• ETRI Journal
• /
• v.32 no.6
• /
• pp.950-960
• /
• 2010

In response to increased security concerns, biometrics is becoming more focused on overcoming or complementing conventional knowledge and possession-based authentication. However, biometric authentication requires special care since the loss of biometric data is irrecoverable. In this paper, we present a biometric authentication framework, where several novel techniques are applied to provide security and privacy. First, a biometric template is saved in a transformed form. This makes it possible for a template to be canceled upon its loss while the original biometric information is not revealed. Second, when a user is registered with a server, a biometric template is stored in a special form, named a 'soft vault'. This technique prevents impersonation attacks even if data in a server is disclosed to an attacker. Finally, a one-time template technique is applied in order to prevent replay attacks against templates transmitted over networks. In addition, the whole scheme keeps decision equivalence with conventional face authentication, and thus it does not decrease biometric recognition performance. As a result, the proposed techniques construct a secure face authentication framework in open networks.

• IEIE Transactions on Smart Processing and Computing
• /
• v.2 no.2
• /
• pp.57-66
• /
• 2013

Wireless Sensor Networks consist of small, inexpensive, low-powered sensor nodes that communicate with each other. To achieve a low communication cost in a resource constrained network, a novel concept of signcryption has been applied for secure communication. Signcryption enables a user to perform a digital signature for providing authenticity and public key encryption for providing message confidentiality simultaneously in a single logical step with a lower cost than that of the sign-then-encrypt approach. Ring signcryption maintains the signer's privacy, which is lacking in normal signcryption schemes. Signcryption can provide confidentiality and authenticity without revealing the user's identity of the ring. This paper presents the security notions and an evaluation of an ID-based ring signcryption scheme for wireless sensor networks. The scheme has been proven to be better than the existing schemes. The proposed scheme was found to be secure against adaptive chosen ciphertext ring attacks (IND-IDRSC-CCA2) and secure against an existential forgery for adaptive chosen message attacks (EF-IDRSC-ACMA). The proposed scheme was found to be more efficient than scheme for Wireless Sensor Networks reported by Qi. et al. based on the running time and energy consumption.

• Journal of Korean Library and Information Science Society
• /
• v.37 no.3
• /
• pp.75-101
• /
• 2006

This study is about the factors required to be considered in the aspects of policy and operation before introducing the real-time reference service and about the way to use the real-time reference service effectively, The real-time reference service should not be accepted and applied just based on the case of advanced nations without deciding how to apply and use through enough advanced investigation and example analysis. Working out in service policies, selecting appropriate programs. securing service manpower, devising privacy policies, groping the ways of cooperation between libraries, and operating the adequate evaluation system are the factors which should be considered in the policy aspect. Preparation of proper ways of application. operation time, and promotion are the factors which should be considered and reviewed in the operative aspect.

• Convergence Security Journal
• /
• v.14 no.2
• /
• pp.73-79
• /
• 2014

In the 21st century, the higher CCTV, hidden Camera, and surveillance and contra-surveillance in Cyber-space are, the higher the voices of concern about surveillance society nationally are. Nevertheless, phenomenon of panoptisme is becoming into general use. Actually, this watching system should be on the rise but this is the output playing up and advertising the positive effect of immediate convenience and offering safety that government and business made. Thus, this study wants to offer implication to warn the invasion of privacy and generalization controlled society as pointed out cause and problem of the surveillance society time according to the digital era.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.12
• /
• pp.6092-6115
• /
• 2017

This paper demonstrates a case for an end-to-end pure Application Security Layer for reliable and confidential communications within an Internet of Things (IoT) constrained environment. To provide a secure key exchange and to setup a secure data connection, Transport Layer Security (TLS) is used, which provides native protection against replay attacks. TLS along with digital signature can be used to achieve non-repudiation within app-to-app communications. This paper studies the use of TLS over the JavaScript Object Notation (JSON) via a The Constrained Application Protocol (CoAP) RESTful service to verify the hypothesis that in this way one can provide end-to-end communication flexibility and potentially retain identity information for repudiation. As a proof of concept, a prototype has been developed to simulate an IoT software client with the capability of hosting a CoAP RESTful service. The prototype studies data requests via a network client establishing a TLS over JSON session using a hosted CoAP RESTful service. To prove reputability and integrity of TLS JSON messages, JSON messages was intercepted and verified against simulated MITM attacks. The experimental results confirm that TLS over JSON works as hypothesised.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.12
• /
• pp.101-108
• /
• 2017

The study proposed a system that filters the data that is entered when analyzing big data such as SNS and BLOG. Personal information includes impersonal personal information, but there is also personal information that distinguishes it from personal information, such as religious institution, personal feelings, thoughts, or beliefs. Define these personally identifiable information as sensitive information. In order to prevent this, Article 23 of the Privacy Act has clauses on the collection and utilization of the information. The proposed system structure is divided into two stages, including Big Data Processing Processes and Sensitive Information Filtering Processes, and Big Data processing is analyzed and applied in Big Data collection in four stages. Big Data Processing Processes include data collection and storage, vocabulary analysis and parsing and semantics. Sensitive Information Filtering Processes includes sensitive information questionnaires, establishing sensitive information DB, qualifying information, filtering sensitive information, and reliability analysis. As a result, the number of Big Data performed in the experiment was carried out at 84.13%, until 7553 of 8978 was produced to create the Ontology Generation. There is considerable significan ce to the point that Performing a sensitive information cut phase was carried out by 98%.

• Journal of Information Technology Services
• /
• v.16 no.2
• /
• pp.33-44
• /
• 2017

The financial industry recently introduces several issues for utilizing the blockchain technology as the core infrastructure of future finance. Blockchain, first introduced as the underlying technology of Crypto-currencies, Bitcoin is a technology that can ensure the integrity and reliability of data by verifying, recording, and storing data jointly in the network without a central administration organization or a manager. This blockchain has its potential power as a technology for issuing digital currencies, providing transparency, and securing record management, that is expected to be useful in the financial sector. At the same time, considering the characteristics of financial transactions which emphasize privacy, questions are raised about whether a blockchain structure in which information is distributed and shared among participants can be successful. How will we support to implement the potential of the blockchain in order to change the paradigm of the financial industry? How can we manage the side effects of blockchain effectively? Such a policy discussion is necessary. This study introduces the meaning of the blockchain technology, various utilization attempts, and possible problems facing technology from the viewpoint of financial industry, and suggests a policy direction for utilizing this technology as a catalyst to the progress of the financial industry or as a new technology power.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.1
• /
• pp.51-58
• /
• 2013

This paper describes the design and implementation of the PKI-based EAI system which is used for delivery of sensitive personal information between business systems. For this purpose, we propose a key exchange protocol with some key process : Diffie-Hellman Schema is used to provide forward secrecy, public key-based digital signature is used for EAI Server authentication, data integrity. In addition, in order to minimize the performance impact on the overall EAI systems. The EAI server was designed simply to be used only as a gateway. This paper shows the implementation of Korea public key authentication algorithm standard and a symmetric encryption algorithm for data encryption.

• Review of Korean Society for Internet Information
• /
• v.14 no.3
• /
• pp.52-57
• /
• 2013

Information and Communication Technologies(ICTs) have substantially enlarged both the opportunities to realize one's human rights but have also resulted in the emergence of new challenges. ICTs are so deeply embedded and cental to almost all aspects of human activity. And ICTs are assuming an increasingly central role in all aspects of human and societal development across the world. But this is especially true of the right to privacy, which faces challenges such as profiling and data mining for public(including national security) and private purposes. ICTs access is a fundamental right for all humans in the information age. So we have need for regulation based on human rights in the digital age. And governments have a responsibility to protect individuals against violations of human rights and data protection by public authorities, but also by private entities. In addition, internet governance and multi-stakeholder principle have to be stressed on all of the internet issues because internet governance is included in the principle of democracy which have bottom-up communication and equality. So it is very importance that Internet Governance Forum is the space for a meaningful discussion on public policy issues relating to the internet.

• Journal of Information Technology Applications and Management
• /
• v.24 no.1
• /
• pp.81-91
• /
• 2017

In Korea, "Act on the Development of Cloud Computing and Protection of its Users" has been enforced since September 28, 2015. Many countries implemented 'Cloud First' policies and global companies such as Amazon, Microsoft, IBM started cloud services in Korea. Under these circumstance, the Act was established for developing the cloud computing industry. The Act includes clauses for encouraging the use of private cloud computing by public organizations, supporting small- and medium-size cloud service providers, and utilizing secure cloud computing services by users. However, some terms appear to be similar but have different meanings from "Act on Promotion of Information and Communications Network Utilization and Information Protection, etc." and "Personal Information Protection Act". This generated some confusion and conflicts in relation to providing user information to a 3rd party and notifying the intrusion in the Cloud Computing Act. This paper discusses these issues and suggestions for revision of the Cloud Computing Act.