• Journal of the Korea Society of Computer and Information
• /
• v.19 no.9
• /
• pp.85-91
• /
• 2014

Encryption is a method to convert information to no-sense code in order to prevent data from being lost or altered by use of illegal means. Audit logging creates audit log of users' activities, exceptions, and information security events, and then conserves it for a certain period for investigation and access-control auditing. Our paper suggests that confidentiality and integrity of information should be guaranteed when transmitting and storing important information in encryption. Encryption should consider both one-way encryption and two-way one and that encryption key should assure security. Also, all history related to electronic financial transactions should be logged and kept. And, it should be considered to check the details of application access log and major information. In this paper, we take a real example of encryption and log audit for safe data transmission and periodic check.

• Journal of KIISE:Information Networking
• /
• v.29 no.5
• /
• pp.482-494
• /
• 2002

In E-mail based accounting system, the remitter does not have need to find collector's account number. To transfer money to a collector's account, what remitter need is just a collector's E-mail address. But the current E-mail based accounting systems are built on SSL technology. Basically SSL provides some security services - confidentiality, user authentication and data integrity, but does not provide non-repudiation. So, in the current E-mail based accounting system, it is possible to deny transaction. And there is no receipt of transaction. In this paper, we design and implementation of a S/MIME applied Secure Payment Mechanism. In our system, every account information - account number, receiver name, amount of money, etc. - is included in a 'check' message. And this message is protected under the Secure Web-mail using S/MIME. In a view point of the convenience, users using our system do not have need to find collector's account number. And in a view point of the security, our system provides confidentiality, user authentication, data integrity and non-repudiation. Moreover our system provides a receipt.

• Journal of the Korean Geotechnical Society
• /
• v.34 no.12
• /
• pp.115-131
• /
• 2018

Extension plate attached PHC piles and bolts spliced PHC piles were installed in field test site. Pile integrities were checked during installation with dynamic pile test and the actual pile conditions after installation were compared with integrity index (${\beta}$ index) by PDA test. Theoretically the break in near pile end or pile end (especially extension plate itself) was very difficult to access by integrity index (${\beta}$ index) and also require a high level of knowledge and field experience on PDA test. First actual wave equation of bolts spliced PHC piles due to bolts spliced equipment can be different with welding spliced. Second wave length of the stress wave from installing can be longer than the height of bolts spliced equipment (about 100 mm). Third Beta processing in PDA analysis function is very difficult to access without a high level of knowledge and field experience on wave equation. Above-mentioned three reasons can make conclusion that traditional PDA test in domestic site can not access the integrity of bolts spliced equipment in bolts spliced PHC piles.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.1
• /
• pp.1-17
• /
• 2017

Mobile Cloud Computing has become a promising computing platform. It moves users' data to the centralized large data centers for users' mobile devices to conveniently access. Since the data storage service may not be fully trusted, many public verification algorithms are proposed to check the data integrity. However, these algorithms hardly consider the huge computational burden for the verifiers with resource-constrained mobile devices to execute the verification tasks. We propose an energy-efficient algorithm for assigning verification tasks (EEAVT) to optimize the energy consumption and assign the verification tasks by elastic and customizable ways. The algorithm prioritizes verification tasks according to the expected finish time of the verification, and assigns the number of checked blocks referring to devices' residual energy and available operation time. Theoretical analysis and experiment evaluation show that our algorithm not only shortens the verification finish time, but also decreases energy consumption, thus improving the efficiency and reliability of the verification.

• Proceedings of the Korean Nuclear Society Conference
• /
• 1995.05a
• /
• pp.1001-1007
• /
• 1995

A Comprehensive Vibration Assessment Program (CVAP) has been performed for Yonggwang Nuclear Power Plant Unit 4 (YGN 4) in order to verify the structural integrity of the reactor internals for flow induced vibrations prior to commercial operation. The theoretical evidence for the structural integrity of the reactor internals and the basis for measurement and inspection are provided by the analysis. Flow induced hydraulic loads and reactor internals vibration response data were measured during pre-core hot functional testing in YGN 4 site. Also, the critical areas in the reactor internals were inspected visually to check any existence of structural abnormality before and after the pre-core hot functional testing. Then, the measured data have been analyzed and compared with the predicted data by analysis. The measured stresses are less than the predicted values and the allowable limits. It is concluded that the vibration response of the reactor internals due to the flow induced vibration under normal operation is acceptable for long term operation.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.4
• /
• pp.61-68
• /
• 2015

MANET has various vulnerability in wireless network and is more vulnerable in security because central management is not performed. In particular, routing attack may decrease performance of the overall network because the mobile node acts as a router. In this paper, we proposed authentication technique for improving the reliability of the network by increasing the integrity of the routing control packet and blocking effectively attacks that occur frequently in the inside. The proposed technique is consisted of two authentication methods of ZCN and N2N. ZCN authentication method is to elect CA nodes and monitor the role of the CA nodes. N2N authentication method is for an integrity check on the routing packets between nodes. Index key is determined by combining the hop count value to shared key table issued from CA in order to increase the robustness of the internal attack. Also, the overhead of key distribution was reduced by distributing a shared key to nodes certificated from CA. The excellent performance of the proposed method was confirmed through the comparison experiments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.205-214
• /
• 2019

Android uses app cache files to improve app execution performance. However, this optimization technique may raise security issues that need to be examined. In this paper, we present a practical design of "Android app cache manipulation attack" to intentionally modify the cache files of a target app, which can be misused for stealing personal information and performing malicious activities on target apps. Even though the Android framework uses a checksum-based integrity check to protect app cache files, we found that attackers can effectively bypass such checks via the modification of checksum of the target cache files. To demonstrate the feasibility of our attack design, we implemented an attack tool, and performed experiments with real-world Android apps. The experiment results show that 25 apps (86.2%) out of 29 are vulnerable to our attacks. To mitigate app cache manipulation attacks, we suggest two possible defense mechanisms: (1) checking the integrity of app cache files; and (2) applying anti-decompilation techniques.

• KIPS Transactions on Software and Data Engineering
• /
• v.11 no.7
• /
• pp.283-290
• /
• 2022

Blockchain is a technology that secures integrity and transparency by distributing and storing transaction details within multiple node networks. Recently, research is being conducted to secure integrity by applying blockchain to Bill of Lading (B/L documents) of monetary value. In this paper, we study a blockchain-based bill of lading system to improve usability. The shippers register the issued bill of lading on the blockchain, and banks in each country read it to conduct L/C transactions. The consignees receive the goods after completing certification with a quick response code (QR) containing the bill of lading information. Through this, shippers enjoy merits in that they can shorten the time and cost of sending shipping documents by mail and prove the integrity of the documents. The consignees have the advantage of being able to check the documents at the same time as they are registered and trust the transaction. Finally, on the bank side, the security of shipping documents is ensured and verification can be done quickly.

• Journal of Korea Multimedia Society
• /
• v.20 no.12
• /
• pp.1928-1939
• /
• 2017

Fog computing is another paradigm of the cloud computing, which extends the ubiquitous services to applications on many connected devices in the IoT (Internet of Things). In general, if we access a lot of IoT devices with existing cloud, we waste a huge amount of bandwidth and work efficiency becomes low. So we apply the paradigm called fog between IoT devices and cloud. The network architecture based on cloud and fog computing discloses the security and privacy issues according to mixed paradigm. There are so many security issues in many aspects. Moreover many IoT devices are connected at fog and they generate much data, therefore light and efficient security mechanism is needed. For example, with inappropriate encryption or authentication algorithm, it causes a huge bandwidth loss. In this paper, we consider issues related with data encryption and authentication mechanism in the network architecture for cloud and fog-based M2M (Machine to Machine) IoT services. This includes trusted encryption and authentication algorithm, and key generation method. The contribution of this paper is to provide efficient security mechanisms for the proposed service architecture. We implemented the envisaged conceptual security check mechanisms and verified their performance.

• Speech Sciences
• /
• v.14 no.2
• /
• pp.35-42
• /
• 2007

The aim of this study is to analyze the correlation between current intensity and amplitude of stimulus artifact on the cochlear implantee, and to find out basic information to check the device failure. Subjects were a prelingual child and 3 postlingual adults with more than severe hearing losses. The charge-balanced biphasic pulses were presented at stimulus rates of 11 pulses per second, each pulse width of $25{\mu}s$ with monopolar mode(MP1+2). Current intensities were delivered at 27.5, 33.7, 41.3, 50.5, 61.9, $75.8{\mu}A$. Stimulus artifacts were recorded by evoked potential system. This procedure was performed just before the initial stimulation, and then, the amplitude of stimulus artifacts were compared with each current intensity. The amplitude of stimulus artifacts was increased significantly according to the current intensity (p<0.01). The results suggest that the change of the amplitude of stimulus artifact can be used as a good cue to check the device failure in the cochlear implantee.