• Korean Security Journal
• /
• no.30
• /
• pp.117-138
• /
• 2012

To cope with rapidly increasing crimes, the Smart-home system has become common to minimize and prevent crimes in the residential space. Accordingly, the interest on the security-related Smart-home system is also increasing. First is the establishment of Smart-home security standard. At present, the Smart-home security systems are implemented by individual policies of construction companies or by the requirement of residents. Each construction company has their own characteristics in the Smart-home security system; while there is no standardized system. Second is the introduction of Smart-home security certificate system. Like people have certificates, now the residential spaces may also need certificates. A certificate system that represents the performance of residential spaces cannot be an absolute criterion in the evaluation of apartment quality, however, it can be a basic requirement for the convenient residential environment and policies being implemented by the government. If a certificate system would be introduced, construction companies will compete with each other to provide with better security system and apartment operation companies will hire more specialized security personnel in order to get higher certificates. Consequently, better security of residential space will be secured. It is also required to develop and establish response measures by studying the key changes and trends of Smart-home security system. The advance in mechanical security devices will bring about more changes in the future. Therefore, more various in-depth studies are required on the basic specifications of security system in the residential spaces.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.8
• /
• pp.2801-2808
• /
• 2010

The technology of WiBro, combining advantages of high speed internet and wireless internet provides the effectiveness and convenience provided by broadband and convergence. WiBro has developed due to supports of the related industries. The advancement of WiBro have created driving force for network advancement. WiBro is a niche market among high speed Internet, wireless LAN, Mobile phone, wireless internet. Through building relationship between market share and the existed telecommunication service, WiBro could improve the convenience of users. The security controls have to be built considering vulnerabilities of WiBro. Based on the study, the architecture of WiBro was suggested through reviewing the vulnerabilities and security controls in the wireless network and wire network. The appropriate security measures to be applied in the environment of WiBro. The outcomes of the study could improve the usage of WiBro.

• KIPS Transactions on Computer and Communication Systems
• /
• v.3 no.12
• /
• pp.463-478
• /
• 2014

Portal site is not only providing search engine and e-mail service but also various services including blog, news, shopping, and others. The fact that average number of daily login for Korean portal site Naver is reaching 300 million suggests that many people are using portal sites. With the increase in number of users followed by the diversity in types of services provided by portal sites, the attack is also increasing. Most of studies of password authentication is focused on threat and countermeasures, however, in this study, we analyse the security threats and security requirement of membership, login, password reset first phase, password reset second phase. Also, we measure security score with common criteria of attack potential. As a result, we compare password authentication system of domestic and abroad portal sites.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.22 no.6
• /
• pp.299-312
• /
• 2023

Recently, the electronic control unit (ECU) has been integrating several functions into one beyond simple convenience functions. Accordingly, ECUs have more functions and external interfaces than before, and various cybersecurity problems are arising. The United Nations Economic Commission for Europe (UNECE) World Forum for Harmonization of Vehicle Regulations (WP.29) issued UN Regulation No.155 to establish international standards for vehicle cybersecurity management systems in light of the growing threats to vehicle cybersecurity. According to international standards, vehicle manufacturers are required to establish a Cybersecurity Management System (CSMS) and receive a Vehicle Type Approval (VTA). However, opinions were raised that the implementation period should be adjusted because domestic preparations for this are insufficient. Therefore, in this paper, we propose a web-based solution that maps a checklist to check the status of CSMS in the requirement and various vehicle security companies and solutions to mitigate the identified gap.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.11a
• /
• pp.1279-1280
• /
• 2010

There are some cases when SOAP message, where WS-Security and WS-Policy elements are included, may consist of a sensitive and important data. In these cases, the message is highly recommended to be secured. The question exists of how to quickly identify that SOAP message satisfies security requirement and security level of a SOAP message. In this paper, we propose a technique called Bit-Stream which depends on the importance of SOAP elements to automatically identify the vulnerabilities and risks while offering advice for higher security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1027-1037
• /
• 2012

With response to the critical issue of global warming, Smart Grid system has been extensively investigated as next efficient power grid system. Domestically, Korean is trying to expand the usage of Electric Vehicles (EVs) and the charging infrastructure in order to replace the current transportation using fossil fuels holding 20% of overall CO2 emission. The EVs charging infrastructures are combined with IT technologies to build intelligent environments but have considerable number of cyber security issues because of its inherent nature of the technologies. This work not only provides logical architecture of EV charging infrastructures with security threats based on them but also analyses security requirements against security threats in order to overcome the adversarial activities to Smart Grid.

• International Journal of Computer Science & Network Security
• /
• v.24 no.6
• /
• pp.153-160
• /
• 2024

Information technology plays an important role in healthcare. The cloud has several applications in the fields of education, social media and medicine. But the advantage of the cloud for medical reasons is very appropriate, especially given the large volume of data generated by healthcare organizations. As in increasingly health organizations adopting towards electronic health records in the cloud which can be accessed around the world for various health issues regarding references, healthcare educational research and etc. Cloud computing has many advantages, such as "flexibility, cost and energy savings, resource sharing and rapid deployment". However, despite the significant benefits of using the cloud computing for health IT, data security, privacy, reliability, integration and portability are some of the main challenges and obstacles for its implementation. Health data are highly confidential records that should not be made available to unauthorized persons to protect the security of patient information. In this paper, we discuss the privacy and security requirement of EHS as well as privacy and security issues of EHS and also focus on a comprehensive review of the current and existing literature on Electronic health that uses a variety of approaches and procedures to handle security and privacy issues. The strengths and weaknesses of some of these methods were mentioned. The significance of security issues in the cloud computing environment is a challenge.

• Proceedings of the IEEK Conference
• /
• 2002.06c
• /
• pp.189-192
• /
• 2002

This paper has been studied some security issues o( stream control transmission protocol and designed some functional requirement for IPsec and IKE to facilitate their use for securing SCTP. In particular, some additional support in the form of new ID type in IKE and some implementation choices in the IPsec processing to accomodate for the multiplicity of source and destination addresses associated with a single SCTP association.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.344-365
• /
• 2020

Providing security has been always on priority in all areas of computing and communication, and for the systems that are low on computing power, implementing appropriate and efficient security mechanism has been a continuous challenge for the researchers. Radio Frequency Identification (RFID) system is such an environment, which requires the design and implementation of efficient security mechanism. Earlier, the security protocols for RFID based on hash functions and symmetric key cryptography have been proposed. But, due to high strength and requirement of less key size in elliptic curve cryptography, the focus of researchers has been on designing efficient security protocol for RFID based on elliptic curves. In this paper, an efficient elliptic curve signcryption based security protocol for RFID has been proposed, which provides mutual authentication, confidentiality, non-repudiation, integrity, availability, forward security, anonymity, and scalability. Moreover, the proposed protocol successfully provides resistance from replay attack, impersonation attack, location tracking attack, de-synchronization attack, denial of service attack, man-in-the-middle attack, cloning attack, and key-compromise attack. Results have revealed that the proposed protocol is efficient than the other related protocols as it takes less computational time and storage cost, especially for the tag, making it ideal to be used for RFID systems.

• Convergence Security Journal
• /
• v.20 no.1
• /
• pp.69-75
• /
• 2020

The command control system, like the human brain and nervous system, is a linker that connects the Precision Guided Missile(PGR) in information surveillance and reconnaissance (ISR) and is the center of combat power. In establishing the future command and control system, the ROK military should consider not only technical but also institutional issues. The US Department of Defense establishes security policies, refines them, and organizes them into architectural documents prior to the development of the command and control system. This study examines the security architecture applied to the US military command control system and analyzes the current ROK military-related policies (regulations) to identify security requirements for the future control system. By grouping the identified security requirements, this study identifies and presents field-specific enhancements to existing security regulations.