• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.949-960
• /
• 2019

Due to miniaturization of electronic devices and development of IoT(Internet of Things), embedded system have been used in various field. Meanwhile, there is a potential vulnerability by the insufficient of system's security. In this paper, we implement secure boot using TPM to protect the integrity of embedded system environment. The Suggestion considers the required availability in the embedded system and detects the system's tampering at secure boot process via TPM. In addition, we have reinforced the confidentiality through AES encryption of the kernel at secure boot.

• ETRI Journal
• /
• v.37 no.4
• /
• pp.696-706
• /
• 2015

This paper presents an achievable secure videoconferencing system based on quantum key encryption in which key management can be directly applied and embedded in a server/client videoconferencing model using, for example, OpenMeeting. A secure key management methodology is proposed to ensure both a trusted quantum network and a secure videoconferencing system. The proposed methodology presents architecture on how to share secret keys between key management servers and distant parties in a secure domain without transmitting any secrets over insecure channels. The advantages of the proposed secure key management methodology overcome the limitations of quantum point-to-point key sharing by simultaneously distributing keys to multiple users; thus, it makes quantum cryptography a more practical and secure solution. The time required for the encryption and decryption may cause a few seconds delay in video transmission, but this proposed method protects against adversary attacks.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.2
• /
• pp.59-63
• /
• 2017

Recently, Certificate has been loosed 100 times in a four years as Phising or hacking. The service that use certificate in financial services occurs practical and secure issues. Therefore, the Korea government abolished the mandatory system used in the certificate service. However, they did not provide a replacing method for a certificate. And is not to fill the gaps of the certificate with one time password or secure card. Therefore this paper is propose the alternative method with total authentication service, that is lead the more secure electronic commercial.

• Journal of Advanced Navigation Technology
• /
• v.14 no.2
• /
• pp.247-252
• /
• 2010

According to IT technology has evolved, a lot of information are moving through network. The correct internet users can obtain useful information. But incorrect users expose information and cause various damage for malicious purpose. To solve this problem, various information security products are being developed. For development of secure information security product, the development process should be secure. Also evaluation system is being used about product evaluation and security module for the assurance of secure product. In this paper, we proposed assurance system for secure development of information security product. Therefore this paper proposed more secure product development and assurance scheme.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.8
• /
• pp.1855-1860
• /
• 2010

This paper describes construction of web services system for secure message transmission appling web services standards. This system composes single sign on module, SSL module and secure message module. We applied these modules to price comparison site. Single sign on module used SAML standards. This module was designed, in order to provide authentication and authorization. As SSL module processes message encryption among end to end, messages of this system are secure. Secure message module is designed according to WS-Security standards and processes authentication, XML signature and XML encryption.

• 한국경영정보학회:학술대회논문집
• /
• 2007.06a
• /
• pp.646-651
• /
• 2007

Secure digital payment is critical in the successful shaping of global digital business. Digital payments are increasingly being used as a substitute to traditional payments, contributing markedly to the efficiency of the economy. The focus of every digital business transaction is to minimize risks arising from transactions. It is essential to ensure the security of digital payment whether used in internal networks or over wireless Internet. This paper analyses secure digital payment methods from the viewpoint of systemic security and transaction security. According to comparative analysis of digital payment models, this paper proposes a comparative analysis framework to investigate and evaluate secure digital payment. In conclusion, the comparative analysis framework, comparison of digital payment models and mobile payment models proposes a useful academic and practical foundation to enhance the understanding of secure digital payment methods. It also provides academic background and practical guidelines for the development of secure digital payment systems.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.10
• /
• pp.4923-4939
• /
• 2019

In this paper, a secure transmission scheme based on the artificial noise is proposed for D2D communications underlaying the full-duplex cellular network, and a secure power allocation scheme to maximize the overall secrecy rate of both the cellular user and D2D transmitter node is presented. Firstly, the full-duplex base station transmits the artificial noise to guarantee the secure communications when it receives signals of cellular uplinks. Under this secure framework, it is found that improving the transmission power of the cellular user or the D2D transmitter node will degrade the secrecy rate of the other, although will improve itself secrecy rate obviously. Hence, a secure power allocation scheme to maximize the overall secrecy rate is presented subject to the security requirement of the cellular user. However, the original power optimization problem is non-convex. To efficiently solve it, we recast the original problem into a convex program problem by utilizing the proper relaxation and the successive convex approximation algorithm. Simulation results evaluate the effectiveness of the proposed scheme.

• Journal of Korean Society for Quality Management
• /
• v.47 no.1
• /
• pp.151-162
• /
• 2019

Purpose: This study is in order to secure high quality of military supplies, it is important to secure design quality in the development phase. I will review how to establish a quality assurance system in the development phase based on the author's seminar presentation contents and application example of Hanwha Systems Co., Ltd. Methods: To guarantee design quality in the development phase, in 2002, quality assurance system that is adequate for SQA(Software Quality Assurance)'s requirements of CMM(Capability Maturity Model) was conduct. In 2009, based on the CMMI(Capability Maturity Model Integration) Level 5, there has been continuous and reenforced quality assurance activities. Results: By suggesting the construction and a case study on application of R&D quality assurance, it would be helpful for companies aiming to construct or enhance quality assurance system. Conclusion: To secure high quality for military supplies, a development QA system should be established to secure quality in the development phase. In addition, Total life cycle QA system for development, mass production and operation phase should be reestablished.

• Journal of Convergence Society for SMB
• /
• v.4 no.3
• /
• pp.21-25
• /
• 2014

Group communications are becoming popular in Internet applications such as video conferences, on-line chatting programs, games, and gambling. Secure and efficient group communication is needed for message integration, confidentiality, and system usability. However, the conventional group key agreement protocols are too much focused on minimizing the computational overhead by concentrating on generating the common group key efficiently for secure communication. As a result, the common group key is generated efficiently but a failure in authentication allows adversaries to obtain valuable information during the group communication. After achieving the secure group communication, the secure group communication should generate the group key efficiently and distribute it to group members securely, so the balance of security and system usage must be considered at the same time. Therefore, this research proposes the software architecture model of a secure and efficient group communication that will be imbedded into networking applications.

• The KIPS Transactions:PartC
• /
• v.11C no.7 s.96
• /
• pp.999-1008
• /
• 2004

The Jini system provides an infrastructure to facilitate a programmer to develop distributed systems. As one of the Jini services, JavaSpare has been used as a repository which is accessible publicly in the Java distributed environment. Although JavaSpace could give a useful method for saving and sharing java object, it would not be applicable to develop a distributed system requiring access securities for the objects because JavaSpare does not support secure access control. In this paper, we present a secure JavaSpare service based on Jini2.0 named SeureJS, which strengthens the security weakness of JavaSpare. The system consists of ObjectStore to store Java objects, AccessManager to control access of ObjectStore and KeyManager to manage public keys.