• The Journal of Society for e-Business Studies
• /
• v.5 no.1
• /
• pp.55-73
• /
• 2000

Recently; EC(Electronic Commerce) is increasing with high speed based on the expansion of Internet. EC which is done on the cyber space through Internet has strong point like independence from time and space. On the contrary, it also has weak point like security problem because anybody can access easily to the system due to open network attribute of Internet. Therefore, we need the solutions that protect the security problem for safe and useful EC activity. One of these solutions is the implementation of strong cipher algorithm. NC(Nonpolynomial Complete) cipher algorithm proposed in this paper is good for the security and it overcome the limit of current 64bits cipher algorithm using 128bits key length for input, output and encryption key, Moreover, it is designed for the increase of calculation complexity and probability calculation by adapting more complex design for subkey generation regarded as one of important element effected to encryption. The result of simulation by the comparison with other cipher algorithm for capacity evaluation of proposed NC cipher algorithm is that the speed of encryption and decryption is 7.63 Mbps per block and the speed of subkey generation is 2,42 μ sec per block. So, prosed NC cipher algorithm is regarded as proper level for encryption. Furthermore, speed of subkey generation shows that NC cipher algorithm has the probability used to MAC(Message Authentication Code) and block implementation of Hash function.

• The Journal of the Korea Contents Association
• /
• v.6 no.3
• /
• pp.85-92
• /
• 2006

Problem-Based Learning(PBL) is one of constructionism's model which is learner-centered learning. In this paper, a role-play base PBL using character is proposed to study importance of information security. It is different from the other PBL models in that it reflects the characteristics of learners, learning task. And it is learning support system which the learners preside their own learning activities using Internet and mobile devices. By experimental result showed that proposed method was more effective than traditional teacher-oriented teaching method about information security in self-directed learning, cooperative learning, contents-making and attraction.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.11
• /
• pp.8057-8063
• /
• 2015

It is expected that internet of things can be used for various fields such as smart home, smart building and smart city as the representative case of ICT that sensor, communication and interface technologies operate organically and the researches of the technologies regarding internet of things are being carried out in each countries worldwide. However, many problems rise against internet of things continuously in respect of security. Among them, the problem of privacy is the one that should be solved definitely regarding internet of things. If user data does not remain during the process of user authentication, such the privacy problem can be solved. In this paper, we propose the framework of user authentication based on OAuth that is suitable for the environment of internet of things that can solve privacy problem and analyze its security.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.12
• /
• pp.3352-3365
• /
• 2012

Group key agreement (GKA) is a cryptographic primitive allowing two or more users to negotiate a shared session key over public networks. Wu et al. recently introduced the concept of asymmetric GKA that allows a group of users to negotiate a common public key, while each user only needs to hold his/her respective private key. However, Wu et al.'s protocol can not resist active attacks, such as fabrication. To solve this problem, Zhang et al. proposed an authenticated asymmetric GKA protocol, where each user is authenticated during the negotiation process, so it can resist active attacks. Whereas, Zhang et al.'s protocol needs a partially trusted certificate authority to issue certificates, which brings a heavy certificate management burden. To eliminate such cost, Zhang et al. constructed another protocol in identity-based setting. Unfortunately, it suffers from the so-called key escrow problem. In this paper, we propose the certificateless authenticated asymmetric group key agreement protocol which does not have certificate management burden and key escrow problem. Besides, our protocol achieves known-key security, unknown key-share security, key-compromise impersonation security, and key control security. Our simulation based on the pairing-based cryptography (PBC) library shows that this protocol is efficient and practical.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.5
• /
• pp.165-176
• /
• 2004

Al-Riyami and Paterson$^{[1]}$ suggested the new public key paradigm which is called the certificateless public key system. This system takes the advantages of both traditional PKC and ID-based PKC. It does not require the use of certificates of the public key and does not have the key escrow problem caused from the ID-based cryptosystem. In this paper, we propose an efficient certificateless public key encryption scheme which satisfies mutual authentication. The security of our protocol is based on the hardness of two problems; the computational Diffie-Hellman problem(CDHP) and the bilinear Diffie-Hellman problem(BDHP). We also give a formal security model for both confidentiality and unforgeability, and then show that our scheme is probably secure in the random oracle model.

• Convergence Security Journal
• /
• v.14 no.7
• /
• pp.59-64
• /
• 2014

We investigate $p(n){\cdot}2^{O(\sqrt{n})}$ algorithm for 0/1 knapsack problem where x is the total bit length of a list of sizes of n objects. The algorithm is adaptable of method that achieves a similar complexity for the partition and Subset Sum problem. The method can be applied to other optimization or decision problem based on a list of numerics sizes or weights. 0/1 knapsack problem can be used to solve NP-Complete Problems with pseudo-polynomial time algorithm. We try to apply this technique to bio-informatics problem which has pseudo-polynomial time complexity.

• Journal of the Korean Society of Safety
• /
• v.11 no.2
• /
• pp.150-159
• /
• 1996

In this paper, an A-team(Asynchronous Team ) based approach for Reactive power and volage control considering static security assessment in a power system with infrastructural deficiencies is proposed. Reactive power and voltage control problem is the one of optimally establishing voltage level given several constraints such as reactive generation, voltage magnitude, line flow, and other switchable reactive power sources. It can be formulated as a mixed-integer linear programming(MILP) problem without deteriorating of solution accuracy to a certain extent. The security assessment is to estimate the relative robustness of the system in Its present state through the evaluation of data provided by security monitoring. Deterministic approach based on AC load flow calculations is adopted to assess the system security, especially voltage security. A security metric, as a standard of measurement for power system security, producting a set of discrete values rather than binary values, is employed. In order to analyze the above two problems, reactive power/voltage control problem and static security assessment problem, in an integrated fashion for real-time operations, a new organizational structure, called an A-team, is adopted. An A-team is an organization for agents which ale all autonomeus, work in parallel and communicate asynchronously, which is well-suited to the development of computer-based, multi-agent systems for operations. This A-team based approach, although it is still in the beginning stage, also has potential for handling other difficult power system problems.

• Korean Security Journal
• /
• no.14
• /
• pp.389-412
• /
• 2007

This study's purpose is to present the improvement of effectiveness of security activity for international conference which can be held hereafter. On the basis of security activity problems originating in APEC that had been held in Pusan in 2005. I made up questions three times to on the members of the police, military, fire figher and Busan city civil servants who had participated in Busan APEC and recognition of possible problem and possibility of improvement on each item of questions was analyzed by Delphi Method. Also interviews with 4 security experts selected from each security agency were conducted to present improvement in each part of problem. The study result is as follows; First, the satisfactory cooperation between security agencies and self-governing body is needed for the basis of security activity in preparatory stage. Second, examining thoroughly security activity by function in activity stage. Third, giving full play to their genius by close cooperation between security agencies and self-governing body in enfourcement stage. Fourth, provision for events after this on the basis of effective estimation system in evaluation stage.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.6 no.1
• /
• pp.90-96
• /
• 2011

In this paper, we propose a new discrete logarithm problem(DLP) based on the class semigroups of imaginary quadratic non-maximal orders using the special character of non-invertible ideal and analysis its security. To do this, we first explain the mathematical background explicitly and prove some properties of Cls (O) which relate to constructing the DLP and guaranteeing the security. To test the security of the proposed DLP, we compare the class number of the maximal order with that of the non-maximal order and investigate the unique factorization problems of ideals between class groups of the maximal orders and class semigroups of non-maximal orders to ensure the security of the cryptosystem.

• Convergence Security Journal
• /
• v.15 no.7
• /
• pp.85-96
• /
• 2015

In IT system, logs are an indicator of the previous key events. Therefore, when a security problem occurs in the system, logs are used to find evidence and solution to the problem. So, it is important to ensure the integrity of the stored logs. Existing schemes have been proposed to detect tampering of the stored logs after the key has been exp osed. Existing schemes are designed separately in terms of log transmission and storage. We propose a new log sys tem for integrating log transmission with storage. In addition, we prove the security requirements of the proposed sc heme and computational efficiency with existing schemes.