• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.11
• /
• pp.5537-5555
• /
• 2017

Having the characteristics of unlinkability, anonymity, and unforgeability, blind signatures are widely used for privacy-related applications such as electronic cash, electronic voting and electronic auction systems where to maintain the anonymity of the participants. Among these applications, the blinded message is needed for a certain purpose by which users delegate signing operation and communicate with each other in a trusted manner. This application leads to the need of proxy blind signature schemes. Proxy blind signature is an important type of cryptographic primitive to realize the properties of both blind signature and proxy signature. Over the past years, many proxy blind signature algorithms have been adopted to fulfill such task based on the discrete logarithm problem (DLP) and the elliptic curve discrete log problem (ECDLP), and most of the existing studies mainly aim to provide effective models to satisfy the security requirements concerning a single blinded message. Unlike many previous works, the proposed scheme applies the signcryption paradigm to the proxy blind signature technology for handling multiple blinded messages at a time based on elliptic curve cryptography (ECC). This innovative method thus has a higher level of security to achieve the security goals of both blind signature and proxy signature. Moreover, the evaluation results show that this proposed protocol is more efficient, consuming low communication overhead while increasing the volume of digital messages compared to the performance from other solutions. Due to these features, this design is able to be implemented in small low-power intelligent devices and very suitable and easily adoptable for e-system applications in pervasive mobile computing environment.

• Tunnel and Underground Space
• /
• v.21 no.1
• /
• pp.20-32
• /
• 2011

Failure aspects of cut-slope, which induce the sequential collapses during the excavation stage, have been analyzed. Slope rock structures are investigated by examining the orientations and positions of discontinuity planes calculated based on the BIPS image inside the boreholes. Drilled core log has been also used to identify the structural defects. Clay minerals of swelling potentials are detected through XRD analysis. Numerical analysis for slope stability has been performed by utilizing the joint shear strength acquired from the direct joint shear test. Cut-slope collapse characteristics have been studied by investigating the posture of failure-prawn joint planes and the stability of tetrahedral blocks of different sizes. Cross-section analysis has been also performed to analyze the cut-slope behavior and to estimate the amount of reinforcement required to secure the stability of cut-slope. Behavior of reinforced cut-slope is also investigated by analyzing the slope monitoring data.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.113-119
• /
• 2004

Exponentiation is widely used in practical applications related with cryptography, and as the discrete log is easily solved in case of a low exponent n, a large exponent n is needed for a more secure system. However. since the time complexity for exponentiation algorithm increases in proportion to the n figure, the development of an exponentiation algorithm that can quickly process the results is becoming a crucial problem. In this paper, we propose a parallel exponentiation algorithm which can reduce the number of rounds with a fixed number of processors, where the field elements are in GF($2^m$), and also analyzed the round bound of the proposed algorithm. The proposed method uses window method which divides the exponent in a particular bit length and make idle processors in window value computation phase to multiply some terms of windows where the values are already computed. By this way. the proposed method has improved round bound.

• International Journal of Computer Science & Network Security
• /
• v.23 no.2
• /
• pp.199-202
• /
• 2023

Carriage return (CR) and line feed (LF), also known as CRLF injection is a type of vulnerability that allows a hacker to enter special characters into a web application, altering its operation or confusing the administrator. Log poisoning and HTTP response splitting are two prominent harmful uses of this technique. Additionally, CRLF injection can be used by an attacker to exploit other vulnerabilities, such as cross-site scripting (XSS). Email injection, also known as email header injection, is another way that can be used to modify the behavior of emails. The Open Web Application Security Project (OWASP) is an organization that studies vulnerabilities and ranks them based on their level of risk. According to OWASP, CRLF vulnerabilities are among the top 10 vulnerabilities and are a type of injection attack. Automated testing can help to quickly identify CRLF vulnerabilities, and is particularly useful for companies to test their applications before releasing them. However, CRLF vulnerabilities can also lead to the discovery of other high-risk vulnerabilities, and it fosters a better approach to mitigate CRLF vulnerabilities in the early stage and help secure applications against known vulnerabilities. Although there has been a significant amount of research on other types of injection attacks, such as Structure Query Language Injection (SQL Injection). There has been less research on CRLF vulnerabilities and how to detect them with automated testing. There is room for further research to be done on this subject matter in order to develop creative solutions to problems. It will also help to reduce false positive alerts by checking the header response of each request. Security automation is an important issue for companies trying to protect themselves against security threats. Automated alerts from security systems can provide a quicker and more accurate understanding of potential vulnerabilities and can help to reduce false positive alerts. Despite the extensive research on various types of vulnerabilities in web applications, CRLF vulnerabilities have only recently been included in the research. Utilizing automated testing as a recurring task can assist companies in receiving consistent updates about their systems and enhance their security.

• Korean Journal of Heritage: History & Science
• /
• v.48 no.2
• /
• pp.120-141
• /
• 2015

This paper is a preliminary study of architectural characteristics of Jangdae (general's podium), which shows one of the technical changes in fortification of Joseon Dynasty. As a facility for commands of generals and training for officers and men, it was located inside a fortress. Although it is not certain when the first Jangdae was built, the number of them dramatically increased around 18th century. Since the top priority function of the Jangdae was the prospect, it was installed at the hilly spot with open architecture. In addition, the open structure of Eupseong fortress towers on the riverside banks could simultaneously offer the functions as viewing around and Jangdae. Since Jangdae was also a place for military drills and reviews of soldiers, a wide podium was positioned at the front to muster the soldiers. This feature was standardized in the space organization of Jangdae in Joseon, and a mere podium was installed unless the topographic restrictions allows enough space. On the other hand, as a place for a commander, the hierarchy of the Jangdae was revealed through a variety of architectural characteristics. The hierarchy was assigned to the commander's space through the altitude difference, and diverse ornaments were added to show a sense of class. The floor plan of the Jangdae building can be largely categorized into rectangle and square, and the typical sizes of the former are $5{\times}4$ Kans (traditional measuring unit between two columns) and $3{\times}2$ Kans. Out of these two types, buildings of $5{\times}4$ Kans were found in flat land and eupseong fortresses with large space, and the relatively smaller ones of $3{\times}2$ Kans in mountain fortresses. All buildings of square floor plan had $3{\times}3$ Kans style, and the center Kan was twice wider than the side Kan to make the central space wide. It seems that the purpose was to secure the interior space of the upper story because the center Kan accounts for the floor area of the upper story. Some Jangdae's had internal story to form overhead space. The multi-roofed tower style with eaves attached to the upper and lower story is found exclusively in Jangdae. The buildings shows the Onkanmulim style which extends Naejinju (inner column) of the lower story to be the Byeonju (outer column) of the upper story, and the log-framed floor in the upper floor was structured by inserting the Changbang (connecting beam) between the Naejinju's and joining the log frames. In addition, the towers in eupseong fortresses had log-framed floor in the upper floor by setting up the high Nuhaju (column underneath a roof) and joining Cheongbang to the upper part of the column while it cannot be regarded as multi-roofed because only the upper part has a roof.

• Membrane Journal
• /
• v.27 no.3
• /
• pp.248-254
• /
• 2017

In order to secure the reliability of pathogenic microorganisms such as Cryptosporidium and Giaridia, which are chlorophilic protozoans, membrane filtration systems have been widely used in water purification process. hese integrity tests are classified into direct and indirect methods. Based on the bubble point theory, the pressure-based test in the direct method is presented in the USEPA Guidance Manual with sensitivity to detect a minimum size of pathogenic microorganisms of $3{\mu}m$ or more. Indirect methods are widely used in that they are capable of continuous operation in on-line state, but there is a very low sensitivity of damage detection compared to the direct method, and there is a limit that can not specify the damage area, so it is necessary to improve this sensitivity. In this study, we compared the LRVDIT and UCL values according to the type of membrane defect, number of fiber breaks, and initial set pressure value through the Integrity Test by Pressure Decay Test (PDT).

• Journal of Digital Convergence
• /
• v.16 no.3
• /
• pp.201-210
• /
• 2018

WorldJob+, being operated by The Human Resources Development Service of Korea, provides a recruitment support services to overseas companies wanting to hire talented Korean applicants and interns, and support the entire course from overseas advancement information check to enrollment, interview, and learning for young job-seekers. More than 300,000 young people have registered in WorldJob+, an overseas united information network, for job placement. To innovate WorldJob+'s services for young job-seekers, Splunk, a powerful platform for analyzing machine data, was introduced to collate and view system log files collected from its website. Leveraging Splunk's built-in data visualization and analytical features, WorldJob+ has built custom tools to gain insight into the operation of the recruitment supporting service system and to increase its integrity. Use cases include descriptive and predictive analytics for matching up services to allow employers and job seekers to be matched based on their respective needs and profiles, and connect jobseekers with the best recruiters and employers on the market, helping job seekers secure the best jobs fast. This paper will cover the numerous ways WorldJob+ has leveraged Splunk to improve its recruitment supporting services.

• Journal of Environmental Health Sciences
• /
• v.40 no.2
• /
• pp.88-97
• /
• 2014

Objectives: The aim of this study was to evaluate the occurrence of microbiological contamination of kitchen utensils and environments of food service operations at university located in Seoul, Korea. Methods: We collected swab samples from the surfaces of knives, chopping boards, floors, and drains, as well as drinking water and airborne bacteria samples from 20 food service operations. Three bacterial indicators and five food poisoning bacteria were measured quantitatively and qualitatively, respectively. We used selective culture media and the PCR assay targeting 16S rRNA gene for the microbiological analysis. Results: We detected bacterial indicators on knives or chopping boards in eight different food service operations and, three food service operations (I, M, and O) showed more than 3 log colony forming units $(CFU)/100cm^2$ on their knives, significantly higher than the others. The levels of bacterial indicators on the floors and drains in the cooking areas were much higher than those on the cooking utensils. S. aureus was detected on 10 floors and 8 drains. Culturable bacteria were identified in 5 drinking water samples, and food service operation B ($431.1CFU/m^3$) and C ($551.2CFU/m^3$) showed more than $400CFU/m^3$ of total airborne bacteria. Conclusions: These results suggest that some of food service operations in this study may require additional investigation to secure the microbial safety of cooking environments. In addition, further actions including hygiene education for employees and proper guidelines to maintain clean cooking environments should be prepared.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.12
• /
• pp.143-152
• /
• 2014

This paper introduces Database security to prevent the rapidly increasing issue of private information leakage. The Database security examined in the paper separates into DB access control area and DB encryption area which further leads the paper to analyze the factors of the two areas and suggest necessary elements for creating stable Database security. In addition, the paper examines previous DB security programs by areas and analyzes pros and cons from the tested result. The experiment indicated that while DB access control presents less degradation and reduced the need to modify the existing DBMS since the access control operates at the end point of the network, DB encryption presented strength in protecting the data from unauthorized access. On the other hand, DB access control is less useful in preventing the attack in advance which leaves the log to enable tracking afterward while DB encryption can only be operated by limited types of Database and causes degradation due to system load and shows higher percentage of failure when creating the system. This paper examines characteristics of Database security areas in order to be used as a reference for institutions or companies seeking stable Database security.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.747-754
• /
• 2003

Thia paper suggests a milti user-authentication system comprises that DNA biometric informatiom, owner's RFID(Radio Frequency Identification) smartcard of hardware token, and PKI digital signqture of software. This system improved items proposed in [1] as follows : this mechanism provides one RFID smartcard instead of two user-authentication smartcard(the biometric registered seal card and the DNA personal ID card), and solbers user information exposure as RFID of low proce when the card is lost. In addition, this can be perfect multi user-autentication system to enable identification even in cases such as identical twins, the DNA collected from the blood of patient who has undergone a medical procedure involving blood replacement and the DNA of the blood donor, mutation in the DNA base of cancer cells and other cells. Therefore, the proposed system is applied to terminal log-on with RFID smart card that stores accurate digital DNA biometric information instead of present biometric user-authentication system with the card is lost, which doesn't expose any personal DNA information. The security of PKI digital signature private key can be improved because secure pseudo random number generator can generate infinite one-time pseudo randon number corresponding to a user ID to keep private key of PKI digital signature securely whenever authenticated users access a system. Un addition, this user-authentication system can be used in credit card, resident card, passport, etc. acceletating the use of biometric RFID smart' card. The security of proposed system is shown by statistical anaysis.