• Proceedings of the Korean Institute of Building Construction Conference
• /
• 2011.11a
• /
• pp.201-203
• /
• 2011

The purpose of this study was to develop and evaluate of fire resistive cladding systems for HSC(high-strength concrete) column, which was mainly constructed with aerogel blanket insulation material. The aerogel blanket-fire protective gypsum board cladding system showed that it clearly secure the fire resistance performance of HSC column when the reinforcing measures had achieved for four cross-sectional edge sides of structure and the system is well continued during the test period with no significant deformation or separation etc. It was checked out the 20mm thickness cladding system consist with AG(5mm)+FGB(15mm) can secure 3hour-fire resistance performance adequately.

• Electronics and Telecommunications Trends
• /
• v.33 no.6
• /
• pp.94-106
• /
• 2018

A quantum key distribution (QKD) provides in principle an unconditional secure communication unlike the standard public key cryptography depending on the computational complexity. In particular, free-space QKD can give a secure solution even without a fiber-based infrastructure. In this paper, we investigate an overview of recent research trends in the free-space QKD system, including satellite and handheld moving platforms. In addition, we show the key components for a free-space QKD system such as the integrated components, single photon detectors, and quantum random number generator. We discuss the technical challenges and progress toward a future free- space QKD system and components.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.66 no.3
• /
• pp.486-492
• /
• 2017

In recent years, renewable energy sources have been mentioned as solution to environmental regulation and energy supply-demand. Energy storage systems are needed to mitigate the intermittent output characteristics of renewable energy sources and to operate micro grid efficiently using renewable energy generation systems. However, despite the necessity of energy storage system, this cannot secure the economical efficiency of the energy storage system by high initial cost. In this paper, a micro grid is constructed to supply electric power to industrial customers by using solar power generation system and energy storage system among renewable energy generation power sources and operated to improve energy independence. In the case study, we use photovoltaic system which is representative renewable energy generation system. Unlike conventional photovoltaic system, this system uses floating photovoltaic system with the advantage of having high output and no land area limitations. It is operated for the purpose of improving energy independence in the micro grid. In order to secure economical efficiency, the energy storage system operates a micro grid with a minimum capacity. Finally, this paper calculates the appropriate subsidy for the energy storage capacity.

• Journal of Digital Convergence
• /
• v.12 no.2
• /
• pp.513-518
• /
• 2014

According to the development of IT technology, various new technologies are being produced. As the complexity of the information system like using the network and convergence devices is increasing, threat and vulnerability against various security problems are increasing even though new IT services provide the convenience of users' accessibility to services. In order to secure the safety of information system, the weakness is being removed through the information protection vulnerability analysis starting from information and communication service construction stage and the system is being prepared for pre-inspection activities about whether the information protection measures were established and applied. In this paper, introduction and current status of each country about advanced check-up systems in the information system are to be identified. Progress direction about the advanced pre-inspection system which is driven by Korea Internet Security Agency and its activation plan to secure the safety are to be suggested.

• The KIPS Transactions:PartC
• /
• v.16C no.1
• /
• pp.37-50
• /
• 2009

The SCADA(Supervisory Control And Data Acquisition) system is a control system for infrastructure of nation. In the past, the SCADA system was designed without security function because of its closed operating environment. However, the security of the SCADA system has become an issue with connection to the open network caused by improved technology. In this paper we review the constraints and security requirements for SCADA system and propose advanced key management architecture for secure SCADA communications. The contributions of the present work are that our scheme support both message broadcasting and secure communications, while the existing key management schemes for SCADA system don't support message broadcasting. Moreover, by evenly spreading much of the total amount of computation across high power nodes (MTU or SUB-MTU), our protocol avoids any potential performance bottleneck of the system while keeping the burden on low power (RTU) nodes at minimal.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.12
• /
• pp.944-953
• /
• 2013

Recently, a storage media is becoming smaller and storage capacity is also becoming larger than before. However, important data was leaked through a small storage media. To solve these serious problem, many security companies manufacture secure USBs with secure function, such as data encryption, user authentication, not copying data, and management system for secure USB, etc. But various attacks, such as extracting flash memory from USBs, password hacking or memory dump, and bypassing fingerprint authentication, have appeared. Therefore, security techniques related to secure USBs have to concern many threats for them. The basic components for a secure USB are secure authentication and data encryption techniques. Though existing secure USBs applied password based user authentication, it is necessary to develop more secure authentication because many threats have appeared. And encryption chipsets are used for data encryption however we also concern key managements. Therefore, this paper suggests mutual device authentication based on PUF (Physical Unclonable Function) between USBs and the authentication server and key management without storing the secret key. Moreover, secure USB is systematically managed with metadata and authentication information stored in authentication server.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.3
• /
• pp.879-890
• /
• 2000

Designing a multilevel database application is a complex process, and the entities and their associated security levels must be represented using an appropriate model unambiguously. It is also important to capture the semantics of a multilevel databse application as accurate and complete as possible. Owing to the focus of the IDEA Methodology for designing the non-secure database applications on the data-intensive systems, the Object Model describes the static structure of the objects in an application and their relationships. That is, the Object Model in the IDEA Methodology is an extended Entity-Relationship model giving a static description of objects. The IDEA Methodology has not been developed the multilevel secure database applications, but by using an existing methodology we could take advantage of the various techniques that have already been developed for that methodology. That is, this way is easier to design the multilevel secure schema than to develop a new model from scratch. This paper adds the security features 새？ Object Model in the IDEA Methodology, and presents the transformation from this model to a multilevel secure object oriented schema. This schema will be the preliminary work which can be the general scheme for the automatic mapping to the various commercial multilevel secure database management system such as Informix-Online/Secure, Trusted ORACLE, and Sybase Secure SQL Server.

• Journal of Internet Computing and Services
• /
• v.23 no.3
• /
• pp.21-33
• /
• 2022

This paper is to suggest the secure secret sharing system in order to outstandingly reduce the damage caused by the leakage of the corporate secret. This research system is suggested as efficient P2P distributed system kept from the centrally controlled server scheme. Even the bitcoin circulation system is also based on P2P distribution scheme recenly. This research has designed the secure circulation of the secret shares produced by Threshold Shamir Secret Sharing scheme instead of the shares specified in the torrent file using the simple, highly scalable and fast transferring torrent P2P distribution structure and its protocol. In addition, this research has studied to apply both Shamir Threshold Secret Sharing scheme and the securely strong multiple user authentication based on Collaborative Threshold Autentication scheme. The secure transmission of secret data is protected as using the efficient symmetric encryption with the session secret key which is safely exchanged by the public key encryption. Also it is safer against the leakage because the secret key is effectively alive only for short lifetime like a session. Especially the characteristics of this proposed system is effectively to apply the threshold secret sharing scheme into efficient torrent P2P distributed system without modifying its architecture of the torrent system. In addition, this system guaranttes the confidentiality in distributing the secret file using the efficient symmetric encryption scheme, which the session key is securely exchanged using the public key encryption scheme. In this system, the devices to be taken out can be dynamically registered as an user. This scalability allows to apply the confidentiality and the authentication even to dynamically registerred users.

• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.97-105
• /
• 2019

With the possibility of wireless control of the aircraft by Nicola Tesla, Unmanned Aerial Vehicle(UAV) was mainly used for military and defense purposes with the rapid development through World War I and II. As civilian applications of unmanned aerial vehicles have expanded, they have been used with various services, and attempts have been made to control various environmental changes and risk factors of unmanned aerial vehicles. However, GPS spoofing, Jamming attack and security accidents are occurring due to the communication in the unmaned aerial vehicle system or the security vulnerability of the unmanned aerial vehicle itself. In order to secure introduction of Unmanned aerial vehicle, South Korea has established Unmanned Aerial Vehicle verification system called Airworthiness Certification. However, the existing cerfication system is more focused on test flight, design and structure's safety and reliability. In this paper, we propose a unmanned aerial vehicle system model and propose security functional requirements on unmanned aerial vehicle system in the corresponding system model for secure-introduction of Unmanned Aerial Vehicle. We suggest the development direction of verification technology. From this proposal, future development directions of evaluation and verification technology of Unmanned Aerial Vehicle will be presented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.909-928
• /
• 2020

From the early 1970s, the US government began to recognize that penetration testing could not assure the security quality of products. Results of penetration testing such as identified vulnerabilities and faults can be varied depending on the capabilities of the team. In other words none of penetration team can assure that "vulnerabilities are not found" is not equal to "product does not have any vulnerabilities". So the U.S. government realized that in order to improve the security quality of products, the development process itself should be managed systematically and strictly. Therefore, the US government began to publish various standards related to the development methodology and evaluation procurement system embedding "security-by-design" concept from the 1980s. Security-by-design means reducing product's complexity by considering security from the initial phase of development lifecycle such as the product requirements analysis and design phase to achieve trustworthiness of product ultimately. Since then, the security-by-design concept has been spread to the private sector since 2002 in the name of Secure SDLC by Microsoft and IBM, and is currently being used in various fields such as automotive and advanced weapon systems. However, the problem is that it is not easy to implement in the actual field because the standard or guidelines related to Secure SDLC contain only abstract and declarative contents. Therefore, in this paper, we present the new framework in order to specify the level of Secure SDLC desired by enterprises. Our proposed CIA (functional Correctness, safety Integrity, security Assurance)-level-based security-by-design framework combines the evidence-based security approach with the existing Secure SDLC. Using our methodology, first we can quantitatively show gap of Secure SDLC process level between competitor and the company. Second, it is very useful when you want to build Secure SDLC in the actual field because you can easily derive detailed activities and documents to build the desired level of Secure SDLC.