• Title/Summary/Keyword: 보안문제

Search Result 3,077, Processing Time 0.028 seconds

Medical Information Dynamic Access System in Smart Mobile Environments (스마트 모바일 환경에서 의료정보 동적접근 시스템)

  • Jeong, Chang Won;Kim, Woo Hong;Yoon, Kwon Ha;Joo, Su Chong
    • Journal of Internet Computing and Services
    • /
    • v.16 no.1
    • /
    • pp.47-55
    • /
    • 2015
  • Recently, the environment of a hospital information system is a trend to combine various SMART technologies. Accordingly, various smart devices, such as a smart phone, Tablet PC is utilized in the medical information system. Also, these environments consist of various applications executing on heterogeneous sensors, devices, systems and networks. In these hospital information system environment, applying a security service by traditional access control method cause a problems. Most of the existing security system uses the access control list structure. It is only permitted access defined by an access control matrix such as client name, service object method name. The major problem with the static approach cannot quickly adapt to changed situations. Hence, we needs to new security mechanisms which provides more flexible and can be easily adapted to various environments with very different security requirements. In addition, for addressing the changing of service medical treatment of the patient, the researching is needed. In this paper, we suggest a dynamic approach to medical information systems in smart mobile environments. We focus on how to access medical information systems according to dynamic access control methods based on the existence of the hospital's information system environments. The physical environments consist of a mobile x-ray imaging devices, dedicated mobile/general smart devices, PACS, EMR server and authorization server. The software environment was developed based on the .Net Framework for synchronization and monitoring services based on mobile X-ray imaging equipment Windows7 OS. And dedicated a smart device application, we implemented a dynamic access services through JSP and Java SDK is based on the Android OS. PACS and mobile X-ray image devices in hospital, medical information between the dedicated smart devices are based on the DICOM medical image standard information. In addition, EMR information is based on H7. In order to providing dynamic access control service, we classify the context of the patients according to conditions of bio-information such as oxygen saturation, heart rate, BP and body temperature etc. It shows event trace diagrams which divided into two parts like general situation, emergency situation. And, we designed the dynamic approach of the medical care information by authentication method. The authentication Information are contained ID/PWD, the roles, position and working hours, emergency certification codes for emergency patients. General situations of dynamic access control method may have access to medical information by the value of the authentication information. In the case of an emergency, was to have access to medical information by an emergency code, without the authentication information. And, we constructed the medical information integration database scheme that is consist medical information, patient, medical staff and medical image information according to medical information standards.y Finally, we show the usefulness of the dynamic access application service based on the smart devices for execution results of the proposed system according to patient contexts such as general and emergency situation. Especially, the proposed systems are providing effective medical information services with smart devices in emergency situation by dynamic access control methods. As results, we expect the proposed systems to be useful for u-hospital information systems and services.

A Comparative Study on the Effective Deep Learning for Fingerprint Recognition with Scar and Wrinkle (상처와 주름이 있는 지문 판별에 효율적인 심층 학습 비교연구)

  • Kim, JunSeob;Rim, BeanBonyka;Sung, Nak-Jun;Hong, Min
    • Journal of Internet Computing and Services
    • /
    • v.21 no.4
    • /
    • pp.17-23
    • /
    • 2020
  • Biometric information indicating measurement items related to human characteristics has attracted great attention as security technology with high reliability since there is no fear of theft or loss. Among these biometric information, fingerprints are mainly used in fields such as identity verification and identification. If there is a problem such as a wound, wrinkle, or moisture that is difficult to authenticate to the fingerprint image when identifying the identity, the fingerprint expert can identify the problem with the fingerprint directly through the preprocessing step, and apply the image processing algorithm appropriate to the problem. Solve the problem. In this case, by implementing artificial intelligence software that distinguishes fingerprint images with cuts and wrinkles on the fingerprint, it is easy to check whether there are cuts or wrinkles, and by selecting an appropriate algorithm, the fingerprint image can be easily improved. In this study, we developed a total of 17,080 fingerprint databases by acquiring all finger prints of 1,010 students from the Royal University of Cambodia, 600 Sokoto open data sets, and 98 Korean students. In order to determine if there are any injuries or wrinkles in the built database, criteria were established, and the data were validated by experts. The training and test datasets consisted of Cambodian data and Sokoto data, and the ratio was set to 8: 2. The data of 98 Korean students were set up as a validation data set. Using the constructed data set, five CNN-based architectures such as Classic CNN, AlexNet, VGG-16, Resnet50, and Yolo v3 were implemented. A study was conducted to find the model that performed best on the readings. Among the five architectures, ResNet50 showed the best performance with 81.51%.

A case study of blockchain-based public performance video platform establishment: Focusing on Gyeonggi Art On, a new media art broadcasting station in Gyeonggi-do (블록체인 기반 공연영상 공공 플랫폼 구축 사례 연구: 경기도 뉴미디어 예술방송국 경기아트온을 중심으로)

  • Lee, Seung Hyun
    • Journal of Service Research and Studies
    • /
    • v.13 no.1
    • /
    • pp.108-126
    • /
    • 2023
  • This study explored the sustainability of a blockchain-based cultural art performance video platform through the construction of Gyeonggi Art On, a new media art broadcasting station in Gyeonggi-do. In addition, the technical limitations of video content transaction using block chain, legal and institutional issues, and the protection of personal information and intellectual property rights were reviewed. As for the research method, participatory observation methods such as in-depth interviews with developers and operators and participation in meetings were conducted. The researcher participated in and observed the entire development process, including designing and developing blockchain nodes, smart contracts, APIs, UI/UX, and testing interworking between blockchain and content distribution services. Research Question 1: The results of the study on 'Which technology model is suitable for a blockchain-based performance video content distribution public platform?' are as follows. 1) The blockchain type suitable for the public platform for distribution of art performance video contents based on the blockchain is the private type that can be intervened only when the blockchain manager directly invites it. 2) In public platforms such as Gyeonggi ArtOn, among the copyright management model, which is an art based on NFT issuance, and the BC token and cloud-based content distribution model, the model that provides content to external demand organizations through API and uses K-token for fee settlement is suitable. 3) For public platform initial services such as Gyeonggi ArtOn, a closed blockchain that provides services only to users who have been granted the right to use content is suitable. Research question 2: What legal and institutional problems should be reviewed when operating a blockchain-based performance video distribution public platform? The results of the study are as follows. 1) Blockchain-based smart contracts have a party eligibility problem due to the nature of blockchain technology in which the identities of transaction parties may not be revealed. 2) When a security incident occurs in the block chain, it is difficult to recover the loss because it is unclear how to compensate or remedy the user's loss. 3) The concept of default cannot be applied to smart contracts, and even if the obligations under the smart contract have already been fulfilled, the possibility of incomplete performance must be reviewed.

Adaptive RFID anti-collision scheme using collision information and m-bit identification (충돌 정보와 m-bit인식을 이용한 적응형 RFID 충돌 방지 기법)

  • Lee, Je-Yul;Shin, Jongmin;Yang, Dongmin
    • Journal of Internet Computing and Services
    • /
    • v.14 no.5
    • /
    • pp.1-10
    • /
    • 2013
  • RFID(Radio Frequency Identification) system is non-contact identification technology. A basic RFID system consists of a reader, and a set of tags. RFID tags can be divided into active and passive tags. Active tags with power source allows their own operation execution and passive tags are small and low-cost. So passive tags are more suitable for distribution industry than active tags. A reader processes the information receiving from tags. RFID system achieves a fast identification of multiple tags using radio frequency. RFID systems has been applied into a variety of fields such as distribution, logistics, transportation, inventory management, access control, finance and etc. To encourage the introduction of RFID systems, several problems (price, size, power consumption, security) should be resolved. In this paper, we proposed an algorithm to significantly alleviate the collision problem caused by simultaneous responses of multiple tags. In the RFID systems, in anti-collision schemes, there are three methods: probabilistic, deterministic, and hybrid. In this paper, we introduce ALOHA-based protocol as a probabilistic method, and Tree-based protocol as a deterministic one. In Aloha-based protocols, time is divided into multiple slots. Tags randomly select their own IDs and transmit it. But Aloha-based protocol cannot guarantee that all tags are identified because they are probabilistic methods. In contrast, Tree-based protocols guarantee that a reader identifies all tags within the transmission range of the reader. In Tree-based protocols, a reader sends a query, and tags respond it with their own IDs. When a reader sends a query and two or more tags respond, a collision occurs. Then the reader makes and sends a new query. Frequent collisions make the identification performance degrade. Therefore, to identify tags quickly, it is necessary to reduce collisions efficiently. Each RFID tag has an ID of 96bit EPC(Electronic Product Code). The tags in a company or manufacturer have similar tag IDs with the same prefix. Unnecessary collisions occur while identifying multiple tags using Query Tree protocol. It results in growth of query-responses and idle time, which the identification time significantly increases. To solve this problem, Collision Tree protocol and M-ary Query Tree protocol have been proposed. However, in Collision Tree protocol and Query Tree protocol, only one bit is identified during one query-response. And, when similar tag IDs exist, M-ary Query Tree Protocol generates unnecessary query-responses. In this paper, we propose Adaptive M-ary Query Tree protocol that improves the identification performance using m-bit recognition, collision information of tag IDs, and prediction technique. We compare our proposed scheme with other Tree-based protocols under the same conditions. We show that our proposed scheme outperforms others in terms of identification time and identification efficiency.

Aviation Safety Regulation and ICAO's Response to Emerging Issues (항공안전규제와 새로운 이슈에 대한 ICAO의 대응)

  • Shin, Dong-Chun
    • The Korean Journal of Air & Space Law and Policy
    • /
    • v.30 no.1
    • /
    • pp.207-244
    • /
    • 2015
  • Aviation safety is the stage in which the risk of harm to persons or of property damage is reduced to, and maintained at or below, an acceptable level through a continuing process of hazard identification and risk management. Many accidents and incidents have been taking place since 2014, while there had been relatively safer skies before 2014. International civil aviation community has been exerting great efforts to deal with these emerging issues, thus enhancing and ensuring safety throughout the world over the years. The Preamble of the Chicago Convention emphasizes safety and order of international air transport, and so many Articles in the Convention are related to the safety. Furthermore, most of the Annexes to the Convention are International Standards and Recommended Practices pertaining to the safety. In particular, Annex 19, which was promulgated in Nov. 2013, dealing with safety management system. ICAO, as law-making body, has Air Navigation Commission, Council, Assembly to deliberate and make decisions regarding safety issues. It is also implementing USOAP and USAP to supervise safety functions of member States. After MH 370 disappeared in 2014, ICAO is developing Global Tracking System whereby there should be no loophole in tracking the location of aircraft anywhere in world with the information provided by many stakeholders concerned. MH 17 accident drove ICAO to install web-based repository where information relating to the operation in conflict zones is provided and shared. In addition, ICAO has been initiating various solutions to emerging issues such as ebola outbreak and operation under extreme meteorological conditions. Considering the necessity of protection and sharing of safety data and information to enhance safety level, ICAO is now suggesting enhanced provisions to do so, and getting feedback from member States. It has been observed that ICAO has been approaching issues towards problem-solving from four different dimensions. First regarding time, it analyses past experiences and best practices, and make solutions in short, mid and long terms. Second, from space perspective, ICAO covers States, region and the world as a whole. Third, regarding stakeholders it consults with and hear from as many entities as it could, including airlines, airports, community, consumers, manufacturers, air traffic control centers, air navigation service providers, industry and insurers. Last not but least, in terms of regulatory changes, it identifies best practices, guidance materials and provisions which could become standards and recommended practices.

Development of Local Animal BLAST Search System Using Bioinformatics Tools (생물정보시스템을 이용한 Local Animal BLAST Search System 구축)

  • Kim, Byeong-Woo;Lee, Geun-Woo;Kim, Hyo-Seon;No, Seung-Hui;Lee, Yun-Ho;Kim, Si-Dong;Jeon, Jin-Tae;Lee, Ji-Ung;Jo, Yong-Min;Jeong, Il-Jeong;Lee, Jeong-Gyu
    • Bioinformatics and Biosystems
    • /
    • v.1 no.2
    • /
    • pp.99-102
    • /
    • 2006
  • The Basic Local Alignment Search Tool (BLAST) is one of the most established software in bioinformatics research and it compares a query sequence against the libraries of known sequences in order to investigate sequence similarity. Expressed Sequence Tags (ESTs) are single-pass sequence reads from mRNA (or cDNA) and represent the expression for a given cDNA library and the snapshot of genes expressed in a given tissue and/or at a given developmental stage. Therefore, ESTs can be very valuable information for functional genomics and bioinformatics researches. Although major bio database (DB) websites including NCBI are providing BLAST services and EST data, local DB and search system is demanding for better performance and security issue. Here we present animal EST DBs and local BLAST search system. The animal ESTs DB in NCBI Genbank were divided by animal species using the Perl script we developed. and we also built the new extended DB search systems fur the new data (Local Animal BLAST Search System: http://bioinfo.kohost.net), which was constructed on the high-capacity PC Cluster system fur the best performance. The new local DB contains 650,046 sequences for Bos taurus(cattle), 368,120 sequences for Sus scrofa (pig), 693,005 sequences for Gallus gallus (fowl), respectively.

  • PDF

Research of generate a test case to verify the possibility of external threat of the automotive ECU (차량 ECU의 외부 위협성 가능성을 검증하기 위한 테스트 케이스 생성 연구)

  • Lee, Hye-Ryun;Kim, Kyoung-Jin;Jung, Gi-Hyun;Choi, Kyung-Hee
    • Journal of the Korea Society of Computer and Information
    • /
    • v.18 no.9
    • /
    • pp.21-31
    • /
    • 2013
  • ECU(Electric Control Unit) on the important features of the vehicle is equipped, ECU between sending and receiving messages is connected to one of the internal network(CAN BUS), but this network easily accessible from the outside and not intended to be able to receive attacks from an attacker, In this regard, the development of tools that can be used in order to verify the possibility of attacks on attacks from outside, However, the time costs incurred for developing tools and time to analyze from actual car for CAN messages to be used in the attack to find. In this paper, we want to solve it, propose a method to generate test cases required for the attack is publicly available tool called Sulley and it explains how to find the CAN messages to be used in the attack. Sulley add the CAN messages data generated library files in provided library file and than Sulley execute that make define and execute file conform to the CAN communication preferences and create message rules. Experiments performed by the proposed methodology is applied to the actual car and result, test cases generated by the CAN messages fuzzing through Sulley send in the car and as a result without a separate tool developed was operating the car.

QR-Code Based Mutual Authentication System for Web Service (웹 서비스를 위한 QR 코드 기반 상호 인증 시스템)

  • Park, Ji-Ye;Kim, Jung-In;Shin, Min-Su;Kang, Namhi
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.39B no.4
    • /
    • pp.207-215
    • /
    • 2014
  • Password based authentication systems are most widely used for user convenience in web services. However such authentication systems are known to be vulnerable to various attacks such as password guessing attack, dictionary attack and key logging attack. Besides, many of the web systems just provide user authentication in a one-way fashion such that web clients cannot verify the authenticity of the web server to which they set access and give passwords. Therefore, it is too difficult to protect against DNS spoofing, phishing and pharming attacks. To cope with the security threats, web system adopts several enhanced schemes utilizing one time password (OTP) or long and strong passwords including special characters. However there are still practical issues. Users are required to buy OTP devices and strong passwords are less convenient to use. Above all, one-way authentication schemes generate several vulnerabilities. To solve the problems, we propose a multi-channel, multi-factor authentication scheme by utilizing QR-Code. The proposed scheme supports both user and server authentications mutually, thereby protecting against attacks such as phishing and pharming attacks. Also, the proposed scheme makes use of a portable smart device as a OTP generator so that the system is convenient and secure against traditional password attacks.

A Framework of N-Screen Session Manager based N-Screen Service using Cloud Computing in Thin-Client Environment (씬클라이언트 환경에서 클라우드 컴퓨팅을 이용한 N-Screen 세션 관리 기반의 N-Screen 서비스 프레임워크)

  • Alsaffar, Aymen Abdullah;Song, Biao;Hassan, Mohammad Mehedi;Huh, Eui-Nam
    • Journal of Internet Computing and Services
    • /
    • v.13 no.2
    • /
    • pp.21-32
    • /
    • 2012
  • We develop architecture of a virtual aggregation gateway (VAG) which enables composite application streaming based on N-Screen-as-a-Service (NaaS) using cloud computing in thin-client environment. We also discuss the problem of server computing burden in large scale multi-client case for screens sharing with composite application streaming over the internet. In particular, we propose an efficient Framework of N-Screen Session Manager which manages all media signaling that are necessary to deliver demanded contents. Furthermore, it will provides user with playback multimedia contents method (TV Drama, Ads, and Dialog etc) which is not considered in other research papers. The objectives of proposing N-Screen Session Manager are to (1) manage session status of all communication sessions (2) manage handling of received request and replies (3) allow users to playback multimedia contents anytime with variety of devices for screen sharing and (4) allow users to transfer an ongoing communication session from one device to another. Furthermore, we discuss the major security issues that occur in Session Initiation Protocol as well as minimizing delay resulted from session initiations (playback or transfer session).

Design and Implementation of 3D Geospatial Open Platform Based on HTML5/WebGL Technology (HTML5/WebGL 기반 3D 공간정보 오픈플랫폼 소프트웨어 설계 및 구현)

  • Kim, Min Soo;Jang, In Sung
    • Spatial Information Research
    • /
    • v.23 no.6
    • /
    • pp.57-66
    • /
    • 2015
  • Recently, the utilization of geospatial open platforms has been constantly increased and the interest in 3D geospatial data such as terrain, building and shopping mall has been increased significantly. In particular, rather than simplified 3D geospatial data, interest in high-precision 3D geospatial data which similarly represents the real world objects has increased significantly. In order to satisfy the demand for such the high-precision 3D geospatial data, various kinds of 3D geospatial open platforms has been developed and has provided services on the web. However, most of the 3D geospatial open platforms have been used plug-in module in order to ensure a fast 3D rendering performance on the web, despite the many problems such as difficulty of the installation, no supporting of cross browser/operating system and security issues. In addition, recently, the existing 3D geospatial open platforms based on plug-in module are facing a serious problem, by declaring the NPAPI service interruption in Chrome and Firefox browsers. In this study, we presents the design and implementation of a new 3D geospatial open platform based on HTML5/WebGL technology without the use of plug-ins. Such the new 3D geospatial open platform based on HTML5/WebGL may support cross browsers such as IE, Chrome, Firefox, Safari and cross OS platforms such as Windows, Linux, Mac and mobile OS platforms.