• Journal of the Society of Disaster Information
• /
• v.17 no.1
• /
• pp.176-183
• /
• 2021

Purpose: The introduction of smart factories that reflect the 4th industrial revolution technologies such as AI, IoT, and VR, has been actively promoted in Korea. However, in order to solve various problems arising from existing file-based operating systems, this research will focus on identifying and verifying non-file system-based data protection technology. Method: The research will measure security storage that cannot be identified or controlled by the operating system. How to activate secure storage based on the input of digital key values. Establish a control unit that provides input and output information based on BIOS activation. Observe non-file-type structure so that mapping behavior using second meta-data can be performed according to the activation of the secure storage. Result: First, the creation of non-file system-based secure storage's data input/output were found to match the hash function value of the sample data with the hash function value of the normal storage and data. Second, the data protection performance experiments in secure storage were compared to the hash function value of the original file with the hash function value of the secure storage after ransomware activity to verify data protection performance against malicious ransomware. Conclusion: Smart factory technology is a nationally promoted technology that is being introduced to the public and this research implemented and experimented on a new concept of data protection technology to protect crucial data within the information system. In order to protect sensitive data, implementation of non-file-type secure storage technology that is non-dependent on file system is highly recommended. This research has proven the security and safety of such technology and verified its purpose.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.3
• /
• pp.251-255
• /
• 2008

In most file systems, if a file is deleted, only the metadata of the file is deleted or modified and the file's data is still stored on the physical media. Some users require that deleted files no longer be accessible. This requirement is more important in embedded systems that employ flash memory as a storage medium. In this paper, we propose a secure deletion method for NAND flash file system and apply the method to YAFFS. Our method uses encryption to delete files and forces all keys of a specific file to be stored in the same block. Therefore, only one erase operation is required to securely delete a file. Our simulation results show that the amortized number of block erases is smaller than the simple encryption method. Even though we apply our method only to the YAFFS, our method can be easily applied to other NAND flash file systems.

• Journal of Digital Contents Society
• /
• v.16 no.2
• /
• pp.299-306
• /
• 2015

In this paper, we research to secure stability of data storing/searching on NoSQL implemented on Distributed File System. When implementing NoSQL on Distributed File System, we faced that random write on Distributed File System is almost impossible. To solve this problem, a concept of Intermediate-File was employed, and then it has been achieved that our system resist any failure circumstance. Additionally, since we discovered its performance cannot be as fast as general File System, by redefining the file block unit for our NoSQL system, we have prevented a slowdown in system performance. As a result, we are able to develop highly scalable NoSQL as Distributed File System, which fulfills basic conditions of transaction: Atomicity, Consistency, Isolation, and Performance.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.4B
• /
• pp.288-299
• /
• 2012

To ensure data confidentiality and fine-grained access control in business environment, system model using KP-ABE(Key Policy-Attribute Based Encryption) and PRE(Proxy Re-Encryption) has been proposed recently. However, in previous study, data confidentiality has been effected by decryption right concentrated on cloud server. Also, Yu's work does not consider a access privilege management, so existing work become dangerous to collusion attack between malicious user and cloud server. To resolve this problem, we propose secure system model against collusion attack through dividing data file into header which is sent to privilege manager group and body which is sent to cloud server and prevent modification attack for proxy re-encryption key using d Secret Sharing, We construct protocol model in medical environment.

• Journal of the Korean Association of Geographic Information Studies
• /
• v.26 no.4
• /
• pp.67-79
• /
• 2023

Service environments through laptops, smart devices, and various IoT devices are developing very rapidly. Recent security measures in these Internet environments mainly consist of network application level solutions such as firewall(Intrusion Prevention Systems) and IDS (intrusion detection system). In addition, various security data have recently been used on-site, and issues regarding the management and destruction of such security data have been raised. Products such as DRM(Digital Rights Management) and DLP(Data Loss Prevention) are being used to manage these security data. However despite these security measures, data security measures taken out to be used in the field are operated to the extent that the data is encrypted, delivered, and stored in many environments, and measures for encryption key management or data destruction are insufficient. Based on these issues we aim to propose a SecureOS Module, an OS-based security module. With this module users can manage and operate security data through a consistent interface, addressing the problems mentioned above.

• Journal of Internet of Things and Convergence
• /
• v.2 no.3
• /
• pp.43-51
• /
• 2016

In this paper, we have developed Crypft+ as an enhanced file encryption/decryption system to improve the security of IoT system or individual document file management process. The Crypft+ system was developed as a core security module using Python, and designed and implemented a user interface using PyQt. We also implemented encryption and decryption function of important files stored in the computer system using AES based symmetric key encryption algorithm and SHA-512 based hash algorithm. In addition, Cx-Freezes module is used to convert the program as an exe-based executable code. Additionally, the manual for understanding the Cryptft+ SW is included in the internal program so that it can be downloaded directly.

• The KIPS Transactions:PartC
• /
• v.18C no.6
• /
• pp.369-378
• /
• 2011

To ensure data confidentiality and fine-grained access control in business environment, system model using KP-ABE(Key Policy-Attribute Based Encryption) and PRE(Proxy Re-Encryption) has been proposed recently. However, in previous study, data confidentiality has been effected by decryption right concentrated on cloud server. Also, Yu's work does not consider a access privilege management, so existing work become dangerous to collusion attack between malicious user and cloud server. To resolve this problem, we propose secure system model against collusion attack through dividing data file into header which is sent to privilege manager group and body which is sent to cloud server. And we construct the model of access privilege management using AONT based XOR threshold Secret Sharing, In addition, our scheme enable to grant weight for access privilege using XOR Share. In chapter 4, we differentiate existing scheme and proposed scheme.

• Proceedings of the Korean Institute of Building Construction Conference
• /
• 2011.05a
• /
• pp.145-148
• /
• 2011

As a futuristic construction model, building information model(BIM) based project management system(PMIS) and mobile PMIS have been showing visible sign. However, researches on the 3D BIM based PMIS using mobile device are hard to find, result from limitation of mobile device application(slow speed at huge BIM file, display size, and etc.) and undefined standard of business processes. Therefore, this research aims at studying feasibility of mobile BIM PMIS based on cloud computing as a business model. In case of applying mobile BIM PMIS, 3D drawings and integrated building informations are possible on mobile devices in real time. it would support increasing the productivity of project participants as designer, engineer, supervisor, and etc. Globally, BIM based PMIS and Mobile BIM system, cloud computing based mobile BIM simulator are in the concept or experimental phase, therefore it is possible to secure global leading technology of IT and construction merger in the mobile BIM.

• The KIPS Transactions:PartC
• /
• v.10C no.4
• /
• pp.387-396
• /
• 2003

Many studies have been done on secure kernel and encryption filesystem for system security. Secure kernel can protect user or system data from unauthorized and/or illegal accesses by applying various access control policy like ACL, MAC, RBAC and so on, but cannot protect user or system data from stealing backup media or disk itself. In addition to access control policy, there are many studies on encryption filesystem that encrypt file data within system level. However few studies have been done on combining access control policy and encryption filesystem. In this paper we proposed a new encryption filesystem that provides a transparency to the user by integrating encryption service into virtual filesystem layer within secure kernel that has various access control policies. Proposed encryption filesystem can provide a simple encryption key management architecture by using encryption keys based on classes of MAC policy and overcome a limit of physical data security of access control policy for stealing.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.1B
• /
• pp.73-85
• /
• 2004

SIn this paper, we introduce our experience for designing and implementing new concept of a global XML-based Peer-to-Peer (P2P) engine to support various P2P applications, and interconnection among PC, Web and mobile computing environments. The proposed P2P engine can support to heterogeneous data exchanges and web interconnection by facilitating with the text-base XML while message exchange are necessary. It is also to provide multi-level security functions as well as to apply different types of security algorithms. The system consist of four modules; a message dispatcher to scheduling and filtering the message, a SecureNet to providing security services and data transmission, a Discovery Manager to constructing peer-to-peer networking, and a Repository Manager to processing data management including XML documents. As a feasibility test, we implement various P2P services such as chatting as a communication service, white-board as an authoring tool set during collaborative working, and a file system as a file sharing service. We also compared the proposed system to a Gnutella in order to measure performance of the systems.