• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.13-28
• /
• 2003

The Protection Profile(PP) is a common security function and detailed statement of assurance requirements in a specific class of Information Technology security products such as firewall and smart card. The parts of TOE security environment in the PP have to be described about assumption, treat and security policy through analyzing purpose of TOE. In this paper, we present a new security policy derivation among TOE security environment parts in the PP. Our survey guides the organizational security policy statements in CC scheme through collected and analyzed hundred of real policy statements from certified and published real PPs and CC Toolbox/PKB that is included security policy statements for DoD. From the result of the survey, we present a new generic organizational policy statements list and propose a organizational security policy derivation method by using the list.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.115-123
• /
• 2007

In cryptographic devices like a smart-card whose computing ability and memory are limited, cryptographic algorithms should be performed efficiently. Scalar multiplication is very important operation in Elliptic Curve Cryptosystems, and so must be constructed in safety against side channel attack(SCA). But several countermeasures proposed against SCA are exposed weaknesses by new un-dreamed analysis. 'Double-and-add always scalar multiplication' algorithm adding dummy operation being known to secure against SPA is exposed weakness by Doubling Attack. But Doubling Attack cannot apply to sABS receding proposed by Hedabou, that is another countermeasure against SPA. Our paper proposes new strengthened Doubling Attacks that can break sABS receding SPA-countermeasure and a detailed method of our attacks through experimental result.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.115-124
• /
• 2011

There has been significant research in security technology such as e-passport standards, as e-passports have been introduced internationally. E-passports combine the latest security technologies such as smart card, public key infrastructure, and biometric recognition, so that these technologies can prevent unauthorized copies and counterfeits. Biometric information stored in e-passports is the most sensitive personal information, and it is expected to bring the highest risk of damages in case of its forgery or duplication. The present e-passport standards cannot handle security features that verify whether its biometric information is copied or not. In this paper, we propose an e-passport security technology in which biometric watermarking is used to prevent the copy of biometric information in the e-passport. The proposed method, biometric watermarking, embeds the invisible date of acquisition into the original data during the e-passport issuing process so that the human visual system cannot perceive its invisibly watermarked information. Then the biometric sample, having its unauthorized copy, is retrieved at the moment of reading the e-passport from the issuing database. The previous e-passport security technology placed an emphasis on both access control readers and anti-cloning chip features, and it is expected that the proposed feature, copy protection of biometric information, will be demanded as the cases of biometric recognition to verify personal identity information has increased.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.987-997
• /
• 2012

A Point-of-Sales (POS) terminal manages the selling process by a salesperson accessible interface in real time. Using a POS system makes a business and customer management much more efficient. For these reasons, many store install POS terminal and used it. But it has many problem that stealing personal information by hacking and insider corruption. Because POS system stored payment information like that sales information, card valid period, and password. In this paper, I proposed software integrity verification technique in POS system based on White list. This method can prevent accidents that personal information leak by hacking and POS system forge and falsification. This proposed method provides software integrity, so it can prevent inside and outside threats in advance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.3
• /
• pp.53-65
• /
• 2010

Conditional Access System (CAS) is a core security mechanism of IPTV SCP (Service and Content Protection) which enables only authenticated user to be able to watch the broadcasting contents. In the past, it was general that CAS was built in Set-Top Box (STB) as hardware or as a detachable cable card. However, numerous researches in Downloadable CAS (DCAS), where users can download CAS code in their STB through their network, have been recently conducted widely due to the lack of security and scalability problem. In this paper, the security requirements of OpenCable based DCAS which is typical example of downloadable IPTV SCP will be derived, the novel authentication and key management scheme will be proposed by using the Authentication Proxy (AP) which is the core DCAS. Also, the benefits of the proposed system will be evaluated by comparison and analysis with preceding research.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.2
• /
• pp.27-35
• /
• 2011

Due to the advancement of IPTV technologies, Mobile IPTV service is needed to be supported for service and content protection. CAS is generally used in the IPTV service to protect service and content. However, the CAS is not efficient in the Mobile IPTV. The CAS needs too much bandwidth for Service Key update to the each subscriber. Moreover, the CAS is increasing computation burden for the service key refreshment in the key management server when the subscriber frequently changes of the IPTV service group. To solve the problems, we used hierarchical key structure based on pre-shared key that is securely stored into smart card or USIM and do not use the EMM for Service Key update. As a result, the proposed scheme decreases computation burden at the key management server and wireless bandwidth burden in the Mobile IPTV service.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.4
• /
• pp.1502-1520
• /
• 2021

This paper attempts to investigate Korean youth Not in Education, Employment and Training (NEET) and how daily activities and community participation may influence their positive emotions and job search desire. First, we conducted a focus group interview with 16 NEETs who participated in the Kakao NEET Company project. The project allowed participants to experience employment by founding a virtual company in which each participant selected a daily activity to perform as part of the company's operations. Second, the interview responses were categorized and assigned emotional values using the card sorting technique and multi-dimensional analysis (MDS). A total of 11 emotional values were derived through this process. Finally, a social network analysis was conducted in order to measure the density of relations among the emotional values. Results suggest that immersion, confidence, belongingness were the three highest values evaluated by participants. Furthermore, network diagrams imply that the stronger participants perceived social support and belongingness with others, the stronger their responsibility grew, further leading them to establish steady goals. In particular, the high eigenvector score for "desire for job" suggests that emotional values are sequentially connected to the immersion-social support-responsibility-goal-job desire. This sequence suggests that digital services that are developed with the aim to enhance social values such as the Kakao NEET Project may engender motivation and confidence in youth NEETs. The overall results suggest that a systematic approach to policymaking should be considered in order to provide fundamental solutions and expand opportunities for social participation and emotional comfort, as social isolation due to low self-esteem has been reported as one of the reasons for NEETs' failure in the labor market.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.1
• /
• pp.20-26
• /
• 2021

Recent systems contain hardware and software components together for faster execution speed and less power consumption. In conventional hardware and software co-design, the ratio of software and hardware was divided by the designer's empirical knowledge. To find optimal results, designers iteratively reconfigure accelerators and applications and simulate it. Simulating iteratively while making design change is time-consuming. In this paper, we propose a hardware and software co-design platform for energy-efficient FPGA accelerator design. The proposed platform makes it easy for designers to find an appropriate hardware ratio by automatically generating application program code and hardware code by parameterizing the components of the accelerator. The co-design platform based on the Vitis unified software platform runs on a server with Xilinx Alveo U200 FPGA card. As a result of optimizing the multiplication accelerator for two matrices with 1000 rows, execution time was reduced by 90.7% and power consumption was reduced by 56.3%.

• Smart Media Journal
• /
• v.10 no.1
• /
• pp.70-78
• /
• 2021

The auditory information is used for urgent notification or warning in vehicle because it is not restricted by the direction compared to the visual. However, since the hearing impaired drivers cannot recognize sound signal, various methods of visualizing the auditory information have been attempted to replace it. When visualizing auditory information, only important information should be selected and provided to prevent cognitive overload concentrated on the vision. For this purpose, analysis of the type of auditory information in vehicle should be given in advance. In this study, the types of auditory information in vehicle were analyzed based on the user experience of hearing impaired drivers. Through the observation of the driving behavior of hearing impaired drivers, 33 auditory informations experienced in vehicle were collected. The collected auditory informations were classified into 12 groups through open card sorting by an expert group, and the types of auditory information in vehicle consisting of four levels were presented through a relative comparison of importance between groups. The presented type of auditory information in vehicle can be used as a guideline for selecting important information when the auditory information is converted into visual or tactile. This study is meaningful in that the user experience analysis was conducted by observing actual driving in daily life of hearing impaired drivers.

• The Journal of the Korea Contents Association
• /
• v.21 no.4
• /
• pp.111-122
• /
• 2021

This study analyzed user reviews of Dongbaekjeon and Incheoneum app, which are representative local currencies in Korea, to identify the positive/negative factors of local currency users, and established a marketing strategy based on this. App user reviews were classified into positive and negative based on the star rating, and word cloud, topic modeling, and social network analysis were performed, respectively. As a result, in the negative reviews of Dongbaekjeon and Incheoneum, dissatisfaction with app use and card issuance appeared in common. In positive reviews, keywords such as 'local economy' and 'small business owners' along with satisfaction with 'cashback' appeared. It means that local currency users perceived that their consumption support local economy, and they felt satisfaction in using local currency. Based on the satisfaction/dissatisfaction factors identified as a result of the analysis of this study, we identified what needs to be improved and to be strengthened, and appropriate marketing strategies were established. The text mining method used in this study and research results can provide meaningful information about local currencies to public officials and marketers in charge of local currencies.