• Journal of KIISE:Computing Practices and Letters
• /
• v.12 no.2
• /
• pp.141-148
• /
• 2006

This paper suggests method of safe security S/W by verifying and its result of formal verification tool. We will survey many formal verification tools and compare features of these tools. And we will suggest what tool is appropriate and methodogoly of developing safe security S/W. The Z/EVES is the most appropriate tool. This paper proposes formal verification of ACS by using RoZ tool which is formal verification tool to create UML model. The specification and verification are executed using Z/EVES tool. These procedures can find weak or wrong point of developed S/W.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.05a
• /
• pp.1091-1094
• /
• 2005

보안 소프트웨어 개발을 위한 정형 기법은 소프트웨어의 안정성과 신뢰성을 보장할 수 있는 기반을 마련해 준다. 정형화 기법에는 정형 명세와 정형 검증으로 분류할 수 있으며, 이를 위해 여러 도구가 제공되고 있다. 본 논문에서는 보안 소프트웨어 개발을 위한 RoZ 정형 명세 도구를 이용하여 ACS(Access Control System)의 UML 모델을 통한 Z 명세 자동 생성 과정을 살펴본다. 그리고, 정형 검증 도구인 Z/EVES를 이용하여 ACS 의 특정 기능의 명세에 대한 검증 과정을 수행함으로써, 소프트웨어 설계에 따른 보안 소프트웨어의 안정성을 보장할 수 있는 개발 방안을 제시하였다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.63-65
• /
• 2021

This paper describes an integrated H/W-S/W implementation of elliptic curve digital signature algorithm (EC-DSA) using a security system-on-chip (SoC). The security SoC uses the Cortex-A53 APU as CPU, and the hardware IPs of high-performance elliptic curve cryptography (HP-ECC) core and SHA3 (secure hash algorithm 3) hash function core are interfaced via AXI4-Lite bus protocol. The signature generation and verification processes of EC-DSA were verified by the implementation of the security SoC on a Zynq UltraScale+ MPSoC device.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2016.01a
• /
• pp.105-106
• /
• 2016

본 논문에서는 S/W 개발 보안 지침에서 설계 단계의 보안 코딩 지침을 알려준다. 크로스 사이트 스크립트 공격 취약점(XSS)에서부터 자원 삽입 까지 S/W 보안 취약점의 주요 내용을 입력 데이터의 검증 및 표현에 맞추어 지침을 전달하도록 한다.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.3
• /
• pp.131-138
• /
• 2008

This paper designed an Internet Convention e-Portal Information System through an experience and knowledges accumulated in case of information utilization regarding international meeting and conventions in knowledge information societies. Established the Non-stop Cluster system that was the H/W side, L4 and the applied system which was the 3-tier structure and Firewall, VPN, IDS/IPS security control system, S/W side, that utilized the WAS MVC architecture used WAS and a SOA architecture. an ASP EAI function. A user and a manager, designs and constructor, the user efficiency who were an evaluation basis of a Verification commissioner, Ubiquitous evaluated system stability. Information security anger, and evaluated former system and comparison. Therefore is evaluated to the excellent Convention e-Portal Systems that a performance 25.9% improvement consisted of compare with the existing Convention e-Portal Systems, and will contribute so as to be able to carry out-driven enemy role in development of the industrial our country Convention Ubiquitous Internet IT information Industry and International Society Conventions.

• Journal of IKEEE
• /
• v.23 no.2
• /
• pp.508-516
• /
• 2019

Smart home with various IoT devices provides convenient and efficient services. However, security is important because sensitive information such as private video and audio can be collected and processed, as well as shared over the Internet. To manage such smart home IoT devices, we use blockchain technology that provides data integrity and secure management. In this paper, we utilize a PoS(Proof of Stake) method that verifies the block through the accumulated stake in the network rather than the computation power, out of the PoW(Proof of Work) block chain, in which the computation for the existing verification must be continuously performed. Among them, we propose a blockchain based system with DPoS(Delegated Proof of Stake) method to actively solve the scalability part, for security that is suitable for smart home IoT environment. We implement the proposed system with DPoS based EOSIO to show realization, and we show performance improvement in terms of transaction processing speed.

• Journal of the Korean Society of Safety
• /
• v.14 no.4
• /
• pp.204-210
• /
• 1999

We propose an optical fingerprint identification system using volume hologram for database of matched filter. Matched filters in VanderLugt correlator are recorded into a volume hologram that can store data with high density, transfer them with high speed, and select a randomly chosen data element. The multiple reference fingerprint photographs of database are prerecorded in a photorefractive material in the form of Fourier transform images, simply by passing the image displayed in a spatial light modulator through a Fourier transform lens. The angular multiplexing method for multiple holograms of database is achieved by controlling the reference directions with a step motor. Experimental results show that the proposed system can be used for secure entry systems to identify individuals for access to a restricted area, security verification of credit cards, passports, and other IDs.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.3 no.2
• /
• pp.166-178
• /
• 2000

As the 21st century signifies an information-oriented society, the computer integration takes place in all walks of human presence. Needs for computer and network-integrated automation present new challenges in military as well as commercial facility systems engineering. Since the first intelligent building appeared in USA in 1984, it gradually became an essential capability for the building industry requirement these days. Intelligent Building System(IBS) is evolving to be very complex because there are many subsystems such as telecommunication(TC), office automation(OA), building automation(BA), security, construction environments, etc. During the planing phase of IBS development, therefore, a disciplined systems engineering must be performed to analyze stake- holder's requirements to build an optimized system while minimizing trial-and-error expenses and risks. This paper presents a conceptual design of BAS applying systems engineering methods. The contribution of this study includes the development of IBS subsystem specification for building automation subsystem, which is a part of IBS, using the methodology of requirement analysis, functional analysis, synthesis, and verification. A computer-aided systems engineering s/w, RDD-100, was used to improve the system design efficiency and to promote the product design knowledge management for reuse in later design programs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.6
• /
• pp.95-109
• /
• 2006

Elliptic Curve Cryptosystem (ECC) is suitable for resource-constrained devices such as smartcards, and sensor motes because of its short key size. This paper presents an efficient multi-scalar multiplication algorithm which is the main component of the verification procedure in Elliptic Curve Digital Signature Algorithm (ECDSA). The proposed algorithm can make use of a precomputed table of variable size and provides an optimal efficiency for that precomputed table. Furthermore, the given scalar is receded on-the-fly so that it can be merged with the main multiplication procedure. This can achieve more savings on memory than other receding algorithms. Through experiments, we have found that the optimal sizes of precomputed tables are 7 and 15 when uP+vQ is computed for u, v of 163 bits and 233 bits integers. This is shown by comparing the computation time taken by the proposed algorithm and other existing algorithms.