• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.05a
• /
• pp.1083-1086
• /
• 2005

Now these days, many technical concepts and tools have been developed in the cryptographic field. Most digital signature schemes used in practice, such as RSA or DSA, have an important role in information privacy and secure authentication for perfect user. A clearly advantage of such schemes over with security proven relative to such common cryptographic assumptions, is their efficiency: as a result of their relative weak requirements regarding computation, bandwidth and storage, these scheme have so far beaten proven secure schemes in practice. Our aim is to contribute to bridge the gap that exists between the theory and practice of digital signature schemes. In this paper we present a digital signature that ensures information privacy. More precisely, under an appropriate assumption about RSA, the scheme is proven to be existentially forgeable under adaptively chosen message attacks. This mechanism can be applied to smart cards or E-Wallet for maintaining secure authentication for user’s information privacy.

• The Journal of the Convergence on Culture Technology
• /
• v.6 no.4
• /
• pp.633-642
• /
• 2020

The recent COVID-19 pandemic is threatening human life and well-being, causing pain that has not been experienced before. Human security was summoned again as a result of the COVID-19 pandemic. However, it is paradoxically a threat to human security due to its inherent limitations and authoritarian control model. This paper first raises the analytical rigor of the concept of human security, focusing on COVID-19. Based on this, the practical usefulness of human security is improved by constructing a practical model that reflects the human security issues raised in reality. In particular, we approach the COVID-19 pandemic not from a natural disaster, but from the perspective of an artificial catastrophe caused by immorality and division in the international community. At the same time, we propose a multilateralism governance model that reflects the perspective of emerging security in order to realize human rights, the fundamental value of human security, and quarantine, a practical task in a balanced way.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.8
• /
• pp.39-45
• /
• 2020

Despite the increasing interest in cyber security in recent years, the emergence of new technologies has led to a shortage of professional personnel to efficiently perform the cyber security. Although various methods such as cyber rage are being used to cultivate cyber security experts, there are problems of limitation of virtual training system, scenario-based practice content development and operation, unit content-oriented development, and lack of consideration of learner level. In this paper, we develop a fuzzy rule-based user-customized training scenario automatic generation system for improving user's ability to respond to infringement. The proposed system creates and provides scenarios based on advanced persistent threats according to fuzzy rules. Thus, the proposed system can improve the trainee's ability to respond to the bed through the generated scenario.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.195-203
• /
• 2019

Mobile applications stores such as Google Play Store and Apple App Store, are widely used to distribute a variety of applications including finance, shopping, and entertainment. Recently, however, vulnerabilities of the mobile applications are likely to violate users' privacy such as personal information leakage. In this paper, we classify mobile applications that can be download from mobile stores, and analyze the personal information that could be leaked when users are using the mobile applications. As a result of analysis, we found that personal information are leaked in some widely used mobile applications in practice. On the basis of our experiment results, we propose some mitigations to enhance security of the mobile applications and prevent leakage of personal information.

• Nutrition Research and Practice
• /
• v.16 no.1
• /
• pp.94-105
• /
• 2022

BACKGROUND/OBJECTIVES: The purpose of this study was to investigate the association between socioeconomic status and chewing discomfort and identify the role of food insecurity in the association's causal pathway in a representative sample of Korean elders. MATERIALS/METHODS: We conducted cross-sectional analyses of the Korea National Health and Nutrition Examination Survey (2013-2015) data for elders aged ≥ 65 years. Socioeconomic status indicators used included household income and education level. Chewing discomfort was assessed according to the self-reported presence of chewing problems. Food security was surveyed using a questionnaire based on the US Household Food Security Survey Module. RESULTS: The odds ratios of chewing discomfort in the 1st and 2nd income quartiles were 1.55 (95% confidence interval [CI], 1.15-2.10) and 1.40 (95% CI, 1.03-1.90), respectively, compared to participants in the highest income quartile. Participants with the lowest education level were 1.89 (95% CI, 1.30-2.75) times more likely to have chewing discomfort than those without chewing discomfort. After including food security in the final model, the logistic coefficients were attenuated in the income and education quartiles. CONCLUSIONS: Low socioeconomic status was associated with chewing discomfort. In addition, the results confirm that food insecurity can mediate the association between socioeconomic inequalities and chewing discomfort among the elderly.

• Journal of Digital Contents Society
• /
• v.3 no.2
• /
• pp.163-176
• /
• 2002

It is necessary to change internet protect from version 4 (IPv4) to version 6 (IPv6). A converter from IPv4 to IPv6 is working in a laboratory not in practice. In this paper, we review internet protocol versions (IPv6) and design IPv4 to IPv6 converter. The IPv4 to IPv6 converter also has security prediction capability so as to deal with security problem when IPv4 packet is converted to IPv6 packet.

• International Journal of Computer Science & Network Security
• /
• v.23 no.2
• /
• pp.89-95
• /
• 2023

Cloud computing today provides huge computational resources, storage capacity, and many kinds of data services. Data sharing in the cloud is the practice of exchanging files between various users via cloud technology. The main difficulty with file sharing in the public cloud is maintaining privacy and integrity through data encryption. To address this issue, this paper proposes an Enhanced RSA encryption schema (ERSA) for data sharing in the public cloud that protects privacy and strengthens data integrity. The data owners store their files in the cloud after encrypting the data using the ERSA which combines the RSA algorithm, XOR operation, and SHA-512. This approach can preserve the confidentiality and integrity of a file in any cloud system while data owners are authorized with their unique identities for data access. Furthermore, analysis and experimental results are presented to verify the efficiency and security of the proposed schema.

• International Journal of Computer Science & Network Security
• /
• v.23 no.7
• /
• pp.23-31
• /
• 2023

This article discusses the sabotage of loops of intruder alarm systems. Although loop alarm systems are now gradually being replaced by digital alarm systems, they are still significantly present in practice. This paper describes two experimentally verified techniques for sabotaging balanced loops. The first technique is based on the jump replacement of the balancing resistor by a fake resistor. The second technique is based on inserting a series-parallel combination of two rheostats into the loop. By alternately changing the resistance of these rheostats, a state is reached where the balancing resistor is shorted by the parallel rheostat and replaced by the series rheostat. Sabotage devices for both attacks are technically simple and inexpensive, so they can be made and used by an amateur. Owners of loop alarm systems should become find out about this threat.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1191-1204
• /
• 2012

As attackers try to paralyze information security systems, many researchers have investigated security testing to analyze vulnerabilities of information security products. Penetration testing, a critical step in the development of any secure product, is the practice of testing a computer systems to find vulnerabilities that an attacker could exploit. Security testing like penetration testing includes gathering information about the target before the test, identifying possible entry points, attempting to break in and reporting back the findings. Therefore, to obtain maximum generality, re-usability and efficiency is very useful for efficient security testing and vulnerability hunting activities. In this paper, we propose a threat analysis based software security testing technique for evaluating that the security functionality of target products provides the properties of self-protection and non-bypassability in order to respond to attacks to incapacitate or bypass the security features of the target products. We conduct a security threat analysis to identify vulnerabilities and establish a testing strategy according to software modules and security features/functions of the target products after threat analysis to improve re-usability and efficiency of software security testing. The proposed technique consists of threat analysis and classification, selection of right strategy for security testing, and security testing. We demonstrate our technique can systematically evaluate the strength of security systems by analyzing case studies and performing security tests.

• Journal of The Korean Association of Information Education
• /
• v.18 no.1
• /
• pp.143-149
• /
• 2014

We study the level on the knowledge, attitudes, and practice of primary school (grades 3-6 students ) for the safe use of smart devices, and identify student status for the safe use of smart devices, and suggests ways of appropriate data collection, analyzing of data. Through this research, for the safe use of smart devices in education showed that the effect is very insignificant and the knowledge and practice of smart devices are widely recognized. We will suggests the suitable education contents for the smart devices safe use for primary school students. These education will be made up of 'smart devices safety using' and we will expect that primary students will be able to cultivate the 'smart devices security awareness'.