• Journal of the Korea Convergence Society
• /
• v.10 no.10
• /
• pp.21-26
• /
• 2019

At present, it is indispensable to utilize data as an information society. Therefore, the database is used to manage large amounts of data. In real life, most of the data in a database is the personal information of a group of members. Because personal information is sensitive data, the role of the database administrator who manages personal information is important. However, there is a growing number of attacks on databases to use this personal information in a malicious way. SQL Injection is one of the most known and old hacking techniques. SQL Injection attacks are known as an easy technique, but countermeasures are easy, but a lot of efforts are made to avoid SQL attacks on web pages that require a lot of logins, but some sites are still vulnerable to SQL attacks. Therefore, this study suggests effective defense measures through analysis of SQL hacking technology cases and contributes to preventing web hacking and providing a secure information communication environment.

• Korean Medical Education Review
• /
• v.25 no.2
• /
• pp.84-101
• /
• 2023

Longitudinal data can provide important evidence with the potential to stimulate innovation and affect policies in medical education and can serve as a driving force for further developments in medical education through evidence-based decisions. Tracking and observing cohorts of students and graduates using longitudinal data can be a way to link the past, present, and future of medical education. This study reviewed practical methods and technical, administrative, and ethical considerations for the establishment and operation of a longitudinal database and presented examples of longitudinal databases. Cohort study design methods and previous examples of research using longitudinal databases to explore major topics in medical education were also reviewed. The implications of this study are as follows: (1) a systematic design process is required to establish longitudinal data, and each university should engage in ongoing deliberation about this issue; (2) efforts are needed to alleviate "survey fatigue" among respondents and reduce the administrative burden of those conducting data collection and analysis; (3) it is necessary to regularly review issues of personal information protection, data security, and ethics regarding the survey respondents; and (4) a system should be established that integrates and manages a longitudinal database of medical education at the national level. The hope is that establishing longitudinal data and cohorts at individual medical schools will not be a temporary phenomenon, but rather that they will be well utilized at the national level to innovate and implement ongoing changes in medical education.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.48 no.5
• /
• pp.88-98
• /
• 2011

Recently, according as the importance of GIS(geography information system) database security is embossed, much researches had been achieved about GIS network security. But most such researches are weak against sourceful illegal reproductions and distributions of GIS vector data map. In this paper, we proposed an efficient layer unit contents based partial encryption technique in the vector map compression domain to prevent illegal distributions and unauthorized accesses. This method achieves a partial encryption about each central coordinate and directional parameters of a MCA(minimum coding attribute) that is created at the vector map compression processing in the vector space. First, the position encryption is applied as permutating randomly the center coordinate of each record that is minimum unit of vector map shape. And second, the direction encryption that changing shapes of vector map topography is applied as encrypting the direction of vertices's coordinates of each record. In experimental results, we confirmed that our proposed method can encipher the large volumed vector map data effectively in low computational complexity. Also, we could minimize the decline of compression efficiency that occurred by conventional contents based encryption schemes using AES or DES algorithms.

• Journal of Korea Multimedia Society
• /
• v.15 no.6
• /
• pp.805-813
• /
• 2012

In this paper, we have designed and developed a middleware for an effectively approaching database to the existed brain disease clinical research system. The brain disease clinical research system was consisted of two parts i.e., a register and an analyzer. Since the register collects the registration data the analyzer yields a statistical data which based on the diverse variables. The middleware has designed to database management and a large data query processing of clients. By separating the function of each feature as a module, the module which was weakened connectivity between functionalities has been implemented the re-use module. And image data module used a new compression method from image to text for an effective management and storage in database. We tested the middleware system using 700 actual clinical medical data. As a result, the total data transmission time was improved maximum 115 times faster than the existing one. Through the improved module structures, it is possible to provide a robust and reliable system operation and enhanced security functionality. In the future, these middleware importances should be increased to the large medical database constructions.

• Journal of Korea Multimedia Society
• /
• v.16 no.8
• /
• pp.914-926
• /
• 2013

Among the recent security systems, security system with fingerprint recognition gets many people's interests through the strengths such as exclusiveness, convenience, etc, in comparison with other security systems. The most important matters for fingerprint recognition system are reliability of matching between the fingerprint in database and user's fingerprint and rapid process of image processing algorithms used for fingerprint recognition. The existing fingerprint recognition system reduces the processing time by removing some processes in the feature extraction algorithms but has weakness of a reliability. This paper realizes the fingerprint recognition algorithm using MAMS(Multi-Access Memory System) for both the rapid processing time and the reliability in feature extraction and matching accuracy. Reliability of this process is verified by the correlation between serial processor's results and MAMS-PP64's results. The performance of the method using MAMS-PP64 is 1.56 times faster than compared serial processor.

• Journal of the Korea Society for Simulation
• /
• v.28 no.4
• /
• pp.67-74
• /
• 2019

As the market for Internet of Things (IoT) service grows, the security issue of the data from IoT devices becomes more important. In this paper, we implemented a cryptographic library for confidentiality of sensor data from Android Things based IoT services. The library made use of the SEED algorithm for encryption/decryption of data and we verified the library by implementing a service environment. With the library, the data is securely encrypted and stored in the database and the service environment is able to represent the current sensing status with the decrypted sensor data. The contribution of this work is in verifying the usability of SEED based encryption library by implementation in IoT sensor based service environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1047-1057
• /
• 2018

As the number of services offered on the Internet exponentially increases, password managers are increasing popular applications that store several passwords in an encrypted database (or password vault). Browser-integrated password managers or locally-installed password managers store the password vault on the user's device. Although a web-based password manager stores the password vault on the cloud server, a user can store the master password used to sign in the cloud server on her device. An attacker that steals a user's encrypted vault stored in the victim's device can make an offline attack and, if successful, all the passwords in the vault will be exposed to the attacker. This paper investigates the vulnerability of the password vault stored in the device and develops attack programs to verify the vulnerability of the password vault.

• The Journal of Society for e-Business Studies
• /
• v.10 no.3
• /
• pp.67-83
• /
• 2005

Common Criteria(CC) was announced in June, 1999 in order to solve a problem which be happened by applying a different evaluation criteria among nations. Currently, a official version is v2.2 and v3.0 is a draft version. Because an evaluation demand is increased in the inside and outside of the country, an evaluation market growth is expected. Also, It needs methodology and work automation and project management for evaluation. In this paper, we propose A CC based Security Evaluation Management System(CC-SEMS) that is managing evaluation resources(deliverables , evaluation criteria, evaluators) and is useful in evaluation environment efficiently. CC-SEMS is to have integrated project management, workflow management, process management and is composed of deliverables, Evaluation Activity Program(EAP), Management Object(MO), Evaluation Database(EDB), Evaluation Workflow Engine(EWE).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.305-314
• /
• 2017

Recently, user authentication through biometric traits such as fingerprint and iris raise more and more attention especially in mobile commerce and fin-tech fields. In particular, commercialized authentication methods using fingerprint recognition are widely utilized mainly because customers are more adopted and used to fingerprint recognition applications. In the meantime, the security issues caused by fingerprint falsification bring lots of attention. In this paper, we propose a new method to improve the performance of fake fingerprint detection using CNN(Convolutional Neural Network). It is common practice to increase the amount of learning data by using affine transformation or horizontal reflection to improve the detection rate in CNN characteristics that are influenced by learning data. However, in this paper we propose an effective data augmentation method based on the database difficulty level. The experimental results confirm the validity of proposed method.

• The KIPS Transactions:PartC
• /
• v.19C no.2
• /
• pp.91-98
• /
• 2012

OLAP(On-Line Analytical Processing) is a tool to satisfy the requirements of managing overflowing data analysis. OLAP can provide an interactive analytical processing environment to every end-user. Security policy is necessary to secure sensitive data of organization according to users direct access database. But earlier studies only handled the subject in its functional aspects such as MDX(Multidimensional Expressions) and XMLA(XML for Analysis). This research work is purported for solving such problems by designing and implementing an efficient data access control mechanism for the information security on OLAP. Experimental evaluation result is proposed and its efficiency and accuracy are verified through it.