• Journal of Internet Computing and Services
• /
• v.12 no.1
• /
• pp.55-70
• /
• 2011

In this paper, we propose a policy-driven RFID data management event definition language, which is possibly applicable as a partial standard for SSI (Software System Infrastructure) Part 4 (Application Interface, 24791-4) defined by ISO/IEC JTC 1/SC 31/WG 4 (RFID for Item Management). The SSI's RFID application interface part is originally defined for providing a unified interface of the RFID middleware functionality―data management, device management, device interface and security functions. However, the current specifications are too circumstantial to be understood by the application developers who used to lack the professional and technological backgrounds of the RFID middleware functionality. As an impeccable solution, we use the concept of event-constraint policy that is not only representing semantic contents of RFID domains but also providing transparencies with higher level abstractions to RFID applications, and that is able to provide a means of specifying event-constraints for filtering a huge number of raw data caught from the associated RF readers. Conclusively, we try to embody the proposed concept by newly defining an XML-based RFID event policy definition language, which is abbreviated to rXPDL. Additionally, we expect that the specification of rXPDL proposed in the paper becomes a technological basis for the domestic as well as the international standards that are able to be extensively applied to RFID and ubiquitous sensor networks.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.8
• /
• pp.5294-5302
• /
• 2014

The development of public-key-based technique that enables a variety of services(E-government, e-banking, e-payment, etc.) evaluated as having complete safety. On the other hand, vulnerabilities(e.g, heartbleed bug, etc.) are constantly being discovered. In this paper, a public key infrastructure to verify the safety and reliability, the collision rate using OpenSSL key pair was analyzed. the experiment was performed using the following procedure. Openssl was used to create five private certification agencies, and each of the private certificate authority certificates to create 2 million, generating a total of 10 million by the certificate of the key pair conflicts analysis. The results revealed 35,000 in 1 million, 0.35% chance of a public key, a private key conflict occurred. This is sufficient in various fields(E-payment, Security Server, etc.). A future public-key-based technique to remove the threat of a random number generator, large minority issues, in-depth study of selection will be needed.

• Journal of Internet Computing and Services
• /
• v.18 no.6
• /
• pp.35-46
• /
• 2017

Recently, attackers using malicious code in cyber security have been increased by attaching malicious code to a mail and inducing the user to execute it. Especially, it is dangerous because it is easy to execute by attaching a document type file. The author analysis is a research area that is being studied in NLP (Neutral Language Process) and text mining, and it studies methods of analyzing authors by analyzing text sentences, texts, and documents in a specific language. In case of attack mail, it is created by the attacker. Therefore, by analyzing the contents of the mail and the attached document file and identifying the corresponding author, it is possible to discover more distinctive features from the normal mail and improve the detection accuracy. In this pager, we proposed IADA2(Intelligent Attack mail Detection based on Authorship Analysis) model for attack mail detection. The feature vector that can classify and detect attack mail from the features used in the existing machine learning based spam detection model and the features used in the author analysis of the document and the IADA2 detection model. We have improved the detection models of attack mails by simply detecting term features and extracted features that reflect the sequence characteristics of words by applying n-grams. Result of experiment show that the proposed method improves performance according to feature combinations, feature selection techniques, and appropriate models.

• Journal of Internet Computing and Services
• /
• v.19 no.4
• /
• pp.53-63
• /
• 2018

The traditional mass media function of conveying information and forming public opinion has rapidly changed into an environment in which information and opinions are shared through social media with the development of ICT technology, and such social media further strengthens its influence. In other words, it has been confirmed that the influence of the public opinion through the production and sharing of public opinion on political, social and economic changes is increasing, and this change is already in use on the political campaign. In addition, efforts to grasp and reflect the opinions of the public by utilizing social media are being actively carried out not only in the political area but also in the public area. The purpose of this study is to explore the possibility of using social media based public opinion in educational policy. We collected media data, analyzed the main topic and probability of occurrence of each topic, and topic trends. As a result, we were able to catch the main interest of the public(the 'Domestic Computer Education Time' accounted for 43.99%, and 'Prime Project Selection' topics was 36.81% and 'Artificial Intelligence Program' topics was 7.94%). In addition, we could get a suggestion that flexible policies should be established according to the timing of the curriculum and the subject of the policy even if the category of the policy is same.

• Korean Journal of Agricultural and Forest Meteorology
• /
• v.21 no.4
• /
• pp.347-357
• /
• 2019

The usefulness of processing and analysis systems of GIS-based agricultural climate data is affected by the reliability and availability of computing infrastructures such as cloud, on-premises, and hybrid. Cloud technology has grown in popularity. However, various reference cases accumulated over the years of operational experiences point out important features that make on-premises technology compatible with cloud technology. Both cloud and on-premises technologies have their advantages and disadvantages in terms of operational time and cost, reliability, and security depending on cases of applications. In this study, we have described characteristics of four general computing platforms including cloud, on-premises with hardware-level virtualization, on-premises with operating system-level virtualization and hybrid environments, and compared them in terms of advantages and disadvantages when a huge amount of GIS-based agricultural climate data were stored and processed to provide public services of agro-meteorological and climate information at high spatial and temporal resolutions. It was found that migrating high-resolution agricultural climate data to public cloud would not be reasonable due to high cost for storing a large amount data that may be of no use in the future. Therefore, we recommended hybrid systems that the on-premises and the cloud environments are combined for data storage and backup systems that incur a major cost, and data analysis, processing and presentation that need operational flexibility, respectively.

• Journal of the Institute of Convergence Signal Processing
• /
• v.17 no.1
• /
• pp.10-17
• /
• 2016

GPS location information storage included in the HD black box is using a unique manner for each manufacturer does not have a specific standard. In this paper, in order to overcome the limitations of the storage space and thereby the image quality according to store GPS position information deteriorate to solve the problems that cause, we propose the location information concealment method included in the HDTV video content using a essential hidden region. HDTV video content is a Border Extender of 8 lines in the frame to the bottom of the compression will be required. This was inserted into the image of a gray scale used in block form in order to space the current position information is concealed to prevent image degradation. The proposed method was confirmed using real HD black box, there are more difficult to interpret the format of the ASCII code re-edit the location information when the compression effect disappears with the existing security zones added. Therefore, the proposed method is suitable for location-based services, such as Facebook or Youtube videos.

• The Journal of the Korea Contents Association
• /
• v.20 no.1
• /
• pp.356-363
• /
• 2020

As a becoming era of Internet-of-Things, various devices are connected via wire or wirless networks. Although every day life is more convenient, security problems are also increasing such as privacy, information leak, denial of services. Since ECC, a kind of public key cryptosystem, has a smaller key size compared to RSA, it is widely used for environmentally constrained devices. The key of ECC in constrained devices can be exposed to power analysis attacks during scalar multiplication operation. In this paper, a key-randomization method is suggested for scalar multiplication on SECG parameters. It is against differential power analysis and has operational efficiency. In order to increase of operational efficiency, the proposed method uses the property 2^lP=∓cP where the constant c is small compared to the order n of SECG parameters and n=2^l±c. The number of operation for the Coron's key-randomization scalar multiplication algorithm is 21, but the number of operation for the proposed method in this paper is (3/2)l. It has efficiency about 25% compared to the Coron's method using full random numbers.

• Journal of Convergence for Information Technology
• /
• v.10 no.7
• /
• pp.20-32
• /
• 2020

This study is to develop and provide a personal information protection framework that enables IoT service providers to safely and systematically operate personal information of IoT service subjects in the overall process of providing IoT devices and services. To this end, a framework for personal information framework was derived through literature survey, and FGI with experts, it was divided into three stages, each of three stages: IoT service provision process and IoT personal information processing process. The study conducted an e-mail survey of related experts using AHP techniques to determine the importance of the components of the selected personal information protection framework. As a result, in the IoT service provision process, the IoT product and service design and development stage (0.5413) is the most important, and in the IoT personal information processing process, personal information protection in the collection and retention of personal information (0.5098) is the most important. Therefore, based on this research, as the IoT service is spreading, it is expected that a safe personal information protection framework will be realized by preventing security threats and personal information infringement accidents.

• Journal of Convergence for Information Technology
• /
• v.10 no.11
• /
• pp.55-63
• /
• 2020

The IoT technology is a field that applies and converges the technologies in the existing industrial environment, instead of new technologies. The IoT technology is releasing various application services converged with other industries such as smart home, healthcare, construction, and automobile, and it is also possible to secure the work efficiency and convenience of users of IoT-based technologies. However, the security threats occurring in the IoT-based technology environment are succeeding to the vulnerability of the existing wireless network environment. And the occurrence of new and variant attacks in the combination with the ICT convergence environment, is causing damages. Thus, in the IoT technology-based environment, it would be necessary to have researches on the safe transmission of messages in the communication environment between user and device, and device and device. This thesis aims to design a safe communication protocol in the IoT-based technology environment. Regarding the suggested communication protocol, this thesis performed the safety analysis on the attack techniques occurring in the IoT technology-based environment. And through the performance evaluation of the existing PKI-based certificate issuance system and the suggested communication protocol, this thesis verified the high efficiency(about 23%) of communication procedure. Also, this thesis verified the reduced figure(about 65%) of the issued quantity of certificate compared to the existing issuance system and the certificate management technique.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.37 no.12
• /
• pp.91-97
• /
• 2000

With the brilliant development of information communication and the rapid spread of internet, current network communication is carrying several up-to-date functions such as electronic commerce, activation of electro currency or electronic signature and will produce more advanced services in the future. Information communication network such as that electronic commerce would demand the more safe and transparent guard of network, and anticipate the more fast performance of network. In this paper, in order to meet the several demands, DES(data encryption standard) with parallel feistel structure, which feistel structure of the basic structure of DES is transformed into in parallel, is proposed. The existing feistel structure can't use pipeline method for the structural problem of DES itself-the propagation of error. therefore, this modified parallel feistel structure could improve largely the performance of DES which had to have the trade-off relation between data processing speed and data security and in addition a method proposed in SEED having adopted the modified parallel feistel structure shows more excellent secure function and/or fast processing ability. The used CAD Tool use Synopsys Ver. 1999. 10 in both of synthesis and simulation.