• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.5
• /
• pp.117-123
• /
• 2016

In recent years, Personal Health Record (PHR) has emerged as a patient-centric model of health information exchange. The Personal Health Record (PHR) owners enjoy the full right of accessing their records anywhere and anytime making storage and retrieval more efficient. Due to the sensitivity and confidential nature of the PHR, however, the PHR is maintained in a secure and private environment with the individual determining rights of access. In this paper, we propose a system which enables access to the user's PHR in the event of emergency. In emergency situation where the user is unconscious, the emergency staff can use the PHR information to request a emergency access to the PHR server based on the predefined rights of access for PHR. Under the proposed system, the PHR owner can specify a fine grain access control policy during emergency situations.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.1
• /
• pp.53-59
• /
• 2011

In many face recognition applications such as security systems, it is assumed that upright faces are given to the system. In order for the system to be used in more general environments, the system should be able to deal with the rotated faces properly. It is a generally used approach to rotate the face detection window and apply face detector repeatedly to detect a rotated face in the given image. But such an approach requires a lot of computation time. In this paper, a method of extracting the axis of symmetry for a given set of points is proposed. The axis of symmetry for the edge points in the face detection window is extracted in a way that is fast and accurate, and the face detector is applied only for that direction. It is shown that the mean and standard deviation of the symmetry detection error is $0^{\circ}$ and $3^{\circ}$ respectively, for the database used.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.6
• /
• pp.1091-1098
• /
• 2009

In this paper, we designed the authentication system for home network service and applied it to actual sensor nodes. The pair-wise pre-distribution key skim is applied for prevention of authentication key from sniffing on the wireless sensor networks. The authentication key and data are encrypted by using the CBC mode RC5 algorithm based on the SPINS. The experimental environment consists of a base station (BS)and sensor nodes and each sensor node sends both sensing data and the encrypted authentication key to the BS. For simulations we set up some what-if scenarios of security menaces in home network service.Slightly modified the TOS_Msg data arrays of TinyOS is suggested to store 8-byte authentication key which can enable data encryption and authentication at the each sensor node. As a result, malfunction caused by communication between BS and nodes of other groups of added nodes having malicious purpose can be protected. Also, we confirmed that a critical data of home networking service like vital signal can be transmitted securely through this system by encryption technique.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.9
• /
• pp.1983-1989
• /
• 2012

The IEEE 802.1x standard provides an architectural framework which can be used various authentication methods. But, IEEE 802.1x also has vulnerabilities about the DoS(Denial of Service), the session hijacking and the MiM(Man in the Middle) attack due to caused by structural of authentication protocol. In this paper, we propose a WLAN system which can offer safety communication by complement of IEEE 802.1x vulnerabilities. The WLAN system accomplishes mutual authentications between authentication servers, clients and the AP using PKI and prevents an illegal user from intervening in communication to disguise oneself as a client, the AP or authentication servers. Also, we guarantee the safety of the communication by the Dynamic WEP key distribution between clients and the AP.

• Journal of Digital Convergence
• /
• v.14 no.12
• /
• pp.201-208
• /
• 2016

The purpose of Email system is used to transmit important information between companies in today. But Email system has vulnerabilities such that changing email address of sender by attacker. So it is important to authenticate mail server and user using mail server. This paper proposed mail proxy located between mail servers that evaluate authority and authenticate sender and receiver. The proposed email platform has some functions to compose trusted domain and to authenticate mail servers in the domain. Also, if sender and recipient are valid users in mail system, each exchanges a key for confidentiality and the sender sends an e-mail encrypted with exchanged key to recipient. In this paper, we propose a key exchange scheme in proposed platform and verify this protocol using Casper which is the formal analysis tool. In the future research, we will study the overall platform of the domain configuration for the security of mail.

• Spatial Information Research
• /
• v.19 no.6
• /
• pp.29-41
• /
• 2011

Recently, the importance of systematic Land-monitoring has been emphasized. The existing Law does not include any definitions or regulations of monitoring. Although there exist laws regarding examining and measuring the current status of region, utilization, distribution, share, security and management of the data need to be improved. In order to upgrade the Land-monitoring system, several tasks such as terms, building cycle, forms, scope, management team should be well-defined. In this study, problems of the Land-monitoring is investigated by understanding the legislation in the land planning system and its operating system. The setting of the land-monitoring concept in Framework Act on the National Land and revision of specific laws in this field were introduced. Finally, new Land-monitoring legislation covering the improvement of the data-acquisition and co-utilization were suggested.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.8
• /
• pp.1741-1748
• /
• 2005

In this paper, we describe VLSI design and performance evaluation of OCB-AES crytographic algorithm that simulataneously provides privacy and authenticity. The OCB-AES crytographic algorithm sovles the problems such as long operation time and large hardware of conventional crytographic system, because the conventional system must implement the privancy and authenticity sequentially with seqarated algorithms and hardware. The OCB-AES processor with area-efficient modular offset generator and tag generator is designed using IDEC Samsung 0.35um standard cell library and consists of about 55,700 gates. Its cipher rate is about 930Mbps and the number of clock cycles needed to generate the 128-bit tags for authenticity and integrity is (m+2)${\times}$(Nr+1), where m and Nr represent the number of block for message and number of rounds for AES encryption, respectively. The OCB-AES processor can be applicable to soft cryptographic IP of IEEE 802.11i wireless LAN and Mobile SoC.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.8 no.6
• /
• pp.1505-1512
• /
• 2007

The RFID Technology (which is importantly used at the Ubiquitous environment) is attached to all of the units like the ID cards and then information on the units and units' environment is transferred and processed through the radio frequency. so it is the no touched recognition system. RFID Technology's research of the middle ware and wireless interface etc. is currently conducted and variously broaden like the industry of the distribution and logistics. This paper suggests that the gate control system which is based on RFID middle ware is realized to prevent the district and facility for security. The indication of this paper is that algorithm (which is to certificate Users' enterance through RFID EPC code) is proposed and realizes the user certification module, the control module of the gates' opening and closing, the maintenance module of the gate, the display module of coming and going information, test program ect. through RFID technology.

• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.5
• /
• pp.113-120
• /
• 2020

KISTI(Korea Institute of Science and Technology Information) provides HPC(High Performance Computing) service to users of university, institute, government, affiliated organization, company and so on. The NURION, supercomputer that launched its official service on Jan. 1, 2019, is the fifth supercomputer established by the KISTI. The NURION has 25.7 petaflops computation performance. Understanding how supercomputing services are used and how researchers are using is critical to system operators and managers. It is central to monitor and analysis network traffic. In this paper, we briefly introduce the NURION system and supercomputing service network with security configuration. And we describe the monitoring system that checks the status of supercomputing services in real time. We analyze inbound/outbound traffics and abnormal (attack) IP addresses data that are collected in the NURION supercomputing service network for 11 months (from January to November 1919) using time series and correlation analysis method.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.727-738
• /
• 2003

Much research efforts are being exerted for the study of intrusion detection system(IDS). However little work has been for the communication medels and performance eveluation of the IDS. Here we present a communication framework for doing hybrid intrusion detection in which agents are used for local intrusion detections with a centralized data anaysis componenta for a global intrusion detection at multiple domains environment. We also assume the combination of host-based and network-based intrusion detection systems in the oberall framework. From the local domain, a set of information such as alert, and / or log data are reported to the upper level. At the root of the hierarchy, there is a global manager where data coalescing is performed. The global manager delivers a security policy to its lower levels as the result of aggregation and correlation of intrusion detection alerts. In this paper, we model the communication mechanisms for the hybrid IDS and develop a simular using OPNET modeller for the performance evaluation of transmission capabillities for the delivery of data and policy. We present and compare simulation results based on several scenarios focuding on communication delay.