• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.5
• /
• pp.622-629
• /
• 2019

VR(Virtual Reality), which provides realistic services in virtual reality, provides a similar experience using a Head Mounted Display(HMD) device. When the HMD device is worn, it can not recognize the surrounding environment and it is easy to analyze the input pattern of the user with the Shoulder Surfing Attack(SSA) when entering the Personal Identification Number(PIN). In this paper, we propose a method to safeguard the user's password even if the hacker analyzes the input pattern while maintaining the user's convenience. For the first time, we implemented a new type of virtual keypad that deviates from the existing rectangle shape according to the VR characteristics and implemented the lock object for intuitive interaction with the user. In addition, a smart glove using the same sensor as the existing input devices of the VR and a PIN input method suitable for the rotary type are implemented and the safety of the SSA is verified through experiments.

• Proceedings of the Plant Resources Society of Korea Conference
• /
• 2019.10a
• /
• pp.4-4
• /
• 2019

과학기술의 발달로 인해 국민의 생활수준 향상과 건강에 대한 관심 증대 등으로 인해 화장품을 비롯한 향장품산업, 기능성식품 및 천연물 신약 등에 대한 자원식물 유래 천연물질 수요가 증가되고 있다. 자원식물을 활용한 기능성 제품의 개발은 국민의 건강증진 뿐만 아니라 국제경쟁력 강화나 윤택한 삶의 추구에도 절대적 역할을 할 것으로 기대되고 있으며, 이러한 수요에 따라 제주의 특산 또는 우수 자원식물을 활용한 생리활성 물질에 대한 연구들이 활발하게 진행되고 있다. 우리나라에 자생하는 관속식물은 총 4,500여 종으로 국가생물종목록에 작성되어 있으며 제주의 생물자원 중 관속식물은 해발 1,950m 한라산의 영향으로 2,200여 종이 분포한다고 최근 기록되고 있다. 이 중 식용 및 약용으로 활용 가능성을 갖고 있는 식물자원들도 약 800여 종이 분포한다고 보고되고 있다. 이들 자원은 대한약전, 생약규격집, 중약본초, 중약대사전 등 문헌에 근거한 자원으로 공정서에 수록된 약용식물 약 500여 종 중 제주 분포 약용식물도 217종으로 조사되고 있다. 이러한 제주의 약용식물 자원은 다양한 한의약재로 활용되고 있으며 민간약으로 활용되는 약용식물도 170여 종이 포함되어 있다. 특히, 최근에는 나고야의정서 발효에 따른 자원전쟁이 시작되어 자원식물을 포함한 생물자원 관리의 중요성이 그 어느 때보다 부각되고 있어 각 지역마다 자생 생물자원에 대한 주권을 확보하기 위한 연구들이 많이 추진되고 있다. 이와 더불어 지자체연구소인 생물종다양성연구소에서도 제주에 분포하는 자원식물들에 대한 주권 확립을 위한 생태사진 900여 종, 표본 1,400여 종, 유전자 정보 800여 종 등을 확보하고 있으며 추출물 2,000점을 확보하여 산업소재화 연구를 추진하고 있다. 저자는 여기에 제주의 자원식물을 활용하여 화장품 원료등재, 건강기능식품개별인증 소재 및 천연의약품 소재 등 산업소재화 연구를 수행했었던 생물종다양성연구소의 연구 결과를 소개함으로써 유사한 목적으로 연구를 수행하는 대학, 연구소 및 기업으로의 정보를 제공하여 제주의 자원식물을 활용한 산업소재화 분야에 작은 도움이나마 제공하고자 한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.11
• /
• pp.1451-1461
• /
• 2019

DNS spoofing is an attack in which an attacker intervenes in the communication between client and DNS server to deceive DNS server by responding to a fake IP address rather than actual IP address. It is possible to implement a pharming site that hacks user ID and password by duplicating web server's index page and simple web programming. In this paper we have studied web spoofing attack that combines DNS spoofing and pharming site implementation which leads to farming site. We have studied DNS spoofing attack method, procedure and farming site implementation method for portal server of this university. In the case of Kyungsung Portal, bypassing attack and hacking were possible even though the web server was SSL encrypted and secure authentication. Many web servers do not have security measures, and even web servers secured by SSL can be disabled. So it is necessary that these serious risks are to be informed and countermeasures are to be researched.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.10
• /
• pp.1384-1389
• /
• 2020

Although the fintech industry is developing rapidly around the world, the domestic development situation is rather slow compared to the speed. Therefore, the future development direction can be set by analyzing the current status of the fintech industry in order to suggest the direction of development in the domestic fintech industry. The main services provided by companies belonging to the domestic fintech industry are in the areas of remittance settlement, financial investment, asset management, crowdfunding, P2P finance, overseas remittance, fintech SI, insurtech, virtual currency, security, and authentication. It is divided into. This study identifies the main technologies used in the service and grasps the current domestic status. In addition, it analyzes the distribution of workers by each service. This study is expected to play an important role in the development of the financial industry through technical analysis of fintech companies.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.79-89
• /
• 2004

Mobile IP Low Latency Handoffs allow greater support for real-time services on a Mobile W network by minimizing the period of time when a mobile node is unable to send or receive IP packets due to the delay in the Mobile IP Registration process. However, on Mobile IP network with AAA servers that are capable of performing Authentication, Authorization, and Accounting(AAA) services, every Registration has to be traversed to the home network to achieve new session keys, that are distributed by home AAA server, for a new Mobile IP session. This communication delay is the time taken to re-authenticate the mobile node and to traverse between foreign and home network even if the mobile node has been previously authorized to old foreign agent. In order to reduce these extra time overheads, we present a method that performs Low Latency Handoffs without requiring funker involvement by home AAA server. The method re-uses the previously assigned session keys. To provide confidentiality and integrity of session keys in the phase of key exchange between agents, it uses a key sharing method by gateway foreign agent that Performs a ousted thirty party. The Proposed method allows the mobile node to perform Low Latency Handoffs with fast as well as secure operation

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.4
• /
• pp.11-27
• /
• 2005

To date, most identity-based key agreement protocols are based on a single PKG (Private Key Generator) environment. In 2002, Chen and Kudla proposed an identity-based key agreement protocol for a multiple PKG environment, where each PKG shares identical system parameters but possesses distinct master key. However, it is more realistic to assume that each PKG uses different system parameters including the PKG's master key. In this paper, we propose a new two party key agreement protocol between users belonging to different PKGs that do not share system parameters. We also extend this protocol to two types of tripartite key agreement protocols. We show that our two party protocol requires minimal amount of pairing computation for a multiple PKG environment and our tripartite protocol is more efficient than existing protocols. We also show that the proposed key agreement protocols satisfy every security requirements of key agreement protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.27-38
• /
• 2007

One of the most important security issues of e-mail service is user privacy. Currently, various security protocols, like PGP(pretty Good Privacy), S/MIME(Secure/Multipurpose Internet Mail Extension), have been proposed. These protocols, however, do not provide forward secrecy. Recently, some security protocols that provide forward secrecy were proposed. But all of them require changes to the current e-mail infrastructure. Moreover, contrary to authors' intention, some of them do not actually provide perfect forward secrecy. In this paper, we propose a new practical e-mail security protocol. The proposed protocol provides perfect forward secrecy and uses a practical e-mail model that dose not require any changes to existing e-mail servers. It encrypts and authenticates messages efficiently using elliptic curve based signcryption scheme. In addition, we provide a way to send secure group e-mails.

• Journal of Korea Society of Industrial Information Systems
• /
• v.25 no.6
• /
• pp.69-84
• /
• 2020

This study is conducted to improve the quality of healthcare services responding to COVID-19 by applying the public service quality management framework that is developed from ISO18091:2019 by the Ministry of the Interior and Safety of South Korea. The COVID-19 pandemic has been impacting the world since early 2020, and now in November 2020, it still has not been eliminated. The Korean medical institutions were able to prevent the spread of COVID-19 by agile test and strict cohort isolation. As a result, the so-called K-medical defense has achieved a positive reputation from around the world. In this study, we check and evaluate the current status of the COVID-19 response targeting some Korean hospitals by applying a quality control checklist based on the public service quality management framework. Status of 7 categories are analyzed based on the interview with 3 medical institutions. We also suggest improvements for better medical service quality in case of COVID-19 being prolonged.

• Journal of the Society of Disaster Information
• /
• v.18 no.2
• /
• pp.333-342
• /
• 2022

Purpose: This study proposes a plan for linking the Severe Accident Punishment Act and the Occupational Health and Safety Management System so that SMEs can meet the requirements of the Severe Accident Punishment Act only by maintaining and implementing the Occupational Health and Safety Management System. Method: Conduct a theoretical approach, such as a literature review. First, as a theoretical approach, the safety and health management system of the Serious Accidents Punishment Act was examined, the requirements of ISO 45001 were analyzed, and the statistics of small and medium-sized enterprises (SMEs) from 5 to 49 to which the 2024 Serious Accidents Punishment Act was applied and the number of accident deaths were investigated. Result: No problems were found in linking with the Serious Accident Punishment Act when constructing Occupational health and safety management systems (ISO 45001). Conclusion: It is judged that the establishment of Occupational health and safety management systems (ISO 45001) and management of implementation performance will be able to satisfy the Act on the Punishment of Serious Disasters.

• Journal of Software Assessment and Valuation
• /
• v.17 no.1
• /
• pp.11-16
• /
• 2021

The importance of software is increasing due to the development of information and communication, and software copyright disputes are also increasing. In this paper, the source of the submitted programs and the files necessary for the execution of the program were taken as the scope of analysis. The large-capacity file transfer solution program to be analyzed provides additional functions such as confidentiality, integrity, user authentication, and non-repudiation functions through digital signature and encryption of data.In this paper, we analyze the program A, program B, and the program C. In order to calculate the program similarity rate, the following contents are analyzed. Analyze the similarity of the package structure, package name, source file name in each package, variable name in source file, function name, function implementation source code, and product environment variable information. It also calculates the overall similarity rate of the program. In order to check the degree of agreement between the package structure and the package name, the similarity was determined by comparing the folder structure. It also analyzes the extent to which the package structure and package name match and the extent to which the source file (class) name within each package matches.