• Journal of Korea Multimedia Society
• /
• v.14 no.2
• /
• pp.228-237
• /
• 2011

The risk of leakage or theft of critical data which is stored in database is increasing in accordance with evolution of information security paradigm. At the same time, needs for database security have been on the rapid increase due to endless leakage of massive personal information. The existing technology for prevention of internal information leakage possesses the technical limitation to achieve security goal completely, because the passive control method including a certain security policy, which allows the only authorized person to access to DBMS, may have a limitation. Hence in this study, we propose Query Signature System which signatures the queries accessing to the critical information by interrupting and passing them. Furthermore this system can apply a constant security policy to organization and protect database system aggressively by restricting critical query of database.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.7
• /
• pp.325-330
• /
• 2017

Bluetooth 4.0 is a technology suitable for the Internet of things that is used for communication between various devices. This technology is suitable for developing a service by combining with automobiles. In this study, a security authentication system was designed by linking Bluetooth 4.0 technology and a vehicle system as an implementation example of an object internet service. A procedure was designed for security authentication and an authentication method is proposed using a data server. When the security authentication function is provided, various additional services can be developed using the information collection function of the risk notification and user action history. In addition, BLE (Bluetooth Low Energy) technology, which is a wireless communication technology that enables low-power communication and low-power communication in the process of the standardization and development of Bluetooth technology and technology, improves the battery life through the use of RFID or NFC This study expanded the range possible. The security service can be extended by expanding the scope of authentication by the contactless type. Using the proposed system, a customized service can be provided while overcoming the problems of an existing radio frequency (RF)-based system, portability, and battery usage problem.

• Journal of Navigation and Port Research
• /
• v.36 no.1
• /
• pp.1-7
• /
• 2012

A concept of the "e-Navigation" was introduced in 2005 and implementation strategies are under way by IMO/IALA in the maritime safety area. Specially VTS is an important maritime traffic monitoring and aids to navigation system which is aims to improve safety, navigation efficiency and protect the marine environment. The demand of the inter-VTS networking has been increased and standardization is underway for realization of shore side collaboration for maritime safety in IALA. But there may be security problems in the inter-VTS networks if they have not proper security mechanism. The hacking of realtime ship position and sensitive maritime surveillance information caused a critical accident of vessel, human life and environment by terrorist. This paper aims to design of a secure inter-VTS network structure and related security protocol for secure sharing of sensitive maritime data.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.3
• /
• pp.568-577
• /
• 2017

IEEE Std 1609.2 was defined for the support of communication security functions in the WAVE (Wireless Access in Vehicular Environments) system. IEEE Std 1609.2 defined the message structures of the security services and managements on the vehicular communication by using ASN.1 (Abstract Syntax Notation One). Also, this security message structures shall be encoded using the COER (Canonical Octet Encoding Rules). In this paper, we designed and implemented the IEEE Std 1609.2 message encoder/decoder handling the security messages defined in IEEE Std 1609.2. The designed encoder/decoder consists of three modules as follows : a module generating the message of C language data structures in accord with IEEE Std 1609.2 message structures, a message encoder module, a message decoder module. And the encoder/decoder was implemented on the Linux environment. Also we analyzed the performance by measuring the performance speed of the encoder/decoder implemented.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.5
• /
• pp.131-136
• /
• 2016

In this paper, we propose an Raspberry Pi2-based smart home security monitoring system. Proposed home security monitoring system was configured using a relatively tractable main processor raspberry pi2, ultrasonic sensors, and PIR sensors. In addition, The picamera is compatible with raspberry pi2 was connected to the servo motor. And by driving the attacker's location the video was recording. The Web server stores data of the recorded image and the sensor, and provides a web page to enable the monitoring at all remote locations. When examining efficiency of proposed home security monitoring system it was found that proposed system is easier to be made than existing home security system and is able to minimize the blind spot of the camera by using servo motor and is efficient and convenient and stable as it enables a user to handle an error in person and it uses reliable data.

• The Journal of Korean Association of Computer Education
• /
• v.14 no.1
• /
• pp.55-67
• /
• 2011

Due to recent various online problems, the necessity of information security education has increased. The information security education was strengthened thanks to the informatics curriculum of middle school in 2007, but the educational fields lacked detailed educational materials that could be utilized. Thus to give appropriate information security education for elementary and middle school students, this research developed an unplugged activity for them. The activity was designed by applying Lickona's integrated ethical model and design patterns of unplugged activities, and developed through expert's review and pilot tests targeted to elementary school students. Developed activity was applied to 21 middle school students and the usability was evaluated. As results, first, the activity showed similar expectations from the previous activities. Second, persistence was also similar or higher compared to the previous activities, so the activity developed from this research secured the minimum usability. The unplugged activity developed from this research would give implications in producing various educational contents for information security education.

• Journal of Korea Multimedia Society
• /
• v.7 no.1
• /
• pp.91-97
• /
• 2004

As the electronic commercial transaction is being transacted by contents which can get an illegal intrusion from the outside, we sincerely require security for them. We must consider a protection countermeasure about intrusion from protection of the passive form to protection intrusion of the active one. So the security is required against hackers illegality intrusion into the contents. As soon as the intrusion happens about the contents, the tools providing the monitor of contents are required to minimize the damage to the systems. Modified web contents detection system in this paper prevents the loss of resources and manpower required through individually monitoring on the web. Also, this paper offers rapid support of security that it analyzes the weakness of contents security of the web environment and the cause of the problem with the leakage of information. So this system has the pur pose of protecting the weakness of contents security and the leakage of information.

• The KIPS Transactions:PartC
• /
• v.12C no.6 s.102
• /
• pp.817-826
• /
• 2005

BcN(Broadband convergence Network) is being developed in order to support a variety of network applications, with enhanced capabilities of QoS(Quality of Service) provisioning and security, and IPv6. In a high-speed network environment such as BcN, it if more likely for the network resources to be exposed to various intrusion activities. The propagation speed of intrusion is alto expected to be much faster than in the existing Internet In this paper, we present a multi-domain security management framework which my be used for a global intrusion detection at multiple domains of BcN and describe its characteristics. For the performance evaluation, we first present test results for the security node and compare with other products. Then we design and Implement an OPNET simulator for the proposed framework, and present some simulation results. In the simulation model, we focus on the performance of alert information in the security overlay network.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.2
• /
• pp.49-54
• /
• 2016

In this paper, we propose an Arduino-based effective home security monitoring system. Proposed home security monitoring system consists of arduino which is inexpensive main processor, ultrasonic sensor and human body detection sensor to detect whether someone breaks into home. Data from ultrasonic sensor and human body detection sensor are transmitted to web server via ethernet shield connected to arduino. Web server checks whether someone breaks into home by using stored data from ultrasonic sensor and human body detection sensor. Snapshot is photographed via webcam connected by using JQuery. Photographed snapshot is stored in web server as image file. A user can monitor in web or smart device environment by using HTML5, CSS and Canvas. When examining efficiency of proposed home security monitoring system, it was found that proposed system is easier to be made than existing home security system and is cost effective by using arduino and is efficient and convenient and stable as it enables a user to handle an error in person and it uses reliable data.

• The Journal of Society for e-Business Studies
• /
• v.22 no.2
• /
• pp.99-121
• /
• 2017

Standard makers in both private and public sectors have been increasingly mandating security standards upon organizations to protect organizational digital assets. A major issue in security standardization is that standards often cannot regulate all possible security efforts by the standard maker because some efforts are unverifiable by nature. This paper studies from an analytical perspective how a standard maker should design the standard using a verifiable security control in the presence of another related unverifiable one. We compare it with two benchmark standards; $na{\ddot{i}}ve$-standard which refers to the standard maker who ignores the existence of the unverifiable control, and complete-information standard which refers to the maker sets standards on both controls. Optimal standard and benchmark standard depend critically on how the two controls are configured. Under parallel configuration, the existence of the unverifiable control induces the policy maker to set a higher standard (the complete-information standard is optimal); under serial configuration, a lower standard is applied (neither benchmark works). Under best-shot configuration and if the verifiable control is more cost-efficient, the existence of the unverifiable control has no impact on the optimal standard (the $na{\ddot{i}}ve$ standard is optimal).