• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.5
• /
• pp.656-661
• /
• 2022

Password with a combination of 4-digit numbers has been widely adopted for various authentication systems (such as credit card authentication, digital door lock systems and so on). However, this system could not be safe because the 4-digit password can easily be stolen by predicting it from the fingermarks on the keypad or display screen. Furthermore, due to the prolonged COVID-19 pandemic, contactless method has been preferred over contact method in authentication. This paper suggests a new password input method based on eyeblink pattern analysis in video sequence. In the proposed method, when someone stands in front of a camera, the sequence of eyeblink motions is captured (according to counting signal from 0 to 9 or 9 to 0), analyzed and encoded, producing the desired 4-digit decimal numbers. One does not need to touch something like keypad or perform an exaggerated action, which can become a very important clue for intruders to predict the password.

• Journal of the Korean Institute of Gas
• /
• v.26 no.6
• /
• pp.65-75
• /
• 2022

Recently, the possibility of fire and explosion due to hydrogen leakage and the resulting risk are increasing since the operating pressure of the electrolysis increases. This study performed the hazardous area classification in accordance with KS C IEC 60079-10-1 and KGS GC101 in consideration of the general operating conditions of the electrolysis. In addition, in order to achieve a To Non-hazardous, an appropriate ventilation rate was estimated to maintain a concentration of less than 25 % of the lower explosive limit. As a result, it was reviewed that the electrolysis is classified as an hazardous area when only natural ventilation is applied, and a huge amount of ventilation is required to classify it as a non-hazardous area.

• Smart Media Journal
• /
• v.11 no.10
• /
• pp.76-88
• /
• 2022

Personal information leakage is very harmful as it can lead to additional attacks using leaked information as well as privacy invasion, and it is primarily caused by hacking server databases of institutions that collect and store personal information. We propose a scheme that allows a service-requesting user to authorize a secure delegated transfer of his personal information to the service provider via a reliable authority and enables only the two parties of the service to retrieve the provided information stored on a blockchain ensuring data confidentiality. It thus eliminates the necessity of storing customer information in the service provider's own database. As a result, the service provider can serve customers without requiring membership registration or storing personal information in the database, so that information leakage through the server database can be completely blocked. In addition, the scheme is free from the risk of information leakage and subsequent attacks through smartphones because it does not require a user's smartphone to store any authentication credential or personal information of its owner.

• Journal of Internet of Things and Convergence
• /
• v.9 no.2
• /
• pp.47-54
• /
• 2023

The MyData service makes anyone possible to apply the personal information for the personal credit management or the financial management by proactive managing his/her own information. The MyData means that the anyone is able to control or manage the its own information by changing from the company-oriented or the organization-oriented information to his/her own information. It is mandatory to develop the API G/W which transforms the different user format to the standard format to support the MyData service. This study is to design the API G/W for the MyData service and the designed API G/W supports the 4 major functions - Validation function, Throttling function, Authentication&Authorization function, Mediation function. The designed API G/W make it possible to support the safely and efficient MyData service by serving the various queries with the different formats.

• Journal of Advanced Navigation Technology
• /
• v.27 no.2
• /
• pp.228-234
• /
• 2023

As the increasing demand for high-quality software, there is huge requiring for quality certification of international standards, industrial functional safety (IEC 61508), automotive (ISO 26262), embedded software guidelines for weapon systems, etc., in the industry. Software companies are very difficult to systematically acquire the quality certification in terms of cost and manpower of Startup, venture small-sized companies. For their companies one test case automatic generation is considered as a core technique to evaluate or improve software quality. This paper proposes a test case automatic generation method based on the design decision table for system and software design verification. We apply the proposed method with OMG's standard techniques of metamodel and model transformation for automatically generating test cases. To do this, we design the metamodels of design decision table (Model) and test case document (Text) and define model transformation to automatically generate test cases, which will expect to easily work MC/DC coverage.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.4
• /
• pp.101-109
• /
• 2009

An encryption module is equipped basically at 8i version ideal of Oracle DBMS, encryption module, but a performance decrease is caused, and users are restrictive. We analyze problem of DB security by technology by circles at this paper whether or not there is an index search, object management disorder, a serious DB performance decrease by encryption, real-time data encryption beauty whether or not there is data approach control beauty circular-based IP. And presentation does the comprehensive security Frame Work which utilized the DB Masking technique that is an alternative means technical encryption in order to improve availability of DB security. We use a virtual account, and set up a DB Masking basis by security grades as alternatives, we check advance user authentication and SQL inquiry approvals and integrity after the fact through virtual accounts, utilize to method as collect by an auditing log that an officer was able to do safely DB.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• fall
• /
• pp.331-334
• /
• 2021

기존의 택배 배송시스템은 수령인 본인이 아니더라도 주소, 전화번호와 같은 개인정보를 쉽게 확인할 수 있다. 코로나 19로 인해 언택트(Untact) 주문 및 배달, 배송 서비스가 급격히 늘어나면서 택배 배송 관련 사업은 거대한 시장으로 성장하고 있으며 이와 함께 노출된 개인정보가 범죄에 악용될 수 있다는 우려도 증가하고 있다. 더불어 여러 택배 및 배송물이 도착했을 때, 수신자는 택배 상자를 뜯지 않고 배송물의 오도착 여부를 확인하기 어려우며 원하는 물품이 담긴 택배가 정확히 어떤 것인지 알기 힘들다.본 프로젝트에서는 다단계 인증이 가능한 QR code를 활용해 송수신자의 주소, 제품 종류, 명칭 등을 포함한 여러 정보를 배송기사, 수령인 등에 따라 선택적으로 접근한다. 같은 QR code를 스캔하더라도 수령인의 경우 모든 정보를 확인할 수 있고, 배달원은 일부의 정보를 확인할 수 있지만, 권한이 없는 사람은 어떠한 정보도 확인할 수 없다. 기존의 택배 배송시스템처럼 정보를 맨눈으로 인식할 수도 없으므로 개인정보 노출의 한계를 극복할 수 있다. 이때 송장 정보는 텍스트 형태뿐 아니라 주문한 내용물의 종류 및 모양 등을 그대로 구현한 AR(augmented reality) 형태로도 확인할 수 있어 포장된 상태 그대로 배송물의 오도착 여부를 확인하거나 다량의 택배를 보다 효율적으로 구분할 수 있다. 이처럼 같은 QR code로 서로 다른 정보를 제공하는 SQRC(Security/Secure QR code)의 원리를 이용해 정보를 안전하게 보호하는 것에 그치지 않고, 비디오나 이미지와 같은 멀티미디어 서비스를 추가로 제공해 실감 미디어의 적용 범위를 넓힐 수 있다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.374-376
• /
• 2022

The Malware App Analysis Tool is a system that analyzes Android-based apps by the AI-based algorithm defined in the tool and detects whether malware code is included. Currently, as the spred of smartphones is activated, crimes using malware apps have increased, and accordingly, security for malware apps is required. Android operating systems used in smartphones have a share of more than 70% and are open-source-based, so not only will there be many vulnerabilities and malware, but also more damage to malware apps, increasing demand for tools to detect and analyze malware apps. However, this paper is proposed because there are many difficulties in designing and developing a malware app analysis tool because the security functional requirements for the malware app analysis tool are not clearly specified. Through the developed protection profile, technology can be improved based on the design and development of malware app analysis tools, safety can be secured by minimizing damage to malware apps, and furthermore, trust in malware app analysis tools can be guaranted through common criteria.

• Industry Promotion Research
• /
• v.8 no.4
• /
• pp.241-250
• /
• 2023

In investigating missing persons cases, the focus is on strengthening the efficiency of detectives' work in investigating missing persons cases. Disappearance cases are seen as a problem that directly affects social safety and individual well-being. The research has the following structure. The introduction presents the necessity, scope, and methodology of the study. Next, we analyze the definition, causes, types and actual conditions of disappearance cases. In terms of problems in the process of handling missing persons cases, the initial response process, problems in the response of related agencies after reporting, problems due to the prolongation of the case, and problems due to legal restrictions are analyzed. In the plan to improve the work efficiency of detectives for disappearance cases, the revitalization of public interest investigation networks, strengthening of capacity related to disappearance case investigation, professional public interest detective certification system, and establishment of exception provisions for detective activities are discussed. In the conclusion, we present what is necessary for the activities of public interest detectives specializing in missing persons cases.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.143-150
• /
• 2023

Applications on physically unclonable circuits (PUFs) for implementing and utilizing security protocols with hardware is on the rise. PUFs have the capability to perform functions such as authentication, prevention of replication, and secure storage of critical information in integrated circuits and security systems. Through the implementation of physically unclonable circuits, a wide range of security features, including confidentiality, integrity, and availability, can be applied. Therefore, PUFs are promising candidate to build secure integrated circuits and hardware systems. However, in order that PUFs possess security features, PUFs should possess characteristics such as unpredictability, uniqueness, and robustness characteristics. This study provides a detailed explanation and introduction of the methods to characterize the PUF properties. By applying the results, it becomes possible to quantitatively evaluate the characteristics of implemented PUFs and assess their availabilities for security system applications.