• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.5
• /
• pp.967-979
• /
• 2013

Now a day, Wireless Sensor Networks (WSNs) are being widely used in different areas one of which is healthcare services. A wireless medical sensor network senses patient's vital physiological signs through medical sensor-nodes deployed on patient's body area; and transmits these signals to devices of registered medical professionals. These sensor-nodes have low computational power and limited storage capacity. Moreover, the wireless nature of technology attracts malicious minds. Thus, proper user authentication is a prime concern before granting access to patient's sensitive and private data. Recently, P. Kumar et al. claimed to propose a strong authentication protocol for healthcare using Wireless Medical Sensor Networks (WMSN). However, we find that P. Kumar et al.'s scheme is flawed with a number of security pitfalls. Information stored inside smart card, if extracted, is enough to deceive a valid user. Adversary can not only access patient's physiological data on behalf of a valid user without knowing actual password, can also send fake/irrelevant information about patient by playing role of medical sensor-node. Besides, adversary can guess a user's password and is able to compute the session key shared between user and medical sensor-nodes. Thus, the scheme looses message confidentiality. Additionally, the scheme fails to resist insider attack and lacks user anonymity.

• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 2007.11a
• /
• pp.488-492
• /
• 2007

In this study, we investigated how to distinguish customer delivered value to re-purchasing in fierce B2C industry. To identify key managerial variables that could distinctively impact re-purchasing, we first identified customer value proposition as per the customer buying decision process. Next, core value propositions of choice efficiency and competitive price are defined to determine vendor satisfaction during the searching stage and purchasing stage. The trust level is also introduced in the sense of reflecting confirmation to guarantee after purchase security. Then, significant managerial variables to impact on core value propositions are extracted. The resulting structural model illustrated that search convenience and quality assurance affect the choice efficiency, and re-purchase intention is strongly explained by both the vendor satisfaction and trust level. The empirical testing results also support that transaction cost reduction is key determinant of shopping at the Internet shopping mall. Furthermore, trust level should be combined to induce re-purchasing in addition to transaction cost savings.

• Journal of Nuclear Fuel Cycle and Waste Technology(JNFCWT)
• /
• v.3 no.3
• /
• pp.167-176
• /
• 2005

Demand on the nuclear energy in East Asian countries has been grown rapidly to support economic development. After 9.11, nuclear security has become the world wide issue. In addition, unlike to other region, some countries are considering the introduction of nuclear power plants. To meet the challenges a new regional multilateral nuclear approach is proposed aiming at assurance of supply and non -proliferation. The new proposal is based on the principles of confidence building, volunteering, and incentives. The step wise approach is recommended to implement the multilateral system in East Asia.

• Journal of Applied Reliability
• /
• v.16 no.4
• /
• pp.287-294
• /
• 2016

Purpose: Environment test support is urgent for small and medium defense companies in order to improve the reliability of weapons systems. Also, to reduce the burden of test costs, the voucher system must be strengthened. Quality assurance support should be accompanied by budget support. Methods: First of all, it is necessary to expand infrastructure for test equipment that suffers shortages by considering environmental test frequency and waiting periods to reduce the time required for environmental tests. Results: In regard to the environmental test, expansion for test equipment infrastructure, security of budget for the test, establishment of test plan, education and consulting support are required to resolve some limits of small and medium defense companies. Conclusion: Along with the opening of environmental test courses for industry operators, the expansion for consulting support projects of the defense industry support system is needed.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.77-82
• /
• 2004

The notion of a certificate was introduced by Kohnfelder in his 1978 MIT bachelor's thesis. The idea, now common, was that a certificate is a digitally signed statement binding the key-holder's name to a public key. With the increasing acceptance of digital certificate, there has been a gaining impetus for methods to nullify the compromised digital certificates and enable the end user to receive this information before be trusts a revoked certificate. The problem of certificate revocation is getting more and more crucial with the development of wide spread PKIs. In this paper, we investigate recent trend of certificate revocation mechanism.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.233-239
• /
• 2004

In this paper, we describe a defense mechanism to cope with stepping stones attacks in high-speed networks. (Stepping stones Attacker launches attacks not from their own computer but from intermediary hosts that they previously compromised.) We aim at tracing origin hacker system, which attack target system via stepping stones. There are two kind of traceback technology ; IP packet traceback, or connection traceback. We are concerned with connection traceback in this paper. We propose a new host-based traceback. The purpose of this paper is that distinguish between origin hacker system and stepping stones by using process structure of OS(Operating System).

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.65-70
• /
• 2004

The method of broadcast encryption has been applied to the transmission of digital information such as multimedia, software, and paid TV on the open network. In this broadcast encryption method, only previously authorized users can gain access to digital information. When broadcast message is transmitted, authorized users can first decode the session key using the previously given private key and get digital information using this session key. This way, users retrieve a message or a session key using the key transmitted by broadcasters. For their part, broadcasters need to generate and distribute keys. Broadcasters should also carry out efficient key renewal when users subscribe or un-subscriber. In this paper use a broadcast, and present the DRM model, using that look into the requirement about the contents and apply also the concept of a broadcast encryption. We offer the authority to copy as the number of reproduction to want to the user, and the low so that we were convenient because we used.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.12
• /
• pp.3244-3260
• /
• 2013

A three-party password-based authenticated key exchange (PAKE) protocol allows two clients registered with a trusted server to generate a common cryptographic key from their individual passwords shared only with the server. A key requirement for three-party PAKE protocols is to prevent an adversary from mounting a dictionary attack. This requirement must be met even when the adversary is a malicious (registered) client who can set up normal protocol sessions with other clients. This work revisits three existing three-party PAKE protocols, namely, Guo et al.'s (2008) protocol, Huang's (2009) protocol, and Lee and Hwang's (2010) protocol, and demonstrates that these protocols are not secure against offline and/or (undetectable) online dictionary attacks in the presence of a malicious client. The offline dictionary attack we present against Guo et al.'s protocol also applies to other similar protocols including Lee and Hwang's protocol. We conclude with some suggestions on how to design a three-party PAKE protocol that is resistant against dictionary attacks.

• Proceedings of the Korean Society of Surveying, Geodesy, Photogrammetry, and Cartography Conference
• /
• 2010.04a
• /
• pp.57-59
• /
• 2010

The current Digital map is ambiguous to be managed because that's managed partition unit file-based. It brings about the cost of consumption because area has been changed or not is managed redundantly and there has been no way to provide digital map of spatial and time management. In addition, digital map can't have the management of security assurance and systematization because it is managed file-based. Therefore, this research provides figures that after applying UFID per object, it can be managed history every update of it by object unit.

• Journal of the military operations research society of Korea
• /
• v.16 no.1
• /
• pp.18-34
• /
• 1990

In light of the recent developments of transitory nature, it is likely that national defense decision-making will be more difficult to make for years to come. In other words, sudden changes in security environment would call into question the basic assumptions on which we have built our national defense planning and increase the number of the uncertain factors in the decision-making process; the subdivision and ramification of national defense management would increase the factors for decision-making and complicate even further the mutual interactions among these factors; the accelerated pace of sophistication and diversification of weapon systems and military technology would increase the risk of failure and system costs geometrically; and the reduced level of acceptance among the people on the sanctification of national defense in proportion to the rapid progress toward a more democratic and industrial society would engender an increased criticism or checking role by the National Assembly or by the mass media. As the changes in national defense environment and conditions create an innumerable number of new tasks, this paper intends to suggest a few core policy measures to improve the quality of national defense decision-making. More specifically, it proposes to 1) eradicate entirely the bureaucratic behavior and tendencies; 2) utilize actively the brain staff for quality assurance of decision-making; 3) and introduce and apply as a whole set, a total system, or an incorporated pack age the PPBEES(Planning-Programming-Budgeting-Executing-Evaluating-System)/LCMM (Life-Cycle Management Model for System Acquision), the OR/SA(Operations Research/Systems Analysis), and DMIS (Defense Management Information System).