• Journal of Korean Society of societal Security
• /
• v.4 no.1
• /
• pp.67-74
• /
• 2011

This paper was to examine the causes of steep slope failure during the season of heavy rainfall. For the purpose, the paper carefully analyzed the sites of steep slope failure, which happened in July 2009. The direct cause of steep slope failure was much related to heavy rainfall during summer. The paper continued to verify that additional causes include the malfunction of diverse waterways, the slope design without considering weathering soils and related characteristics, the lack of the waterway size, the intrusion of plant roots, the reinforced technique without considering slope conditions, etc.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.3
• /
• pp.55-67
• /
• 2008

The user has to subscribe to the library so that user use the library service. User has to register at that in order to use of the nearby another library. Moreover, service such as the inter-library loan and returning my loan book to other library in which the mutual cooperation between the library is needed necessity. But it services due to the constraint condition because of the administrative or technical problems. In this paper excludes the administrative element. The web service model is forming the cluster based on the mutual cooperation between the technologically adjacent public library and provides the technologically necessary single sign-on (SSO) in order to support the additional service. The single sign-on of the library which is concluded by this model using the security information exchange standard (Security Assertion Markup Language : SAML), it is processed by XML base. In using this model, the loan information is confirmed in the attribution in return service library and the model can utilize for the return of loan book in other library. It designs the single sign-on about it.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.241-248
• /
• 2018

A Recommender System (RS) is a system that provides optimized information to users in an over-supply situation. The key to RS is to accurately predict the behavior of the user. The Matrix Factorization (MF) method was used for this prediction in the early stage, and according to the recent SNS development, social information is additionally utilized to improve prediction accuracy. In this paper, we use RS internal trust cluster, which was overlooked in previous studies, to further improve performance and analyze the characteristics of trust clusters.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.8
• /
• pp.1855-1860
• /
• 2010

This paper describes construction of web services system for secure message transmission appling web services standards. This system composes single sign on module, SSL module and secure message module. We applied these modules to price comparison site. Single sign on module used SAML standards. This module was designed, in order to provide authentication and authorization. As SSL module processes message encryption among end to end, messages of this system are secure. Secure message module is designed according to WS-Security standards and processes authentication, XML signature and XML encryption.

• Journal of Information Processing Systems
• /
• v.13 no.1
• /
• pp.184-195
• /
• 2017

In recent decades, the ad hoc network for vehicles has been a core network technology to provide comfort and security to drivers in vehicle environments. However, emerging applications and services require major changes in underlying network models and computing that require new road network planning. Meanwhile, blockchain widely known as one of the disruptive technologies has emerged in recent years, is experiencing rapid development and has the potential to revolutionize intelligent transport systems. Blockchain can be used to build an intelligent, secure, distributed and autonomous transport system. It allows better utilization of the infrastructure and resources of intelligent transport systems, particularly effective for crowdsourcing technology. In this paper, we proposes a vehicle network architecture based on blockchain in the smart city (Block-VN). Block-VN is a reliable and secure architecture that operates in a distributed way to build the new distributed transport management system. We are considering a new network system of vehicles, Block-VN, above them. In addition, we examine how the network of vehicles evolves with paradigms focused on networking and vehicular information. Finally, we discuss service scenarios and design principles for Block-VN.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1994.11a
• /
• pp.108-117
• /
• 1994

본 논문에서는 공개키방식 알고리즘과 대칭키방식 알고리즘을 혼합하여 사용하는 혼합방식 암호시스템 (CHyCK:Certificate-based Hybrid Cryptosystem of KAIST) 의 구현에 대해 설명한다. CHyCK는 전송하고자 하는 메세지를 대칭키 암호알고리즘을 이용해서 암호화하고 이 때에 사용되는 대칭키를 공개키방식으로 암호화하여 상대방에게 암호화된 메세지와 함께 보내게 된다. CHyCK는 공개키방식에서 사용되는 키쌍 중 공개키를 안전하게 가입자에게 분배해 주는 방법으로 인증서기반(certificate-based)방식 을 채택하였다. 또한 이를 위해서는 인증서를 발급해 줄 인증기관(certifying authority)이 필요하게 된다. 그리고 시스템을 구성하는 기본 암호알고리즘들은 기존의 것들 중 적합한 것으로 선택했다. 마지막으로 본 논문에서는 시스템의 안전성을 키분배와 메세지 전송 측면에서 분석했다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.10
• /
• pp.4191-4203
• /
• 2015

WebView is a vital component in smartphone platforms like Android, Windows and iOS that enables smartphone applications (apps) to embed a simple yet powerful web browser inside them. WebView not only provides the same functionalities as web browser, it, more importantly, enables a rich interaction between apps and webpages loaded inside the WebView. However, the design and the features of WebView lays path to tamper the sandbox protection mechanism implemented by browsers. As a consequence, malicious attacks can be launched either against the apps or by the apps through the exploitation of WebView APIs. This paper presents a critical attack called Supplementary Event-Listener Injection (SEI) attack which adds auxiliary event listeners, for executing malicious activities, on the HTML elements in the webpage loaded by the WebView via JavaScript Injection. This paper also proposes an automated static analysis system for analyzing WebView embedded apps to classify the kind of vulnerability possessed by them and a solution for the mitigation of the attack.

• Journal of Information Processing Systems
• /
• v.13 no.5
• /
• pp.1382-1396
• /
• 2017

In this paper, we analyze a recently proposed semi-fragile watermarking scheme based on local binary pattern (LBP) operators, and note that it has a fundamental flaw in the design. In this work, a binary watermark is embedded into image blocks by modifying the neighborhood pixels according to the LBP pattern. However, different image blocks might have the same LBP pattern, which can lead to false detection in watermark extraction process. In other words, one can modify the host image intentionally without affecting its watermark message. In addition, there is no encryption process before watermark embedding, which brings another potential security problem. To illustrate its weakness, two special copy-paste attacks are proposed in this paper, and several experiments are conducted to prove the effectiveness of these attacks. To solve these problems, an improved semi-fragile watermarking based on LBP operators is presented. In watermark embedding process, the central pixel value of each block is taken into account and Arnold transform is adopted to guarantee the security of watermark. Experimental results show that the improved watermarking scheme can overcome the above defects and locate the tampered region effectively.

• Journal of the Korea Computer Industry Society
• /
• v.6 no.3
• /
• pp.457-464
• /
• 2005

Internet becomes absolutely necessary tools due to rapid progress of information technology. Educational correspondence abount an age of information demand is a education focused on a learner and remote education based on information technology. Internal and external standardization working is accelerated and recently XML security studies are activated using XML which is next generation web standard document format. But using these are main contents that users have to pay about Certification service to get CA certificate from 2004 me. This paper propose multiplex Certification remote education agent system using XML digital signature to satisfy security requirement.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.4
• /
• pp.651-660
• /
• 2008

The widespread use of public networks, such as the Internet, for the exchange of sensitive data that need a severe security, like legally valid documents and business transactions. At the same time public-key certificates used for sensitive data interchange form the viewpoint of data integrity and authentication. But there are some weakness of data transfer capacity and security in public key infrastructure(PKI) environment. This paper use the RSA one-way accumulator to realize an efficient and dynamic authenticated dictionary, where untrusted directories provide cryptographically verifiable answers to membership queries on a set maintained by a trusted source.