• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.2
• /
• pp.83-92
• /
• 1999

Cryptography techniques can prevent eavesdroppers from maliciously intercepting or modifying sensitive information. however misuses of encryption may cause other problems First if the encryption key is lost or damaged even an authorized access to the original data will be denied. Second criminals can prevent authorized law enforcement officers from examining the necessary information by using the strong encrypted data can provide solutions for the situations. In this paper we propose a new key escrow system based on the ElGamal cryptosystem. Our system provide time-bound eavesdropping under court authorized permission protect from trustee's cheating and prevent user's shadow public key generation.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2022.06a
• /
• pp.308-309
• /
• 2022

The Ministry of Oceans and Fisheries is providing maritime safety services using combine limited artificial intelligence technologies through the operation of the Korean e-Navigation service, and research is needed to improve reliability and quality to secure the competitiveness of the system. However, linking real-time operating systems requires a separate system configuration that can be linked after processing personal information security with minimal performance impact. To solve this problem, this study will make a basic design of a big-data maritime information gateway system of the Korean e-Navigation service that minimizes the impact of performance and reflects the security of personal information.

• Journal of Web Engineering
• /
• v.21 no.5
• /
• pp.1377-1418
• /
• 2022

As it has been recently proven that the public key-based RSA algorithms that are currently used in encryption can be unlocked by Shor's algorithm of quantum computers in a short time, conventional security systems are facing new threats, and accordingly, studies have been actively conducted on new security systems. They are classified into two typical methods: Post Quantum Cryptography (PQC) and Quantum Key Distribution (QKD). PQC aims to design conventional cryptography systems in a more robust way so that they will not be decrypted by a quantum computer in a short time whereas QKD aims to make data tapping and interception physically impossible by using quantum mechanical characteristics. In this paper, we design a quantum key management system, which is most crucial for constructing a QKD network and analyze the design requirements to apply them to Korea Research Environment Open NETwork (KREONET). The quantum key management system not only manages the lifecycle, such as storage, management, derivation, allocation, and deletion of the symmetric key generated in QKD but also enables many-to-many communication in QKD communication based on the key relay function and P2P communication to overcome the limitation of distance, which is a disadvantage of QKD. We have validated the designed quantum key management system through simulations to supplement the parts that were not considered during the initial design.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.11
• /
• pp.1983-1988
• /
• 2006

There are gradually built on electronic commerce and business information system for the effective and automated use of internet while the mainstream of industry moves on information. It is necessary that a company should develop a electronic approval system because the business documents have application to an electronic commerce, business information system as well Currently, electronic approval system on groupware is using the way of inserting the image of an approval signature, which is vulnerable on a security by attacks of fraudulent use of electrical signature and eavesdropping on electronic documents. In this paper, we implementation XML form generator based on DTD having business documents structure for creating a valid business XML documents. we designed electronic approval system based on secured XML which transfers encrypted documents. For the security issues of written XML business documents, it makes use of the crypto algorithm having high performance transaction by the interchange of public key between a server and a client.

• Proceedings of the IEEK Conference
• /
• 2002.07a
• /
• pp.450-453
• /
• 2002

In this paper a Phase-based virtual image encryption and decryption techniques based on a joint transform correlator (JTC) are proposed. In this method, an encrypted image is obtained by multiplying a phase-encoded virtual image that contains no information from the decrypted image with a random phase. Even if this encryption process converts a virtual image into a white-noise-like image, the unauthorized users can permit a counterfeiting of the encrypted image by analyzing the random phase mask using some phase-contrast technique. However, they cannot reconstruct the required image because the virtual image protects the original image from counterfeiting and unauthorized access. The proposed encryption technique does not suffer from strong auto-correlation terms appearing in the output plane. In addition, the reconstructed data can be directly transmitted to a digital system for real-time processing. Based on computer simulations, the proposed encryption technique and decoding system were demonstrated as adequate for optical security applications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.3
• /
• pp.707-716
• /
• 2018

Recently, instead of technical cyber operations that directly attack the target information system by using cyber attack techniques, social engineering techniques that indirectly invade the system by exploiting the vulnerabilities of persons who manage the system are being watched. Despite this trend, there is a lot of confusion because there is no clear concept about the relationship between cyber operations and social engineering techniques. Therefore, this paper aims at establishing a clear concept of a social engineering cyber operation, helping future researchers in this literature.

• The KIPS Transactions:PartC
• /
• v.12C no.5 s.101
• /
• pp.633-642
• /
• 2005

Ubiquitous computing system is about networked processors, which is constructed with one or more computers interconnected by the networks. However, traditional security solution lacks a Proactive maintenance technique because of its focusing on developing the qualitative detection and countermeasure after attack. Thus, in this paper, we propose a quantitative assessment modeling technique, by which the general infrastructure can be improved and the attacks on a specific infrastructure be detected and protected. First of all, we develop the definition of survivality and modeling technique for quantitative assessment modeling with the static information on the system random information, and attack-type modeling. in addition, the survivality analysis on TCP-SYN attack and code-Red worm attack is performed for validating the proposed technique.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.125-130
• /
• 2004

The Internet is aggregate of trustless networks essentially. Because the Internet is very difficult to control flowing of information, taking advantage of enough sporadic resource, security problem that can protect internal important stock from the Internet is risen seriously. Recently, virus accident and generation rate about system intrusion that happen become much higher and various than past. On these time, is progressing researcher for invasion cutout to keep away illegal act vigorouslyand do continuous development. In this paper, reporting administrator log information about invader's illegal act depending on XML format form, and I wished to solve problem that happen in administration side developing invasion interception system that can control to remote.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.7
• /
• pp.3375-3400
• /
• 2018

With the advent of database-as-a-service (DAAS) and cloud computing, more and more data owners are motivated to outsource their data to cloud database in consideration of convenience and cost. However, it has become a challenging work to provide security to database as service model in cloud computing, because adversaries may try to gain access to sensitive data, and curious or malicious administrators may capture and leak data. In order to realize privacy preservation, sensitive data should be encrypted before outsourcing. In this paper, we present a secure and practical system over encrypted cloud data, called QSDB (queryable and secure database), which simultaneously supports SQL query operations. The proposed system can store and process the floating point numbers without compromising the security of data. To balance tradeoff between data privacy protection and query processing efficiency, QSDB utilizes three different encryption models to encrypt data. Our strategy is to process as much queries as possible at the cloud server. Encryption of queries and decryption of encrypted queries results are performed at client. Experiments on the real-world data sets were conducted to demonstrate the efficiency and practicality of the proposed system.

• ETRI Journal
• /
• v.37 no.4
• /
• pp.696-706
• /
• 2015

This paper presents an achievable secure videoconferencing system based on quantum key encryption in which key management can be directly applied and embedded in a server/client videoconferencing model using, for example, OpenMeeting. A secure key management methodology is proposed to ensure both a trusted quantum network and a secure videoconferencing system. The proposed methodology presents architecture on how to share secret keys between key management servers and distant parties in a secure domain without transmitting any secrets over insecure channels. The advantages of the proposed secure key management methodology overcome the limitations of quantum point-to-point key sharing by simultaneously distributing keys to multiple users; thus, it makes quantum cryptography a more practical and secure solution. The time required for the encryption and decryption may cause a few seconds delay in video transmission, but this proposed method protects against adversary attacks.