the training data (source code around the defects) used for such machine learning affects the performance. This result is expected to help the static analysis expert's job of classifying positive and false positives after static analysis.

• The Journal of the Convergence on Culture Technology
• /
• v.10 no.3
• /
• pp.209-217
• /
• 2024

The purpose of this study is to explore development plans by analyzing social interests and perceptions of jiu-jitsu using big data analysis. Network analysis, centrality analysis, and CONCOR analysis were conducted by collecting data for the last 10 years of major domestic portal sites. First, 'judo' was found to be the most important related word in network analysis, and 'judo' was also an important word in the analysis of dgree centrality. In the closeness centrality analysis, "defender" was the most important word, and "sports" was the most important word in betweenness centrality. Finally, as a result of CONCOR analysis, four clusters (related sports and marketing, jiu-jitsu competitions, belt test, supplies and expenses) were formed. As a conclusion of the study, first, words such as 'judo', 'exercise', 'competition', 'dobok', 'gym', and 'graduation' should be actively used to promote jiu-jitsu.As a conclusion of the study, first, words such as 'judo', 'exercise', 'contest', 'dobok', 'gym', and 'graduation' should be actively used to promote jiu-jitsu. Second, it is necessary to share information on training costs through various routes, to make awareness of the graduation process or method common, and to develop safety products and create a safe training culture. Third, it is necessary to find ways to continuously increase the influx of new trainees by attracting steady competitions.

• Korean Security Journal
• /
• no.21
• /
• pp.155-175
• /
• 2009

RFID that provide automatic identification by reading a tag attached to material through radio frequency without direct touch has some specification, such as rapid identification, long distance identification and penetration, so it is being used for distribution, transportation and safety by using the frequency of 125KHz, 134KHz, 13.56MHz, 433.92MHz, 900MHz, and 2.45GHz. Also it is one of main part of Ubiquitous that means connecting to net-work any time and any place they want. RFID is expected to be new growth industry worldwide, so Korean government think it as prospective field and promote research project and exhibition business program to linked with industry effectively. RFID could be used for access control of person and vehicle according to section and for personal certify with password. RFID can provide more confident security than magnetic card, so it could be used to prevent forgery of register card, passport and the others. Active RFID could be used for protecting operation service using it's long distance date transmission by application with positioning system. And RFID's identification and tracking function can provide effective visitor management through visitor's register, personal identification, position check and can control visitor's movement in the secure area without their approval. Also RFID can make possible of the efficient management and prevention of loss of carrying equipments and others. RFID could be applied to copying machine to manager and control it's user, copying quantity and It could provide some function such as observation of copy content, access control of user. RFID tag adhered to small storage device prevent carrying out of item using the position tracking function and control carrying-in and carrying-out of material efficiently. magnetic card and smart card have been doing good job in identification and control of person, but RFID can do above functions. RFID is very useful device but we should consider the prevention of privacy during its application.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.11 s.353
• /
• pp.16-24
• /
• 2006

In this paper, we implement a U-healthcare system that can be applied to a service integration system. This system consists of a wireless network system a sensor module, and a integration server. The wireless network system collects data and the sensor module measures body fat, blood pressure, quantity of exercise, and SPO2. The server integrates user certification, security service and VOD service and collects user health information in real-time, and sends the data in case of emergency to a doctor or guardian.

• KIPS Transactions on Software and Data Engineering
• /
• v.4 no.9
• /
• pp.337-346
• /
• 2015

There is great need for efficient user rights management method to provide a flexible service on variety protocols, domains, applications of IoT environments. In this paper, we propose a IoT service platform with CapSG to provide efficient access control for IoT various services of the environment. CapSG uses a token including authentication and access rights to perform authentication and access control service entity providing services. In addition, the generated token for service management, delegation, revocation, and provides a function such as denied. Also, it provides functions such as generation, delegation, disposal and rejection for service token management. In this paper, it provides the flexibility and efficiency of the access control for various services require of the IoT because of it is available to access control specific domain service by using the token group for each domain and is designed to access control using specific service token of tokens group.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.3
• /
• pp.549-557
• /
• 2017

ICMP(Internet Control Message Protocol) is a main protocol in TCP/IP protocol stack. ICMP compensates the disadvantages of the IP that does not support error reporting. If any transmission problem occurred, a router or receiving host sends ICMP message containing the error cause to sending host. However, in this process, an attacker sends a fake ICMP messages to the host so that the communication can be terminated abnormally. An attacker host can paralyzes system of victim host by sending a large number of messages to the victim host at a high rate of speed. To solve this problem, we have designed and implemented outbound traffic controller that prevents various ICMP attacks. By preventing the transmission of attack messages in different ways according to each case, various network attacks can be prevented. In addition, unnecessary network traffic can be filtered before transmitted.

• The KIPS Transactions:PartC
• /
• v.11C no.5
• /
• pp.683-688
• /
• 2004

NAT is a very useful IP address translation technique that allows two connected networks using different and incompatible IP address schemes. But it is impractical to use NAT for an application which uses the encrypted IP packet, embedding IP addresses inside of data payloads, to guarantee End-to-End Security such as IPSec. In addition to rewriting the source/destination IP addresses in the packet, NAT must modify IP checksum every time, which could lead to considerable performance decrease of the overall system in the process of the address translation. RSIP is an alternative to solve these disadvantages of NAT and the address shortage problems. Both NAT and RSIP divide networks into inside and outside addressing realms. NAT translates addresses between internal network and external network, but RSIP uses a borrowed external address for outside communications. RSIP server assigns a routable public address to a RSIP client temporarily to communicate with public net-work outside of the private network. In this paper, RSIP gateway for intranet environment is designed and its performance is evaluated. From the results of performance evaluation, we knew that RSIP is operated less sensitive to the data traffic. Also, the experiment shows that RSIP performs better than NAT when the transmission data grows larger.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.10a
• /
• pp.701-704
• /
• 2007

Recently, More and more consumer enjoy the finance service such as settling, account transferring, stocks investment, and so via mobile device. In the mobile environment, data transferring between the devices is formatted as XML. However, the common XML file is exposed to the attack such as hacking and malignity code, to satisfy security of mobile environment is very difficult. The problem is more seriously at the open platform such as WIPI that is developed by our country. So there is enough reason to propose one system to protect the import data. In this paper, we development the system to digital signature and signature the XML document in order to protect data, and the system is observing the recommendation of the XML Signature Syntax and Processing by W3C. When designing and composition the system, we use the digital signature algorithm RSA, DSA, KCDSA, and HMAC, etc. we test the system at the open WIPI platform.

• KIISE Transactions on Computing Practices
• /
• v.21 no.2
• /
• pp.138-143
• /
• 2015

The Boyer-Moore algorithm is a single pattern string matching algorithm that is widely used in various applications such as computer and internet security, and bioinformatics. This algorithm is computationally demanding and requires high-performance parallel processing. In this paper, we propose a parallelization and performance optimization methodology for the BM algorithm on a GPU. Our methodology adopts an algorithmic cascading technique. This results in significant reductions in the mapping overheads for the threads participating in the parallel string matching. It also results in the efficient utilization of the multithreading capability of the GPU which improves the load balancing among threads. Our experimental results show that this approach achieves a 45-times speedup at maximum, in comparison with a serial execution.