• Journal of Korea Multimedia Society
• /
• v.7 no.12
• /
• pp.1719-1728
• /
• 2004

The fusion of Internet technology and applications with wireless communication provides a new business model and promises to extend the possibilities of commerce to what is popularly called mobile commerce, or m-commerce. In mobile Internet banking service through wireless local area network, security is a most important factor to consider. We describe the development of security service for mobile Internet banking on Personal Digital Assistants (PDAs). Banking Server and Authentication Server were developed to simulate banking business and to support certificate management of authorized clients, respectively. To increase security, we took hybrid approach in implementation: symmetric block encryption and public-key encryption. Hash function and random number generation were exploited to generate a secret key. The data regarding banking service were encrypted with symmetric block encryption, RC4, and the random number sequence was done with public-key encryption. PDAs communicate through IEEE 802.IIb wireless LAN (Local Area Network) to access banking service. Several banking services and graphic user interfaces, which emulatedthe services of real bank, were developed to verity the working of each security service in PDA, the Banking Server, and the Authentication Server.

• Journal of Korea Multimedia Society
• /
• v.16 no.10
• /
• pp.1156-1162
• /
• 2013

Face verification has been widely studied during the past two decades. One of the challenges is the rising concern about the security and privacy of the template database. In this paper, we propose a secure face verification system which generates a unique secure cryptographic key from a face template. The face images are processed to produce face templates or codes to be utilized for the encryption and decryption tasks. The result identity data is encrypted using Advanced Encryption Standard (AES). Distance metric naming hamming distance and Euclidean distance are used for template matching identification process, where template matching is a process used in pattern recognition. The proposed system is tested on the ORL, YALEs, and PKNU face databases, which contain 360, 135, and 54 training images respectively. We employ Principle Component Analysis (PCA) to determine the most discriminating features among face images. The experimental results showed that the proposed distance measure was one the promising best measures with respect to different characteristics of the biometric systems. Using the proposed method we needed to extract fewer images in order to achieve 100% cumulative recognition than using any other tested distance measure.

• Journal of information and communication convergence engineering
• /
• v.12 no.1
• /
• pp.19-25
• /
• 2014

The wireless sensor networking standard DASH7 operates in low-power communication with a better transmission quality in active RFID networks. The DASH7 security standard supports public key cryptography. At present, the DASH7 standard uses the message authentication code in the network layer for authentication and integrity. However, its security standard is still in an incubation stage with respect to the implementation of a crypto exchange over a DASH7 network. Effective key management is an important factor for privacy and security. If organizations are not careful about where and how keys are stored, they leave the encrypted data vulnerable to theft. In this regard, we present a key management system designed for efficient key management through public key infrastructure authentication as well as a non-repudiation feature for the DASH7 standard. We analyze the performance of the proposed system on a basis of various performance criteria such as latency and throughput.

• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.77-85
• /
• 2019

As the Internet continues to evolve, cyber attacks are becoming more precise and covert. Anonymous communication, which is used to protect personal privacy, is also being used for cyber attacks. Not only it hides the attacker's IP address but also encrypts traffic, which allows users to bypass the information protection system that most organizations and institutions are using to defend cyber attacks. For this reason, anonymous communication can be used as a means of attacking malicious code or for downloading additional malware. Therefore, this study aims to suggest a method to detect and block encrypted anonymous communication as quickly as possible through artificial intelligence. Furthermore, it will be applied to the defense to detect malicious communication and contribute to preventing the leakage of important data and cyber attacks.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.17 no.3
• /
• pp.358-363
• /
• 2014

In this paper, we present two constructions of the attribute-based broadcast encryption(ABBE) algorithm. Attribute-based encryption(ABE) algorithm enables an access control mechanism over encrypted data by specifying access policies among private keys and ciphertexts. ABBE algorithm can be used to construct ABE algorithm with revocation mechanism. Revocation has a useful property that revocation can be done without affecting any non-revoked uers. The main difference between our algorithm and the classical ones derived from the complete subtree paradigm which is apt for military hierarchy. Our algorithm improve the efficiency from the previously best ABBE algorithm, in particular, our algorithm allows one to select or revoke users by sending ciphertext of constant size with respect to the number of attributes and by storing logarithm secret key size of the number of users. Therefore, our algorithm can be an option to applications where computation cost is a top priority and can be applied to military technologies in the near future.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.10
• /
• pp.2217-2223
• /
• 2012

As smartphone users are over 20 million, companies, which offer cloud computing services, try to support various mobile devices. If so, users can use the same cloud computing service using mobile devices, as sharing document. When user share the work, there are problem in configuration management, data confidentiality and integrity. In this paper, we propose a method that cloud computing users share document efficiently, edit encrypted docuements, and manage configuration based on homomorphic encryption, which integrity is verifiable.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.1
• /
• pp.69-78
• /
• 2015

Internet of Things(IoT) is electronic devices and household appliances use wireless sensor network in environment of high speed wireless network and LTE mobile service. The combination of the development of Internet and wireless network led to development of new forms of service such as electronic devices and household appliances can connect to the Internet through various sensors and online servers such as a Home Network. Even though Internet of Things is useful, there are problems in Internet of Things. In environment of Internet of Things, information leakage could happens by illegal eavesdropping and spoofing. Also illegal devices of wireless communication interference can cause interfere in Internet of things service, physical damage and denial of service by modulation of data and sensor. In this thesis, it will analyze security threats and security vulnerability in environment of mobile services and smart household appliances, then it will suggest plan. To solve security issues, it is important that IT and RFID sensor related companies realize importance of security environment rather than focus on making profit. It is important to develop the standardized security model that applies to the Internet of Things by security-related packages, standard certification system and strong encrypted authentication.

• The Journal of the Korea Contents Association
• /
• v.13 no.9
• /
• pp.49-57
• /
• 2013

Recently, in spite of fast development of smartphone, recording technology has saved, listened and searched in server based on PSTN and wired network. We introduce a mobile transcript recording system for mobile office environment. All calls using smartphone are automatically saved on memory in mobile device with this system. Thereafter, recording files are encrypted and uploaded to recording server by user authority. Beside recording data in database on web server is saved and managed efficiently and economically through web application. This system is able to be used in legal corroborative facts and the prevention of crime such as voice phishing.

• Journal of Korea Society of Industrial Information Systems
• /
• v.21 no.3
• /
• pp.7-12
• /
• 2016

In a hostile Internet environment, steganography has focused to hide a secret message inside the cover medium for increasing the security. That is the complement of the encryption. This paper presents a text steganography techniques using the Hangul text. To enhance the security level, secret messages have been encrypted first through the genetic algorithm operator crossover. And then embedded into an cover text to form the stego text without changing its noticeable properties and structures. To maintain the capacity in the cover media to 3.69%, the experiments show that the size of the stego text was increased up to 14%.

• Journal of KIISE
• /
• v.43 no.9
• /
• pp.1052-1059
• /
• 2016

A key role in cloud computing systems that is becoming an issue is implementing a database on untrusted cloud servers requiring the complexity of key management. This study proposes a key management system using Self Proxy Servers to minimize key executions and improve the performance of cloud services by generating Self-Creating Algorithms where the data owner is not directly concerned with related keys when a user sends an encrypted database a query. The Self Proxy Server supports active and autonomous key managements as a distributed server if any trouble should arise from a cloud key server and for an efficient cloud key management. Therefore, the key management system provides secure cloud services by supporting confidentiality of a cloud server database.