• Journal of Platform Technology
• /
• v.9 no.1
• /
• pp.46-57
• /
• 2021

Recently, research has been actively conducted to utilize blockchain technology in various fields. In particular, blockchain-based smart contracts are applied to various automation systems that require reliability as they have the characteristics of recording data in a distributed ledger environment to verify the integrity and validity of data. However, blockchain does not provide data access control and information security because data is shared among network participants. In this paper, we propose a user dynamic access control mechanism utilizing smart contracts in blockchain environments. The proposed mechanism identifies the user's contextual information when accessing data, allocating the user's role and dynamically controlling the data access range. This can increase the security of the system and the efficiency of data management by granting data access dynamically at the time of user authentication, rather than providing the same services in roles assigned to each user group of the network system. The proposed mechanism is expected to provide flexible authentication capabilities through dynamic data access control by users to enhance the security of data stored within blockchain networks.

• International Commerce and Information Review
• /
• v.6 no.2
• /
• pp.107-127
• /
• 2004

The rapid development of internet information technology has increased interest in e-Trade these days, but it is not activated greatly up to now. In order to promote e-Trade, it is essential to construct cooperative process such as connecting systems among trade related parties. Building e-Trade platform which is based on the infrastructure of the past trade automatic system is key point of promoting e-Trade. To do this, a study on the basic concept and specific components of e-Trade platform is needed absolutely. At this point of view, after this paper has examined domestic and foreign studies on the fundamental technologies about electronic commerce, it drew several key technologies that could be applied to e-Trade considering the current IT trend. Then it evaluates these technologies according to Technology Reference Model(TRM) of the National Computerization Agency. This will help us to show the operation strategy as well as the concept of future e-Trade platform and its composition. On the basis of the theoretical background, this paper classified NCA's technology model into 6 fields, which are application. data, platform, communication, security and management. Considering the key technologies, e-Trade platform has to be mutually connected and accept international standards such as XML. In the aspect of business side, trade relative agencies' business process as well as trading company's process has to be considered. Therefore, e-Trade platform can be classified into 3 parts which are service, infrastructure and connection. Infrastructure part is compared of circulating and managing system of electronic document, interface and service framework. Connecting service (application service) and additional service (application service) consist of service part. Connecting part is a linking mutual parts and can be divided into B2B service and B20 service. The organization operating this e-trade platform must have few responsibilities and requirements. It needs to positively accept existing infrastructure of trade automatic system and improving the system to complete e-trade platform. It also have to continuously develop new services and possess ability to operate the system for providing proper services to demanders. As a result, private sector that can play a role as TTP(Third Trust Party) is adequate for operating the system. In this case, revising law is necessary to support the responsibility and requirement of private sector.

• Journal of Internet Computing and Services
• /
• v.9 no.6
• /
• pp.1-13
• /
• 2008

Trusted Computing is a hardware-based technology that aims to guarantee security for machines beyond their users' control by providing security on computing hardware and software. TPM(Trusted Platform Module), the trusted platform specified by the Trusted Computing Group, acts as the roots for the trusted data storage and the trusted reporting of platform configuration. Data sealing encrypts secret data with a key and the platform's configuration at the time of encryption. In contrast to the traditional data sealing based on binary hash values of the platform configuration, a new approach called property-based data sealing was recently suggested. In this paper, we propose and analyze a new property-based data sealing protocol using the weakest precondition concept by Dijkstra. The proposed protocol resolves the problem of system updates by allowing sealed data to be unsealed at any configuration providing the required property. It assumes practically implementable trusted third parties only and protects platform's privacy when communicating. We demonstrate the proposed protocol's operability with any TPM chip by implementing and running the protocol on a software TPM emulator by Strasser. The proposed scheme can be deployed in PDAs and smart phones over wireless mobile networks as well as desktop PCs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.721-728
• /
• 2013

Big data is one of the most spotlighted technological trends in these days, enabling new methods to handle huge volume of complicated data for a broad range of applications. Real-time network traffic analysis essentially deals with big data, which is comprised of different types of log data from various sensors. To tackle this problem, in this paper, we devise a big data based platform, RENTAP, to detect and analyse malicious network traffic. Focused on military network environment such as closed network for C4I systems, leading big data based solutions are evaluated to verify which combination of the solutions is the best design for network traffic analysis platform. Based on the selected solutions, we provide detailed functional design of the suggested platform.

• International Journal of Computer Science & Network Security
• /
• v.22 no.11
• /
• pp.331-337
• /
• 2022

Smart learning is augmented with digital, context-aware, and adaptable technologies to encourage students to learn better and faster. To ensure that digital learning is successful and that implementation is efficient, it is critical that the dimensions of digital learning are arranged correctly and that interactions between the various elements are merged in an efficient and optimal manner. This paper builds and discusses a basic framework for smart learning in the digital age, aimed to improve students' abilities and performance in learning. The proposed framework consists of five dimensions: Teacher, Technology, Learner, Digital content, and Evaluation. The Teacher and Learner dimensions operate on two levels: (a) an abstract level to fit in knowledge and skills or interpersonal characteristics and (b) a concrete level in the form of digital devices used by teachers and learners. Moreover, this paper proposes asynchronous online course delivery model. An Arabic smart learning platform has been developed, based on these smart learning core dimensions and the asynchronous online course delivery model, because despite the official status of this language in many countries, there is a lack of Arabic platforms to teach Arabic. Moreover, many non-native Arabic speakers around the world have expressed an interest in learning it. The Arabic digital platform consists of over 70 lessons classified into three competence levels: beginner, intermediate, and advanced, delivered by Arabic experts and Arabic linguists from various Arab countries. The five dimensions are described for the Arabic platform in this paper. Learner dimension is the Arabic and non-Arabic speakers, Teacher dimension is Arabic experts and Arabic linguistics, Technology dimension consists of technology for Arabic platform that includes web design, cloud computing, big data, etc. The digital contents dimension consists of web-based video, records, etc. The evaluation dimension consists of Teachers rating, comments, and surveys.

• Journal of Korean Society of Disaster and Security
• /
• v.17 no.1
• /
• pp.17-25
• /
• 2024

Recent climate change has led to an increase in the probability of forest disasters (forest fires, landslides). However, disaster systems providing information for forest disaster response lack unified information provision. Therefore, this study aims to provide essential disaster information from a unified system for swift disaster response. To achieve this goal, we conducted a fundamental study on the necessary components for designing a forest disaster platform, explored methods for visualizing platforms enabling swift response and information provision during forest disasters through case studies, and presented the findings. Our results indicate that both domestic and international forest disaster response platforms commonly utilize spatial information to provide location-specific information. Key components identified for designing a response platform for forest disasters include constructing forest disaster big data, including climate information for target areas, developing technology for integrated diagnosis of forest disasters at each stage, and designing tailored safety care services for disaster areas.

• Review of KIISC
• /
• v.24 no.6
• /
• pp.31-36
• /
• 2014

클라우드 컴퓨팅 서비스는 자원 공유와 가상화 기술 및 자원의 서비스화 등 기존 컴퓨팅 환경과 다른 특성으로 인해 클라우드 컴퓨팅 환경에 적합한 식별/접근제어 기술 및 보안 통제 사항이 요구된다. 그러므로 기존 컴퓨팅 자원을 클라우드 컴퓨팅 환경으로 변경하는 서비스 제공자나 클라우드 서비스로 이동하는 서비스 사용자는 특정한 보안 요건을 검토해야 한다. Cloud Security Alliance에서 배포한 Cloud Control Matrix와 ISO/IEC 27001을 비교 분석하여, 클라우드 컴퓨팅 환경에서 특별히 요구되는 식별 및 접근제어의 보안 통제 요건을 확인하였다. 또한, 주요 클라우드 컴퓨팅 서비스인 아마존의 AWS, 구글의 Google Cloud Platform과 VMware의 vCloud 서비스의 식별 및 접근제어 기술을 조사하였다. 이를 기반으로 클라우드 컴퓨팅 환경의 식별 및 접근제어 기술에서 필요한 보안 요건을 확인하였다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.07a
• /
• pp.212-216
• /
• 2003

최근 XML(extensible Markup Language)이 인터넷 전자거래와 데이터 전송 및 검색 부문에서 광범위하게 이용됨에 따라 중요한 거래들의 온라인 인증을 위한 암호키 관리가 요구되므로 XML기반의 키 관리에 대한 연구 개발이 필요하다. 그러나 현재 여러 나라에서 이러한 XML키 관리 기술에 대한 연구와 함께 XML 키 관리 시스템들이 시범 모델로 개발되고 있는 것에 반해 국내에서는 연구 및 개발이 미흡한 실정이다. 본 논문에서는 XML 키 관리의 개념에 대하여 살펴보고, 이를 바탕으로 설계한 EXSO/XKMS 서비스 플랫폼에 대해 설명하고자 한다. EXSO/XKMS에 대해서는 기반 플랫폼 구조 및 구현한 EXSO /XKMS 서비스 컴포넌트에 대해 기술하고, 개발 중인 서비스 시스템의 기능 및 특징에 관하여 기술한다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.660-664
• /
• 2003

본 논문에서는 현재 공개되어 있는 ClamAV 안티바이러스 엔진의 소스를 분석하여 플랫폼 독립적인 구현을 시도했다. 구체적으로 유닉스 기반에서 Java 프로그래밍 언어를 사용했으며, 사용자의 편의를 위한 GUI 환경을 SWING을 사용하여 구축했다 아울러 공개된 안티바이러스 엔진보다 효율성을 높이기 위하여 효율적인 매칭 알고리즘 선택 및 바이러스 패턴 데이터베이스의 재구성에 관하여 제안한다.

• Journal of Digital Convergence
• /
• v.19 no.10
• /
• pp.1-13
• /
• 2021

This study postulates that Government as a Platform(GaaP) could be a next generation government model, drawing activation strategy from success factors of webtoon platform by NAVER. It suggests success factors of Naver webtoon case based on three main components of platform strategy. First, in the aspect of platform infrastructure, Naver webtoon was established based on powerful portal site by parent company Naver and improved platform accessibility through using webtoon without login. Second, in the aspect of stakeholder engagement, Naver webtoon has offed webtoon at no cost and it has taken an intermediary role for supporting the stakeholders with PPS. Third, in the aspect of outputs production, Naver webtoon offered real time feedback from webtoon users that could affect webtoon production and established incubating system that allow users to create their webtoon. And due to PPS, it makes possible to various create second outputs based on webtoon, which can contribute to activating webtoon ecosystem.