• Journal of Digital Convergence
• /
• v.12 no.2
• /
• pp.285-293
• /
• 2014

Two-dimensional PDF417 bar code has a wide range of use and has a storage capacity to compress a large amount of data. With these characteristics, PDF417 has been used in various ways to prevent the forgery and alteration of important information in documents. On the other hand, previous decoding methods in PDF417 barcode are slow and inefficient because they simply employ the standard specifications of AIM (Association for Automatic Identification and Mobility). Therefore, this paper propose an efficient and fast algorithm of decoding PDF417 bar code. As a result, the proposed decoding algorithm will be more faster and efficient than previous methods.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.8
• /
• pp.1466-1477
• /
• 2016

Public key infrastructure(PKI), principle technology of the certificate, is a security technology providing functions such as identification, non-repudiation, and anti-forgery of electronic documents on the Internet. Our government and financial organizations use PKI authentication using ActiveX to prevent security accident on the Internet service. However, like ActiveX, plug-in technology is vulnerable to security and inconvenience since it is only serviceable to certain browser. Therefore, the research on HTML5 authentication system has been conducted actively. Recently, domestic bank introduced PKI authentication complying with web standard for the first time. However, it still has inconvenience to register a certification on each website because of same origin policy of web storage. This paper proposes the certificate based SSO protocol that complying with web standard to provide user authentication using certificate on several sites by going around same origin policy and its security proof.

• The Journal of the Korea Contents Association
• /
• v.18 no.6
• /
• pp.434-442
• /
• 2018

Recently, the threat to the security and damage of important data leaked by devices of intranet infected by malicious code through the Internet have been increasing. Therefore, the partitioned intranet model that blocks access to the server for business use by implementing authentication of devices connected to the intranet is required. For this, logical net partition with the VDI(Virtual Desktop Infrastructure) method is no information exchange between physical devices connected to the intranet and the virtual device so that it could prevent data leakage and improve security but it is vulnerable to the attack to expose internal data, which has access to the server for business connecting a nonregistered device into the intranet. In order to protect the server for business, we suggest a blockchain based network partition model applying blockchain technology to VDI. It contributes to decrease in threat to expose internal data by improving not only capability to verify forgery of devices, which is the vulnerability of the VDI based logical net partition, but also the integrity of the devices.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.40 no.4
• /
• pp.183-190
• /
• 2017

This paper proposes a dynamic magnetic field emulator (DMFE), which can electrically emulate information for the magnetic stripes of most widely used credit cards. Payment transactions with most common credit cards are performed by reading the card's information, encoded in magnetic stripes, using the reader head of a point-of-sale (POS) system. A stripe-type permanent magnet is attached to the back side of the credit card, and information for payments or value-added service is reorganized by exposing it to strong magnetic field. The process of data recording and retrieving as stated above has been pointed out as a major cause of illegal credit card use, because the information on the magnetic stripe is always exposed, and is thus vulnerable to forgery or alteration. A dynamic magnetic field emulator displays card information only when necessary by using the principle of solenoidal magnets. The DMFE proposed in this paper can prevent fraudulent use if it is operated with a device, like a smart phone, or a separate user-authentication procedure. In addition, because it is possible to display various information as needed, it can be utilized for a smart multi-card application, in which information for multiple cards is stored in one card, and can be selected and used as needed. This paper introduces the necessity of the DMFE and its manufacturing principles. As a result, this study will be helpful for making various application cases in payment, which is a core area of the Fintech (a newly-coined word of finance and technology) industry.

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.13-19
• /
• 2019

MANET has many security vulnerabilities because it consists of only mobile nodes using wireless. In particular, it is a very important factor determining network performance that excludes the participation of malicious nodes through accurate reliability measurements and authentication of nodes participating in the network. In this paper, we proposed a technique applied with blockchain technology in order to prevent forgery of authentication information for nodes participating in the network. And, an area-based hierarchical structure was applied to increase the efficiency of authentication for nodes and apply the optimal technique of block generation and exchange protocol. In addition, four data payloads were added to the block header in order to add authentication information for nodes in block. To improve the reliability by applying the blockchain technique to the hop-by-hop data transfer method between mobile nodes, blockchain exchange protocol through transaction creation, block packaging and verification processes were implemented. We performed the comparative experiment with the existing methods to evaluate the performance of the proposed method and confirmed the excellent performance by the experiment results.

• The KIPS Transactions:PartC
• /
• v.16C no.3
• /
• pp.347-356
• /
• 2009

In an RFID search protocol, a reader uses designated query to determine whether a specific tag is in the vicinity of the reader. This fundamental difference makes search protocol more vulnerable to replay attacks than authentication protocols. Due to this, techniques used in existing RFID authentication protocols may not be suitable for RFID search protocols. In this paper, we propose two RFID search protocols, one based on static ID and the other based on dynamic ID, which use counter to prevent replay attacks. Moreover, we propose a security model for RFID search protocols that includes forward/backward traceability, de-synchronization and forgery attack. Based on this model, we analyze security of our protocols and related works.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.115-118
• /
• 2014

Underwater Wireless Communication System can be useful for research of quality of water, ocean resources exploration, analysis ocean environment and so on. However, there exist security threats including data loss, data forgery, and another variety of security threats, because of characteristics of water, various geographical factors, intended attack, etc. To solve these problem, in this paper, we propose a CCM-UW mode of operation modified form of CCM mode of operation, providing data confidentiality, integrity, origin authentication and anti-attack prevent, for the Underwater Wireless Communication System. By implementing CCM-UW in MACA protocol(Underwater Wireless Communication MAC Protocol) and measuring speed of communication, we confirm the applicability of the security and analyze the communication environment impact.

• Journal of Internet Computing and Services
• /
• v.20 no.2
• /
• pp.61-68
• /
• 2019

Although the number of smartphone users is continuously increasing due to the advantage of being able to easily use most of the Internet services, the number of counterfeit applications is rapidly increasing and personal information stored in the smartphone is leaked to the outside. Because Android app was developed with Java language, it is relatively easy to create counterfeit apps if attacker performs the de-compilation process to reverse app by abusing the repackaging vulnerability. Although an obfuscation technique can be applied to prevent this, but most mobile apps are not adopted. Therefore, it is fundamentally impossible to block repackaging attacks on Android mobile apps. In addition, personal information stored in the smartphone is leaked outside because it does not provide a forgery self-verification procedure on installing an app in smartphone. In order to solve this problem, blockchain is used to implement a process of certificated application registration and a fake app identification and detection mechanism is proposed on Hyperledger Fabric framework.

• Food Science and Industry
• /
• v.54 no.4
• /
• pp.293-300
• /
• 2021

Food safety accidents have been increasing by 2% over 5,000 cases every year since 2009. Most people know that the best method to prevent food safety accidents is a quick inspection, but there is a lack of inspection technology that can be used at the non-analytic level to food production and distribution sites. Among the recent on-site diagnostic technologies, the methods for testing gene-based food poisoning bacteria were introduced with the STA technology, which can range from sample to detection. If food safety information can be generated without forgery by directly inspecting food hazard factors by remote, unmanned, not human, pollution sources can be managed by predicting risks more accurately from current big-data and artificial intelligence technology. Since this information processing can be used on smartphones using the current cloud technology, it is judged that it can be used for food safety to small food businesses or catering services.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.1
• /
• pp.49-66
• /
• 2022

The COVID-19 pandemic has led many countries around the world to introduce and employ a digital certificate system to prevent infectious diseases, however, there are difficulties in using the compatible digital certificate between countries in that the international standards of the system have not been developed. Accordingly, we propose an improved system, comparing two methods of presenting a certificate, existing QR code-based and a short-range wireless communication-based certificates. The proposed system is a digital certificate system against the spread of infectious disease by storing verification information of the certificate using decentralized identity-based technology on the blockchain. Blockchain-based trust anchor improves security by solving the problem of forgery and alteration of certificates and guaranteeing the identity of certificate issuers and presenters. This system is also expected to enhance usability providing concurrent verification of a number of certificates(vaccination certificates, recovery certificates, test results, identity certificates, etc.) in a single certificate presentation.