• Informatization Policy
• /
• 제17권1호
• /
• pp.78-101
• /
• 2010

Unlike knowledge sharing or knowledge transfer, knowledge protection has received little attention in the literature. Knowledge protection play a very important role in keeping organization competitive. This study explores the differences in knowledge protection between public and private organizations by T-test and regression analysis. The results of this study shows that the level of knowledge protection in public organizations is lower than that in private organizations. There is even larger difference in the level of access to key knowledge from outside between the two sectors. Such difference can be explained by the unique characteristics of public sector organizations. Understanding why the level of knowledge protection differs between the public and private sector is very important. This study presents lessons and implications for management leadership.

• International Journal of Computer Science & Network Security
• /
• 제22권3호
• /
• pp.364-374
• /
• 2022

Health information systems (HIS) are facing security challenges on data privacy and confidentiality. These challenges are based on centralized system architecture creating a target for malicious attacks. Blockchain technology has emerged as a trending technology with the potential to improve data security. Despite the effectiveness of this technology, still HIS are suffering from a lack of data privacy and confidentiality. This paper presents a blockchain-based data storage security architecture integrated with an e-Health care system to improve its security. The study employed a qualitative research method where data were collected using interviews and document analysis. Execute-order-validate Fabric's storage security architecture was implemented through private data collection, which is the combination of the actual private data stored in a private state, and a hash of that private data to guarantee data privacy. The key findings of this research show that data privacy and confidentiality are attained through a private data policy. Network peers are decentralized with blockchain only for hash storage to avoid storage challenges. Cost-effectiveness is achieved through data storage within a database of a Hyperledger Fabric. The overall performance of Fabric is higher than Ethereum. Ethereum's low performance is due to its execute-validate architecture which has high computation power with transaction inconsistencies. E-Health care system administrators should be trained and engaged with blockchain architectural designs for health data storage security. Health policymakers should be aware of blockchain technology and make use of the findings. The scientific contribution of this study is based on; cost-effectiveness of secured data storage, the use of hashes of network data stored in each node, and low energy consumption of Fabric leading to high performance.

• Proceedings of the Korea Water Resources Association Conference
• /
• 한국수자원학회 2022년도 학술발표회
• /
• pp.211-211
• /
• 2022

The marketization reform from the open-door policy in 1978 was not only booming export-oriented industries with foreign investment but also expanding the role of private actors in the Chinese water sector. Private Sector Participation (PSP) has become an important element in developing urban infrastructure by providing better services with advanced facilities. The rapid development of PSP-driven urban water infrastructure in China has a positive impacted on Chinese economic development, particularly in coastal areas. PPPs in some coastal areas have successfully spread out over China since China applied the first Build-Operate-Transfer (BOT) mode in the water sector in the early 1990s. The market-oriented water and wastewater, Public-Private Partnership (PPP) mechanism in the initial period of China has been transformed into a state-dominated PPP mechanism. The development pattern of the water and wastewater PPPs in China has been divided in four stages: the first period from 1984 to 2002, the second period from 2003 to 2008, the third period from 2009 to 2014, and the last period after 2015. The study aims to investigate the successful process of water and wastewater PPPs in local areas through five socioeconomic elements: export-oriented economic strategy, urbanization, cheap land policy, infrastructure investment, and water issues and climate change. In addition, the study focuses on analyzing the extent to which the Chinese government re-asserted its control over the PPP mechanism by classifying five elements in three different development Phases from early 2000 to 2020. The Jiangsu Province in the estern coastal area has actively invited PPP projects in the water and wastewater sectors. The successful introduction and rapid growth of PPPs in the urban water infrastructure has made the province an attractive area for a foreign investor.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제28권5호
• /
• pp.1035-1045
• /
• 2018

Recently, with the development of IT technology, authentication methods of users using cloud services have been diversified. However, research on providing authentication information of a user using a cloud service securely according to authority has not been make until now. In this paper, we propose a key establishment protocol which can perform split authentication using secret key and access control key according to the role authority of user in Intra cloud environment. The proposed protocol generates the access control key and secret key of the user by using the attributes of the user and the generated random number($t_1$, $t_2$), and classifies the roles according to the user's authority after generating the key. Unnecessary operation processes can be reduced. As a result of the performance evaluation, the proposed protocol guarantees the security against various type of attacks that may occur in the cloud environment because the user is authenticated by dividing the access control key and secret key. The size of the ciphertext used to establish the key could be reduced by ${\sum}+1$ more than the existing protocol.

• IEIE Transactions on Smart Processing and Computing
• /
• 제2권3호
• /
• pp.168-175
• /
• 2013

Key escrow is a default property that is inherent in identity-based cryptography, where a curious private key generator (PKG) can derive a secret value shared by communicating entities in its domain. Therefore, a dishonest PKG can encrypt and decrypt ciphers or can carry out any attack on the communicating parties. Of course, the escrow property is not completely unwanted but is acceptable in other particular applications. On the other hand, in more civil applications, this key escrow property is undesirable and needs to be removed to provide maximum communication privacy. Therefore, this paper presents an escrow-free identity-based key agreement protocol that is also applicable even in a distinct PKG condition that does not use pairings. The proposed protocol has comparable computational and communicational performance to many other protocols with similar security attributes, of which their security is based on costly bilinear pairings. The protocol's notion was inspired by McCullagh et al. and Chen-Kudla, in regard to escrow-free and multi-PKG key agreement ideas. In particular, the scheme captures perfect forward secrecy and key compromise impersonation resilience, which were lacking in McCullagh et al.'s study, as well as all other desirable security attributes, such as known key secrecy, unknown key-share resilience and no-key control. The merit in the proposed protocol is the achievement of all required security requirements with a relatively lower computational overhead than many other protocols because it precludes pairings.

• Convergence Security Journal
• /
• 제12권4호
• /
• pp.49-55
• /
• 2012

In this paper, we consider the limit of the previous works for ad-hoc network, then propose a dynamic routing scheme which employs a 2-tier hierarchical structure. We adopt the advantages of proactive and reactive routing scheme for efficient network management. We define this method as NSDR(New Secure Dynamic Routing) scheme. We also propose a trustworthy authentication and key management for the proposed ad-hoc network. We currently study the possibility that ad-hoc networks can provide a service such as key management and authentication for the next generation mobile network.

• Journal of the Optical Society of Korea
• /
• 제19권6호
• /
• pp.592-603
• /
• 2015

In this paper, an optical implementation of a novel asymmetrical cryptosystem combined with D-H secret key sharing and triple DES is proposed. The proposed optical cryptosystem is realized by performing free-space interconnected optical logic operations such as AND, OR and XOR which are implemented in Mach-Zehnder type interferometer architecture. The advantage of the proposed optical architecture provides dual outputs simultaneously, and the encryption optical setup can be used as decryption optical setup only by changing the inputs of SLMs. The proposed cryptosystem can provide higher security strength than the conventional electronic algorithm, because the proposed method uses 2-D array data, which can increase the key length surprisingly and uses 3DES algorithm, which protects against “meet in the middle” attacks. Another advantage of the proposed asymmetrical cryptosystem is that it is free to change the user’s two private random numbers in generating the public keys at any time. Numerical simulation and performance analysis verify that the proposed asymmetric cryptosystem is effective and robust against attacks for the asymmetrical cipher system.

• Journal of KIISE:Information Networking
• /
• 제33권1호
• /
• pp.9-15
• /
• 2006

While a lot of important information is being sent and received on the Internet, the information could be exposed to many threats, and the more the Multicast Service is various and generalized, the more the service range is widened. When a new member joins in or leaves from the Multicast Group, the Group Key, which the existing member use for, should be newly updated. The existing method had a problem that the performance was depreciated by the key exchanging. This paper proposes the effective group management mechanism for a secure transmission of the Multicast Data on the Multicast Group.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• 제49권3호
• /
• pp.56-61
• /
• 2012

User authentication is a necessity to set up secure system which only an authorized user can use various resource on the Internet. Encryption is to provide data privacy. Also, searchable encryption is to provide both data privacy and efficient management of data by searching with a keyword. The public key based searchable encryption requires in advance the authentication of user's public key as well as the secure management of a publlic/private key of a user, respectively. In cloud, it is purpose to use cloud various resources by using various devices, meanwhile, it is not sufficient resource that some devices manage public/private keys and certificates and it is not easy to implement these clients. To solve this problem, we propose a password-based saerchable encryption using smart cards which are temper-resistant devices.

• International Commerce and Information Review
• /
• 제6권2호
• /
• pp.107-127
• /
• 2004

The rapid development of internet information technology has increased interest in e-Trade these days, but it is not activated greatly up to now. In order to promote e-Trade, it is essential to construct cooperative process such as connecting systems among trade related parties. Building e-Trade platform which is based on the infrastructure of the past trade automatic system is key point of promoting e-Trade. To do this, a study on the basic concept and specific components of e-Trade platform is needed absolutely. At this point of view, after this paper has examined domestic and foreign studies on the fundamental technologies about electronic commerce, it drew several key technologies that could be applied to e-Trade considering the current IT trend. Then it evaluates these technologies according to Technology Reference Model(TRM) of the National Computerization Agency. This will help us to show the operation strategy as well as the concept of future e-Trade platform and its composition. On the basis of the theoretical background, this paper classified NCA's technology model into 6 fields, which are application. data, platform, communication, security and management. Considering the key technologies, e-Trade platform has to be mutually connected and accept international standards such as XML. In the aspect of business side, trade relative agencies' business process as well as trading company's process has to be considered. Therefore, e-Trade platform can be classified into 3 parts which are service, infrastructure and connection. Infrastructure part is compared of circulating and managing system of electronic document, interface and service framework. Connecting service (application service) and additional service (application service) consist of service part. Connecting part is a linking mutual parts and can be divided into B2B service and B20 service. The organization operating this e-trade platform must have few responsibilities and requirements. It needs to positively accept existing infrastructure of trade automatic system and improving the system to complete e-trade platform. It also have to continuously develop new services and possess ability to operate the system for providing proper services to demanders. As a result, private sector that can play a role as TTP(Third Trust Party) is adequate for operating the system. In this case, revising law is necessary to support the responsibility and requirement of private sector.