• Journal of the Korean Society for information Management
• /
• v.19 no.1
• /
• pp.23-46
• /
• 2002

With explosively increasing digital contents, library and Information center should have a new role between knowledge providers and knowledge users as information brokering organization. Electronic transaction system should be required for performing this brokering service since economic value is added to information and knowledge in information society. The developments and changes around library are keeping up with increasing building digital library and digitalizing printed sources. With the rapidly changing circumstances, the Internet is currently witnessing an explosive growth. By serving as a virtual information resource. the Internet can dramatically change the way business is conducted and Information is provided. However because of features o( the Internet like openness and information sharing, it has fundamental vulnerabilities in security issues. For Instance, disclosure of private information and line eavesdropping such as password, banking account, transaction data on network and so on are primary obstruction factors to activation of digital contents delivery on network. For high network security and authentication, this paper looks at smart card technologies and proposes multi-authentication protocol based on smart card on open network, implements and analyzes it.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.42 no.11
• /
• pp.35-44
• /
• 2005

In Mobile IP protocol, because a mobile node still uses its home IP address even though it moves to foreign network from home network, authentication among mobile node, foreign network and home network is critical issue. Many researches about this issue have been based on shared secret, for example mobile node and home agent authenticate each other with pre-shared symmetry key. And they missed several security issues such as replay attack. Although public key scheme could be applied to this issue easily, since the public key cryptography is computationally complicated, it still has the problem that it is not practical to realistic environment. In this paper, we describe several security issues in Mobile IP protocol. And we propose new Mobile IP authentication protocol that is applicable to realistic environment using public key algorithm based on certificate. It has scalability for mobile nodes and is applicable to the original Mobile IP protocol without any change. Finally we prove security of the proposed protocol and that it might not affect performance of the original Mobile IP protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1475-1487
• /
• 2018

To verify remitter's identity when the remitter transfers money to a recipient using an electronic financial service provided by the financial institution, the remitter inputs the information; such as the withdrawal account number, the withdrawal amount, the password pre-registered with the financial company, or the information from authenticating medium that is previously distributed by the financial institution. However, the 1-Way transaction between the financial institution and the remitter is exposed to a great risk of accidents such as an anomaly remittance or a voice phishing fraud. Therefore, in this study, we propose a 2-WAY trade verification model for electronic financial transaction that can be mutually agreed by allowing the recipient to share the transaction information with the remitter and the financial company. We have improved the traditional electronic financial transaction's method by replacing it to 2-WAY trade method, and it is used for various purposes; such as preventing an error within the remittance or voice phishing fraud, enhancing loan transaction and contract transaction, etc. Through these variety of applications, we are expecting to reduce the inconveniences while improving the convenience of financial transaction and vitalizing the P2P transaction of financial institution.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.5
• /
• pp.35-44
• /
• 2009

To protect sensitive personal information, data will be stored in encrypted form. However in order to retrieve these encrypted data without decryption, there need efficient search methods to enable the retrieval of the encrypted data. Until now, a number of searchable encryption schemes have been proposed but these schemes are not suitable when dynamic users who have the permission to access the data share the encrypted data. Since, in previous searchable encryption schemes, only specific user who is the data owner in symmetric key settings or has the secret key corresponding to the public key for the encrypted data in asymmetric key settings can access to the encrypted data. To solve this problem, Stephen S. Yau et al. firstly proposed the controlled privacy preserving keyword search scheme which can control the search capabilities of users according to access policies of the data provider. However, this scheme has the problem that the privacy of the data retrievers can be breached. In this paper, we firstly analyze the weakness of Stephen S. Yau et al.'s scheme and propose privacy preserving keyword search with access control. Our proposed scheme preserves the privacy of data retrievers.

• Journal of KIISE:Information Networking
• /
• v.29 no.5
• /
• pp.583-594
• /
• 2002

Assuring the security of group communications such as tole-conference and software distribution requires a common group key be shared among the legal members in a secure manner. Especially for large groups with frequent membership change, efficient rekey mechanism is essential for scalability. One of the most popular ways to provide sealable rekey is to partition the group into several subgroups. In this paper, we propose a two-layered key management scheme which combines DEP and CBT, a protocol in which subgroup manager cannot access the multicast data and another that has a multi-core, respectively. We also select sub-group key management protocols suitable for our structure and design new rekey protocols to exclude the subgroup managers from the multicast data. Compared to previous protocols based on CBT, our scheme provides forward secrecy, backward secrecy and scalability. This would reduce the number of encryption and decryption for a rekey message and would improve the efficiency number of rekey messages and the amount of information related to group members that group managers must maintain compared to DEP.

• The Korean Journal of Archival Studies
• /
• no.40
• /
• pp.95-130
• /
• 2014

Three frequently used documents by researchers on the Japanese colonial period-Classified Police Records of the Japanese Government-General of korea on the Anti-Japanese Movement 舊 朝鮮總督府 警務局 抗日獨立運 動關係 秘密記錄, Trial Records of Gyeongseong District Court 京城地方法院 裁判記錄 and Filed Documents of Gyeongseong District Court 京城地方法院 編綴文書(while the latter two were collected by the National Institute of Korean History, the former was collected by Asiatic Research Institute of Korea University)-are among the same records group that the Prosecutor's Office of Gyeongseong District Court produced through registration and compilation. As contents related to ideology suppression and thought control were numerous, it could be assumed that most of the materials were produced by the 'Department of Ideology' of the Prosecutor's Office. By examining the administrative records of the 1920's within this group, the process of how the 'Department of Ideology' was formed is clearly shown. As ideological movements for Korea's independence and revolution grew, execution of regulations was further expanded by the Prosecutor's Office. Since the mid-1920's, information on ideology had been separated from general information, was routinely collected heavily, and was considered more valuable than the general information. By the end of the 1920's, the term Ideology Prosecutor 思想係 檢事(meaning a prosecutor who specializes in ideology verification) and the named 'Department of Ideology'(思想部) emerged on the records.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.9
• /
• pp.305-316
• /
• 2022

With the flood of digital data owing to the Internet of Things and big data, cloud service providers that process and store vast amount of data from multiple users can apply duplicate data elimination technique for efficient data management. The user experience can be improved as the notion of edge computing paradigm is introduced as an extension of the cloud computing to improve problems such as network congestion to a central cloud server and reduced computational efficiency. However, the addition of a new edge device that is not entirely reliable in the edge computing may cause increase in the computational complexity for additional cryptographic operations to preserve data privacy in duplicate identification and elimination process. In this paper, we propose an efficiency-improved duplicate data elimination protocol while preserving data privacy with an optimized user-edge-cloud communication framework by utilizing a trusted execution environment. Direct sharing of secret information between the user and the central cloud server can minimize the computational complexity in edge devices and enables the use of efficient encryption algorithms at the side of cloud service providers. Users also improve the user experience by offloading data to edge devices, enabling duplicate elimination and independent activity. Through experiments, efficiency of the proposed scheme has been analyzed such as up to 78x improvements in computation during data outsourcing process compared to the previous study which does not exploit trusted execution environment in edge computing architecture.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.2
• /
• pp.13-24
• /
• 1999

Electronic cash is a digital signature issued by bank. If the concept of the distributed secret sharing and magic ink signature is introduced in the existing electronic cash system we can increase the security level and the availability of electronic cash system and trace the electronic cash itself and the owner of electronic cash which was issued anonymously to a user in case of illegal usage of electronic cash by users. If the trust is concentrated on one bank system. the problem of misuse of bank can be occurred. To solve this problem, the distributed secrete sharing scheme need to be introduced in electronic cash system. In this paper We propose a DSS(Digital Signature Standard) distributed magic ink signature scheme and a KCDSA(Korea Certificate-based Digital Signature Algorithm) distributed magic ink signature scheme using a verifiable secret sharing method. and we compare two methods with respect to the required computation amount for the generation of magic-ink signature.

• Journal of Internet Computing and Services
• /
• v.23 no.5
• /
• pp.127-134
• /
• 2022

Steganography is a hidden technique in which secret messages are hidden in various multimedia files, and it is widely exploited for cyber crime and attacks because it is very difficult for third parties other than senders and receivers to identify the presence of hidden information in communication messages. Botnet typically consists of botmasters, bots, and C&C (Command & Control) servers, and is a botmasters-controlled network with various structures such as centralized, distributed (P2P), and hybrid. Recently, in order to enhance the concealment of botnets, research on Stego Botnet, which uses SNS platforms instead of C&C servers and performs C&C communication by applying steganography techniques, has been actively conducted, but image or video media-oriented stego botnet techniques have been studied. On the other hand, audio files such as various sound sources and recording files are also actively shared on SNS, so research on stego botnet based on audio steganography is needed. Therefore, in this study, we present the results of comparative analysis on hidden capacity by file type and tool through experiments, using a stego botnet that performs C&C hidden communication using audio files as a cover medium in Telegram Messenger.

• Cartoon and Animation Studies
• /
• s.22
• /
• pp.81-97
• /
• 2011

The technology of 'Virtual Reality' has placed in advanced tools for human beings' joy and anger together with sorrow and pleasure in our generation. It has recently tried in a variety ways to use as an implication for treatment in the field of Cognitive Psychology. Especially, it widely approaches to human in terms of that a sense of reality in a virtual world through the five senses should reinterpret the meaning of cognition in the real world. Based on this paradigm shift, it allows for new treatment using the technology of virtual reality. A typical example is a field of Therapy in order to overcome panic disorder. It has advantages that in particular development of flexible interaction technologies in a virtual space can lead patients to experience psychological environments rather than physical one. the interaction technology provides environments in which users' five senses can be actively stimulated, it is very useful that information from the experiences in the virtual world allows people to learn through real experiences by renewing potential energies, advantages of Virtual Reality Therapy can be customized treatment by depending on symptoms in patients with panic disorder and are capable of differentiate application for the cure at each stage. It is to treat by leading patients to get accustomed to environments and situations in real world through care process with each symptom and stage. It is helpful that based on A Human-Sensibility Ergonomics, technologies like immersive virtual reality equipment, force-relative feedback and stereophonic sound, and like stimulating the sense of smell make people to induce experiences by stimulating human's five senses. There are many advantages of immersion in virtual world in that the phenomenon such as challenge, interaction, reality, illusion, and cooperation is expanded. As an application for therapy by growing such augmented reality, virtual space and sharing of data through the Internet and also inexpensive its availability have recently expanded the base. There are other benefits of Virtual Reality Therapy offering active interaction environments for cognitive experience which can provide appropriately adjusted environments for patients who are hard to overcome the real situation because of phobia. In addition to that it is safe and economical and patients' confidentiality is assured. Moreover, due to the principles of applying real-time navigation the Virtual Reality Therapy makes modification and supplementation easier and also it can reduce cybersickness because of the supply of Lenticular allowing people to see stereoscopy without eyeglasses, which makes sense of presence clearer. On top of that due to the development of interactive technologies, it is becoming close to sense of reality similar to real world by leading users to navigate by themselves and to operate objects in a virtual space. This paper will therefore examine, although it is of limited, characteristics of application of virtual reality technology based on A Human-Sensibility Ergonomics used for treatment for a disorder. this paper will analyse a range of its application and problems and it will suggest the future possibilities.