• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.1
• /
• pp.99-106
• /
• 2011

The emerging of ubiquitous computing and healthcare technologies provides us a strong platform to build sustainable healthcare applications especially those that require real-time information related to personal healthcare regardless of place. We realize that system stability, reliability and data protection are also important requirements for u-healthcare services. Therefore, in this paper, we designed a u-healthcare system which can be attached to the patient's body to measure vital signals, enhanced with USN secure sensor module. Our proposed u-healthcare system is using wireless sensor modules embedded with NLM-128 algorithm. In addition, PS-LFSR technique is applied to the NLM-128 algorithm to enable faster and more efficient computation. We included some performance statistical results in term of CPU cycles spent on NLM-128 algorithm with and without the PS-LFSR optimization for performance evaluation.

• Management & Information Systems Review
• /
• v.14
• /
• pp.151-180
• /
• 2004

Owing to the digital revolution, Internet Commerce and Electronic commerce, revolutionize the way of doing business and making payment. The entrance of the Internet has a prominent for spread of Electronic Commerce and those phenomenons will result in paperless trading and cashless trade. By virtue of Internet, an increasing share of business transactions occurs online. Electronic payment is essential for the smooth progress of the electronic commerce as electronic payment plays the important role in the electronic commerce, that is, the value transfer restyling from the electronic commerce. Traditionally international settlement systems such as letters of credits, remittance and documentary collections operated as important and poplar method of payment, Now, information technology has made it possible to pay for the sale of goods and services over the internet. In international trade, there are service providers (bolero, TradeCard, BeXcom) to settle payment electronically through the Internet. The purpose of this study is to Conduct comparative analysis with approach manner functional respect systematic respect, role. It is shown which the Electronic payment system is better. In this study, the author attempts to find the problems is (bolero, TradeCard, BeXcom) and solutions in switching from the documentary payment system to the electronic one. This conclusion of this study can be summarized as followings. In resoect of the law, bolero should seek to prevert the users from being treated unfairly due to multilateral agreement on Rulebook. TradeCard, BeXcom do not have the proper law that users are governed. so far as the practice problems concerned, stability of computer's operation and security of message interchange should be warranted and improved continuously. Through the standardization of the electronic document and the development of software, the examination of the shipping occuments must be done automatically. Bolero should induce more banks to take part in Bolero, and make the carrier the cost and time in managing the traditional document which will be used for the time being. In respect of information technology and security, to deduce the risk in the electronic settlement system and positively uses the global authentication guideline(Identrus).

• Journal of Advanced Marine Engineering and Technology
• /
• v.40 no.10
• /
• pp.906-915
• /
• 2016

In this study, a network monitoring system, including a secure 460-Network and a 460-Gateway, is designed and developed according with the requirements of the IEC (International Electro-Technical Commission) 61162-460 network standard for the safety and security of networks on board ships. At present, internal or external unauthorized access to or malicious attack on a ship's on board systems are possible threats to the safe operation of a ship's network. To secure the ship's network, a 460-Network was designed and implemented by using a 460-Switch, 460-Nodes, and a 460-Gateway that contains firewalls and a DMZ (Demilitarized Zone) with various application servers. In addition, a 460-firewall was used to block all traffic from unauthorized networks. 460-NMS (Network Monitoring System) is a network-monitoring software application that was developed by using an simple network management protocol (SNMP) SharpNet library with the .Net 4.5 framework and a backhand SQLite database management system, which is used to manage network information. 460-NMS receives network information from a 460-Switch by utilizing SNMP, SNMP Trap, and Syslog. 460-NMS monitors the 460-Network load, traffic flow, current network status, network failure, and unknown devices connected to the network. It notifies the network administrator via alarms, notifications, or warnings in case any network problem occurs. Once developed, 460-NMS was tested both in a laboratory environment and for a real ship network that had been installed by the manufacturer and was confirmed to comply with the IEC 61162-460 requirements. Network safety and security issues onboard ships could be solved by designing a secure 460-Network along with a 460-Gateway and by constantly monitoring the 460-Network according to the requirements of the IEC 61162-460 network standard.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.45 no.9
• /
• pp.67-74
• /
• 2008

This paper proposes, designs and implements an architecture of a server involved with the network camera based video surveillance systems to solve common problems including lack of inter-network operability at the video information sharing, drawback of bandwidth and processing-overhead caused by increase of the number of users, and difficulty of continuous monitoring over changes of network configurations. The proposed saver was designed to manage and service numerous network cameras and users as well as solving the existing problems by providing video distribution facility. Through the empirical study after applying the implemented server to a real video surveillance system we proved that the server can provide reasonable service quality while it processes several hundreds of simultaneous user connections under persisting more than one hundred connections to network cameras. We expect the developed video distribution server to enhance service quality of the large scale video surveillance systems for citizen-wide services such as traffic reporting informatics or natural calamities supporting.

• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.141-150
• /
• 2024

With the increasing frequency of incidents related to personal information leaks, there is a growing concern about personal information protection. Moreover, with the emergence of blockchain technology, there is a heightened interest in self-sovereign identity models applied through blockchain, with ongoing research on Decentralized Identifiers (DID) to achieve this. However, despite universities storing and utilizing significant information such as personal data, their computer systems are operated and managed based on centralized systems, leading to annual occurrences of personal data breaches. Therefore, this paper proposes and implements a DID-based computing system applicable within universities. Additionally, it establishes and executes prominent services within the university context. The proposed system ensures users' self-sovereign identities through verifiable credentials, enabling the establishment of a secure integrated information system within the university, departing from traditional centralized systems.

• Korean Security Journal
• /
• no.24
• /
• pp.91-123
• /
• 2010

The threat factors available for occurrence given G20 Summit Meeting are expected leader terrorism, hostage terrorism, bomb terrorism, public facilities terrorism, and aircraft terrorism. As for the threat groups, which are expected in Korea, the North Korea, Islam extremist group, and the group such as NGO organization of being opposed to international meeting are regarded as having possibility of causing hazard. Thus, the purpose of this study is to suggest VIP Security-measure plans in the main site in preparation for G20 Summit Meeting. Accordingly, each country in the world is adopting 'the principle of Triple Ring' in common. Thus, it elicited a coping plan by 1st line(inner ring) 2nd line(middle ring) 3rd line(outer ring) based on this principle, and proposed even an opinion together that will need to be reflected in light of policy for the VIP security measures. In conclusion, as for the VIP Security-measure plans in the main site in preparation for G20 Summit Meeting, In the inner ring(safety sector), first, an intercepting measure needs to be devised for a spot of getting into and out of vehicles given the Straight Street. Second, the Walking Formation needs to be reinforced boldly in the exposed area. In the middle ring(security sector), first, the control plan needs to be devised by considering particularity of the main site. Second, there is necessity for adopting the efficient security badge operation plan that is included RFID function within security badge. In the outer ring(aid protective sector), first, there is necessity of preparing for several VIP terrorisms, of collecting information and intelligence, and of reinforcing the information collection system against terrorism under the cooperation with the overseas information agency. Second, the urgent measure training in time of emergency needs to be carried out toward security agent event manpower. Third, to maintain the certain pace in VIP motorcade, the efficient traffic control system needs to be operated. Finally, as for what will need to be reflected in light of policy for VIP security measures, first, there is necessity for allowing VIP residence to be efficiently dispersed to be distributed and controlled. Second, there is necessity for allowing impure element to misjudge or attack to be failed by utilizing diverse deception operations. Third, according to the reorganization in North Korea's Organization of the South Directed Operations, the powerful 'military-support measure' needs to be driven from this G20 Summit Meeting. For this, the necessity was proposed for further reinforcing the front back defense posture under the supervision of the Ministry of National Defense and for positively coping even with detecting and removing poison in preparation for CBR (chemical, biological, and radio-logical) terrorism.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1027-1041
• /
• 2015

Recently, there are rapidly increasing cases of APT (Advanced Persistent Threat) attacks such as Verizon(2010), Nonghyup(2011), SK Communications(2011), and 3.20 Cyber Terror(2013), which cause leak of confidential information and tremendous damage to valuable assets without being noticed. Several anomaly detection technologies were studied to defend the APT attacks, mostly focusing on detection of obvious anomalies based on known malicious codes' signature. However, they are limited in detecting APT attacks and suffering from high false-negative detection accuracy because APT attacks consistently use zero-day vulnerabilities and have long latent period. Detecting APT attacks requires long-term analysis of data from a diverse set of sources collected over the long time, real-time analysis of the ingested data, and correlation analysis of individual attacks. However, traditional security systems lack sophisticated analytic capabilities, compute power, and agility. In this paper, we propose a Fast Data based real-time abnormal behavior detection system to overcome the traditional systems' real-time processing and analysis limitation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1175-1186
• /
• 2015

Financial fraud has been increasing along with credit card usage. Magnetic stripe cards have vulnerabilities in that credit card information is exposed in plaintext and cardholder verification is untrustworthy. So they have been replaced by a smart card scheme to provide enhanced security. Furthermore, the FinTech that combines the IT with Financial product is being prevalent. For that reason, many mobile device based payment schemes have been proposed for card present transaction. In this paper, we propose a virtual credit card number payment scheme based on public key system for efficient authentication in card present transaction. Our proposed scheme is able to authenticate efficiently in card present transaction by pre-registering virtual credit card number based on cardholder's public key without PKI. And we compare and analyze our proposed scheme with EMV.

• JSTS:Journal of Semiconductor Technology and Science
• /
• v.15 no.1
• /
• pp.48-59
• /
• 2015

In recent years, there are increasing threats of rootkits that undermine the integrity of a system by manipulating OS kernel. To cope with the rootkits, in Vigilare, the snoop-based monitoring which snoops the memory traffics of the host system was proposed. Although the previous work shows its detection capability and negligible performance loss, the problem is that the proposed design is not acceptable in recent commodity mobile application processors (APs) which have become de facto the standard computing platforms of smart devices. To mend this problem and adopt the idea of snoop-based monitoring in commercial products, in this paper, we propose a snoop-based monitor design called S-Mon, which is designed for the AP platforms. In designing S-Mon, we especially consider two design constraints in the APs which were not addressed in Vigilare; the unified memory model and the crossbar switch interconnect. Taking into account those, we derive a more realistic architecture for the snoop-based monitoring and a new hardware module, called the region controller, is also proposed. In our experiments on a simulation framework modeling a productionquality device, it is shown that our S-Mon can detect the rootkit attacks while the runtime overhead is also negligible.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.397-404
• /
• 2016

Illegal and harmful contents on the Internet has been an issue and been increased in Korea. They are often posted on the billboard and website of small enterprise and government office. Those illegal and harmful contents can relate to crime and suspicious activity, so, we need a detection system. However, to date the detection itself has been conducted manually by a person. In this paper, we develop an automated URL detection scheme for detecting a drug trafficking by using Google. This system works by analyzing the frequently used keywords in a drug trafficking and generate a keyword dictionary to store words for future search. The suspected drug trafficking URL are automatically collected based on the keyword dictionary by using Google search engine. The suspicious URL can be detected by classifying and numbering each domain from the collection of the suspected URL. This proposed automated URL detection can be an effective solution for detecting a drug trafficking, also reducing time and effort consumed by human-based URL detection.