• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.299-302
• /
• 2011

Recently, Voice over Internet protocol(VoIP) in IP-based wired and wireless voice, as well as by providing multimedia information transfer. Wired and wireless VoIP is easy on illegal eavesdropping of phone calls and VoIP call control signals on the network. In addition, service misuse attacks, denial of service attacks can be targeted as compared to traditional landline phones, there are several security vulnerabilities. In this paper, VoIP equipment in order to obtain information on the IP Phone is scanning. And check the password of IP Phone, and log in successful from the administrator's page. Then after reaching the page VoIP IP Phone Administrator Settings screen, phone number, port number, certification number, is changed. In addition, IP Phones that are registered in the administrator page of the call records check and personal information is the study of hacking.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.12
• /
• pp.2586-2594
• /
• 2009

A digital watermarking technique used as a protection and certifying mechanism of copyrighted creations including music, still images, and videos in terms of finding any loss in data, reproduction and pursuit. This study suggests using a selected geometric invariant point through the whole processing procedure of an image and inserting and extracting based on the invariant point so that it will be robust in a geometric transformation attack. The introduced algorithm here is based on a watershed splitting method in order to make medical images strong against RST(Rotation Scale, Translation) transformation and other processing. It also helps to maintain the watermark in images that are compressed and stored for a period of time. This algorithm also proved that is has robustness against not only JPEG compression attack, but also RST attack and filtering attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.959-972
• /
• 2021

Decentralized Identity is based on the concept of self-sovereign identity, in which holders manage and provide their own credentials. However, a procedure is required to obtain credentials from issuers, and there is a risk of mess personal information leaking due to negligence of the issuers. In this paper, we propose a peer decentralized identity system based on Peer DID technology that allows only participants to verify their identity in 1:1 or 1:N small groups by matching the holder with the issuer. It is directly connected to a mobile device using short-range wireless communications such as bluetooth, and the holders create and provide their own credentials in person to the other party, thus fully realizing the self-sovereignty identity. The proposed system can simplify the identification process, improve security and privacy, and reduce costs. Furthermore, an extended architecture is possible to connect the proposed system and the distributed ledger to identify users in other domains. In the future, based on various technologies, it is also necessary to expand research on identity systems that can be utilized for human-to-thing and things-to-things authentication.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.10
• /
• pp.1384-1389
• /
• 2020

Although the fintech industry is developing rapidly around the world, the domestic development situation is rather slow compared to the speed. Therefore, the future development direction can be set by analyzing the current status of the fintech industry in order to suggest the direction of development in the domestic fintech industry. The main services provided by companies belonging to the domestic fintech industry are in the areas of remittance settlement, financial investment, asset management, crowdfunding, P2P finance, overseas remittance, fintech SI, insurtech, virtual currency, security, and authentication. It is divided into. This study identifies the main technologies used in the service and grasps the current domestic status. In addition, it analyzes the distribution of workers by each service. This study is expected to play an important role in the development of the financial industry through technical analysis of fintech companies.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.79-89
• /
• 2004

Mobile IP Low Latency Handoffs allow greater support for real-time services on a Mobile W network by minimizing the period of time when a mobile node is unable to send or receive IP packets due to the delay in the Mobile IP Registration process. However, on Mobile IP network with AAA servers that are capable of performing Authentication, Authorization, and Accounting(AAA) services, every Registration has to be traversed to the home network to achieve new session keys, that are distributed by home AAA server, for a new Mobile IP session. This communication delay is the time taken to re-authenticate the mobile node and to traverse between foreign and home network even if the mobile node has been previously authorized to old foreign agent. In order to reduce these extra time overheads, we present a method that performs Low Latency Handoffs without requiring funker involvement by home AAA server. The method re-uses the previously assigned session keys. To provide confidentiality and integrity of session keys in the phase of key exchange between agents, it uses a key sharing method by gateway foreign agent that Performs a ousted thirty party. The Proposed method allows the mobile node to perform Low Latency Handoffs with fast as well as secure operation

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1069-1080
• /
• 2022

Zero trust, which means never trust anything before verifying it, is emerging as a hot issue in security field. After authenticating users, zero trust establishes network boundaries so that only networks in the trusted range can be accessed. This concept is also consistent with the concept of SDP, which performs pre-verification and creates a network boundary with a dynamic firewall so that clients can access only as many as they have permission to connect. Therefore, we recommend the SDP model as an example of how zero trust can be achieved in a zero trust architecture. In this paper, we point out the areas where SDP needs to be modified for zero trust and suggest ways to overcome them. In addition, we propose an onboarding method, which is one of the processes for becoming an SDP entity, and present performance measurement results.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.7
• /
• pp.1060-1070
• /
• 2022

With the development of information technology, the size of the system has become larger and diversified, and the existing role-based access control has faced limitations. Blockchain technology is being used in various fields by presenting new solutions to existing security vulnerabilities. This paper suggests efficient role-based access control in a blockchain where the required gas and processing time vary depending on the access frequency and capacity of the storage. The proposed method redefines the role of reusable units, introduces a hierarchical structure that can efficiently reflect dynamic states to enhance efficiency and scalability, and includes user-centered authentication functions to enable cryptocurrency linkage. The proposed model was theoretically verified using Markov chain, implemented in Ethereum private network, and compared experiments on representative functions were conducted to verify the time and gas efficiency required for user addition and transaction registration. Based on this in the future, structural expansion and experiments are required in consideration of exception situations.

• Journal of Korea Society of Industrial Information Systems
• /
• v.29 no.1
• /
• pp.77-89
• /
• 2024

This paper presents an unmanned store management system that can provide inventory management and theft prevention for displayed products using a small camera that can monitor the shelves of sold products in small and medium-sized stores. This system is a service solution that integrates object recognition, real-time communication, security management, access management, and mobile authentication. The proposed system uses a custom YOLOv5-x model to recognize objects on the display, measure quantities in real time, and support real-time data communication with servers through Raspberry Pie. In addition, the number of objects in the database and the object recognition results are compared to detect suspected theft situations and provide burial images at the time of theft. The proposed unmanned store solution is expected to improve the efficiency of small and medium-sized unmanned store operations and contribute to responding to theft.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.47 no.6
• /
• pp.93-102
• /
• 2010

Existing web based information service system solutions show limitations in mobile information services, as well as problems such as uncertain error messages, and difficulty providing swift assistance or real time emergency support. In order to solve these deficiencies, a realtime wireless remote control system has been designed and implemented in this thesis, which is capable of managing and monitoring remote systems using mobile communication devices (Mobile Phone, PDA, Smart Phone) for realtime control. Proposed systems are applied at remote places, for instance 'office building', and a nursery school like 'kindergarten'. In the case of implemented at office building, it can be managing and controlling at real time all sorts of the sensor information that are installed at office building system environment through wire(web environment) or wireless(mobile device). In the other case at kindergarten system that are providing the real-time wireless remote control and monitoring system can be monitoring activity of kindergarten children with a mobile phone of authentication user. The security functions of proposed systems include mobile device user authentication and target system access control. The proposed systems allow real-time user authentication function and system access control function that improve the security of resource administrators and mobile device users, and provides not only uninterrupted services, but also real time mobile service environments.

• The Korean Journal of Air & Space Law and Policy
• /
• v.28 no.1
• /
• pp.3-54
• /
• 2013

Nowadays, major advanced countries in aviation technology are putting their effort to develop commercial and civil Unmanned Aircraft System(UAS) due to its highly promising market demand in the future. The market scale of commercial and civil UAS is expected to increase up to approximately 8.8 billon U.S. dollars by the year 2020. The usage of commercial and civil UAS covers various areas such as remote sensing, relaying communications, pollution monitoring, fire detection, aerial reconnaissance and photography, coastline monitoring, traffic monitoring and control, disaster control, search and rescue, etc. With the introduction of UAS, changes need to be made on current Air Traffic Management Systems which are focused mainly manned aircrafts to support the operation of UAS. Accordingly, the legislation for the UAS operation should be followed. Currently, ICAO's Unmanned Aircraft System Study Group(UASSG) is leading the standardization process of legislation for UAS operation internationally. However, some advanced countries such as United States, United Kingdom, Australia have adopted its own legislation. Among these countries, United States is most forth going with President Obama signing a bill to integrate UAS into U.S. national airspace by 2015. In case of Korea, legislation for the unmanned aircraft system is just in the beginning stage. There are no regulations regarding the operation of unmanned aircraft in Korea's domestic aviation law except some clauses regarding definition and permission of the unmanned aircraft flight. However, the unmanned aircrafts are currently being used in military and under development for commercial use. In addition, the Ministry of Land, Infrastructure and Transport has a ambitious plan to develop commercial and civil UAS as Korea's most competitive area in aircraft production and export. Thus, Korea is in need of the legislation for the UAS operation domestically. In this regards, I personally think that Korea's domestic legislation for UAS operation will be enacted focusing on following 12 areas : (1)use of airspace, (2)licenses of personnel, (3)certification of airworthiness, (4)definition, (5)classification, (6)equipments and documents, (7)communication, (8)rules of air, (9)training, (10)security, (11)insurance, (12)others. Im parallel with enacting domestic legislation, korea should contribute to the development of international standards for UAS operation by actively participating ICAO's UASSG.