• Electronics and Telecommunications Trends
• /
• v.37 no.2
• /
• pp.11-20
• /
• 2022

Terahertz electromagnetic waves are considered the waves for the next generation of security checking technology. They can penetrate opaque materials, such as plastics, fibers, papers, and leathers. In addition, they are harmless to humans they cannot penetrate human skins. Moreover, because their frequencies are higher than those of millimeter waves, higher resolution and more detailed information is expected than the millimeter wave-based technologies In this study, we describe the trends and prospectives of terahertz technology as security checking technology that can be directly applied to a human body.

• Journal of Appropriate Technology
• /
• v.7 no.2
• /
• pp.172-187
• /
• 2021

In remote villages without access to modern IT technology, simple devices such as smartcards can be used to carry out business transactions. These devices typically store multiple business applications from multiple vendors. Although devices must prevent malicious or accidental security breaches among the applications, a secure communication channel between two applications from different vendors is often required. In this paper, first, we propose a method of establishing secure communication channels between applications in embedded operating systems that run on multi-applet smart cards. Second, we enforce the high assurance using an intransitive noninterference security policy. Thirdly, we formalize the method through the Z language and create the formal specification of the proposed secure system. Finally, we verify its correctness using Rushby's unwinding theorem.

• International Journal of Computer Science & Network Security
• /
• v.22 no.5
• /
• pp.11-16
• /
• 2022

The main purpose of the study is to determine the main elements of the state management of the development of national cybersecurity. Cybersecurity ensures the protection of the properties of information resources and the operability of technical and software users and is directed against relevant cyber incidents. Therefore, today it is impossible to ignore the importance of public administration of the processes taking place in it. The methodological support of our study is determined by its goals and objectives and is based on the use of a combination of general scientific and special methods of scientific knowledge, which ensured the completeness and reliability of the results obtained. The article has limitations and concerns the lack of practical implementation of the research results. The study is purely theoretical to reflect the main aspects of the modern system of state management of the development of national cybersecurity. Further research requires an analysis of the world experience of state management of the development of national cybersecurity.

• Annual Conference of KIPS
• /
• 2024.10a
• /
• pp.281-282
• /
• 2024

ROS(Robot Operating System)은 복잡하고 분산된 로봇 애플리케이션 개발을 위해 유연한 프레임워크다. ROS 는 다양한 소프트웨어 컴포넌트 간의 통신을 가능하게 하는 미들웨어로, 로봇 제어 시스템 구축에 필요한 도구와 라이브러리를 제공한다. 본 논문에서는 ROS2 에 대한 소개 및 ROS2 대상 보안 기능을 제공하는 SROS2 에 대한 소개를 하고자 한다. 최근 SROS 를 대상으로 하는 취약점 연구들이 제안되고 있는데 이러한 취약점은 접근 정책을 우회하거나 시스템의 설정에 관한 정보를 탈취할 수 있는 위험이 있다. 본 논문은 이러한 취약점이 시스템의 보안성에 미치는 영향을 설명하고 최근 ROS 을 대상으로 하는 취약점들을 알아보고자 한다.

• Convergence Security Journal
• /
• v.9 no.2
• /
• pp.49-58
• /
• 2009

In medical Institution, Electronic Health Record (EHR) is "must access information" to medical staff considering it as medical information. However, this unnecessary exploration of personal information must be treated confidentially because the information is highly related to other's private concerns. It is necessary that medical workers should be also restricted to their access to EHR depending on their roles and duties. As the result, this article explains that "EHR access control will be executed by differentiating authorized medical staff from non medical-related staff as well as EHR access will be only permitted to authorized medical staff depending on their work status conditions. By using Advanced RBAC model on medical situation, we expect to minimize unnecessary leak of EHR information; especially, emergency medical care is needed, access control is highly required depending on a person in charge of the cases or not, and restricted medical information defined by the patient one-self is only allowed to be accessed.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.1
• /
• pp.266-286
• /
• 2022

Public key encryption with keyword search (PEKS) allows a user to make search on ciphertexts without disclosing the information of encrypted messages and keywords. In practice, cryptographic operations often occur on insecure devices or mobile devices. But, these devices face the risk of being lost or stolen. Therefore, the secret keys stored on these devices are likely to be exposed. To handle the key exposure problem in PEKS, the notion of key-updatable PEKS (KU-PEKS) was proposed recently. In KU-PEKS, the users' keys can be updated as the system runs. Nevertheless, the existing KU-PEKS framework has some weaknesses. Firstly, it can't update the keyword ciphertexts on the storage server without leaking keyword information. Secondly, it needs to send the search tokens to the storage server by secure channels. Thirdly, it does not consider the search token security. In this work, a new PEKS framework named key-updatable and ciphertext-sharable PEKS (KU-CS-PEKS) is devised. This novel framework effectively overcomes the weaknesses in KU-PEKS and has the ciphertext sharing function which is not supported by KU-PEKS. The security notions for KU-CS-PEKS are formally defined and then a concrete KU-CS-PEKS scheme is proposed. The security proofs demonstrate that the KU-CS-PEKS scheme guarantees both the keyword ciphertext privacy and the search token privacy. The experimental results and comparisons bear out that the proposed scheme is practicable.

• International Journal of Computer Science & Network Security
• /
• v.23 no.10
• /
• pp.97-106
• /
• 2023

Sentiment analysis using social network platforms such as Twitter has achieved tremendous results. Twitter is an online social networking site that contains a rich amount of data. The platform is known as an information channel corresponding to different sites and categories. Tweets are most often publicly accessible with very few limitations and security options available. Twitter also has powerful tools to enhance the utility of Twitter and a powerful search system to make publicly accessible the recently posted tweets by keyword. As popular social media, Twitter has the potential for interconnectivity of information, reviews, updates, and all of which is important to engage the targeted population. In this work, numerous methods that perform a classification of tweet sentiment in Twitter is discussed. There has been a lot of work in the field of sentiment analysis of Twitter data. This study provides a comprehensive analysis of the most standard and widely applicable techniques for opinion mining that are based on machine learning and lexicon-based along with their metrics. The proposed work is helpful to analyze the information in the tweets where opinions are highly unstructured, heterogeneous, and polarized positive, negative or neutral. In order to validate the performance of the proposed framework, an extensive series of experiments has been performed on the real world twitter dataset that alter to show the effectiveness of the proposed framework. This research effort also highlighted the recent challenges in the field of sentiment analysis along with the future scope of the proposed work.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.5
• /
• pp.1137-1143
• /
• 2015

Sensitive internal information has been transmitted in a variety of services of Internet environment, but almost users do not know what internal information is sent. In this paper, we intend to develop a new filtering system that continuously monitors the sensitive information in outbound network packets and notifies the internal user whether or not to expose. So we design a filtering system for sensitive information and analyze the implementation results. Thus users visually can check whether disclosure of the important information and drop the corresponding packets by the proposed system. The results of this study can help decrease cyber threats various targeting internal information of company by contributing to prevent exposure of sensitive internal information.

• Journal of Internet Computing and Services
• /
• v.17 no.4
• /
• pp.95-113
• /
• 2016

Personal information processing works, including resident registration number is common to be consigned by IT specialized company due to high level expertise and tremendous cost. The accident related to personal information is increasing and most of accidents are caused by the consignee's leaking information. According to the Inspection of personal information protection and the management level diagnosis of personal information protection, public Institutions need to build the consignee's accident prevention and personal information management system as soon as possible. In this paper, the efficient enhancement ways for the personal information protection is studied. We analyze the law of business consignment and select basic management items related with personal information protection, and propose a analysis scheme for management level of personal information protection and a enhancement scheme for management system of personal information protection. This paper suggests consignee's management system of personal information protection for the enhancement way and the three Strengthening ways in law. To compose the a enhancement scheme for management system of personal information protection, we conduct questionnaire survey to 30 consignees(IT maintenance, notice printing, call center, welfare center) related to typical tasks of public organizations, present reference for this scheme, and execute verification of this scheme by focus group interview of consignor and consignee.

• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.11-16
• /
• 2021

At the present time, the number of accidents has enlarged speedily and in country like India per day there are about 204 accidents occurred. Accidents of two-wheeler compose a foremost segment of every accident and it can be true for the reason that two-wheelers like bikes not able to produce as many as security measurements normally incorporated in cars, truks and bus etc. General main rootcost of the two-wheeler accidents happen only when people community not remember to wearing a device helmet and during the driving time feels like sleep condition, alcohol disbursement, many of the drivers doesn't know heavy vehicles like Loory and buses approaching into very closer to their two wheelers, contravention of two wheelers in traffic rules and regulations. Let's overcome the above situations; our important objective is to develop an intelligent system device that can successfully facilitate in avoidance of every kind of problems. Suppose any of the above stated situations occurs, at that moment how system device identify and represents the commanders and community, and finally the stated situation be able to taken care of straight away without any further delay. A smart intelligent helmet system is a defending head covering used by rider for making bike riding safer than earlier. This is finished by incorporating sophisticated features like detecting the usage of helmet by the rider, connected Bluetooth module in helmet. In order to maintain the temperature inside the helmet device we need to include CPU fan module inside the device. RF based helmet prevents road accidents and identify whether people community is not using a component helmet or used. Main responsibility of the system is to detect accidents by vibration sensors, accelerometers and also with the help of modules global positioning system and global system for mobile commnicaiton module. A wireless communication device used to discover the accident area site location and likewise notifying the two-wheeler drived people's relatives and short message text information passed to the positioned hospitals.