• International Journal of Computer Science & Network Security
• /
• 제21권5호
• /
• pp.217-221
• /
• 2021

Recent studies have indicated that mobile markets harbor applications (apps) that are either malicious or vulnerable, compromising millions of devices. Some studies indicate that 96% of companies' employees have used at least one malicious app. Some app stores do not employ security quality attributes regarding authorization, which is the function of specifying access rights to access control resources. However, well-defined access control policies can prevent mobile apps from being malicious. The problem is that those who oversee app market sites lack the mechanisms necessary to assess mobile app security. Because thousands of apps are constantly being added to or updated on mobile app market sites, these security testing mechanisms must be automated. This paper, therefore, introduces a new mechanism for testing mobile app security, using white-box testing in a way that is compatible with Bring Your Own Device (BYOD) working environments. This framework will benefit end-users, organizations that oversee app markets, and employers who implement the BYOD trend.

• International Journal of Computer Science & Network Security
• /
• 제23권5호
• /
• pp.65-72
• /
• 2023

Cloud Computing is one of the current research areas in computer science. Recently, Cloud is the buzz word used everywhere in IT industries; It introduced the notion of 'pay as you use' and revolutionized developments in IT. The rapid growth of modernized cloud computing leads to 24×7 accessing of e-resources from anywhere at any time. It offers storage as a service where users' data can be stored on a cloud which is managed by a third party who is called Cloud Service Provider (CSP). Since users' data are managed by a third party, it must be encrypted ensuring confidentiality and privacy of the data. There are different types of cryptographic algorithms used for cloud security; in this article, the algorithms and their security measures are discussed.

• Journal of information and communication convergence engineering
• /
• 제8권5호
• /
• pp.544-548
• /
• 2010

The Enterprise Security Management system is a centralized control system based on predefined security policies by organizations. In Korea, there is a Common Criteria security certification according to the strict standards for various features. As the needs of information security product are increasing, the ESM system should be evaluated with quality characteristics. In this paper, we propose evaluation items for functionality and performance of Enterprise Security Management system, and the best practices for evaluation.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제6권2호
• /
• pp.498-514
• /
• 2012

Machine to machine (M2M) communications is the hottest issue in the standardization and industry area, it is also defined as machine-type communication (MTC) in release 10 of the 3rd Generation Partnership Project (3GPP). Recently, most research have focused on congestion control, sensing, computing, and controlling technologies and resource management etc., but there are few studies on security aspects. In this paper, we first introduce the threats that exist in M2M system and corresponding solutions according to 3GPP. In addition, we present several new security issues including group access authentication, multiparty authentication and data authentication, and propose corresponding solutions through modifying existing authentication protocols and cryptographic algorithms, such as group authentication and key agreement protocol used to solve group access authentication of M2M, proxy signature for M2M system to tackle authentication issue among multiple entities and aggregate signature used to resolve security of small data transmission in M2M communications.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2010년도 춘계학술발표대회
• /
• pp.238-240
• /
• 2010

본 논문은 최근 IT 분야에서 각광받는 모바일 클라우드를 모바일 노드와 클라우드의 역할에 따라 3 가지 세대로 분류하고, 각 세대별 특장과 활용 및 고려사항에 대해 고찰하였다. 1 세대는 웹 어플리케이션, 2 세대는 실시간 사진전송 시스템, 3 세대는 IPTV UCC 전송 시스템을 각 세대별 예로 들어 그 특징을 논의하였다.

• International Journal of Computer Science & Network Security
• /
• 제23권1호
• /
• pp.164-168
• /
• 2023

As our community has become increasingly dependent on technology, security has become a bigger concern, which makes it more important and challenging than ever. security can be enhanced with encryption as described in this paper by combining RC6 symmetric cryptographic algorithms with RSA asymmetric algorithms, as well as the Vigenère cipher, to help manage weaknesses of RC6 algorithms by utilizing the speed, security, and effectiveness of asymmetric algorithms with the effectiveness of symmetric algorithm items as well as introducing classical algorithms, which add additional confusion to the decryption process. An analysis of the proposed encryption speed and throughput has been conducted in comparison to a variety of well-known algorithms to demonstrate the effectiveness of each algorithm.

• International Journal of Computer Science & Network Security
• /
• 제23권4호
• /
• pp.25-31
• /
• 2023

Fog computing diversifies cloud computing by using edge devices to provide computing, data storage, communication, management, and control services. As it has a decentralised infrastructure that is capable of amalgamating with cloud computing as well as providing real-time data analysis, it is an emerging method of using multidisciplinary domains for a variety of applications; such as the IoT, Big Data, and smart cities. This present study provides an overview of the security and privacy concerns of fog computing. It also examines its fundamentals and architecture as well as the current trends, challenges, and potential methods of overcoming issues in fog computing.

• International Journal of Computer Science & Network Security
• /
• 제23권6호
• /
• pp.181-192
• /
• 2023

Blockchain system brought innovation in the area of accounting, credit monitoring and trade secrets. Consensus algorithm that considered the central component of blockchain, significantly influences performance and security of blockchain system. In this paper we presented four consensus protocols specifically as Proof of Work (PoW), Proof of Stake (PoS), Delegated Proof of Stake (DPoS) and Practical Byzantine Fault-Tolerance (PBFT), we also reviewed different security threats that affect the performance of Consensus Protocols and precisely enlist their counter measures. Further we evaluated the performance of these Consensus Protocols in tabular form based on different parameters. At the end we discussed a comprehensive comparison of Consensus protocols in terms of Throughput, Latency and Scalability. We presume that our results can be beneficial to blockchain system and token economists, practitioners and researchers.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2023년도 춘계학술발표대회
• /
• pp.86-87
• /
• 2023

기존에 존재하는 해양쓰레기 처리 기술은 처리할 수 있는 쓰레기의 종류와 양이 한정되어있거나, 장치를 설치하는 데 많은 시간을 소비하는 문제점이 존재한다. 본 연구에서는 효율적으로 해양 침적쓰레기를 수거하기 위한 관리 시스템과 시나리오를 제안한다. 특히, 시나리오는 센서 배치, 감지, 분류, 처리와 같이 4단계로 구성되며, 각 단계에서 기존 문제점 해결을 위한 방안을 제시한다.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2023년도 춘계학술발표대회
• /
• pp.88-89
• /
• 2023

기존의 헬스케어 분야에서 사물인터넷 기술은 단순히 사용자가 웨어러블 디바이스를 통해 개인적으로 건강 정보를 확인하고 응급 상황 시에 직접 응급 센터에 연락하는 등의 제한된 용도로만 사용되고 있다. 따라서, 본 연구에서는 신속한 응급 환자 식별 및 이송을 위해 사물인터넷 기반의 응급 환자 관리 시스템을 제안한다. 특히, 사용자의 응급 상황 1분 전후의 정보를 수집하여 119안전센터와 구급차로 전달하여 빠른 환자 상황 대처가 가능하게 한다. 또한, 실시간 구급차의 이동상황에 따라 신호등 상태를 조작하여 응급 환자를 보다 빨리 병원으로 이송한다.