• The Journal of the Convergence on Culture Technology
• /
• v.9 no.6
• /
• pp.1017-1029
• /
• 2023

A large amount of transactions are taking place through Blockchain. Among them, the proportion of transactions through smart contracts is increasing. Accordingly, problems such as vulnerability attacks on smart contracts and fraud using smart contracts are increasing. Through security audits of smart contracts, developers can discover and resolve vulnerabilities, and users can distinguish whether smart contracts are fraudulent. However, there are currently no regulations and standards for security auditing of smart contracts, so services that perform security auditing are uneven. In this paper, we analyze security audit trends for smart contracts and identify what services are being provided. We investigate what elements are analyzed from smart contracts, focusing on security audit reports. Also, investigate what vulnerabilities can be detected. Finally, we investigate quality indicators for smart contracts and visualization elements of design extraction. Through this, we hope to be able to find visualization elements specialized for smart contracts.

• Journal of Digital Convergence
• /
• v.12 no.2
• /
• pp.27-37
• /
• 2014

While organizations are making a considerable effort to leverage formal and informal control mechanisms (e.g., policies, procedures, organizational culture) to improve security, their impact and effectiveness is under scrutiny as employees seldom comply with information security procedures. The best way to ensure the viability of a security policy is to make sure users understand it and accept necessary precautions. From an organization's perspective, a lack of security knowledge and awareness on the part of employees is a major problem. However, previous studies suggest that effect of security awareness education is inconsistent. Thus, this study is to find the answer why security awareness education is not effective. Conclusions and implications are discussed.

• The Journal of the Convergence on Culture Technology
• /
• v.3 no.4
• /
• pp.185-189
• /
• 2017

According to the rapid growth of Internet of Things (IoT) technology, we are able to connect between human and objects and between objects through network, allowing transmission and reception of information beyond the limits of space. These days, Low Power Wide Area (LPWA) technologies becomes popular more and more, to implement IoT infrastructure effectively. In this paper, this study aims to analyze LoRa, one of LPWA technologies, and suggest IoT security technology using LoRa to minimize threats to security.

• The Journal of the Convergence on Culture Technology
• /
• v.2 no.4
• /
• pp.65-70
• /
• 2016

As network communication increases by using public WiFi to check e-mail and handling Internet banking, the danger of hacking public routers continues to rise. While the national policy is to further propagate public routers, users are not eager to keep their information secure and there is a growing risk of personal information leakage. Because wireless routers implement high accessibility but are vulnerable to hacking, it is thus important to analyze hacking to tackle the attacks. In this study, an analysis is made of the encryption method used in WiFi and cases of hacking WiFi by security attacks on wireless routers, and a method for tackling the attacks is suggested.

• The Journal of the Convergence on Culture Technology
• /
• v.9 no.3
• /
• pp.707-714
• /
• 2023

The Internet of Things, which is the key factor of the 4th industrial revolution, are apt to apply to many systems. The existing security mechanism cannot be realized with limited resources such as low capacity of devices and sensors. In order to apply IoT system, a new structure and ultra-lightweight encryption is required. In this paper, we analyzed security issues that can operate in Internet-based smart home networks, and to solve the critical issues against these attacks, technologies for device protection between heterogeneous devices. Security requirements are required to protect from attacks. Therefore, we analyzed the demands and requirements for its application by analyzing the security architecture and features in smart home network.

• The Journal of the Convergence on Culture Technology
• /
• v.9 no.5
• /
• pp.463-474
• /
• 2023

Advances in technology have made it easier for organizations to share information and collaborate. However, collaboration systems where multiple entities share and access information are vulnerable to security. The concept of Software Bill Of Materials (SBOM) has emerged as a way to strengthen information security by identifying and transparently managing the components of software programs. To promote the adoption of SBOM in Korea, this study investigated the intention to use of collaboration system managers. This study was based on the theory of planned behavior and the integrated technology acceptance theory. The results of this study confirmed that performance expectations from SBOM adoption were an important variable for intention to use, and positive attitudes toward security also had an indirect effect through performance expectations. We found that SBOM adoption has an important causal relationship with performance due to the fact that it is targeted at enterprises, and that positive attitudes toward security and social climate can have a strong effect on intention to use.

• Information and Communications Magazine
• /
• v.31 no.6
• /
• pp.46-52
• /
• 2014

본고에서는 차세대 보안통신기술인 양자암호통신에 대해 기술한다. 양자암호통신은 양자키분배와 암호통신으로 이루어지는데 양자키분배란 양자역학적 원리에 의해 비밀키를 송/수신자가 절대 안전하게 나누어 갖는 방법을 일컫는다. 나누어진 비밀키를 이용하여 현대암호 기법을 이용한 암호통신을 수행하면 도청으로부터 절대 안전한 보안통신 구현이 완성된다. 해외에서는 양자암호통신의 가능성과 중요성을 인식하고 집중적인 투자를 통해 연구개발을 진행하고 있으나 아직까지 국내에서는 체계적인 연구개발 활동이 미약한 상황이다. KIST는 2013년 25km 떨어진 송/수신자가 비밀키를 나누어가질 수 있는 BB84 양자키분배 프로토콜 기반 시스템 하드웨어를 구현하여 해외학회에 전시 및 시연 했다. 추후 현대암호와의 융합연구 병행 기술개발을 추진한다면 조기에 양자암호통신 실용화가 가능할 것이라 기대된다. 절대 안전한 차세대 보안통신의 실현은 직접적으로는 국가적인 보안통신망의 확보를 가능하게 하고 간접적으로는 미래 초연결사회에서 활발한 지식 정보 교류를 가능하게 하여 새로운 사회 문화적 변화를 이끌어 내는 기반 기술이 될 것으로 기대한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.476-478
• /
• 2014

시간과 장소에 구애받지 않고 인터넷을 이용할 수 있는 환경이 보편화됨에 따라 BYOD 환경이 도입되면서 외부에서도 개인 단말기기를 통해 업무를 처리하는 모습을 어렵지 않게 볼 수 있다. 이처럼 BYOD는 점차 기업 문화의 한 트렌드로 받아들여지고 있다. 반면에, 그에 따른 보안 위협에 대해서는 신중하게 접근해야 한다. 기존에는 기업 내부 기밀 정보의 외부 유출이 엄격히 관리되었으나, BYOD 환경이 도입됨에 따라 내부 정보 유출에 대한 통제가 어려워졌다. 또한 공개 Wi-Fi 등 보안이 취약한 공용 네트워크를 통해 기업 내부 서비스에 접속할 경우 해킹에 따른 보안 위협도 무시할 수 없다. 이러한 보안 위협에 대처하기 위해서는 근본적으로 사용자의 모든 행위에 대해 상황을 인식하고 관리해야 한다. 본 논문에서는 BYOD 환경에서 사용자의 기업 내부 서비스 접속 및 이용에 따른 모든 상황을 단위 정보로 정의함으로써 상황을 인식하는 방안을 제안한다. 이렇게 정의된 정보는 기업 내부 보안 정책 수립, 비정상 행위 탐지 등에 활용 될 수 있다.

• Journal of the Korea Convergence Society
• /
• v.6 no.4
• /
• pp.33-40
• /
• 2015

According to arriving convergence environment which can create new value-added converged between industry and ICT technology, It has made economic growth and improve the quality of life. However this convergence environment provide not only advantage but also various security problems resulting from generating converged security threats. For resolving this security problem, we need to approach to security problem in the integrated view not the fragmentary view which cover only technical approach. So This study developed security governance framework which can manage trustful security governance in multidimensional view which cover strategy, managerial/operational and technical view. Therefore this framework can construct trustful security management system which can help top management team to engage in security management directly and organizational member to perform security activities and have responsibility for themselves as suggesting single standard for security management.

• 프린팅코리아
• /
• v.11 no.11
• /
• pp.99-99
• /
• 2012

한국하이델베르그(주)(대표이사 김범식)는 모든 인쇄 재료 제품을 인터넷을 통해 주문할 수 있는 온라인숍 (www.shop.heidelberg.com)을 개설했다. 이 온라인숍은 하이델베르그 본사 및 세계 각 나라의 현지 법인에서 지난 10년에 걸쳐 이미 이용하고 있는 플랫폼을 한국 고객에 맞춰 보완한 것으로 보안 등 중요 기능면에서 이미 입증된 안전하고 편리한 주문 시스템이다.