• Journal of the Korea Convergence Society
• /
• v.11 no.12
• /
• pp.329-341
• /
• 2020

As COVID-19 pandemic sweeps across the world, more than 45 million confirmed cases and over 1,000,000 deaths have occurred till now, and this situation is expected to continue for some time. In particular, more than half of the infections in European countries such as Italy and Spain occurred in nursing homes, and it is reported that over 4,000 people died in nursing homes for older adults in the United States. Therefore, the issues that need to be addressed after the COVID-19 crisis include finding a fundamental solution to group care and shifting to family-centered care. More specifically, it is expected that there will be ever more lively discussion on establishing and expanding hyper-technology based community care, that is, family-centered care integrated with ICT and other Industry 4.0 technologies. This poses a challenge of how to combine social security and social welfare with Industry 4.0 in concrete ways that go beyond the abstract suggestions made in the past. A case in point is the proposal involving smart welfare cities. Given this background, the present paper examined the concept, scope, and content of non-face-to-face care in the context of previous literature on the function and scope of the social security platform, and the concept and expandability of the smart welfare city. Implementing a smart city to realize the kind of social security and welfare that our society seeks to provide has significant bearing on the implementation of community care or aging in place. One limitation of this paper, however, is that it does not address concrete measures for implementing non-face-to-face care from the policy and legal/institutional perspectives, and further studies are needed to explore such measures in the future. It is expected that the findings of this paper will provide the future course and vision not only for the smart welfare city but also for the social security and welfare system in administrative, practical, and legislative aspects, and ultimately contribute to improving the quality of human life.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.3
• /
• pp.1356-1366
• /
• 2011

The TPM(Trusted Platform Module) is a hardware chip to support a trusted computing environment. A rightful user needs a command authorization process in order to use principal TPM commands. To get command authorization from TPM chip, the user should perform the OIAP(Object-Independent Authorization Protocol) or OSAP(Object-Specific Authorization Protocol). Recently, Chen and Ryan alerted the vulnerability of insider attack on TPM command authorization protocol in multi-user environment and presented a countermeasure protocol SKAP(Session Key Authorization Protocol). In this paper, we simulated the possibility of insider attack on OSAP authorization protocol in real PC environment adopted a TPM chip. Furthermore, we proposed a novel countermeasure to defeat this insider attack and improve SKAP's disadvantages such as change of command suructures and need of symmetric key encryption algorithm. Our proposed protocol can prevent from insider attack by modifying of only OSAP command structure and adding of RSA encryption on user and decryption on TPM.

• Journal of Digital Convergence
• /
• v.13 no.8
• /
• pp.331-336
• /
• 2015

Lately, the development and utilization of technology of the Internet of Things(IoT), and Fintech have been on the rise and amid the emerging convergence of system and service, mobile payment system and location based service technology have received much attention. Considering the fact that smartphone users are currently utilizing mobile payment frequently, many corporations are introducing various methods to the market for easy payment process of consumers by grafting various technologies, and by utilizing the technology based on BLE technology and location based technology, it is emerging as new method applied to payment service such as ZEP, for easy payment process. And by checking the existence of security threats and studying the attack techniques in these payment services, we strive to suggest a method of response based on big data platform.

• 전자공학회논문지 IE
• /
• v.43 no.1
• /
• pp.46-51
• /
• 2006

Recently, smart card system which is known as easy to portable and also safe from physical, electrical, and software attack is observed to manage information that becomes the target of security in safety. And java card graft upon java technology to smart card platform is having very good advantage with object-oriented techniques and also, java card have the open type OS that can show the same action in different hardware characteristic which allows various application programs. In this paper, we introduced independent execution characteristic of java platform because being set to each smart card was uncomfortable till now and we designed access control member card that allows several administrators in different access privilege by single card using java card. Several administrators can approach to various information of file type that is included on issued card to user by using different PIN. In the proposed method, confirmation of personal information, administration contents update, demand by contents, is possible by single card. At this moment, wish to do safer user certification that improve security limitation which is from PIN, used for user certification, and signature data. In the proposed method, as design and implementation of utilization technology of java card, biometrics, user certification which uses multi PIN, provide that more safety and conveniently.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.479-490
• /
• 2013

Recently, the number of attacks by malicious application has significantly increased, targeting Android-platform mobile terminal such as Samsung Galaxy Note and Galaxy Tab 10.1. The malicious application can be distributed to currently used mobile devices through open market masquerading as an normal application. An attacker inserts malicious code into an application, which might threaten privacy by rooting attack. Once the rooting attack is successful, malicious code can collect and steal private data stored in mobile terminal, for example, SMS messages, contacts list, and public key certificate for banking. To protect the private information from the malicious attack, malicious code detection, rooting attack detection and countermeasure method are required. To meet this end, this paper investigates rooting attack mechanism for Android-platform mobile terminal. Based on that, this paper proposes countermeasure system that enables to extract and collect events related to attacks occurring from mobile terminal, which contributes to active protection from malicious attacks.

• The KIPS Transactions:PartC
• /
• v.14C no.7
• /
• pp.545-552
• /
• 2007

P3P(Platform for Privacy Preference) that is used in the World Wide Web is a standard to define and negotiate policies about definition, transmission, collection, and maintenance of personal information. Current P3P standard provides methods that define client personal information protection policy and P3P policy associated with web server. It also provides a method that compares these two policies. The current P3P standard, however, does not handle detail functions for safe transmission of the personal information and data. Also, it does not handle problems that can be induced by the detail functions. In this paper, in order to solve these problems, we propose a Secure P3P(S-P3P) protocol, which is a security protocol for the current P3P standard, offers mutual authentication between the web server and the client, and guarantees integrity and confidentiality of the messages and data. Furthermore, a S-P3P protocol provides non-repudiation on transmission and reception of personal information that is transmitted from the client to the web server.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.18 no.1
• /
• pp.23-28
• /
• 2018

In this work, we developed a platform that can monitor status and manage events of factory workplaces by providing events and data collected from various types of multi-touch technology based sensors installed in the workplace. By using the image recognition technology, faces of the people in the factory workplace are recognized and the customized contents for each worker are provided, and security of contents is enhanced by the authenticating an individual worker through face recognition. Contents control function through gesture recognition is constructed, so that workers can easily search documents. Also, it is possible to provide contents for workers by implementing face recognition function in mobile devices. The result of this work can be used to improve workplace safety, convenience of workers, contents security and can be utilized as a base technology for future smart factory construction.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.11
• /
• pp.2729-2735
• /
• 2013

Safety and security system have been internationally enhanced in a field of shipping logistics. Accordingly, techniques for safety and security have been studied steadily. The need of portable radiation detection device is increasing by the search of the container is enhanced. In this paper, we propose to study on the application of the temperature compensation algorithm to the platform to improve the accuracy and the realization of portable radiation detection device based on Cortex-A9. Analog board deforms signal output from the sensor. And Cortex-A9 platform analyzes the signal received and displays the results. Additionally we use the temperature compensation algorithm and thereby we ca look the same results even if the temperature changes.

• Journal of Internet Computing and Services
• /
• v.21 no.1
• /
• pp.95-102
• /
• 2020

In this paper, we present a healthcare data integration management and sharing platform based on a permissioned blockchain-based system called the Hyperledger fabric. The Hyperledger fabric allows patients to easily access their data, share the data with agencies that need it, and also reward participants. The healthcare data is stored in the blockchain by a de-identification process. Privacy is protected by setting detailed access rights to the stored data. The proposed model provides higher security than other models using a public blockchain. This study confirms that patient data can be stored more securely, by comparing the data stored in the blockchain with that from existing information storage methods.

• Journal of Internet Computing and Services
• /
• v.14 no.3
• /
• pp.35-46
• /
• 2013

As mobile terminal environment gets matured, the use of Android platform based mobile terminals has been growing high. Recently, the number of attacks by malicious application is also increasing as Android platform is vulnerable to private information leakage in nature. Most of these malicious applications are easily distributed to general users through open market or internet and an attacker inserts malicious code into malicious app which could be harmful tool to steal private data and banking data such as SMS, contacts list, and public key certificate to a remote server. To cope with these security threats more actively, it is necessary to develop countermeasure system that enables to detect security vulnerability existing in mobile device and take an appropriate action to protect the system against malicious attacks. In this sense, this paper aggregates diverse system events from multiple mobile devices and also implements a system to detect attacks by malicious application.