• Title/Summary/Keyword: trusted platform

Search Result 49, Processing Time 0.022 seconds

A Study on the Simplification of Customs Procedures and the Protection Measures for the Importer's Interests through the Utilization of e-D/O (세관의 통관절차 간소화 조치에 따른 수입화물의 불법반출을 예방하기 위한 e-D/O 활용지원 방안)

  • Park, Seung-Lak
    • International Commerce and Information Review
    • /
    • v.6 no.3
    • /
    • pp.203-224
    • /
    • 2004
  • The purpose of this study is to review and analyze the protection measures for the importer's interests through the utilization of electronic delivery order(e-D/O) with the implementation of trade facilitation measures such as the simplification of customs procedures by the Korea Customs Service. The Korea Customs Service has been introducing several custom facilitation measures through the use of EDI system in the export and import processes. Korea has also already achieved a comparable level of sophistication in trade automation and custom simplification field. However, the full benefits of the trade automation and custom simplification measures have not yet achieved through the frequent illegal delivery of the imported goods in the bonded areas. Therefore, it is argued in this study that the introduction and the full utilization of e-D/O would help to reap the trade automation and custom simplification measures in Korea. In conclusion, it is emphasized that it would be very crucial for the Korean government to introduce the trusted repository for distribution of the electronic trade-related documents and the construction of the one stop single window platform for the trade and customs facilitation.

  • PDF

Energy-Efficient Algorithm for Assigning Verification Tasks in Cloud Storage

  • Xu, Guangwei;Sun, Zhifeng;Yan, Cairong;Shi, Xiujin;Li, Yue
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.11 no.1
    • /
    • pp.1-17
    • /
    • 2017
  • Mobile Cloud Computing has become a promising computing platform. It moves users' data to the centralized large data centers for users' mobile devices to conveniently access. Since the data storage service may not be fully trusted, many public verification algorithms are proposed to check the data integrity. However, these algorithms hardly consider the huge computational burden for the verifiers with resource-constrained mobile devices to execute the verification tasks. We propose an energy-efficient algorithm for assigning verification tasks (EEAVT) to optimize the energy consumption and assign the verification tasks by elastic and customizable ways. The algorithm prioritizes verification tasks according to the expected finish time of the verification, and assigns the number of checked blocks referring to devices' residual energy and available operation time. Theoretical analysis and experiment evaluation show that our algorithm not only shortens the verification finish time, but also decreases energy consumption, thus improving the efficiency and reliability of the verification.

An Implementation of Secure boot Using TPM in Embedded System (TPM을 활용한 임베디드 시스템 환경의 보안 부팅 구현)

  • Kim, Jin-Woo;Lee, Sang-Gil;Ko, Jae-Yong;Lee, Cheol-Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.5
    • /
    • pp.949-960
    • /
    • 2019
  • Due to miniaturization of electronic devices and development of IoT(Internet of Things), embedded system have been used in various field. Meanwhile, there is a potential vulnerability by the insufficient of system's security. In this paper, we implement secure boot using TPM to protect the integrity of embedded system environment. The Suggestion considers the required availability in the embedded system and detects the system's tampering at secure boot process via TPM. In addition, we have reinforced the confidentiality through AES encryption of the kernel at secure boot.

An Incentive Mechanism Design for Trusted Data Management on Internet of Vehicle with Decentralized Approach (분산형 접근 방식을 적용한 차량 인터넷에서 신뢰할수 있는 데이터 관리를 위한 인센티브 메커니즘 설계)

  • Firdaus, Muhammad;Rhee, Kyung-Hyune
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.31 no.5
    • /
    • pp.889-899
    • /
    • 2021
  • This paper proposes a reliable data sharing scheme on the internet of vehicles (IoV) by utilizing blockchain technology for constructing a decentralized system approach. In our model, to maintain the credibility of the information messages sent by the vehicles to the system, we propose a reputation rating mechanism, in which neighboring vehicles validate every received information message. Furthermore, we incorporate an incentive mechanism based on smart contracts, so that vehicles will get certain rewards from the system when they share correct traffic information messages. We simulated the IoV network using a discrete event simulator to analyze network performance, whereas the incentive model is designed by leveraging the smart contract available in the Ethereum platform.

Secure Hardware Virtualization Framework on Insider Attack (내부자 공격에 안전한 하드웨어 가상화 프레임워크)

  • Kim, Hunmin;Eun, Hasoo;Ha, Dongsu;Oh, Heekuck
    • Annual Conference of KIPS
    • /
    • 2013.11a
    • /
    • pp.853-856
    • /
    • 2013
  • 최근 클라우드 서비스가 발전함에 따라 향상된 자원 활용과 소프트웨어 이식성을 증가시키기 위한 하드웨어 가상화 기술 또한 성장하고 있다. 가상화의 특성상 이를 구동하고 관리하는 시스템 관리자가 메모리, 하드디스크 드라이브와 같은 컴퓨팅 리소스에 접근할 수 있다. 관리자에 의한 Cold-boot Attack이나 내부 명령어를 통해서 메모리 상의 데이터가 유출될 수 있으므로 개인정보와 기밀문서와 같은 민감한 데이터의 노출 위험이 발생한다. C. Li 등은 Guest OS의 가상 메모리 기본 단위인 페이지를 암호화하여 관리자에게 메모리 상의 데이터가 노출되지 않도록 막는 기법을 제안하였다. 하지만 페이지 암호화에 사용되는 키를 하이퍼바이저상에서 구하는 과정에서 키가 노출된다는 문제점이 발생한다. 본 논문에서는 내부자 공격에 안전한 가상 머신 프레임워크를 제안한다. IOMMU(Input/Output Memory Management Unit)를 사용하여 직접 하드웨어 디바이스에 접근 가능한 Guest OS를 생성하고 TPM(Trusted Platform Module) 가상화를 사용하여 시스템 관리자가 알 수 없도록 암호 키를 생성/관리한다. 하이퍼바이저는 이 암호 키를 사용하여 Guest OS의 페이지를 암호화한다. 이를 통해 관리자에게 키를 노출하지 않고 Guest OS 메모리 상의 데이터를 보호할 수 있다.

Study on Mechanism of Preventing Application Piracy on the Android Platform (안드로이드 어플리케이션 위변조 방지를 위한 방안 연구)

  • Lee, Kwang-Hyoung;Kim, Jae-Yong
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.15 no.11
    • /
    • pp.6849-6855
    • /
    • 2014
  • Recently, with the increasing use of smart phones, security issues, such as safety and reliability of the use of the Android application has become a topic to provide services in various forms. An Android application is performed using several important files in the form of an apk file. On the other hand, they may be subject to unauthorized use, such as the loss of rights and privileges due to the insertion of malicious source code of these apk files. This paper examines the Android environment to study ways to define the threats related to the unauthorized use of the application source code, and based on the results of the analysis, to prevent unauthorized use of the application source code. In this paper, a system is provided using a third body to prevent and detect applications that have been counterfeited or forged illegally and installed on Android devices. The application provides services to existing systems that are configured with only the service server that provides users and applications general, This paper proposes the use of a trusted third party for user registration and to verify the integrity of the application, add an institution, and provide a safe application.

Addressing Mobile Agent Security through Agent Collaboration

  • Jean, Evens;Jiao, Yu;Hurson, Ali-R.
    • Journal of Information Processing Systems
    • /
    • v.3 no.2
    • /
    • pp.43-53
    • /
    • 2007
  • The use of agent paradigm in today's applications is hampered by the security concerns of agents and hosts alike. The agents require the presence of a secure and trusted execution environment; while hosts aim at preventing the execution of potentially malicious code. In general, hosts support the migration of agents through the provision of an agent server and managing the activities of arriving agents on the host. Numerous studies have been conducted to address the security concerns present in the mobile agent paradigm with a strong focus on the theoretical aspect of the problem. Various proposals in Intrusion Detection Systems aim at securing hosts in traditional client-server execution environments. The use of such proposals to address the security of agent hosts is not desirable since migrating agents typically execute on hosts as a separate thread of the agent server process. Agent servers are open to the execution of virtually any migrating agent; thus the intent or tasks of such agents cannot be known a priori. It is also conceivable that migrating agents may wish to hide their intentions from agent servers. In light of these observations, this work attempts to bridge the gap from theory to practice by analyzing the security mechanisms available in Aglet. We lay the foundation for implementation of application specific protocols dotted with access control, secured communication and ability to detect tampering of agent data. As agents exists in a distributed environment, our proposal also introduces a novel security framework to address the security concerns of hosts through collaboration and pattern matching even in the presence of differing views of the system. The introduced framework has been implemented on the Aglet platform and evaluated in terms of accuracy, false positive, and false negative rates along with its performance strain on the system.

A Decentralized Face Mask Distribution System Based on the Decentralized Identity Management (블록체인 분산신원증명에 기반한 탈중앙화된 마스크 중복구매 확인 시스템)

  • Noh, Siwan;Jang, Seolah;Rhee, Kyung-Hyune
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.9 no.12
    • /
    • pp.315-320
    • /
    • 2020
  • Identity authentication is an important technology that has long been used in society to identify individuals and provide appropriate services. With the development of the Internet infrastructure, many areas have expanded into online areas, and identity authentication technologies have also expanded online. However, there is still a limit to identity authentication technology that relies entirely on trusted third parties like the government. A centralized identity management system makes the identification process between agencies with different identity management systems very complex, resulting in a waste of money and time for users. In particular, the limits of the centralized identity management system were clearly revealed in the face mask shortage in the 2020 COVID-19 crisis. A Decentralized Identity (DID) is a way for users to manage their identity on their own, and recently, a number of DID platform based on blockchain technology have been proposed. In this paper, we analyze the limitations of the existing centralized identity management system and propose a DID system that can be utilized in future national emergency situations such as COVID-19.

A Hybrid Blockchain-Based E-Voting System with BaaS (BaaS를 이용한 하이브리드 블록체인 기반 전자투표 시스템)

  • Kang Myung Joe;Kim Mi Hui
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.12 no.8
    • /
    • pp.253-262
    • /
    • 2023
  • E-voting is a concept that includes actions such as kiosk voting at a designated place and internet voting at an unspecified place, and has emerged to alleviate the problem of consuming a lot of resources and costs when conducting offline voting. Using E-voting has many advantages over existing voting systems, such as increased efficiency in voting and ballot counting, reduced costs, increased voting rate, and reduced errors. However, centralized E-voting has not received attention in public elections and voting on corporate agendas because the results of voting cannot be trusted due to concerns about data forgery and modulation and hacking by others. In order to solve this problem, recently, by designing an E-voting system using blockchain, research has been actively conducted to supplement concepts lacking in existing E-voting, such as increasing the reliability of voting information and securing transparency. In this paper, we proposed an electronic voting system that introduced hybrid blockchain that uses public and private blockchains in convergence. A hybrid blockchain can solve the problem of slow transaction processing speed, expensive fee by using a private blockchain, and can supplement for the lack of transparency and data integrity of transactions through a public blockchain. In addition, the proposed system is implemented as BaaS to ensure the ease of type conversion and scalability of blockchain and to provide powerful computing power. BaaS is an abbreviation of Blockchain as a Service, which is one of the cloud computing technologies and means a service that provides a blockchain platform ans software through the internet. In this paper, in order to evaluate the feasibility, the proposed system and domestic and foreign electronic voting-related studies are compared and analyzed in terms of blockchain type, anonymity, verification process, smart contract, performance, and scalability.