• Journal of Internet Computing and Services
• /
• v.11 no.4
• /
• pp.143-158
• /
• 2010

The illegal leakage of enterprise digital confidential information will threaten the enterprise with bankruptcy. Today since most small-and-medium companies have no capability to fight against illegally compromising their critically confidential documents in spite of knowing the leakage of them, strongly safe distribution system of the digital confidential documents should be designed so in secure as to prevent any malicious intent of embezzlement from accessing the critical information. Current DRM-based protection system is not always perfect to protect the digital secrets, even seems to leave the secrets open. Therefore our study has analyzed the illegal leakage paths that hackers attack against and the vulnerability of the current protection systems. As result, we study the group communication based system architecture satisfying the security conditions to make even legitimate working employee keep out of the confidential documents, without performance degradation. The main idea of this architecture is to stay every secrets in encrypted form; to isolate the encrypted documents from the crypto-key; to associate every entity with one activity and to authenticate every entity with DSA-based public key system; multiple authentication method make hackers too busy to get a privilege to access the secrets with too many puzzle pieces. This paper deal with the basic architectural structure for the above issues.

• The KIPS Transactions:PartC
• /
• v.16C no.2
• /
• pp.183-188
• /
• 2009

Wireless sensor networks will be broadly deployed in the real world and widely utilized for various applications. A prerequisite for secure communication among the sensor nodes is that the nodes should share a session key to bootstrap their trust relationship. The open problems are how to verify the identity of communicating nodes and how to minimize any information about the keys disclosed to the other side during key agreement. At any rate, any one of the existing schemes cannot perfectly solve these problems due to some drawbacks. Accordingly, we propose a new pre-distribution scheme with the following merits. First, it supports authentication services. Second, each node can only find some indices of key spaces that are shared with the other side, without revealing unshared key information. Lastly, it substantially improves resilience of network against node capture. Performance and security analyses have proven that our scheme is suitable for sensor networks in terms of performance and security aspects.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1471-1481
• /
• 2016

As concern about IoT is increasing recently, various IoT services are being launched. Smart home is closely related to our daily life by combining IoT with user's residential space. Therefore, if an unauthorized user accesses a device inside a Smart home, it can cause more serious damage to user as it is related with daily lives. For instance executing the command allowing unauthenticated access for the internal locking device can be a real harm to user's property like a home invasion. To prevent this problem, this paper introduces 3PAKE Techniques, which provides authenticated Key exchange through Home gateway using Password-based Authenticated Key Exchange(PAKE).

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.3
• /
• pp.631-637
• /
• 2014

Recently, SNS is widely used for various purposes such as fast decision making or effective business process in educational institutions or enterprise as well as general services for social networking. Unfortunately, all of existing general SNS platforms do not provide user groups with workspaces for sharing information in a hierarchical way, nor support the functionality of workspace backup for migrations. In this paper, we present a collaborative workspace environment named ElggSpace which extends the Elgg SNS platform with the C3ware collaborative middleware. With the help of C3ware, ElggSpace systematically supports collaborative workspaces that enable user groups to share massive resource in cloud storages. In addition, ElggSpace allows high-level access controls for resources management and the functionality of resource backup, supporting effective collaboration.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.7
• /
• pp.3487-3494
• /
• 2013

Diverse application service such as mobile payment, access control or smart poster have been provided by using smart devices with built-in Near Field Communication technology. Especially, a mobile payment system can provide convenience to its users, but it also can poses including data disclosure while transmitting. There are vulnerabilities while generating session keys used to encrypt data in transaction processes as proposed in KS X 6928, the standard for mobile payment system. Therefore, in this thesis, I analyzed weaknesses of session keys used to encrypt transaction data and proposed a more secure mobile payment system based on NFC to enhance security. The proposed system will provide security functionalities such as key freshness, mutual authentication and key confirmation.

• International Journal of Contents
• /
• v.11 no.1
• /
• pp.41-51
• /
• 2015

Management systems for electronic library have been developed on the basis of Client/Server or ASP framework in domestic market for a long time. Therefore, both service provider and user suffer from their high cost and effort in management, maintenance, and repairing of software as well as hardware. Recently in addition, mobile devices like smartphone and tablet PC are frequently used as terminal devices to access computers through the Internet or other networks, sophisticatedly customized or personalized interface for n-screen service became more important issue these days. In this paper, we propose a new scheme of integrated management system for electronic library based on SaaS and Web Standard. We design and implement the proposed scheme applying Electronic Cabinet Guidelines for Web Standard and Universal Code System. Hosted application management style and software on demand style service models based on SaaS are basically applied to develop the management system. Moreover, a newly improved concept of duplication check algorithm in a hierarchical evaluation process is presented and a personalized interface based on web standard is applied to implement the system. Algorithms of duplication check for journal, volume/number, and paper are hierarchically presented with their logic flows. Total framework of our development obeys the standard feature of Electronic Cabinet Guidelines offered by Korea government so that we can accomplish standard of application software, quality improvement of total software, and reusability extension. Scope of our development includes core services of library automation system such as acquisition, list-up, loan-and-return, and their related services. We focus on interoperation compatibility between elementary sub-systems throughout complex network and structural features. Reanalyzing and standardizing each part of the system under the concept on the cloud of service, we construct an integrated development environment for generating, test, operation, and maintenance. Finally, performance analyses are performed about resource usability of server, memory amount used, and response time of server etc. As a result of measurements fulfilled over 5 times at different test points and using different data, the average response time is about 62.9 seconds for 100 clients, which takes about 0.629 seconds per client on the average. We can expect this result makes it possible to operate the system in real-time level proof. Resource usability and memory occupation are also good and moderate comparing to the conventional systems. As total verification tests, we present a simple proof to obey Electronic Cabinet Guidelines and a record of TTA authentication test for topics about SaaS maturity, performance, and application program features.

• Journal of Ginseng Research
• /
• v.48 no.5
• /
• pp.474-480
• /
• 2024

Background: Recent years have witnessed increasing interest in the high amount of ocotillol-type saponin in Panax vietnamensis, particularly in relation to majonoside R2 (MR2). This unique 3%-5% MR2 content impart Ngoc Linh and Lai Chau ginsengs with unique pharmacological activities. However, in the commercial domain, unauthentic species have infiltrated and significantly hindered access to the authentic, efficacious variety. Thus, suitable analytical techniques for distinguishing authentic Vietnamese ginseng species from others is becoming increasingly crucial. Therefore, MR2 is attracting considerable attention as a target requiring effective management measures. Methods: An enzyme-linked immunosorbent assay (ELISA) was developed by producing monoclonal antibodies against MR2 (mAb 16E11). The method was thoroughly validated, and the potential of the immunoassay was confirmed by high-performance liquid chromatography with ultraviolet spectroscopy. Furthermore, ELISA was applied to the assessment of the MR2 concentrations of various Panax spp., including Korean, American, and Japanese ginsengs. Results and conclusions: An icELISA using mAb 16E11 exhibited linearity between 3.91 and 250 ng/mL of MR2, with detection and quantification limits of 1.53 and 2.50 - 46.6 ng/mL, respectively. Based on this study, the developed icELISA using mAb 16E11 could be a valuable tool for analyzing MR2 level to distinguish authentic Ngoc Linh and Lai Chau ginsengs from unauthentic ones. Furthermore, the analysis of the samples demonstrated that Ngoc Linh and Lai Chau ginsengs exhibit a notably higher MR2 value than all other Panax spp. Thus, MR2 might be their ideal marker compound, and various bioactivities of this species should be explored.

• The KIPS Transactions:PartB
• /
• v.15B no.4
• /
• pp.275-284
• /
• 2008

With increases in recent security requirements, biometric technology such as fingerprints, faces and iris recognitions have been widely used in many applications including door access control, personal authentication for computers, internet banking, automatic teller machines and border-crossing controls. Finger vein recognition uses the unique patterns of finger veins in order to identify individuals at a high level of accuracy. This paper proposes new device and methods for touchless finger vein recognition. This research presents the following five advantages compared to previous works. First, by using a minimal guiding structure for the finger tip, side and the back of finger, we were able to obtain touchless finger vein images without causing much inconvenience to user. Second, by using a hot mirror, which was slanted at the angle of 45 degrees in front of the camera, we were able to reduce the depth of the capturing device. Consequently, it would be possible to use the device in many applications having size limitations such as mobile phones. Third, we used the holistic texture information of the finger veins based on a LBP (Local Binary Pattern) without needing to extract accurate finger vein regions. By using this method, we were able to reduce the effect of non-uniform illumination including shaded and highly saturated areas. Fourth, we enhanced recognition performance by excluding non-finger vein regions. Fifth, when matching the extracted finger vein code with the enrolled one, by using the bit-shift in both the horizontal and vertical directions, we could reduce the authentic variations caused by the translation and rotation of finger. Experimental results showed that the EER (Equal Error Rate) was 0.07423% and the total processing time was 91.4ms.

• The Journal of the Korea Contents Association
• /
• v.6 no.12
• /
• pp.1-11
• /
• 2006

Many research demonstrations and commercial applications have been tried to develop face detection and recognition systems. Human face detection plays an important role in applications such as access control and video surveillance, human computer interface, identity authentication, etc. There are some special problems such as a face connected with background, faces connected via the skin color, and a face divided into several small parts after skin region segmentation in generally. It can be allowed many face detection techniques to solve the first and second problems. However, it is not easy to detect a face divided into several parts of regions for reason of different illumination conditions in the third problem. Therefore, we propose an efficient modified skin segmentation algorithm to solve this problem because the typical region segmentation algorithm can not be used to. Our algorithm detects skin regions over the entire image, and then generates face candidate regions using our skin segmentation algorithm For each face candidate, we implement the procedure of region merging for divided regions in order to make a region using adjacency between homogeneous regions. We utilize various different searching window sizes to detect different size faces and a face detection classifier based on a back-propagation algorithm in order to verify whether the searching window contains a face or not.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.7
• /
• pp.183-194
• /
• 2018

With the rapid development of IoT(Internet of Things) technology, various convenient services such as smart home and smart city have been realized. However, IoT devices in unmanned environments are exposed to various security threats including eavesdropping and data forgery, information leakage due to unauthorized access. To build a secure IoT environment, it is necessary to use proper cryptographic technologies to IoT devices. But, it is impossible to apply the technologies applied in the existing IT environment, due to the limited resources of the IoT devices. In this paper, we survey the classification of IoT devices according to the performance and analyze the security requirements for IoT devices. Also we survey and analyze the use of cryptographic technologies in the current status of IoT open standard platform such as AllJoyn, oneM2M, IoTivity. Based on the research of cryptographic usage, we examine whether each platform satisfies security requirements. Each IoT open platform provides cryptographic technology for supporting security services such as confidentiality, integrity, authentication an authorization. However, resource constrained IoT devices such as blood pressure monitoring sensors are difficult to apply existing cryptographic techniques. Thus, it is necessary to study cryptographic technologies for power-limited and resource constrained IoT devices in unattended environments.