• Journal of Information Processing Systems
• /
• 제3권2호
• /
• pp.43-53
• /
• 2007

The use of agent paradigm in today's applications is hampered by the security concerns of agents and hosts alike. The agents require the presence of a secure and trusted execution environment; while hosts aim at preventing the execution of potentially malicious code. In general, hosts support the migration of agents through the provision of an agent server and managing the activities of arriving agents on the host. Numerous studies have been conducted to address the security concerns present in the mobile agent paradigm with a strong focus on the theoretical aspect of the problem. Various proposals in Intrusion Detection Systems aim at securing hosts in traditional client-server execution environments. The use of such proposals to address the security of agent hosts is not desirable since migrating agents typically execute on hosts as a separate thread of the agent server process. Agent servers are open to the execution of virtually any migrating agent; thus the intent or tasks of such agents cannot be known a priori. It is also conceivable that migrating agents may wish to hide their intentions from agent servers. In light of these observations, this work attempts to bridge the gap from theory to practice by analyzing the security mechanisms available in Aglet. We lay the foundation for implementation of application specific protocols dotted with access control, secured communication and ability to detect tampering of agent data. As agents exists in a distributed environment, our proposal also introduces a novel security framework to address the security concerns of hosts through collaboration and pattern matching even in the presence of differing views of the system. The introduced framework has been implemented on the Aglet platform and evaluated in terms of accuracy, false positive, and false negative rates along with its performance strain on the system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권4호
• /
• pp.2219-2236
• /
• 2017

With cloud storage services, users can handle an enormous amount of data in an efficient manner. However, due to the widespread popularization of cloud storage, users have raised concerns about the integrity of outsourced data, since they no longer possess the data locally. To address these concerns, many auditing schemes have been proposed that allow users to check the integrity of their outsourced data without retrieving it in full. Yuan and Yu proposed a public auditing scheme with a deduplication property where the cloud server does not store the duplicated data between users. In this paper, we analyze the weakness of the Yuan and Yu's scheme as well as present modifications which could improve the security of the scheme. We also define two types of adversaries and prove that our proposed scheme is secure against these adversaries under formal security models.

• 한국인터넷방송통신학회논문지
• /
• 제11권6호
• /
• pp.151-156
• /
• 2011

국내 클라우드 시장은 '14년까지 2조원 규모로 급성장할 것으로 예상하는 반면, 모바일 클라우드 서비스 활성화의 장애요인으로 서비스의 안정성에 대한 우려, 데이터의 보안성 및 기밀성에 대한 불안감 등 보안에 대한 우려가 높다. 이러한 상황속에서 기존 IT 보안 기술로도 충분히 대응 가능한지와 모바일 클라우드 특성에 최적화된 보안 기술에 대한 요구사항에 대한 분석이 구체화되지 못하고 있는 실정이다. 본 연구에서는 모바일 보안의 특성에 대해 살펴보고 모바일 클라우드 장애 사례를 통해 미래 보안기술의 요구사항에 대해 모색하고자 한다.

• 한국컴퓨터정보학회논문지
• /
• 제25권1호
• /
• pp.151-157
• /
• 2020

본 연구에서는 한국미디어패널조사 데이터를 이용하여 프라이버시 염려가 인터넷 활동성에 미치는 영향에 있어 보안역량의 조절효과를 탐색하였다. 이를 위해 2(프라이버시 염려 고/저) × 2(보안역량 고/저) 집단 간 실험설계를 적용하여 총 4개의 집단을 대상으로 5가지 유형의 인터넷 활동성에 대한 분산분석을 실시하였다. 그 결과, 프라이버시 염려는 인터넷 활동성에 주 효과로 작용하는 것으로 나타났으며, 보안역량은 이 관계에서 조절적 역할을 하는 것으로 나타났다. 이는 프라이버시 염려가 있음에도 불구하고 인터넷을 통한 편익을 누리기 위해 개인정보 침해를 무릅쓰고 혹은 방어하며 인터넷 활동을 하기 때문인 것으로 판단된다. 본 연구는 최근 이슈가 되고 있는 프라이버시 역설에 대한 쟁점을 인터넷 활동의 유형 측면에서 조명하고 있다는데 학문적 의의가 있다. 또한 인터넷으로 연결된 사회 속에서 표현의 자유를 추구하는 개인들의 온라인 활동을 담보하기 위해서는 무엇보다 보안역량 제고를 위한 실무적 노력이 필요함을 시사한다.

• Journal of Information Technology Applications and Management
• /
• 제31권3호
• /
• pp.93-104
• /
• 2024

This study conducts an in-depth analysis of user reviews from three leading metaverse platforms - Minecraft, Roblox, and Zepeto - using advanced topic modeling techniques to uncover key factors for business success. By examining a substantial dataset of user feedback, we identified and categorized the main themes and concerns expressed by users. Our analysis revealed that common issues across all platforms include technical functionality problems, user engagement and interest, payment concerns, and connection difficulties. Specifically, Minecraft users highlighted the importance of adventure and creativity, Roblox users expressed significant concerns about security and fraud, and Zepeto users focused heavily on the fairness of the in-game economy. The findings suggest that for metaverse platforms to achieve sustained success, they must prioritize the resolution of technical issues, enhance features that foster user engagement, ensure reliable connectivity, and address platform-specific concerns such as security for Roblox and payment fairness for Zepeto. These insights provide valuable guidance for developers and business strategists, emphasizing the need for robust technical infrastructure, engaging and diverse content, seamless user access, and transparent and fair economic systems. By addressing these key areas, metaverse platforms can improve user satisfaction, build a loyal user base, and secure long-term success in an increasingly competitive market.

• 한국소프트웨어감정평가학회 논문지
• /
• 제17권2호
• /
• pp.125-142
• /
• 2021

Reports of rampant cross-site scripting (XSS) vulnerabilities raise growing concerns on the effectiveness of current Static Analysis Security Testing (SAST) tools as an internet security device. Attentive to these concerns, this study aims to examine seven open-source SAST tools in order to account for their capabilities in detecting XSS vulnerabilities in PHP applications and to determine their performance in terms of effectiveness and analysis runtime. The representative tools - categorized as either text-based or graph-based analysis tools - were all test-run using real-world PHP applications with known XSS vulnerabilities. The collected vulnerability detection reports of each tool were analyzed with the aid of PhpStorm's data flow analyzer. It is observed that the detection rates of the tools calculated from the total vulnerabilities in the applications can be as high as 0.968 and as low as 0.006. Furthermore, the tools took an average of less than a minute to complete an analysis. Notably, their runtime is independent of their analysis type.

• 시큐리티연구
• /
• 제3호
• /
• pp.385-405
• /
• 2000

In the Present thesis, at temps were to study with the study on the terror with laser weapons. Chapter I which sets out purpose, scope and method. Chapter II concerns the general definition of laser weapons. Chapter III explain at length overview about development of laser weapons. Chapter IV suggest the terror with laser weapons and the counterplan against it. It is followed by concluding observation made in chapter V. To we operated security systems effectively, these need to be regulated according to a security measures organizations, laser facilities and equipments, laser plan and protective force, laser operations and so forth.

• 한국콘텐츠학회논문지
• /
• 제19권5호
• /
• pp.194-204
• /
• 2019

최근 모바일 결제 앱 시장이 점차 확대되고 있으나 보안과 프라이버시에 대한 염려로 인하여 모바일 결제 앱 사용률이 서비스 제공자들의 기대에 미치지 못하고 있다. 본 연구는 모바일 결제 앱을 사용하는 개인의 성향과 결제 앱 자체의 보안 신호가 사용자들의 인지된 개인정보 유출 위험과 보안 위험에 어떠한 영향을 주며, 이러한 요인들이 최종적으로 어떻게 모바일 결제 앱의 신뢰에 영향을 주는지 설문을 통하여 살펴보았다. 그 결과, 프라이버시 염려도는 인지된 개인정보 유출 위험을 증가시키고 모바일 시스템 보안 정도를 감소시키는 반면, 친숙도, 인지된 명성, 보안 마크는 인지된 개인정보 유출 위험을 감소시키고 모바일 시스템 보안 정도를 증가시키는 것으로 나타났다. 마지막으로 인지된 개인정보 유출 위험의 감소와 모바일 시스템 보안의 증가가 모바일 결제 앱의 신뢰도에 긍정적 영향을 미친다는 점을 밝혔다.

• 시큐리티연구
• /
• 제2호
• /
• pp.33-60
• /
• 1999

I Study on the security measures of the World Cup Korea and Japan jointly in 2002. The paper, purporting to consider security counterplans, comprise five chapters. Chapter I which sets out purpose, scope and method, is followed by chapter II, dealing largely with the legislations and importance on the security measures of the 17th FIFA World Cup in 2002. Chapter III concerns the security environment -internal environment, external environment- and the highlights accidents and events of history on the FIFA World Cup. Chapter IV consider security measures of the World Cup Korea in 2002. It is followed by concluding observation made in chapter V. To be operated security systems effectively, these need to be regulated according to a security measures organizations, security facilities and equipments, security plan and protective force, security operations and so forth.

• International Journal of Computer Science & Network Security
• /
• 제22권7호
• /
• pp.229-239
• /
• 2022

Today's Internet of Things (IoT) has had a dramatic increase in the use of various daily aspects. As a consequence, many homes adopt IoT technology to move towards the smart home. So, the home can be called smart when it has a range of smart devices that are united into one network, such as cameras, sensors, etc. While IoT smart home devices bring numerous benefits to human life, there are many security concerns associated with these devices. These security concerns, such as user privacy, can result in an insecure application. In this research, we focused on analyzing the vulnerabilities of IoT smart home cameras. This will be done by designing a new model that follows the STRIDE approach to identify these threats in order to afford an efficient and secure IoT device. Then, apply a number of test cases on a smart home camera in order to verify the usage of the proposed model. Lastly, we present a scheme for mitigation techniques to prevent any vulnerabilities that might occur in IoT devices.