• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.05a
• /
• pp.1075-1078
• /
• 2005

The Global IT revolution is growing rapidly. Government and business have to be ready to meet the increased demand for effective and secure online services. With the E-Government practicing, day-by-day the public demand is also increasing simultaneously. Now this present moment, one of important research part is secure E-Voting for E-Government service, but for this important factor or Government Issue, it needs information privacy for secure information transaction of citizen’s opinions and secure authentication. This paper has analyzed several approaches E-voting protocols, those are implemented with many digital signature mechanism and maintained many types of cryptographic rules, which are main factor for information privacy. In this paper we have discussed them with a view to voter anonymity and protection from manipulations. The paper then developed an algorithm designed to guarantee anonymity of the voter and to avoid the risk of manipulation of votes. In this paper the proposed algorithm is based upon the strict separation of voter’s registration and submission of votes, which means that certain information has to be stored on a secure storage media.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38C no.8
• /
• pp.651-662
• /
• 2013

In this study, we suggest the selecting evaluation method considering 6 major factors like Compliance system application (Development language conformance, Platform Compliance), threat evaluation (criticality of security incident, possibility of security incident), application benefit (Reliability / quality improvement, Modify Cost) for appropriate secure coding rule selecting evaluation. Using this method, we selected and make a set consist of 197 secure coding rules for Battlefield Management System Software. And calculated the application priority for each rules.

• Journal of Advanced Navigation Technology
• /
• v.14 no.6
• /
• pp.970-974
• /
• 2010

According to IT technology has evolved, smart phone rapidly propagates for mobility. A smart phone user acquires useful information, but attackers generate various damage. For example, an attacker must distribute to expose the privacy of others. To solve this problem, various information security products are being developed. In addition, information security has been strengthened. In this paper, we propose a scheme for secure use of smart phone. For development of secure smart phone, the development processes should be secure. In addition, we propose an information security production certification system for secure smart phone security.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.15 no.2
• /
• pp.11-17
• /
• 2019

As interest in the efficiency use of energy has been recently rising, studies have been performed in utilizing various types of eco-friendly green energy and natural energy. Especially there has been rapidly increase in the fields using ESS (Energy Storage System), which is the technology for storing the energy from nature. The application fields of ESS is continuously growing and expanding to various types of technologies. However, in recent years there have been continuing problems with the safety of ESS. And related researches are going on. In this paper, we has proposed a system structure to utilize more secure ESS and has monitored the system status of ESS in real time by using smart phone app. This paper has also proposed a new method to configure secure ESS by implementing GUI (Graphical User Interface) to control the system. And then explain experimental results to investigate the efficiency of the proposed ESS.

• Journal of the Society of Disaster Information
• /
• v.17 no.1
• /
• pp.176-183
• /
• 2021

Purpose: The introduction of smart factories that reflect the 4th industrial revolution technologies such as AI, IoT, and VR, has been actively promoted in Korea. However, in order to solve various problems arising from existing file-based operating systems, this research will focus on identifying and verifying non-file system-based data protection technology. Method: The research will measure security storage that cannot be identified or controlled by the operating system. How to activate secure storage based on the input of digital key values. Establish a control unit that provides input and output information based on BIOS activation. Observe non-file-type structure so that mapping behavior using second meta-data can be performed according to the activation of the secure storage. Result: First, the creation of non-file system-based secure storage's data input/output were found to match the hash function value of the sample data with the hash function value of the normal storage and data. Second, the data protection performance experiments in secure storage were compared to the hash function value of the original file with the hash function value of the secure storage after ransomware activity to verify data protection performance against malicious ransomware. Conclusion: Smart factory technology is a nationally promoted technology that is being introduced to the public and this research implemented and experimented on a new concept of data protection technology to protect crucial data within the information system. In order to protect sensitive data, implementation of non-file-type secure storage technology that is non-dependent on file system is highly recommended. This research has proven the security and safety of such technology and verified its purpose.

• The Journal of the Korea Contents Association
• /
• v.20 no.2
• /
• pp.15-26
• /
• 2020

Secure boot is security technology that verifies the integrity of the computer system in boot stage and controls the boot process accordingly. The computer system can establish a secure execution environment from the threat of various malwares by security boot and also supports the recovery when system in emergency case. Recently, Secure boot has been adopted by various modern computer manufacturers to protect users' information from hacker attacks and to prevent abuse of their products by malicious users. In this paper, we classify security boot developed by various companies and organizations by platform, and analyze the design and development purpose of each security boot and investigate the limitation of design. It can be used as a reference for system security designers in various information of security boot development method and security design of system.

• Journal of IKEEE
• /
• v.22 no.2
• /
• pp.242-249
• /
• 2018

In this paper, we identify the code vulnerabilities that can be automatically detected through Visual Studio (VS) compiler and code analyzer based on a secure coding rule set which is optimized for development of battlefield information system. Then we describe a weak point item that can be dealt with at the implementation stage without depending on the understanding or ability of the individual programmer's secure coding through the implementation of the secure coding library. Using VS compiler and the code analyzer, the developers can detect only about 38% of security weaknesses. But with the help of the proposed secure coding library, about 48% of security weaknesses can be detected and prevented in the proactive diagnosis in the development stage.

• Journal of Digital Convergence
• /
• v.13 no.3
• /
• pp.201-208
• /
• 2015

Recently computer, smart phone, medical devices, etc has become used in a variety of environments as the application fields of IT products have become diversification. Attack case of abuse of software security vulnerabilities is on the increase as the application fields of software have become diversification. Accordingly, secure coding program is of a varied but history management, updating, API module to be vulnerable to attack. Thus, this paper proposed a materialization of CMS linked system to enable check the vulnerability of the source code to content unit for secure software development, configuration management system that interwork on the transmission module. Implemented an efficient coding system secure way that departmentalized by the function of the program and by analyzing and applying secure coding standards.

• Journal of Convergence Society for SMB
• /
• v.5 no.2
• /
• pp.33-38
• /
• 2015

The damage to the security is increasing as public key-based ISP secure payment service is used in online banking payment system. Security technology aspect to ISP secure payment security has no special problems. But, security damage that occurs due to the simplicity of the payment system is a problem. In this paper, we propose response and plan for ISP secure payment service to minimize the damage that occurs due to the simplicity of a security settlement system. Proposed scheme is applicable to various billing systems such as secure payments, online payment, mobile payment, credit card. Proposed scheme is characterized in that can stably support the capabilities of the new billing system. Also, proposed scheme is to analyze the various security threats arising from the payment of the financial services and to describe response and plan technology.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.4
• /
• pp.43-57
• /
• 2006

When building a software system out of software components, the composition is not simple because of the complexity caused by diverse versions, digital signatures, static type information, and off-the-shelf components from various vendors. Well-established linking policies are one of the best solutions to solve the complexity problem at linking time. Secure Linking (SL) enables users to specify their linking policies which can be enforced at link time. Secure Linking framework is a framework based on a higher-order logic in order to help build a SL system. This paper shows that the Secure Linking logic is expressive enough to describe a real-world component composition system, the linking protocol of.NET. The paper also demonstrates the advantage of the logic-based linking framework by discussing the weakness of the code signing protocol in.NET which was found while we encoded the assembly linking system of.NET.