• International Journal of Internet, Broadcasting and Communication
• /
• v.12 no.2
• /
• pp.1-7
• /
• 2020

The secure access the lighting, Heating, ventilation, and air conditioning (HVAC), fire safety, and security control boxes of building facilities is the primary objective of future smart buildings. This paper proposes an authorized user access to the electrical, lighting, fire safety, and security control boxes in the smart building, by using color grid coded optical camera communication (OCC) with face recognition Technologies. The existing CCTV subsystem can be used as the face recognition security subsystem for the proposed approach. At the same time a smart device attached camera can used as an OCC receiver of color grid code for user access authentication data sent by the control boxes to proceed authorization. This proposed approach allows increasing an authorization control reliability and highly secured authentication on accessing building facility infrastructure. The result of color grid code sequence received by the unauthorized person and his face identification allows getting good results in security and gaining effectiveness of accessing building facility infrastructure. The proposed concept uses the encoded user access authentication information through control box monitor and the smart device application which detect and decode the color grid coded informations combinations and then send user through the smart building network to building management system for authentication verification in combination with the facial features that gives a high protection level. The proposed concept is implemented on testbed model and experiment results verified for the secured user authentication in real-time.

• Genomics & Informatics
• /
• v.14 no.1
• /
• pp.20-28
• /
• 2016

Internet addiction (IA) has become a widespread and problematic phenomenon as smart devices pervade society. Moreover, internet gaming disorder leads to increases in social expenditures for both individuals and nations alike. Although the prevention and treatment of IA are getting more important, the diagnosis of IA remains problematic. Understanding the neurobiological mechanism of behavioral addictions is essential for the development of specific and effective treatments. Although there are many databases related to other addictions, a database for IA has not been developed yet. In addition, bioinformatics databases, especially genetic databases, require a high level of security and should be designed based on medical information standards. In this respect, our study proposes the OAuth standard protocol for database access authorization. The proposed IA Bioinformatics (IABio) database system is based on internet user authentication, which is a guideline for medical information standards, and uses OAuth 2.0 for access control technology. This study designed and developed the system requirements and configuration. The OAuth 2.0 protocol is expected to establish the security of personal medical information and be applied to genomic research on IA.

• The Journal of the Korea Contents Association
• /
• v.11 no.10
• /
• pp.242-256
• /
• 2011

The activity to share personal daily life through social media is becoming more common. In this case, photographs as well as text are used a lot; it has been as easy as winking to clip others' photographs just as it's very easy to take and post pictures. If the picture is the photographic work protected by the copyright law, however, the clipping should be paid close attention. If you use others' photographic works without authorization, you infringe their copyright; if you post them on your social media such as blog, you infringe the right of reproduction, interactive transmission and exhibition. Even though the clipping is permitted, if you'd like to use the photographic works for a profit-making purpose, you should get additional authorization. Others' photographic works are occasionally altered and used for the purpose of avoiding the argument in relation to the infringement of copyright; this act means that it's the infringement of the right of reproduction, the right to preserve the integrity and the right of the production of derivative works for degrees of alteration. We can download others' photographic works with a few mouse clicks thanks to the technology of capturing the screen; we have to recognize that all the acts technically possible are not always legal.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.5
• /
• pp.3-16
• /
• 2001

With the development of Internet, it is widely spreaded to a Intranet based on Internet technology. Intranet is a private, unique network to share the information of organization such as incorporate, research institute and university. With the increase of Intranet using, Intranet environment is developing into Extranet environment which is connected many Intranet. Currently such Intranet and Extranet environments, above all, it is important to solve security problems which can appear through use of information between domains. Thus, in this paper, we propose SSO(Single Sign-on System) model with authorization management and single sign-on operation, and we extend it to enable mutual authentication through inter-working based on PKI(Public Key Infrastructure) in Extranet environments.

• Journal of Digital Convergence
• /
• v.13 no.12
• /
• pp.193-202
• /
• 2015

The development of the security solutions that can provide a variety of security services is needed urgently. For development of the security solutions, analysis of international standard security technology is the key. In this paper, international organizations' standardization(ISO/IEC JTC1 SC27, ITU-T SG-17, IETF Security Area, etc.) and the current trend of the standard security technology are mainly analyzed. The core of the latest security technology(Application Bridging, DNS-based Authentication, HTTP Authentication, IP Security, Javascript Security, Authentication Technology Next Generation, Managed Incident, Web Authorization Protocol, Security Automation, Transport Layer Security, etc.) is analyzed focusing on 18 working groups of the IETF.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.7
• /
• pp.1935-1950
• /
• 2023

The arrival of the Internet of Things and 5G technology enables users to rely on edge computing platforms to process massive data. Data sharing based on edge computing refines the efficiency of data collection and analysis, saves the communication cost of data transmission back and forth, but also causes the privacy leakage of a lot of user data. Based on attribute-based encryption and blockchain technology, we design a fine-grained access control scheme for data in edge computing, which has the characteristics of verifiability, support for outsourcing decryption and user attribute revocation. User attributes are authorized by multi-attribute authorization, and the calculation of outsourcing decryption in attribute encryption is completed by edge server, which reduces the computing cost of end users. Meanwhile, We implemented the user's attribute revocation process through the dual encryption process of attribute authority and blockchain. Compared with other schemes, our scheme can manage users' attributes more flexibly. Blockchain technology also ensures the verifiability in the process of outsourcing decryption, which reduces the space occupied by ciphertext compared with other schemes. Meanwhile, the user attribute revocation scheme realizes the dynamic management of user attribute and protects the privacy of user attribute.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.2
• /
• pp.764-785
• /
• 2018

In this paper, we present a new public key encryption scheme with equality test (PKEwET). Compared to other PKEwET schemes, we find that its security can be improved since the proposed scheme is based on non-Abelian factorization problems. To our knowledge, it is the first scheme regarding equality test that can resist quantum algorithm attacks. We show that our scheme is one-way against chosen-ciphertext attacks in the case that the computational Diffie-Hellman problem is hard for a Type-I adversary. It is indistinguishable against chosen-ciphertext attacks in the case that the Decisional Diffie-Hellman problem is hard in the random oracle model for a Type-II adversary. To conclude the paper, we demonstrate that our scheme is more efficient.

• Aerospace Engineering and Technology
• /
• v.4 no.2
• /
• pp.236-243
• /
• 2005

Civil aircraft tires require a certification according to the Technical Standard Order Authorization(TSOA) procedure. TSO-C62d contains minimum performance standards for aircraft tires. The TSOA covers design and manufacturing of the tire only. To install a TSO article on aircraft requires an installation approval. In this paper, TSOA procedure and the certification requirements for aircraft tires will be presented.

• Electronics and Telecommunications Trends
• /
• v.20 no.1 s.91
• /
• pp.123-129
• /
• 2005

AAA(Authentication, Authorization, and Accounting) 정보보호 기술은 유/무선 인터넷, 휴대인터넷, Mobile IP, VoIP 등 다양한 서비스 접속을 위한 인증/권한 검증/과금 기능을 제공하기 위한 기술이다. 현재 IETF 표준화 기구에서는 AAA에 관련된 표준을 제정하고 있다. IETF AAA 작업그룹에서 Diameter기반 프로토콜에 대한 표준화를 진행하고 있으며, 지속적인 표준화 작업을 통하여 RFC 표준 6개와 인터넷 드래프트 6개가 진행중이다. 본 고에서는 이러한 Diameter 기반 AAA 정보보호 기술에 대해 현재까지의 표준화 진행 상태 및 표준화 방향을 IETF AAA 작업그룹 중심으로 살펴본다.

• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.2101-2105
• /
• 2003

Recently the number of Internet users has very sharply increased, and the number of intrusions has also increased very much. Consequently, security products are being developed and adapted to prevent systems and networks from being hacked and intruded. Even if security products are adapted, however, hackers can still attack a system and get a special authorization because the security products cannot prevent a system and network from every instance of hacking and intrusion. Therefore, the researchers have focused on an active hacking prevention method, and they have tried to develop a traceback system that can find the real location of an attacker. At present, however, because of the characteristics of Internet - diversity, anonymity - the real-time traceback is very difficult. To over-come this problem the Network-based Real-Time Connection Traceback System (NRCTS) was proposed. But there is a security problem that the victim system can be hacked during the traceback. So, in this paper, we propose modified NRCTS with connection redirection technique. We call this traceback system as Connection Redirected Network-based Real-Time Connection Traceback System (CR-NRCTS).