• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.214-216
• /
• 2021

It proposes a plan to strengthen the limitations of existing corporate security systems based on Zero-Trust. With the advent of the era of the Fourth Industrial Revolution, the paradigm of security is also changing. As remote work becomes more active due to cloud computing and COVID-19, security issues arising from the changed IT environment are raised. At the same time, in the current situation where attack techniques are becoming intelligent and advanced, companies should further strengthen their current security systems by utilizing zero trust security. Zero-trust security increases security by monitoring all data communications based on the concept of doubting and trusting everything, and allowing strict authentication and minimal access to access requestors. Therefore, this paper introduces a zero trust security solution that strengthens the existing security system and presents the direction and validity that companies should introduce.

• Proceedings of the Korean Information Science Society Conference
• /
• 2012.06b
• /
• pp.40-42
• /
• 2012

효율적인 재난관리를 위해서는 재난발생시 신속하고 적절한 대응 및 과학적 원인분석을 통한 재발방지, 재난관리에 소요되는 비용을 최소화하기 위한 노력 등이 필요하다. 재난관리단계별로 분석기반의 선제적 예방, 재난 대비능력 강화, 대응기술의 개발 등을 통해 과학적 재난 원인규명이 가능하고 재해복구에 드는 비용을 줄일 수 있다. 이미 해외 주요 국가들은 융합기술 기반의 선제적 재난 예측 대응 기술 개발과 재난관리비용 절감을 위한 재난관리전략을 수립하여 추진 중에 있다. 이에 본 연구에서는 과거 재난발생 이력을 기반으로 재난관리단계별 조사항목 및 업무절차를 체계화하고 최신과학기술을 적용하여 정보수집 및 재난원인분석을 지원하는 재난관리체계의 고도화 방안을 제안하고자 한다.

• Proceedings of the IEEK Conference
• /
• summer
• /
• pp.52-56
• /
• 2004

Computing today is becoming ubiquitous. In such ubiquitous computing environments, entities expect to access resources and services at any time from anywhere. Therefore, the question rises of how to establish trust relationship in previously unknown devices or resources with such environment. After reviewing a model to delegate trust to communicating entities in ubiquitous environment and its security problems, we present a new model for secure delegation over communication entities. We adopt two-party signature scheme as cryptographic primitives. Additionally, we apply threshold cryptosystems to our model for more secure enhancement.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.2
• /
• pp.471-476
• /
• 2011

As information and communication technologies (ICTs) has been developed, it is getting more important for internet users to consider many security issues (e.g., privacy protection). In this paper we claims that animation contents make a positive influence on teaching such computer securities, and investigate what features of animation contents will be the most important relationships with performance of the teaching process. Once we have obtained the survey results from students, two main features (i.e., characters and plots) of the animation contents have positively influenced the performance of e-learning systems.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.1100-1103
• /
• 2012

모바일 디바이스의 사용이 활발해지면서 사용자들은 PC에서 사용하는 서비스를 모바일 디바이스로 사용하려고 한다. 모바일 디바이스는 PC에 비해 자원이 한정적이며, 이러한 문제를 클라우드 서비스를 통해 해결하고 있다. 특히 모바일 디바이스의 제한된 저장 공간을 클라우드 스토리지를 이용함으로서 저장공간에 대한 제한성을 해결한다. 하지만 중앙 집중형태로 저장되는 클라우드 스토리지의 보안문제는 아직도 현재 진행형이며, 네트워크상에 다양한 공격 위협으로부터 노출되어 있다. 본 연구에서 모바일 디바이스에서 클라우드 스토리지로 데이터를 저장 할 때 보안을 향상시킬 방법을 제안하고 일반 전송서버와 시간을 비교하였으며 실험을 통해 안정된 성능을 입증하였다.

• ETRI Journal
• /
• v.35 no.5
• /
• pp.889-899
• /
• 2013

Wireless sensor networks (WSNs) are used for many real-time applications. User authentication is an important security service for WSNs to ensure only legitimate users can access the sensor data within the network. In 2012, Yoo and others proposed a security-performance-balanced user authentication scheme for WSNs, which is an enhancement of existing schemes. In this paper, we show that Yoo and others' scheme has security flaws, and it is not efficient for real WSNs. In addition, this paper proposes a new strong authentication scheme with user privacy for WSNs. The proposed scheme not only achieves end-party mutual authentication (that is, between the user and the sensor node) but also establishes a dynamic session key. The proposed scheme preserves the security features of Yoo and others' scheme and other existing schemes and provides more practical security services. Additionally, the efficiency of the proposed scheme is more appropriate for real-world WSNs applications.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.1
• /
• pp.29-37
• /
• 2014

In this paper we show that a dynamic ID authentication scheme using smart cards proposed by Tsai et al. is not secure against DoS attack and insider attack. Further we claim that their scheme may raise a security problem when a user changes his/her password. Then we come up with a security-enhanced version only with small additional computational cost. Our scheme is based on the security of cryptographic hash function and the infeasibility assumption of discrete logarithm problem. In addition, we provide details of security and computational cost analysis.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.9
• /
• pp.3548-3557
• /
• 2010

Security enhancement technologies are required to preventing phishing and pharming attacks on Internet banking. One-time password(OTP) should be used with certificate for enhancing user authentication and security performance. However, existing OTP technique is weak on MITM(Man-In-The-Middle) attack and synchnonization should be provided on OTP system. Therefore, more advanced mechanism such as combining biometic data with OTP can be suggested to enhancing security on authentication system. In this paper, we designed and implemented a multifactor authentication system using one-time biometric template to generate unique authentication data after adapting biometric transform on each user's biometric data.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.781-797
• /
• 2013

Nowadays, it is increasing that corporates consign tasks related to the personal information processing to the consignees for efficiency and quality improvements and cost reductions. As the consignments are increased, there are increases on types and amounts of personal information. Therefore, the needs on the information managements and the security threats are increased. This report will analyze the laws that consignors and consignees should follow. Moreover, it identifies issues and analyzes the current levels on consignees in terms of the personal information protection so that the consignors can come up with the best and efficient way to monitor the consignees when they consign the personal information processing tasks.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.8 no.6
• /
• pp.112-120
• /
• 2009

Both security enhancement in wireless and fast access for mobility are required to employ wireless LAN in ITS (Intelligent Transportation Systems). However, for the case of employing IEEE 802.11i security standard, it is known that the user authentication procedure of IEEE 802.1x and 4-way handshake procedure for stronger security enforcement may not be suitable for ITS due to its large delay. In this paper, we propose fast authentication method to resolve the above authentication delay problem, and verify its performance via simulation analysis.