• Journal of Information Processing Systems
• /
• v.6 no.2
• /
• pp.185-196
• /
• 2010

This paper proposes a personal information protection model that allows a user to regulate his or her own personal information and privacy protection policies to receive services provided by a service provider without having to reveal personal information in a way that the user is opposed to. When the user needs to receive a service that requires personal information, the user will only reveal personal information that they find acceptable and for uses that they agree with. Users receive desired services from the service provider only when there is agreement between the user's and the service provider's security policies. Moreover, the proposed model utilizes a mobile agent that is transmitted from the user's personal space, providing the user with complete control over their privacy protection. In addition, the mobile agent is itself a self-destructing program that eliminates the possibility of personal information being leaked. The mobile agent described in this paper allows users to truly control access to their personal information.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.11
• /
• pp.4720-4738
• /
• 2015

Proper management on user-driven virtual circuits (VCs) is essential for seamless operation of virtual networks. The Network Provisioning System (NPS) is useful software for creating user-driven VCs automatically and must take fault management into account for physical layer impairments on user-driven VCs. This paper addresses a user-driven and trusty protection management in an NPS with an open standard Network Service Interface (NSI), as a contribution to show how to implement the user-driven and trusty protection management required for user-driven VCs. In particular, it provides a RESTful web service Interface for Configuration and Event management (RICE) that enable management of a distinguished data and control plane VC status between Network Service Agents (NSAs) in the event of a node or link fault and repair in a domain. This capability represents a contribution to show how network and protection events in a domain can be monitored between NSAs (NPSs with the NSI) in multiple domains. The implemented NPS controls and manages both the primary and backup VC with disjoint path in a user-driven manner. A demonstration to verify RICE API's capability is addressed for the trusty protection in the dynamic VC network.

• Journal of Legislation Research
• /
• no.44
• /
• pp.103-153
• /
• 2013

This article aims at the legislation of User-Protection Act in area of ICT. In these days telecommunication and broadcasting are getting more and more convergent. The paradigm of ICT is turning over from the service provider to the end-user. User protection has been in each erea of ICT (C-P-N-D) individually regulated. In the area of telecommunication it is important to protect the interest of user, who stands in contract with the service provider. And in area of broadcasting it is important to protect the interest of viewers, who stands "gratis" with the broadcasters without any contracts. For the more efficient user-protection it is also necessary to make a dedicated organization under KCC(Korean Communications Committee). In this early year the government organization was divided into MSIP(Ministry of Science, ICT and future planing) and KCC. The user-protection act will be very important instrument of ICT regulation in the era of creative economy. It is necessary to establish a new frame act of user protection. It is also necessary to make start to establish a new system of user education in erea of ICT. It is strongly expected the new act will be a turning point of ICT development in Korea.

• ETRI Journal
• /
• v.37 no.2
• /
• pp.369-379
• /
• 2015

Fault management of virtualized network environments using user-driven network provisioning systems (NPSs) is crucial for guaranteeing seamless virtual network services irrespective of physical infrastructure impairment. The network service interface (NSI) of the Open Grid Forum reflects the need for a common standard management API for the reservation and provisioning of user-driven virtual circuits (VCs) across global networks. NSI-based NPSs (that is, network service agents) can be used to compose user-driven VCs for mission-critical applications in a dynamic multi-domain. In this article, we first attempt to outline the design issues and challenges faced when attempting to provide mission-critical applications using dynamic VCs with a protection that is both user-driven and trustworthy in a dynamic multi-domain environment, to motivate work in this area of research. We also survey representative works that address inter-domain VC protection and qualitatively evaluate them and current NSI against the issues and challenges.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• v.2
• /
• pp.77-82
• /
• 2006

Integrity plays a fundamental role in the feasibility of 'liability critical' applications. Road charging, e.g. road tolling in urban zones or on highways, represents a series of liability critical applications where a guarantee in integrity could be a true enabler: being the mechanism that prevents the incorrect charging of users and enabling the advancement of these applications using GNSS such as Galileo and EGNOS that provide integrity mechanisms. However, the integrity of the end user position is not guaranteed by the EGNOS and Galileo integrity services alone as provided. Algorithms have been developed to supply a guarantee on the performance attainable at the user level through the provision of a horizontal protection level that responds to local user conditions such as multipath or interference. In addition, an application has been developed that implements road charging mechanisms based on the availability of user-level integrity. Results obtained show that the user-level integrity algorithms provided the required level of integrity guarantee and granularity of the horizontal protection levels necessary for executing urban and rural (highway) road charging. In addition, the road charging application developed shows that the current application domain requirements can be met through the provision of guaranteed integrity and that further reductions in the horizontal protection levels along with increased signal availability will enable future road charging modalities.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.13 no.4
• /
• pp.187-194
• /
• 2018

The operating system for IoT should have a small memory footprint and provide low power state, real-time, multitasking, various network protocols, and security. Although the Zephyr kernel, an operating system for IoT, released by the Linux Foundation in February 2016, has these features but errors generated by the user code can generate fatal problems in the system because the Zephyr kernel adopts a single-space method that both the user code and kernel code execute in the same space. In this research, we propose a space separation method, which separates kernel space and user space, to solve this problem. The space separation that we propose consists of three modifications in Zephyr kernel. The first is the code separation that kernel code and user code execute in each space while using different stacks. The second is the kernel space protection that generates an exception by using the MPU (Memory Protection Unit) when the user code accesses the kernel space. The third is the SVC based system call that executes the system call using the SVC instruction that generates the exception. In this research, we implemented the space separation in Zephyr v1.8.0 and evaluated safety through abnormal execution of the user code. As the result, the kernel was not crashed by the errors generated by the user code and was normally executed.

• Proceedings of the KAIS Fall Conference
• /
• 2003.11a
• /
• pp.207-210
• /
• 2003

For the effective use of information in the information society, information should be protected and outflow of information by illegal users should be prevented. This study sets up user authentication policy, user authentication regulations and procedures for information protection and builds information protection key distribution center and encryption user Authentication system, which can protect information from illegal users.

• Journal of Korea Multimedia Society
• /
• v.7 no.7
• /
• pp.934-943
• /
• 2004

In this paper, we propose cookie protection-key management system for cookie protection and maintain separate cookie protection-key of each user. We provide integrity, confidentiality, and user authentication of cookie by using registered cookie protection-key and applying encryption techniques. And, we use the technique for hiding the URL of an internal document to a user to minimize the problem of its exposure. When this system is applied to the intranet of an enterprise, it will be able to provide a security to cookie and minimize the problem of internal document exposure by an internal user.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.9
• /
• pp.4771-4787
• /
• 2019

Aimed at the disclosure risk of mobile terminal user's location privacy in location-based services, a location-privacy protection scheme based on similar trajectory substitution is proposed. On the basis of the anonymized identities of users and candidates who request LBS, this scheme adopts trajectory similarity function to select the candidate whose trajectory is the most similar to user's at certain time intervals, then the selected candidate substitutes user to send LBS request, so as to protect user's privacy like identity, query and trajectory. Security analyses prove that this scheme is able to guarantee such security features as anonymity, non-forgeability, resistance to continuous query tracing attack and wiretapping attack. And the results of simulation experiment demonstrate that this scheme remarkably improve the optimal candidate' trajectory similarity and selection efficiency.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.05a
• /
• pp.636-639
• /
• 2013

With the development and rapid growth of cloud computing, lots of application services based on cloud computing have been developed. In addition, cloud-based DRM systems have been developed to support those services' copyright and privacy protection. In this paper, we propose a new cloud-based user-friendly DRM system, which allows users to execute the same contents bought at most n times at any devices with license enforcement, which checks the validation of licenses before every execution, having no smart card, which has to carry a smart card reader that seems troublesome to a user, and providing the copyright and privacy protection.