• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.4C
• /
• pp.197-206
• /
• 2011

In the RFID system, bulk tag information is stored into the back-end database as plaintext format not ciphertext. In this case, the tags's private informations can be easily compromised by an external hacker or an insider attacker. If the private informations of tags disclosed by the attackers, it can occur serious privacy invasion problem. Recently the database(DB) security is an important issue to prevent the above DB compromised attack. However, DB security for RFID systeme has not been considered yet. If we use the DB security technique into the RFID system, the above described privacy invasion' problem can be easily prevented. Based on this motivation, this paper proposes a secure and efficient back-end database security and authentication(S-DB) scheme with XOR-based encryption/decryption algorithm. In the proposed scheme, all tag's private information is encrypted and stored by using the DB secret key to protect the DB compromised attack. As a result, the proposed S-DB scheme 'can provide stronger security and more efficiency for the secure RFID system environment.

• The Journal of Information Technology
• /
• v.10 no.3
• /
• pp.93-120
• /
• 2007

A Smart Home is a technically expanded from home network that gives us a comfortable life. But still there is a problem such as mal function of devices and intrusions by malicious parties since it is based on home network. The intrusion by malicious parties causes a critical problem to the individual's privacy. Therefore to take legal actions against to the intruders, the intrusion evidence collecting and managing technology are widely researched in the world. The evidence collecting technology uses the system which was damaged by intruders and that system is used as evidence materials in the court of justice. However the collected evidences are easily modified and damaged in the gathering evidence process, the evidence analysis process and in the court. That's why we have to prove the evidence's integrity to be valuably used in the court. In this paper, we propose a mechanism for securing the reliability and the integrity of digital evidence that can properly support the Computer Forensics. The proposed mechanism shares and manages the digital evidence through mutual authenticating the damaged system, evidence collecting system, evidence managing system and the court(TTP: Trusted Third Party) and provides a secure access control model to establish the secure evidence management policy which assures that the collected evidence has the corresponded legal effect.

• Proceedings of the KSR Conference
• /
• 2007.11a
• /
• pp.1551-1559
• /
• 2007

Seoul Metro has been constructing the screen doors on the platforms to provide safe and comfort environments. The screen doors of each station are configured so that they can be operated in automatic mode in connection with ATC/ATO through the integrated control panel in the station control room and in manual mode through the control panel of the station control room and crew control panel. These systems have been implemented with different data communication protocols between systems, HMI configuration, and so on due to ordering processes, implementation time and diverse suppliers, and manufactured to be operated within single station. Seoul Metro has been planning to implement the integrated control system to secure seamless train operation and safety and to have a fast response system against emergency situations such as PSD failure and fire, by implementing the system that is able to collectively manage, monitor and control the operation status and equipment conditions of PSD on to the integrated control center. This paper has studied a scheme to reduce the budget for the future facility constructions by standardizing the data format for data communication with the integrated station control panel and using the open standard protocols, in order to secure consistency of operation, system expansion and maintenance with unified and standardized control items.

• Journal of KIISE:Information Networking
• /
• v.31 no.2
• /
• pp.207-216
• /
• 2004

IPsec protocol has been developed to provide security services to Internet. Recently IPsec is implemented on the various operating systems Hence, it is very important to evaluate the stability of the Ipsec protocol as well as other protocols that provide security services. However, there has been little effort to develop the tools that require to evaluate the stability of IPsec protocols. Therefore, in this paper, we develope the security requirements and suggest a security evaluation system for the Internet packet protection protocols that provide security services at the If level that can be used to check if the security protocols Provide the claimed services correctly This system can be used as debugging tool for developing IPsec based security system.

• Korean System Dynamics Review
• /
• v.3 no.2
• /
• pp.49-68
• /
• 2002

The intent of this study is to develop system dynamics model for assessment of organizational and human factors in nuclear power plant which can contribute to secure the nuclear safety. Previous studies are classified into two major approaches. One is engineering approach such as ergonomics and probability safety assessment(PSA). The other is social science approach such like sociology, organization theory and psychology. Both have contributed to find organization and human factors and to present guideline to lessen human error in NPP. But, since these methodologies assume that relationship among factors is independent they don't explain the interactions among factors or variables in NPP. To overcome these limits, we have developed system dynamics model which can show cause and effect among factors and quantify organizational and human factors. The model we developed is composed of 16 functions of job process in nuclear power, and shows interactions among various factors which affects employees' productivity and job quality. Handling variables such like degree of leadership, adjustment of number of employee, and workload in each department, users can simulate various situations in nuclear power plant in the organization side. Through simulation, user can get insight to improve safety in plants and to find managerial tools in the organization and human side. Analyzing pattern of variables, users can get knowledge of their organization structure, and understand stands of other departments or employees. Ultimately they can build learning organization to secure optimal safety in nuclear power plant.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.6 no.1
• /
• pp.70-75
• /
• 2002

Video conference system has guided swiftness of information transmission and business processing taking away time and manufacturing drug of space that is happened that long-distance people gather and talk. But, leakage of important meeting contents, peculation etc.. in that execute video -conferences can happen. Therefore, research about video conference system of safety is progressing under secure superhigh speed information communication fetters. This treatise studied about techniques to encipher videotex to prevent variation and outward flow of burn information, peculation etc.. except general encryption notation such as user certification to have drawn problem about stability of general video conference system, and is used present as countermeasure about here. Used improved Vernam's encryption techniques to encrypt videotex.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.2
• /
• pp.41-46
• /
• 2016

Fast growth of smartphone technology and advent of Fintech enabled smartphones to deal with more sensitive information. Although many devices applying biometric technology are released as a step for protecting sensitive information securely, there can be potential vulnerabilities if security is not considered at the design stage of a biometric system. By analyzing the potential vulnerabilities, we classify threats in biometric system design process on smartphones and we propose the design requirements for solving these problems. In addition, we propose a framework for secure biometric system design on smartphone by synthesizing the design requirements.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.11
• /
• pp.5588-5613
• /
• 2018

Virtualization technology has been widely applied in the area of computer security research that provides a new method for system protection. It has been a hotspot in system security research at present. Virtualization technology brings new risk as well as progress to computer operating system (OS). A multi-level perception security model using virtualization is proposed to deal with the problems of over-simplification of risk models, unreliable assumption of secure virtual machine monitor (VMM) and insufficient integration with virtualization technology in security design. Adopting the enhanced isolation mechanism of address space, the security perception units can be protected from risk environment. Based on parallel perceiving by the secure domain possessing with the same privilege level as VMM, a mechanism is established to ensure the security of VMM. In addition, a special pathway is set up to strengthen the ability of information interaction in the light of making reverse use of the method of covert channel. The evaluation results show that the proposed model is able to obtain the valuable risk information of system while ensuring the integrity of security perception units, and it can effectively identify the abnormal state of target system without significantly increasing the extra overhead.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.177-186
• /
• 2003

DRM(Digital Rights Management) is a technology that manages secure distributions and copyrights of digital contents on the Internet. It is general giving the rights to use the encrypted contents that are downloaded by a simple authorization process in the existing DRM system. Once this is done you are allowed to access. In this paper, we use RTP(Real-time Transport Protocol) for end-to-end real-time data transmission. And the system is designed to make it Possible to Protect copyrights and to distribute contents with safety through periodic authentication. We implemented DRM system to stand this basis. The proposed system vests only authorized users with authority to access the license. Hence it prevents contents to be distributed and copied illegally on networks.

• Journal of the Korean Society of Industry Convergence
• /
• v.26 no.3
• /
• pp.401-409
• /
• 2023

Oscillating water column (OWC) type wave power generator system is a power generation system that uses wave energy, a sustainable and renewable energy source. Irregular cycles and wave heights act as factors that make it difficult to secure generation efficiency of the wave power generator system. Recently, research for improving power generation efficiency is being conducted by applying digital twin technology to OWC type wave energy converter system. However, digital twin using sensor data can predict erroneous performance due to uncertainty in the sensor data. Therefore, this study proposes an uncertainty analysis method for sensor data which is used in digital twin to secure the reliability of digital twin prediction results. Uncertainty quantification considering sensor data characteristics and future uncertainty information according to uncertainty propagation were derived mathematically, and confidence interval estimation was performed based on the proposed method.