• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.1
• /
• pp.64-83
• /
• 2012

The number of smart phone users is rapidly growing due to recent increase in wireless Internet usage, development of a wide variety of applications, and activation of M2M (Machine to machine) services. Although the smart phone offers benefits of mobility and convenience, it also has serious security problems. To utilize M2M services in the smart phone, a flexible integrated authentication and access control facility is an essential requirement. To solve these problems, we propose a context-aware single sign-on and access control system that uses context-awareness, integrated authentication, access control, and an OSGi service platform in the smart phone environment. In addition, we recommend Fuzzy Logic and MAUT (Multi-Attribute Utility Theory) in handling diverse contexts properly as well as in determining the appropriate security level. We also propose a security system whose properties are flexible and convenient through a typical scenario in the smart phone environment. The proposed context-aware security system can provide a flexible, secure and seamless security service by adopting diverse contexts in the smart phone environment.

• Strategy21
• /
• s.41
• /
• pp.85-107
• /
• 2017

The purpose of this article is to explore recent developments in piracy attacks at the global level. This article provides an overview of global trend of recent piracy attacks and presents global counter-piracy efforts at the international and governmental as well as industry level. The issue of piracy has been a grave concern of the globe, becoming the biggest threat to the safety and security navigation and seaborne trade. Overall, piracy attacks in recent years have greatly diminished owing to multi-faceted counter-piracy efforts. However, Southeast Asia and West Africa have reemerged as an hotspot of piracy. A worrisome trend in these regions is that many of piracy attacks are committed by militant groups for financing their activities. As a result, the level of violence and the sophistication of attacks have escalated. The problem of contemporary piracy is beyond a particular region or coastal state, but a common concern of the international community. In order to address the global piracy problem, international cooperation should be further strengthened at the global level as well as the regional level. As a way of counter-piracy measures in Southeast Asian waters, the creation of a joint regional coast guard to patrol the highly piracy concentration areas needs to be considered.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.2
• /
• pp.361-365
• /
• 2005

Proxy signature schemes which allows original signer to delegate proxy signer to sign message on its behalf have a considerable amount of interest from researchers since Mambo[1] and have found many practical applications such as distributed network, Grid computing and electronic commerce. Araki[6] extended them to multi-level proxy signature. But it could not satisfy some security requirement. In this paper we propose a protocol to delegate signing right to another entity for multi-level proxy signature. Our protocol do not require secure channel and guarantee that nobody is able to repudiate delegation or acceptance of signing right, it is impossible for anyone to generate signature except designed and original signer can withdraw the delegation before expiration if it is necessary.

• Journal of the Korea Society of Computer and Information
• /
• v.5 no.3
• /
• pp.84-90
• /
• 2000

This paper presents a design of an access control mechanism that can resolves the complicated problems of access control requirements in internet environment. In this paper, we proposed an access control mechanism which can satisfy the combined goals of confidentiality integrity and availability of any resource. We defined an access control mechanism from the viewpoints of identity-based, rule-based and role-based policy and implemented 6 access control operations. The Proposed access control mechanism can protect resources from unauthorized accesses based on the multi-level security policies of security label, integrity level, role and ownership.

• Convergence Security Journal
• /
• v.7 no.1
• /
• pp.83-89
• /
• 2007

This paper is to suggest the method of embedding a signature to pictures secretly under the orthogonal wavelet transform which represents pictures as multi-resolution representations. As it is focused upon the differential output under the multi-resolution representation of pictures, this method can embed bit series to pictures. In doing so, it can compound approximately 6K byte of information with gray-level image $256{\times}256$. The method can include not only the database which designates copyright of pictures but also the author and usage of pictures, and the information of the picture itself. Therefore, this method can easily discriminate the inspection of picture database.

• Convergence Security Journal
• /
• v.14 no.2
• /
• pp.43-50
• /
• 2014

Recently, lot of researches for the multi-level protocol have been done to balance the sensor node energy consumption of WSN and improve the node efficiency to extend the life of the entire network. Especially in multi-hop protocol, a variety of models have been proposed to improve energy efficiency and apply it to WSN protocol. In this paper, we analyze LEACH algorithm and propose new method based on center of local clustering routing algorithm in wireless sensor networks. We also perform NS-2 simulation to show the performance of our model.

• International Journal of Computer Science & Network Security
• /
• v.23 no.2
• /
• pp.126-132
• /
• 2023

Web technology is evolving with the passage of time, from a single node server to high availability and then in the form of Kubernetes. In recent years, the research community have been trying to provide high availability in the form of multi master cluster with a solid election algorithm. This is helpful in increasing the resources in the form of pods inside the worker node. There are new impact of known DDoS attack, which is utilizing the resources at its peak, known as Yoyo attack. It is kind of burst attack that can utilize CPU and memory to its limit and provide legit visitors with a bad experience. In this research, we tried to mitigate the Yoyo attack by introducing a firewall at load-balancer level to prevent the attack from going to the cluster network.

• Journal of the Korean Society of Safety
• /
• v.12 no.3
• /
• pp.67-75
• /
• 1997

This paper presents a study on the application of Asynchronous Team(A-Team) theory for QVC(Reactive power control) and security assessment in a power system. Reactive power control problem is the one of optimally establishing voltage level given reactive power sources, which is very important problem to supply the demand without interruption and needs methods to alleviate a bus voltage limit violation more quickly. It can be formulated as a mixed-integer linear programming(MILP) problem without deteriorating of solution accuracy to a certain extent. The security assessment is to estimate the relative robustness of the system and deterministic approach based on AC load flow calculations is adopted to assess it, especially voltage security. A distance measure, as a measurement for voltage security, is introduced. In order to analyze the above two problem, reactive power control and static security assessment, In an integrated fashion, a new organizational structure, called an A-team, is adopted. An A-team is well-suited to the development of computer-based, multi-agent systems for operation of large-scaled power systems. In order to verify the usefulness of the suggested scheme herein, modified IEEE 30 bus system is employed as a sample system. The results of a case study are also presented.

• Journal of the Korea Society of Computer and Information
• /
• v.5 no.4
• /
• pp.13-20
• /
• 2000

There are many security problems with Electronic Commerce since insecure public networks, especially Internet, are used. Therefore, for implementing secure Electronic Commerce, CAPI(Cryptographic Application Programming Interfaces) is expected to use various form of security applications. The Cryptographic Application Programming Interface supports cryptographic services for each level and various security services. The CSSM API(Common Security Service Management Application Programming Interface) Provides modularity, simplicity, and extensibility in terms of various add-in modules and interfaces in contract to other CAPIs. This paper proposed an applying method of CSSM API having various extensibility and supporting multi-platforms to Electronic Commerce. we describe encryption, digital signature operation of CSSM API's CSP interface and evaluate secureness by matching relation of theratening factors to security services.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.187-198
• /
• 2004

Virus protection infrastructure management is network infrastructure management, traffic route management, virus protection zone expansion, and virus protection management for gateway area. This research paper provides a diagnosis of characteristics and weaknesses of the structure of existing virus protection infrastructure, and recommends an improved multi-level virus protection infrastructure as a measure for correcting these weaknesses. Unproved virus protection infrastructure fitters unnecessary mail at the gateway stage to reduce the toad on server. As a result, number of transmission accumulation decreases due to the reduction in the CPU load on the Virus wall and increase in virus treatment rate.