• Title/Summary/Keyword: 정보보호시장

Search Result 518, Processing Time 0.028 seconds

Guideline for Forensic Marking Certification (포렌식마크 기술 평가 및 인증 지침)

  • Oh, Weon-Geun
    • Proceedings of the Korean Society of Broadcast Engineers Conference
    • /
    • 2012.07a
    • /
    • pp.111-114
    • /
    • 2012
  • 본 논문에서는 국내 디지털 저작권 보호 업체 혹은 대학 및 연구소에서 개발하고 생산하는 포렌식마크 기술의 품질을 객관적으로 평가할 수 있는 평가절차와 평가지표를 정량적으로 제시하였다. 포렌식마크 기술을 객관적으로 평가하기 위해서 본 논문에서는 우선, 구매자 정보(포렌식마크라)가 삽입된 테스트 영상의 공격 항목과 수준을 정하고, 포렌식마크 정보의 추출 성능을 평가하기 위한 평가절차로서 평가항목, 평가기준, 평가절차를, 그리고 인증을 위해서는 포렌식마크 기술의 신뢰성에 대한 통계정보를 포함하는 인증서를 생성하기 위한 인증절차를 포함하였다. 이러한 포렌식마크 기술의 평가 및 인증 지침은 기술 개발자에게는 자신들이 개발한 포렌식마크 기술에 대한 객관적인 평가결과를 미리 알아볼 수 있어서 기술의 상품성을 점검할 수 있고 소비자 입장에서는 객관적이고 보편타당성 있는 평가 결과에 대한 신뢰를 가질 수 있다. 평가자 입장에서는 표준 평가를 통해 객관적이고 정량적인 평가 결과를 얻을 수 있어서 상대적인 우열을 가리기가 용이해지는 편리성을 얻을 수 있다. 이를 통하여 포렌식마크 기술의 발전과 디지털 저작권 보호 시장의 활성화에 일조를 할 수 있을 것으로 사료된다.

  • PDF

스마트폰을 활용한 안전한 온라인 승인시스템 연구

  • Jin, Seung Man
    • Review of KIISC
    • /
    • v.23 no.1
    • /
    • pp.18-27
    • /
    • 2013
  • 최근 전자상거래 및 전자금융 기술이 크게 발전하면서 관련기술이 비약적으로 발전하고 있다. 하지만, 편리성 측면의 기술발전이 빠르게 이뤄지는 반면, 안전성측면의 기술발전은 이를 지원하지 못하는 측면이 있다. 실제, 거래가 증가함에 따라 금융정보 등을 유출하는 등의 보안사고도 증가하고 있음이 이를 반증하고 있다. 이러한 기술적인 문제를 해결하고자 다양한 보안 솔루션이 제공되었지만 보안 솔루션의 보안기능이 강화될수록 다양한 환경에서의 이용자 편의성이 저하되어 스마트폰 등과 같은 신기술 시장의 활성화를 저해하는 요인이 되고 있다. 따라서 본 논문에서는 현재 전자상거래에서 발생되는 보안위협을 살펴보고 발생된 보안위협을 최소화하면서 단말기에 설치된 OS 또는 브라우저에 종속되지 않는 보안기술을 제안한다. 제안한 보안기술은 이미지를 이용한 인증기술로서 별도의 보안 프로그램이 불필요하기 때문에 보안기술로 인해 제한되는 서비스가 발생되지 않아 다양한 환경에서 활용될 수 있으며, 이로 인해 이용자는 보다 안전하고 다양한 서비스 환경에서 전자상거래 및 전자금융거래를 수행할 수 있다.

A Study on the Prevention of Smartcard Forgery and Alteration Using Angular Multiplexing and Private Key Multiplexing based on Optical Encryption (영상 암호화 기반에서의 각다중화 및 암호키 다중화 기법을 이용한 스마트카드 위 .변조 방지에 관한 연구)

  • 장홍종;이성은;이정현
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.11 no.3
    • /
    • pp.63-69
    • /
    • 2001
  • Smartcard is highlighted as infrastructure that has an excellent security for executing functions such as user authentication, access control, information storage and control, and its market is expanding rapidly. But possibilities of forgery and alteration by hacking are increasing as well. This paper proposes a method to prevent card forgery and alteration using angular multiplexing and private key multiplexing method on optical encryption, and proposed a Public Key Infrastructure(PKI)-based authentication system combined with One-Time Password (OTP) for verification of forgery and alteration .

Analyze Diagnostic Data from Samsung Android Smartphones (삼성 안드로이드 스마트폰의 진단데이터 분석)

  • Hyungchul Cho;Junki Kim;Jungheum Park
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.34 no.3
    • /
    • pp.479-491
    • /
    • 2024
  • Android manufacturers collect diagnostic data to improve the quality of service to users around the world. The content and frequency of diagnostic data collected by these Android manufacturers is unknown. We analyze the diagnostic data collection behavior of Samsung smartphones, which has the largest share of the Android market among smartphone manufacturers, to explain which diagnostic data is communicated to the server via network packets, how the system app that collects the diagnostic data works, and whether the diagnostic data violates user privacy.

A Study on the technical application of VoIP Service in e-Trade (전자무역의 VoIP 서비스기술 활용에 관한 연구)

  • Jeong Boon-Do
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.10 no.8
    • /
    • pp.1339-1346
    • /
    • 2006
  • This thesis outlines a preparation plan for e-Trade business service regarding tendency development in super-highway information network including internet, cable, and wireless communication. It also explains two perspectives in e-Trade market: changes of circumstances and consumerism, and revitalization devices of Von(Voice over Internet Protocol) service technology for creating new market in rapidly changing IP(Internet Protocol) environment. Plus it illustrates what core competence and progress business organizations must have in current situation, forecasts turns of future e-Trade market, and analyzes technological applications of VoIP service in an extended viewpoint of corporate strategy.

A Study on the realization of the right to be forgotten on social normative context: focusing on comparison of Korea-US-EU and the legal, technical, and service market (사회규범적 맥락에서 본 잊혀질 권리의 다차원적 실현범위 연구: 한-미-EU 비교 및 법제, 기술, 서비스 시장의 비교를 중심으로)

  • Shim, Mina
    • Journal of Convergence for Information Technology
    • /
    • v.8 no.2
    • /
    • pp.141-148
    • /
    • 2018
  • The purpose of this paper is to explore the scope of realization of multiple perspectives so that the implementation of the right to be forgotten is more realistic than the ideal information deletion concept. We examined domestic and foreign legal system and technology/service trends, and reflected the classification realization level of service realization, processing type and information characteristics of personal information processor, and legislative/technical factors for multi-level scope analysis. As a result, we have presented a matrix of the range of realization of the right to be forgotten and the scope of diversified regulation by the subject of protection. This study will be extended to the convergence of law and engineering, and will contribute to the prediction of social costs and expansion of the market by identifying the scope of 'deletion rights'.

A Study on Selection Factors of Consulting Company for the Certification of Information Security Management System (정보보호 관리체계(ISMS) 인증을 위한 컨설팅 업체 선정 요인에 관한 연구)

  • Park, Kyeong-Tae;Kim, Sehun
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.6
    • /
    • pp.1309-1318
    • /
    • 2014
  • In the past few years, data leakage of information assets has become a prominent social issue. According to the National Industrial Security Center in South Korea, 71 percent who suffer from technology leakage are small and medium sized enterprises. Hence, establishment and operation of ISMS (Information Security Management System) for small and medium sized enterprises become an important issue. Since it is not easy to obtain ISMS certification for a small or medium sized enterprise by itself, consultation with an expert firm in information security is necessary before the security implementation. However, how to select a proper security consulting company for a small or medium sized firm has not been studied yet. In this study, we analyze empirically the selection factors of ISMS certification consulting company for a small or medium sized firm through exploratory factor analysis (EFA). Our study identified the following four important factors in selecting a security consulting company: expertise of the staffs and human resource management proficiency, market leading capability, competence to make progress during the consultation, and the performance and the size of the physical assets and human resources.

Privacy-Preserving k-means Clustering of Encrypted Data (암호화된 데이터에 대한 프라이버시를 보존하는 k-means 클러스터링 기법)

  • Jeong, Yunsong;Kim, Joon Sik;Lee, Dong Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.6
    • /
    • pp.1401-1414
    • /
    • 2018
  • The k-means clustering algorithm groups input data with the number of groups represented by variable k. In fact, this algorithm is particularly useful in market segmentation and medical research, suggesting its wide applicability. In this paper, we propose a privacy-preserving clustering algorithm that is appropriate for outsourced encrypted data, while exposing no information about the input data itself. Notably, our proposed model facilitates encryption of all data, which is a large advantage over existing privacy-preserving clustering algorithms which rely on multi-party computation over plaintext data stored on several servers. Our approach compares homomorphically encrypted ciphertexts to measure the distance between input data. Finally, we theoretically prove that our scheme guarantees the security of input data during computation, and also evaluate our communication and computation complexity in detail.

Design and Implementation of the Semi-automated Evaluation Workflow Management System(Sa-EWMS) (반자동화 평가워크플로우 관리 시스템 설계 및 구현)

  • Kang Yeon-hee;Kim Jung-dae;Lee Gang-soo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.15 no.4
    • /
    • pp.39-50
    • /
    • 2005
  • An evaluation demand and a market growth regarding evaluation and certification are increasing because the importance of information Security is gradually rising to solve the information disfunction. Therefore, it is necessary the cost-effect evaluation management of the Information Security System(ISS). In this paper, we propose the Semi-automated Evaluation Workflow Management System(Sa-EWMS) based on the Common Criteria(CC) which performs and manages evaluation work through the procedure when evaluator evaluates the Information Security System(ISS). The Sa-EWMS is solving a problem of consumption of time and effort and performing efficient evaluation, it is playing a significant role that traces workflow process of each work of the Engines and controls performance. It will be able to use useful the private evaluation enterprise which confront in an evaluation demand and a market growth.

The Cryption Tool Transfer System for Digital Broadcasting Service (디지털 방송 서비스를 위한 암호화 툴 전송시스템)

  • Cao, Ke-Rang;Hwang, Kyung-Min;Jung, Hoe-Kyung
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.12 no.6
    • /
    • pp.1075-1081
    • /
    • 2008
  • The growth of digital content market inducted to develope consuming device of various content. And through this, digital content consuming is more Promoted. But digital content cryption tool need to handle to protect and consume digital content safely. Also, interoperability of cryption tool management is impossible, because of not standardized transfer protocol between device. In this paper, we defined transfer protocol of cryption tool for protecting and consuming digital content. And in this base, we designed and implemented transfer server/client system.