• Journal of KIISE:Computing Practices and Letters
• /
• v.8 no.3
• /
• pp.277-288
• /
• 2002

In this paper, we describe a design and implementation method of a smart card operating system for multi applications. A smart card is the independent computing system and is able to be used in multi applications such as the electronic commerce and the electronic cash. Smart card operation system(SCOS) provides a basis of smart card booting, and controls and manages application programs. SCOS can produce and control a file system to support multi applications in EEPROM, communicate commands and messages with outside devices, process a command, produce a reply message, and provide security functions of file security in EEPROM, and communication security. Therefor, in this paper, we design and implement SCOS system that provides the authentication between a card and a terminal, the session authentication for multi applications, the processing of commands, and the maintenance of the security.

• International Journal of Computer Science & Network Security
• /
• v.22 no.5
• /
• pp.284-288
• /
• 2022

The article analyzes the regulations of current criminal law, which ensures the protection and protection of information relations, offers the optimal model of the system of norms of the Criminal Code of Ukraine, which establishes liability for violation of information. The subject of the article is protected information, which should include information or data, the procedure for access to and distribution of which, regardless of the method of submission, storage or organization, are subject to legal regulation in accordance with laws and regulations. For the purposes of criminal law, information as an object of criminal law protection should be classified on the following grounds: depending on the content: personal or family secrets; information constituting a state secret; data included in the official secret; information that constitutes a professional secret; information that constitutes a commercial, tax, banking secret, and, depending on the medium - documented and undocumented.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.10
• /
• pp.2544-2560
• /
• 2013

As a cornerstone of the next generation air traffic management (ATM), automatic dependent surveillance-broadcast (ADS-B) system can provide continual broadcast of aircraft position, identity, velocity and other messages over unencrypted data links to generate a common situational awareness picture for ATM. However, since ADS-B messages are unauthenticated, it is easy to insert fake aircrafts into the system via spoofing or insertion of false messages. Unfortunately, the authentication for ADS-B messages has not yet been well studied. In this paper, we propose an efficient broadcast authentication scheme with batch verification for ADS-B messages which employs an identity-based signature (IBS). Security analysis indicates that our scheme can achieve integrity and authenticity of ADS-B messages, batch verification, and resilience to key leakage. Performance evaluation demonstrates that our scheme is computationally efficient for the typical avionics devices with limited resources, and it has low communication overhead well suitable for low-bandwidth ADS-B data link.

• Convergence Security Journal
• /
• v.7 no.4
• /
• pp.51-60
• /
• 2007

It is important to assess vulnerability of network and information system to countermeasure against a variety of attack in effective and efficient way. But vulnerability and risk assessment methodology for network and information systems could not be directly applied to sensor networks because sensor networks have different properties compared to traditional network and information system. This paper proposes a vulnerability assessment framework for cluster based sensor networks. The vulnerability assessment for sensor networks is presented. Finally, the case study in cluster based sensor networks is described to show possibility of the framework.

• The KIPS Transactions:PartC
• /
• v.18C no.6
• /
• pp.397-404
• /
• 2011

Recently the existing one-way electricity system that combines information and communications technology to develop smart grid technology is made active. The core infrastructure of the smart grid, AMI smart meters to AMR system, the amount of power measured at the top to MDMS transmits data store. Smart meters utilizing information and communication technology to transfer data and power because of the existing security threats are expected, including the additional security threats. It exposes the privacy of consumers and industrial systems, such as paralysis is likely to result in the loss. In this paper to respond to these security threats in the environment smart grid. Also, We propose data transfer methods between smartmeter and MDMS and between home device and MDMS.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.10a
• /
• pp.866-870
• /
• 2009

Mobile Health (M-Health) system is a recent term for medical and public health practice supported by mobile devices, such as mobile phones, PDAs, and other wireless devices. Mobile Health system has been successfully establishing at few general hospital in Korea. However, to use diverse devices manufactured by various company cause inoperability, and lack of security disappoints customers often. Although the outstanding health environment, most of hospitals are unavailable to share electronic patient records due to lack of standard protocol to handle the interoperability each other. Health Level 7 (HL7) is the best solution for the problem. In this paper, we will analyse a current M-Health service in terms of security and mobile device, and suggest iPhone for the best device against hospital environment. Also, for keep confidentiality of health information and patient privacy, enhanced security mechanism is introduced. As a consequence, interoperable standard, and most appropriate device for supporting staffs and M-Health performance, and enhanced securirty mechanism will be integrated in order to propose improved M-health model.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.11
• /
• pp.125-136
• /
• 2013

In this paper, we proposed SSL VPN-based network access control technology which can verify user authentication and integrity of user terminal. Using this technology, user can carry out a safety test to check security services such as security patch and virus vaccine for user authentication and user terminal, during the VPN-based access to an internal network. Moreover, this system protects a system from external security threats, by detecting malicious codes, based on behavioral patterns from user terminal's window API information, and comparing the similarity of sequential patterns to improve the reliability of detection.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.6
• /
• pp.153-160
• /
• 2011

Recently, the use of security surveillance system including CCTV is increasing due to the increase of terrors and crimes. At the same time, interest of face recognition at a distance using surveillance cameras has been increasing. Accordingly, we analyzed the performance of face recognition according to distance using PCA-based face recognition and interpolation. In this paper, we used Nearest, Bilinear, Bicubic, Lanczos3 interpolations to interpolate face image. As a result, we confirmed that existing interpolation have an few effect on performance of PCA-based face recognition and performance of PCA-based face recognition is improved by including face image according to distance in traning data.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.679-689
• /
• 2012

There were clear differences between the DDoS attack on 7th July 2009 and the rest of them prior to the attack. Despite It had emitted relatively small sized packets per infected PC, the attack was very successful making use of HTTP Flooding attack by aggregating small sized packets from the well sized zombie network. As the objective of the attack is not causing permanent damage to the target system but temporal service disruption, one should ensure the availability of the target server by deploying effective defense strategy. In this paper, a novel HTTP based DDoS defense mechanism is introduced with capacity based defense-in-depth strategy.

• International Journal of Computer Science & Network Security
• /
• v.21 no.1
• /
• pp.77-83
• /
• 2021

The dependency on technology has increased with the increase in population. Technology plays a crucial role in facilitating, organizing and securing people's life nowadays. The Internet has penetrated every face of present-day lifestyles. Yet another ubiquitous use of digital technology today is evident in transferring money and speeding cross border payments that are done through digital transactions. This paper investigates transferring money and data through banks and companies by using the Blockchain concept through decentralized distributed system. The present research also peruses several contexts in which this technology has already been implemented successfully and demonstrates the advantages of replacing the paper money with digital money. Using cryptocurrency will facilitate people's life by reducing time, securing the process of money transfer, and increasing data integrity. The primary benefit of this content analysis is that it addresses an innovative subject, in a new light and using timely recent research references drawn from 2018-2020. Thus, our study is a contemporary and conclusive source for all present and future endeavours being undertaken in the domain of using blockchain for e-transactions.