• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.906-909
• /
• 2013

The Semantic Web is leading us to a world of information sharing by enabling distributed knowledge aggregation and creation. RDF is the foundations of the Semantic Web. For secure Semantic web we need to secure RDF as well. Unauthorized access to an RDF document can change or damage its semantics or manipulate the relations between resources. This article includes the study of RDF security issues and analysis of the existing solutions. After finding limitations of existing solution, a hybrid approach has been proposed.

• International Journal of Computer Science & Network Security
• /
• v.22 no.2
• /
• pp.139-144
• /
• 2022

The smart cities are evolving constantly and are responsible for the current transformation of cities and countries into a completely connected network of information and technology This interconnected network of a huge number of smart devices is capable of exchanging complex information and provides tremendous support including enhanced quality of life within urban locations. Unfortunately this set-up is vulnerable to security attacks and requires the widespread ubiquitous network to authorize access through privacy and thus offer security in order to ensure civilian participation in a country. The smart network should benefit the individuals of the country by developing potential strategies to protect the smart cities and their participating entities from the unauthorized attacks. Trustworthy data sharing strategies based on the utilization of advanced technology features via smart communication network could solve some issues of privacy and security. This paper presents the challenges and issues related to protection and highlights the important aspects of securing the smart cities and its components. It also presents the role of cloud security for building a secure smart city.

• International Journal of Computer Science & Network Security
• /
• v.23 no.11
• /
• pp.110-116
• /
• 2023

Data confidentiality refers to the characteristic that information kept undisclosed or hidden from unauthorized parties. It considered a key security requirement in current supply chain management (SCM) systems. Currently, academia and industry tend to adopt blockchain and IoT technologies in order to develop efficient and secure SCM systems. However, providing confidential data sharing among these technologies is quite challenging due to the limitations associated with blockchain and IoT devices. This review paper illustrates the importance of preserving data confidentiality in SCM systems by highlighting the state of the art on confidentiality-preserving methodologies in the context of blockchain based IoT-SCM systems and the challenges associated with it.

• Journal of Korea Port Economic Association
• /
• v.39 no.3
• /
• pp.1-19
• /
• 2023

After being kept in bonded areas and bonded logistics warehouses, the level of information sharing and progress confirmation on the process until the cargo is released is insufficient, resulting in disputes and legal disputes related to unauthorized and illegal delivery of cargo. This study attempted to present the introduction of standard electronic documents as a way to solve problems such as delivery practices raised in the delivery of existing imported cargo and legal disputes related to unauthorized illegal delivery among import-related entities. The service provider who manages the bonded warehouse/logistics center in the hinterland of Busan New Port and the shipper service user who use the service were classified into two groups, and a survey was conducted to analyze the difference in perception between the two groups. As a result of the analysis, both groups judged that the introduction of standard electronic documents was necessary, and showed high expected effects in preventing and reducing erroneous shipments and preventing and improving unauthorized and illegal shipments. Discussions between related organizations, related parties, and subjects are needed first to introduce standard electronic documents of the entry and warehouse management system, and the actual participation of related entities such as service providers and service users will play a very important role in establishing the system.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.58 no.5
• /
• pp.898-904
• /
• 2009

The objective of the present study lies in constructing web-based GIS system providing broad range of information applicable for power/telecommunications distribution facilities through cable. Nowadays, Korea is renowned forits faste sttele communications network across the nation enjoyable for being a test-runbed by worldwide contents providers. It is not too much to say that the trend is caused by the fact that Korea utilizes the cobweb-like power transmission cables applicable for the nationwide telecommunications networking. In particular, the trend has been all the more encouraged by the governmental drive to expedite the telecommunication network by way of the established power transmission facilities deemed as publicutility. Nevertheless, few can deny that the overexcessive competition among telecommunication service providers increasingly gives rise to unauthorized, arbitrary facilitation of distribution devices, which becomes much burden in operating the normal power/telecommunications distribution facilities by a power-generating company. In this regard, the study, to cope with such problems, attempts to develop a web GIS-based information management system compatible with NDIS(New Distribution Information System), a distribution facility management system now under operation by KEPCO, making advantage of GE Energy's SIAS(Smallworld Internet Application) technology. The model provided by this study is expected to get closer into effective operation of distribution facilities along with better sharing of information among conventional telecommunications operators, while getting rid of infringed facilitation cases

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.6 no.4
• /
• pp.39-52
• /
• 1996

Networking revolution provides users with data and resources sharing, distributed processing, and computer communication in cyberspace. However, users may use computers as a way of unauthorized access, system destruction, and leakage of the stored data. In recent trend, incresing of hacking instances which are from domestic as well as abroad reaches to the level of seriousness. It, therefore, is required to develop a secure system for the National Depense computing resources and deploy in practice in the working field as soon as possible. In this paper, we focuss on finding the security requirements of a network and designing Intrusion Detection System using statical intrusion detection and rule-based intrusion detection analysis through accumulating audit data.

• International Journal of Computer Science & Network Security
• /
• v.24 no.6
• /
• pp.153-160
• /
• 2024

Information technology plays an important role in healthcare. The cloud has several applications in the fields of education, social media and medicine. But the advantage of the cloud for medical reasons is very appropriate, especially given the large volume of data generated by healthcare organizations. As in increasingly health organizations adopting towards electronic health records in the cloud which can be accessed around the world for various health issues regarding references, healthcare educational research and etc. Cloud computing has many advantages, such as "flexibility, cost and energy savings, resource sharing and rapid deployment". However, despite the significant benefits of using the cloud computing for health IT, data security, privacy, reliability, integration and portability are some of the main challenges and obstacles for its implementation. Health data are highly confidential records that should not be made available to unauthorized persons to protect the security of patient information. In this paper, we discuss the privacy and security requirement of EHS as well as privacy and security issues of EHS and also focus on a comprehensive review of the current and existing literature on Electronic health that uses a variety of approaches and procedures to handle security and privacy issues. The strengths and weaknesses of some of these methods were mentioned. The significance of security issues in the cloud computing environment is a challenge.

• The KIPS Transactions:PartC
• /
• v.14C no.3 s.113
• /
• pp.239-254
• /
• 2007

Ubiquitous computing supports environment to freely connect to network without restrictions of place and time. This environment enables easy access and sharing of information, but because of easy unauthorized accesses, specified security policy is needed. Especially, ubiquitous sensor network devices use limited power and are small in size, so, many restrictions on policies are bound to happen. This paper proposes double-key based light weight security protocol, independent to specific sensor OS, platform and routing protocol in ubiquitous sensor network. The proposed protocol supports safe symmetric key distribution, and allows security manager to change and manage security levels and keys. This had a strong merit by which small process can make large security measures. In the performance evaluation, the proposed light weight security protocol using double-key in ubiquitous sensor network allows relatively efficient low power security policy. It will be efficient to ubiquitous sensor network, such as smart of ace and smart home.

• Journal of Convergence for Information Technology
• /
• v.8 no.5
• /
• pp.69-75
• /
• 2018

The purpose of access control is to prevent computing resources from illegal behavior such as leakage, modification, and destruction by unauthorized users. As the cloud computing environment is expanded to resource sharing services using virtualization technology, a new security model and access control technique are required to provide dynamic and secure cloud-based computing services. The virtualization management convergence access control model provides a flexible user authorization function by applying the dynamic privilege assignment function to the role based access control mechanism. In addition, by applying access control mechanism based on security level and rules, we solve the conflict problem in virtual machine system and guarantee the safeness of physical resources. This model will help to build a secure and efficient cloud-based virtualization management system and will be expanded to a mechanism that reflects the multi-level characteristics.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.705-715
• /
• 2017

Today, the world is evolving into a huge community that can communicate with real-time information sharing and communication based on the rapid advancement of scientific technology and information. Behind this information, the adverse effects of information assets, such as hacking, viruses, information assets, and unauthorized disclosure of information assets, are continually increasing as a serious social problem. Each time an infringement of the invasion and personal information leaks occur, many regulatory policies have been announced, including stricter regulations for protecting the privacy of the government and establishing comprehensive countermeasures. Also, companies are making various efforts to increase awareness of the importance of information security. Nevertheless, information security accidents like the leaks of industrial secrets are continuously occurring and the frequency is not lessening. In this thesis, I proposed a customized security policy methodology that supports users with various business circumstances and service and also enables them to respond to the security threats more confidently and effectively through not a monotonous and technical but user-centered security policy.