• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.3
• /
• pp.53-65
• /
• 2010

Conditional Access System (CAS) is a core security mechanism of IPTV SCP (Service and Content Protection) which enables only authenticated user to be able to watch the broadcasting contents. In the past, it was general that CAS was built in Set-Top Box (STB) as hardware or as a detachable cable card. However, numerous researches in Downloadable CAS (DCAS), where users can download CAS code in their STB through their network, have been recently conducted widely due to the lack of security and scalability problem. In this paper, the security requirements of OpenCable based DCAS which is typical example of downloadable IPTV SCP will be derived, the novel authentication and key management scheme will be proposed by using the Authentication Proxy (AP) which is the core DCAS. Also, the benefits of the proposed system will be evaluated by comparison and analysis with preceding research.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.31-40
• /
• 2010

The evolution of internet have opened the world of IPTV. With internet protocol, IPTV broadcasts contents stream. The IP protocol doesn't provide secure service due to IP characteristics. So, it is important to provide both connect and secure service. Conditional Access System and/or Digital Right Management are being used to protect IPTV contents. However, there exist restrictions in the view of security. In this paper, we analyse existing security technologies for IPTV and propose a novel method to enforce security efficiently. In the proposed method, OTP is used for encryption/decryption contents and CAS controls key for encryption/decryption and the right of user. With this scheme, it reduces the load of the system and provides more security.

• Journal of Convergence for Information Technology
• /
• v.11 no.7
• /
• pp.21-30
• /
• 2021

With the development of IoT technology, various cloud computing-based services such as smart cars, smart healthcare, smart homes, and smart farms are expanding. With the advent of a new environment, various problems continue to occur, such as the possibility of exposure of important information such as personal information or company secrets, financial damage cases due to hacking, and human casualties due to malicious attack techniques. In this paper, we propose a message communication protocol for smart home-based secure communication and user data protection. As a detailed process, secure device registration, message authentication protocol, and renewal protocol were newly designed in the smart home environment. By referring to the security requirements related to the smart home service, the stability of the representative attack technique was verified, and as a result of performing a comparative analysis of the performance, the efficiency of about 50% in the communication aspect and 25% in the signature verification aspect was confirmed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.291-307
• /
• 2021

There has been global efforts to prevent the further spread of the COVID-19 and get society back to normal. 'Contact tracing' is a crucial way to detect the infected person. However the contact tracing makes another concern about the privacy violation of the personal data of infected people, released by governments. Therefore Google and Apple are announcing a joint effort to enable the use of Bluetooth technology to help governments and health agencies reduce the spread of the virus, with user privacy and security central to the design. However, in order to provide the improved tracing application, it is necessary to identify potential security threats and investigate vulnerabilities for systematically. In this paper, we provide security analysis of Privacy-Preserving COVID-19 Contact Tracing App with STRIDE and LINDDUN threat models. Based on the analysis, we propose to adopt a verifiable computation scheme, Zero-knowledge Succinctness Non-interactive Arguments of Knowledges (zkSNARKs) and Public Key Infrastructure (PKI) to ensure both data integrity and privacy protection in a more practical way.

• Journal of the Korean Institute of Rural Architecture
• /
• v.24 no.3
• /
• pp.1-11
• /
• 2022

Purpose: This place, which is currently becoming an issue due to historical preservation and landscape protection, is also a place where urban residents around Taereung actually visit often. Thus, this study aims to analyze the importance of the evaluating factors in creating a relatable image of the city. Methods: Evaluation items were selected by reviewing related books and research literatures and reassessing the reviewed items through an expert group interview (FGI). For the selected evaluation items, the relative importance of the evaluation items for the place image was analyzed by applying the hierarchical analysis technique (AHP) to each user group. Result: A place becomes a memory in people's experiences and time, and it has the image and identity of the region where those experiences and memories are found again as a space called "place". The method of analyzing the importance of evaluation items between place images used in this study quantified the factors recognized as abstract images and identified the degree of influence between elements, but has limitation in that it targeted specific places. However, the analysis method on the place image recognition suggests the use of itemized variables for characteristics between place images, so future research on the identity of other place images can be conducted together. Also, the evaluation method of the image that recognizes the place has an objective meaning in that it can measure the image of the place quantitatively. In the future, it can be applied in creating an image forming factor or urban identity for place recognition in many regions

• The Journal of the Convergence on Culture Technology
• /
• v.8 no.6
• /
• pp.455-462
• /
• 2022

This study attempted to examine the problems of the expression and format of native advertisements appearing on various platforms and to prepare a plan to regulate them. To this end, in-depth interviews were conducted to those in charge of advertising practice and examined. First, as a problem with the expression and format of native advertisements, it was considered that the congestion and deception of indiscriminate native advertisements appearing on various platforms could bring negative perceptions to consumers. For the second user's interaction, it was considered that customized advertising expressions through targeting by platform should be produced. Third, regarding the regulation of native advertisements, it was suggested that regulatory measures for consumer protection should be prepared and that market autonomy should be left to it. A strategic operation plan for native advertising according to various platforms should be prepared.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.57-62
• /
• 2022

The recent past has seen a tremendous amount of advancement in the field of Internet of Things (IoT), allowing the influx of a variety of devices into the market. IoT devices are present in almost every aspect of our daily lives. While this increase in usage has many advantages, it also comes with many problems, including and not limited to, the problem of security. There is a need for better measures to be put in place to ensure that the users' data is protected. In particular, fitness trackers used by a vast number of people, transmit important data regarding the health and location of the user. This data is transmitted from the fitness device to the phone and from the phone onto a cloud server. The transmission from device to phone is done over Bluetooth and the latest version of Bluetooth Light Energy (BLE) is fairly advanced in terms of security, it is susceptible to attacks such as Man-in-the-Middle attack and Denial of Service attack. Additionally, the data must be stored in an encrypted form on the cloud server; however, this proves to be a problem when the data must be decrypted to use for running computations. In order to ensure protection of data, measures such as end-to-end encryption may be used. Homomorphic encryption is a class of encryption schemes that allow computations on encrypted data. This paper explores the application of homomorphic encryption for fitness trackers.

• Journal of Aerospace System Engineering
• /
• v.17 no.4
• /
• pp.87-94
• /
• 2023

This paper addresses the installation and modification design of airframe structures for new and modified equipment installations that are essential for aircraft performance improvement. Typical performance improvement equipment mounted on the exterior of the aircraft include antenna, radar, electro-optical/infrared (EO/IR), and self-protection system equipment, which require structural reinforcement, modification, and mounting design of the green aircraft for operation. In the interior of the aircraft, console and rack structures are modified or added according to user operation requirements. In addition, this is accompanied by the installation design of equipment to be replaced and added for performance improvement, and the according modification of environmental control system components for internal cooling. The engineering process and cases in which airworthiness was verified through the detailed design of airframe structures with structural integrity, operability, and maintainability of performance-improved aircraft are presented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.201-210
• /
• 2023

Deep learning-based face verificattion model show high performance and are used in many fields, but there is a possibility the user's face image may be leaked in the process of inputting the face image to the model. Althoughde-identification technology exists as a method for minimizing the exposure of face features, there is a problemin that verification performance decreases when the existing technology is applied. In this paper, after combining the face features of other person, a de-identified face image is created through StyleGAN. In addition, we propose a method of optimizingthe combining ratio of features according to the face verification model using HopSkipJumpAttack. We visualize the images generated by the proposed method to check the de-identification performance, and evaluate the ability to maintain the performance of the face verification model through experiments. That is, face verification can be performed using the de-identified image generated through the proposed method, and leakage of face personal information can be prevented.

• Journal of Convergence for Information Technology
• /
• v.12 no.3
• /
• pp.38-45
• /
• 2022

Due to the development of fintech technology, financial transactions using smart phones are being activated. The password for user authentication during financial transactions is entered through the virtual keypad displayed on the screen of the smart phone. When the password is entered, the attacker can find out the password by capturing it with a high-resolution camera or spying over the shoulder. A virtual keypad with security applied to prevent such an attack is difficult to input on a small touch-screen, and there is still a vulnerability in peeping attacks. In this paper, the entire keypad is divided into several groups and displayed on a small screen, touching the group to which the character to be input belongs, and then touching the corresponding character within the group. The proposed method selects the group to which the character to be input belongs, and displays the keypad in the group on a small screen with no more than 10 keypads, so that the size of the keypad can be enlarged more than twice compared to the existing method, and the location is randomly placed, hence location of the touch attacks can be blocked.