• Convergence Security Journal
• /
• v.18 no.1
• /
• pp.43-60
• /
• 2018

Recently, with the arrival of the 4th industrial revolution, the security risks are converging and complexly changing, and the demand of cybersecurity experts is increasing. Therefore, in this paper, it is the largest of the domestic educational institutions, it has the largest number of emissions talent, and selects the representative major field of humanities and society. Then, after analyzing the common curriculum in each major field, compare it with the training course of cybersecurity experts derived through existing previous research. Through analysis results, we try to design a retraining course for cybersecurity professional human resources. Utilizing the results of this research, it is expected that it will be used as the basic material necessary for the subjects of the re-curriculum education. It is also expected to contribute to resolving the supply-demand gap of cybersecurity professionals.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2023.05a
• /
• pp.202-203
• /
• 2023

The Ministry of Oceans and Fisheries is providing maritime safety services through the operation of the Korean e-Navigation service, and research is continuously needed to improve reliability and quality to secure the competitiveness of the system. In order to secure such competitiveness, we presented the basic design for the big-data maritime information gateway system for minimizes thereal-time operation impact of the Korean e-Navigation service, and a theoretical hardware structure diagram including pseudonymization procedures to implement the overall system and solve privacy security issues. However, the proposed structure diagram and design include only the overall concept, to link real-time maritime information, required detailed privacy security method to satisfy the Privacy Act of the Republic of Korea. To solve this problem, this study will identify factors to violate the Privacy Act within the real-time maritime information(privacy of shipowner, shipping company, captain, navigator, fisherman, etc.) linked by the big-data maritime information gateway system, and research the method to link the secured information to other institutions by encrypting identified the factors.

• Journal of the Korea Fashion and Costume Design Association
• /
• v.12 no.2
• /
• pp.41-54
• /
• 2010

This paper aims at studying about spatial structures and formative characteristics of Lucy Orta's fashion design. Her works utilizes the thought related on the architectural space that has been revealed sharp change of the paradigm since the late of 20th century. Lucy Orta against individualism of the urban life, and manufactures portable and moving housing and multi-functional fashion that is paved with individual rest unit and give a sense of security through simple combination among the units. Besides, she has development multiple portable clothing and equipments for the rescuethrough exploiting pioneering high technology. The results of this study can be summarized as the following: 1) refuge habitant creates individual space for physical and mental protection from the urban surrounding, 2) nomadic dwelling shows multi-functional fashion space fit for digital nomads' life style aims at continuous movement, 3) connective nexus and urban life guard are comprise of detachable individual unit in public space for remaking of the bonds, affinity, and relationship, and the complex of rescue clothing and equipments for meeting a challenge of the threat about human existence from uncertain environmental change in the future.

• The Korean Journal of Community Living Science
• /
• v.19 no.3
• /
• pp.445-457
• /
• 2008

Recently as the population of the disabled increased, interest and understanding toward them have deepened and the importance of universal design has risen. The purpose of this study is to understand the 3-dimensional body figure of the disabled by collecting a plaster figure using plaster dressing method and developing an individual nude body using FRP, with one female wheelchair user as the subject. The results of this study are as follows: First, 3-dimensional shape grasp about the figure of the obstacle person as is. Second, developing of individual nude body. Third, the presentation of the practical use idea of individual nude body. Last is the security of the basic document about the universal design. Uses the individual nude body in future and under producing boil a basic pattern and disabled person clothing. This work was supported by the Korea Research Foundation Grant funded by the Korea Government (MOEHRD, Basic Research Promotion Fund) (KRF-2005-B00022)."

• Journal of Korea Multimedia Society
• /
• v.8 no.4
• /
• pp.536-543
• /
• 2005

3D online game, with its striking realistic value, is leading the entire Korean game market which has various game genres. Technology sharing is very hard within the Korean game industry. That is because 1)there are few professionals, 2)most of the companies are small-scaled, and 3)there are security reasons. Therefore, it should be significant if we have software design techniques which make it possible to reuse the existing code when developing a network game so that we could save a lot of efforts. In this paper, the author analyzes the demand through the case in the client's design of the network game based on DirectX and proposes the effective software design methods for reusable code based on the creative patterns application in the GoF in the class design.

• Journal of Korea Multimedia Society
• /
• v.6 no.7
• /
• pp.1277-1285
• /
• 2003

In this paper, we present a conference key authentication mechanism by employing an algebraic method on IMT-2000 environment. To accomplish this, the symmetric balanced incomplete block design is applied for generating a conference key and then this key is distributed to participants. Through the technique for creation of a conference key and mutual authentications peformed based on identification information, a communication protocol is designed. The protocol proposed minimizes the communication complexity for generating a conference key. On a special case the complexity is O(equation omitted), where v is the number of participants. The security of the mechanism, which is a significant problem in construction of secure systems, can be assured since finding discrete logarithms is generally a hard problem.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.4
• /
• pp.975-983
• /
• 1998

In these days, information communication systems are based on both open distributed computing technologies and object-oriented techniques like inheritance, encapsulation and object reuse to support various system configuration and application. As information systems are interconnected through unsecure networks, the need for the secure information exchange is more critical than before. In this paper, we have designed and implemented a transparent CORBA-basce Security infrastructure with authentication, security context association, access control and security information management to support a secure applications in distributed object environment. SESAME Ver. 4 was adopted as an external security service to manage user privilege attributes and to distribute keys for data encryption, decryption and integrity. Using filter and transformer with an interface to Object Request Broker, it provides a transparent security service to applications. The filter objects are special classes that allow additional parameters to be inserted into messages before they are sent and removed just after they are received. The transformer objects are special classes that allow direct access to the byte stream of every messages for encryption and decryption before it is sent and just after it is received. This study is to implement the access control interceptor(ACI) and the secure invocation interceptor(SII) of secure ORB defined in CORBA using filter and transformer.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.10 no.4
• /
• pp.340-349
• /
• 2017

This paper is proposed Hadoop security protocol to protect a reply attack and impersonation attack. The proposed hadoop security protocol is consists of user authentication module, public key based data node authentication module, name node authentication module, and data node authentication module. The user authentication module is issued the temporary access ID from TGS after verifing user's identification on Authentication Server. The public key based data node authentication module generates secret key between name node and data node, and generates OTKL(One-Time Key List) using Hash-chain. The name node authentication module verifies user's identification using user's temporary access ID, and issues DT(Delegation Token) and BAT(Block Access Token) to user. The data node authentication module sends the encrypted data block to user after verifing user's identification using OwerID of BAT. Therefore the proposed hadoop security protocol dose not only prepare the exposure of data node's secret key by using OTKL, timestamp, owerID but also detect the reply attack and impersonation attack. Also, it enhances the data access of data node, and enforces data security by sending the encrypted data.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.4
• /
• pp.79-86
• /
• 2016

About 75% of software security incidents are caused by software vulnerability. In addition, the after-market repairing cost of the software is higher by more than 30 times than that in the design stage. In this background, the secure coding has been proposed as one of the ways to solve this kind of maintenance problems. Various institutions have addressed the weakness patterns of the standard software. A new Korean programming language Saesark has been proposed to resolve the security weakness on the language level. However, the previous study on Saesark can not resolve the security weakness caused by the API. This paper proposes a way to resolve the security weakness due to the API. It adopts a static analyzer inspecting dangerous methods. It classifies the dangerous methods of the API into two groups: the methods of using tainted data and those accepting in-flowing tainted data. It analyses the security weakness in four steps: searching for the dangerous methods, configuring a call graph, navigating a path between the method for in-flowing tainted data and that uses tainted data on the call graph, and reporting the security weakness detected. To measure the effectiveness of this method, two experiments have been performed on the new version of Saesark adopting the static analysis. The first experiment is the comparison of it with the previous version of Saesark according to the Java Secure Coding Guide. The second experiment is the comparison of the improved Saesark with FindBugs, a Java program vulnerability analysis tool. According to the result, the improved Saesark is 15% more safe than the previous version of Saesark and the F-measure of it 68%, which shows the improvement of 9% point compared to 59%, that of FindBugs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.827-839
• /
• 2012

A cell phone is very close to the user and therefore should be considered in digital forensic investigation. Recently, the proportion of smartphone owners is increasing dramatically. Unlike the feature phone, users can utilize various mobile application in smartphone because it has high-performance operating system (e.g., Android, iOS). As acquisition and analysis of user data in smartphone are more important in digital forensic purposes, smartphone forensics has been studied actively. There are two way to do smartphone forensics. The first way is to extract user's data using the backup and debugging function of smartphones. The second way is to get root permission, and acquire the image of flash memory. And then, it is possible to reconstruct the filesystem, such as YAFFS, EXT, RFS, HFS+ and analyze it. However, this methods are not suitable to recovery and analyze deleted data from smartphones. This paper introduces analysis techniques for fragmented flash memory pages in smartphones. Especially, this paper demonstrates analysis techniques on the image that reconstruction of filesystem is impossible because the spare area of flash memory pages does not exist and the pages in unallocated area of filesystem.