• International journal of advanced smart convergence
• /
• v.5 no.1
• /
• pp.23-29
• /
• 2016

The information is to be considered as important part of any network, the communication nodes within network can able to communicate and transmit information by the means of configured LAN/WAN, or/and using internet technology. Thus, vast enhancement has been made in- exchanging of information over transmission media, this should be beneficial in various disciplines of modern client/server applications but at other side, several massive vulnerabilities have been directly/in-directly associated with them. To resolve the security issues, a security mechanism is proposed which hide the sensitive information of images before transmitting to networks. Random size image samples have used and encrypted to protect them from unauthorized entities. The encryption mechanism manipulates the sample images, and corresponding secret codes are generated which help to protect the images from adversaries. To provide an indestructible security mechanism, cryptography algorithms are deployed and considered as best solutions to keep the secret information of images.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2008.02a
• /
• pp.89-93
• /
• 2008

본 논문에서는 단순전력 분석(SPA)과 오류주입공격(FA)에 안전한 중국인의 나머지 정리를 이용한 RSA 암호 시스템(CRT-RSA)에 대하여 논한다. CRT-RSA를 이용한 서명 알고리즘은 스마트카드와 같은 내장형 장치(embedded device)에서 널리 사용된다. 하지만 이러한 장치들은 전력분석 공격과 오류주입 공격에 취약하다. 2005년 Giraud가 처음으로 단순전력분석과 오류주입공격에 모두 안전한 대응 방법을 제안하였다. 본 논문에서는 Giraud의 대응 방법에 대한 다른 공격방법을 소개하고, 제시한 공격 방법에도 안전한 대응 방법을 제안한다. 본 논문에서 제안하는 대응 방법은 세 개의 메모리와 덧셈과 뺄셈연산을 추가적으로 요구한다. 추가적으로 요구되는 연산량은 모듈러 지수승 연산에 필요한 연산량에 비교하면 크게 고려하지 않아도 될 연산량이다. 그러므로 본 논문에서 제안하는 대응 방법은 내장형 장치와 같은 환경에서 안전하고 효율적으로 이용될 수 있다.

• The Transactions of the Korea Information Processing Society
• /
• v.3 no.6
• /
• pp.1493-1505
• /
• 1996

As Internet and its users grow dramatically multi-media data are getting common, many types of electronic mail applications are showing up. Internet s/w developers and users would like to electronic mail system for commercial purposes. They also would like to protect their electronic mail somehow. For these purpose, the security feature using cryptography is one of the essential functions. In this paper, we describe the library function development for handing MOSS(MIME Object Security Service), the security version of MINE(Multi -Purpose Internet Mail Extension). For these purpose, we explain the security features and structures of MOSS and defined the necessary function and we also discussed design issues for the MOSS implementation.

• Smart Media Journal
• /
• v.9 no.1
• /
• pp.30-37
• /
• 2020

Enforcing additional authentication to password-based authentication, in addition to attempting to increase the security of the password itself, helps to improve the security of the password authentication scheme. For a well-known problem of using strong passwords that differ from site to site, we propose a scheme for password generation and management with an inherent supplementary authentication. Like the so-called password manager, the scheme retrieves and presents a strong site-specific password whenever requested without requiring the user to remember multiple passwords. Unlike the existing methods, however, the scheme permits the password retrieval process to proceed only through the authenticated user's ownership verified smartphone. Hence, even for sites not enforcing or supporting two-factor authentication, the logon process can benefit from the scheme's assurance of enhanced security with its two-factor equivalent authentication. The scheme can also prevent an attacker from impersonating a user or stealing secrets even when the stored information of the server for password retrieval service or the user's smartphone is leaked.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.1
• /
• pp.231-237
• /
• 2012

In 2011, Das proposed an effective biometrics-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication, while eliminating the security drawbacks of Li-Hwang's scheme. In this paper, we have shown that Das's scheme is still insecure against several attacks and does not provide mutual authentication. Also, we proposed the enhanced scheme to overcome these security weaknesses, even if the secret information stored in the smart card is revealed. As a result of security analysis, the enhanced scheme is secure against user impersonation attack, server masquerading attack, off-line password guessing attack, and insider attack. And we can see that the enhanced scheme provides mutual authentication between the user and the server.

• Smart Media Journal
• /
• v.11 no.11
• /
• pp.75-83
• /
• 2022

NIST in the United States has developed SCAP, a protocol that enables automated inspection and management of security vulnerability using existing standards such as CVE and CPE. SCAP operates by creating a checklist using the XCCDF and OVAL languages and running the prepared checklist with the SCAP tool such as the SCAP Workbench made by OpenSCAP to return the check result. SCAP checklist files for various operating systems are shared through the NCP community, and the checklist files include ID, title, description, and inspection method for each item. However, since the inspection items are simply listed in the order in which they are written, so it is necessary to classify and manage the items by type so that the security manager can systematically manage them using the SCAP checklist file. In this study, we propose a method of extracting the description of each inspection item from the SCAP checklist file written in OVAL language, classifying the categories through a machine learning model, and outputting the SCAP check results for each classified item.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.6
• /
• pp.3032-3042
• /
• 2013

Multimedia Broadcast communication convergence services are broadcast communication convergence services new form that combines a platform technology for driving the application services of various media-related Internet and TV devices. It is possible to mounted the embedded OS of TV existing technology and to support a variety of smart application services to a TV technology evolved form equipped with various platforms on the OS. The services that are fused in this way, multi-media broadcasting communication convergence new services Open IPTV, Smart TV, mobile IPTV, and N-screen, are services actively focusing on three companies domestic services. However, in order to use the software to connect to the Internet for the provision of services, is inherent software vulnerabilities or the Internet. These vulnerabilities can lead to serious security incidents. Therefore, in this paper, or be able to derive the potential security threats that occur in multimedia broadcasting service environment based on security threats and vulnerabilities of existing threats lead to such security incidents in fact, the security it was carried out through a mock hacking validation for threats. It was also suggested necessary technical security measures that can be protect against security threats revealed by using the verification result through the penetration testing. Has been presented countermeasures in fusion communication service environment of multimedia broadcasting by using these results.

• Journal of the Korean Society of Systems Engineering
• /
• v.20 no.spc1
• /
• pp.12-29
• /
• 2024

The purpose of this study is to identify the social issues discussed in Korea regarding Maritime Autonomous Surface Ships (MASS), the most advanced ICT field in the shipbuilding industry, and to suggest policy implications. In recent years, it has become important to reflect social issues of public interest in the policymaking process. For this reason, an increasing number of studies use media data and social media to identify public opinion. In this study, we collected 2,843 domestic media articles related to MASS from 2017 to 2022, when MASS was officially discussed at the International Maritime Organization, and analyzed them using text mining techniques. Through term frequency-inverse document frequency (TF-IDF) analysis, major keywords such as 'shipbuilding,' 'shipping,' 'US,' and 'HD Hyundai' were derived. For LDA topic modeling, we selected eight topics with the highest coherence score (-2.2) and analyzed the main news for each topic. According to the combined analysis of five years, the topics '1. Technology integration of the shipbuilding industry' and '3. Shipping industry in the post-COVID-19 era' received the most media attention, each accounting for 16%. Conversely, the topic '5. MASS pilotage areas' received the least media attention, accounting for 8 percent. Based on the results of the study, the implications for policy, society, and international security are as follows. First, from a policy perspective, the government should consider the current situation of each industry sector and introduce MASS in stages and carefully, as they will affect the shipbuilding, port, and shipping industries, and a radical introduction may cause various adverse effects. Second, from a social perspective, while the positive aspects of MASS are often reported, there are also negative issues such as cybersecurity issues and the loss of seafarer jobs, which require institutional development and strategic commercialization timing. Third, from a security perspective, MASS are expected to change the paradigm of future maritime warfare, and South Korea is promoting the construction of a maritime unmanned system-based power, but it emphasizes the need for a clear plan and military leadership to secure and develop the technology. This study has academic and policy implications by shedding light on the multidimensional political and social issues of MASS through news data analysis, and suggesting implications from national, regional, strategic, and security perspectives beyond legal and institutional discussions.

• Asia pacific journal of information systems
• /
• v.30 no.4
• /
• pp.919-945
• /
• 2020

Social media platforms such as Instagram and Facebook lead to potential security risks, which consequently raise public concerns about privacy. However, most people rarely make active efforts to protect their personal data, even though they have shown increasing concerns about privacy. Therefore, this study examines the factors that determine social media users' behavior of using privacy settings and testifies the existence of privacy paradox in such a context. In addition, it investigates the mediating effects of implementation intentions on the relationship between intentions and behaviors. In the study, we collected data through questionnaires, and the respondents were undergraduate and graduate students in South Korea. After a pilot test (n = 92) and a set of face-to-face interviews, 266 usable responses were retrieved for data analysis finally. The results confirmed the existence of the privacy paradox regarding the use of social media privacy settings. And the implication intention did positively mediate the relationship between intention and behavior in the context of social media privacy settings. To the best of our knowledge, our study is the first in the information privacy literature to introduce the notion of implementation intention which is a much more powerful explanation and prediction of actual behavior than the (behavioral) intention.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.3
• /
• pp.113-120
• /
• 2012

VoIP provides voice data service using existing IP networks and has received much attention recently. VoIP service has a variety of security vulnerabilities. Types of main attacks on VoIP service are tapping/interception, DoS attacks, spam, misuse of service attacks and the like. Of these, confidential information leak because of tapping/interception has been considered as a critical problem. Encryption techniques, such as SRTP and ZRTP, are mostly used to prevent tap and intercept on VoIP media information. In general, VoIP service has two service scenarios. First, VoIP service operates within a single private network. Second, VoIP service operates between different private networks. Both SRTP and ZRTP for VoIP media information within a single private network can perform encryption. But they can not perform encryption between different private networks. In order to solve this problem, in this paper, we modify SRTP protocol. And then, we propose an encryption method that can perform encryption of VoIP media information between the different private networks.