• Journal of Industrial Convergence
• /
• v.18 no.6
• /
• pp.147-154
• /
• 2020

It is difficult to educate the overall operation of public and private blockchains with different characteristics. Recently, most education for blockchain is targeted at public blockchains such as Bitcoin and Ethereum. However, in an actual business environment, a private blockchain such as HyperLedger Fabric is used because access to corporate data is controlled through user authentication. In the case of HLF-based education, it is necessary to understand various components that are not in the public blockchain, such as peers, orderers, and channels. In this paper, a lab framework for HLF is designed for an efficient and systematic understanding of the functions and operations. The framework consists of HLF network, chaincode, and decentralized software control functions. Through the framework, the network configuration, distribution and activation of chaincode, and dApp execution process were checked step by step, and it was very easy to understand the overall flow for blockchain services. In addition, it is expected that a systematic understanding of the overall flow will be possible even in future network expansion.

• Journal of Practical Engineering Education
• /
• v.14 no.2
• /
• pp.425-437
• /
• 2022

In this study, the role and function of Edutech, as well as the application and expectations in the field of future vocational competency development, were gathered to define Edutech as a comprehensive working definition. Based on this redefinition of Edutech, this study analyzes Edutech technology trends and examines the level of actual technology applied to education and vocational training based on written interviews with experts, and finds out significant implications from the point of view of vocational training. Finally we propose an Edutech-based Vocational Education and Training Model.

• The Journal of the Korea Contents Association
• /
• v.22 no.9
• /
• pp.104-112
• /
• 2022

The pandemic caused by the COVID-19 virus, which has lasted for the past three years, has changed society and the way people live in many ways. These changes also affect cyberspace, so the pre-pandemic information security model and standards have limitations when applied to the current situation. In this paper, a new method to improve the information security model of public institutions was proposed in consideration of various situations in the new normal era. In other words, through the proposed information security model, the possibility of external intrusion is blocked in advance through the policy and technical supplementation of remote work, which is a weakness of the existing information security operation of public institutions. Also, how to prevent abnormal authentication attempts by building a secure VPN environment, how to prevent social engineering cyber attacks targeting fear and uncertainty caused by COVID-19, and how to use a smooth network and create a remote work environment. For this purpose, methods for securing service availability were additionally presented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1115-1126
• /
• 2021

In this paper, we developed a mobile student ID providing a self sovereignty identity (SSI) which replaces the conventional plastic-type student ID that includes private information of a student such as a name, a student number, a facial photo, etc. The implemented mobile student ID solves the problem of exposing student's identity due to a loss or a theft of a plastic-type student ID, and it has a structure and process of FRANCHISE model which is developed by a concept of a decentralized Identity(DID) of a Blockchain, in which specialized for convenience as an electronic student ID through an application on a smart phone device. In addition, it protects student's privacy by controlling personal information on oneself. By using a smartphone, not only it easily identifies the student but also it expands to several services such as participation in school events, online authentication, and a student's exchange program among colleges.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.649-651
• /
• 2021

In recent years, O2O services for real estate sales are widely distributed in web platforms and apps. This allows sellers, buyers, and real estate brokers to quickly and conveniently conduct real estate sales and charter contracts. However, in the O2O-based real estate sales information system, it wastes time and money for real estate buyers due to the posting of fake information, partial correction of the sales information, and intentional non-posting of the sales information. Therefore, we propose a method of detecting the false or not of real estate property information that can occur on the web platform, and design and implement a proposal system for this. To this end, we propose a method of detecting personal identity and property information based on DID, a distributed identity authentication protocol. The false real estate sales information detection system proposed by us can determine the existence of real estate sales information, partially correct the false sales information, or prove whether or not intentionally unpublished in three steps.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.443-444
• /
• 2021

Security threats to information services are increasingly being developed, and the frequency and damage caused by security threats are also increasing. In particular, security threats occurring inside the organization are increasing significantly, and the size of the damage is also large. A zero trust model has been proposed as a way to improve such a security environment. In the zero trust model, a subject who has access to information resources is regarded as a malicious attacker. Subjects can access information resources after verification through identification and authentication processes. However, the initially proposed zero trust model basically focuses on the network and does not consider the security environment for systems or data. In this study, we proposed a zero trust-based access control mechanism that extends the existing zero trust model to the file system. As a result of the study, it was confirmed that the proposed file access control mechanism can be applied to implement the zero trust model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.13-31
• /
• 2023

Korean Government-PKI (GPKI) is a public-key infrastructure which provides authentication and security functions for information system used by central government, local governments, and public institutions of the Republic of Korea to provide their own administrative and public services. The current cryptosystem of GPKI was established in the early 2000s, and more than ten years have passed since the last improvement in 2010. Over the past decade or so, the information security, including cryptography, has undergone many changes and will continue to face many changes. Therefore, for the sustainable security of GPKI, it is necessary to review the security of the cryptosystem at this point. In this paper, we analyze the current status and the security of technologies and standards used in the system. We identify cryptographic algorithms with degraded security, international standards which are obsoleted or updated, and cryptographic parameters that should be revised for the high security level. And based on this, we make several suggestions on the reorganization of cryptographic algorithms and related technologies for the security enhancement of GPKI.

• Journal of Korea Society of Industrial Information Systems
• /
• v.29 no.1
• /
• pp.77-89
• /
• 2024

This paper presents an unmanned store management system that can provide inventory management and theft prevention for displayed products using a small camera that can monitor the shelves of sold products in small and medium-sized stores. This system is a service solution that integrates object recognition, real-time communication, security management, access management, and mobile authentication. The proposed system uses a custom YOLOv5-x model to recognize objects on the display, measure quantities in real time, and support real-time data communication with servers through Raspberry Pie. In addition, the number of objects in the database and the object recognition results are compared to detect suspected theft situations and provide burial images at the time of theft. The proposed unmanned store solution is expected to improve the efficiency of small and medium-sized unmanned store operations and contribute to responding to theft.

• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.133-140
• /
• 2024

The spread of Direct-to-Consumer (DTC) genetic testing, where users request tests directly, has been increasing. With growing demand, certification systems have been implemented to grant testing qualifications to non-medical institutions, and the scope of tests has been expanded. However, unlike cases in less regulated foreign countries, disease-related tests are still excluded from the domestic regulations. The existing de-identification method does not adequately ensure the uniqueness and familial sharing of genomic information, limiting its practical utility. Therefore, this study proposes the application of fully homomorphic encryption in the analysis process to guarantee the usefulness of genomic information while minimizing the risk of leakage. Additionally, to safeguard the individual's right to self-determination, a privacy preservation model based on Opt-out is suggested. This aims to balance genomic information protection with maintainability of usability, ensuring the availability of information in line with the user's preferences.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.5
• /
• pp.67-74
• /
• 2024

As the number of coffee shops increases, many people are studying or working at coffee shops. Coffee shop operators have been required to analyze customer visits due to customer turnover and profit problems. Methods such as image analysis, QR code authentication, and Bluetooth beacon have been proposed for these statistics and analysis. However, it is difficult to use due to problems such as invasion of privacy and low accuracy. Therefore, in this study, to solve these problem and provide more accurate in-store congestion information, we propose a crowding measurement method of coffee shop using high frequency signal. There is an advantage in that a high frequency signal replaces the Bluetooth signal, and the transmission range of the signal is limited to the store, thereby increasing the accuracy of the method. To verify the performance of the proposed system, we conducted a comparative experiment with a Bluetooth based system, and as a result, the proposed method showed lower misrecognition rate. Thus, the proposed method will be an effective useful service for providing information on crowding at coffee shops and processing statistics.