• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.2
• /
• pp.73-90
• /
• 2010

Recently, Tan et al. introduced a serverless search protocol in which a mobile reader maintains a tag authentication list and authenticates a tag using the list without connecting authentication server. A serverless RFID system is different from general RFID systems which use on-line server models. In the serverless RFID system, since the mobility of a personalized reader must be considered, we have to protect not only the privacy of a tag but also the privacy of a mobile reader. In this paper, we define new security requirements for serverless RFID search system and propose a secure serverless RFID search system. In our system, since tag authentication information maintained by a reader is updated in every session, we can provide the backward untraceability of a mobile reader. Also we use an encrypted timestamp to block a replay attack which is major weakness of search protocols. In addition, we define a new adversary model to analyze a serverless RFID search system and prove the security of our proposed system using the model.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.11
• /
• pp.73-80
• /
• 2023

In this paper, a technology to protect important information from access in order to revitalize the cloud service market. A technology is proposed to solve the risk of leakage of important confidential and personal information stored in cloud systems, which is one of the various obstacles to the cloud service market. To protect important information, access control rights to cloud resources are granted to cloud service providers and general users. The system administrator has superuser authority to maintain and manage the system. Client computing services are managed by an external cloud service provider, and information is also stored in an external system. To protect important in-house information within the company, all users, it was designed to provide access authority with users including cloud service providers, only after they are authenticated. It is expected that the confidentiality of cloud computing resources and service reliability achieved through the proposed access control technology will contribute to revitalizing the cloud service market.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.6
• /
• pp.77-87
• /
• 2024

In this paper, we propose a study applying the Delphi technique to domestic blockchain experts to determine urgent and pivotal conditions for NFT proliferation. We examine these conditions from a PEST (Political, Economic, Social, and Technological Analysis of the Macro Environment) perspective, as well as the functions of digital assets (measurement, storage, and exchange). Through two rounds of expert surveys on the seven NFT perspectives, we identify 6 activating factors that can help guide future policy-making for the NFT market. These factors have broad implications for the development of new industries using blockchain technology and tokens. The Delphi method employed in this study is a group discussion technique that gathers opinions from experts anonymously through two rounds and to address drawbacks related to expert selection bias and opinion alignment, additional opinion collection and review of projections were conducted in each round.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.6
• /
• pp.59-68
• /
• 2007

The purpose of this paper is to evaluate usability quality through investigating the factors of usability for internet shopping mall websites. For this study, previous studies were investigated and experts' discussions were held. In result, six characters of usability were chosen such as content satisfaction. customer attraction satisfaction, price information satisfaction, public security satisfaction, user interface satisfaction. and process of transaction satisfaction that affect usability of shopping mall websites and the evaluation models of 72 detailed measure factors were established. Since these 72 sub-factors inc)ode the key words of HTML, XML, JSP, and ASP from the target websites. 33 measurable sub-factors in the information were measured through usability evaluation experiment. In addition, a questionnaire about usability measure factors was executed after preferable websites and not preferable websites are selected. After that, we verified the reasonability of usability measure model factors comparing the results of the evaluation experiment with the result of the questionnaire. The time it takes to measure the usability of shopping mall websites can be reduced by using this measurement supporting tool. Also, this tool may be used to estimate the usability during the development of a shopping mall website.

• Journal of the Korea Convergence Society
• /
• v.12 no.7
• /
• pp.143-151
• /
• 2021

Several researchers in the early days have studied the concept of creativity and its definition, but with the emergence of an unprecedented infectious disease, creativity attracts more attention in the academic world these days. It is because the ability to respond to change and create something that did not exist before has become an essential competency for survival. Therefore, we proposes a creativity textbook that can be used for teacher training based on a creative education practical strategy model for the purpose of enhancing the creativity of teachers in the field through analysis of various prior studies on creative education. And also, we developed the textbook to teach the principles of information security using creative storytelling techniques. In the teacher training using the textbook, the survey was conducted with 40 questions consisting of originality, fluency, elaboration, synthesis and organization factors in order to confirm the change in the teacher's creativity, and all factors were significantly improved. The textbooks developed in this study are meaningful in that it has increased the utilization of teachers' field education. We hope that this thesis will provide implications for the development of creative fusion textbooks, and related research will be actively conducted in the future.

• Journal of Convergence for Information Technology
• /
• v.8 no.1
• /
• pp.139-145
• /
• 2018

Ransomeware is a kind of malware. Computers infected with Ransomware have limited system access. It is a malicious program that must provide a money to the malicious code maker in order to release it. On May 12, 2017, with the largest Ransomware attack ever, concerns about the Internet security environment are growing. The types of Ransomware and countermeasures to prevent cyber terrorism are discussed. Ransomware, which has a strong infectious nature and has been constantly attacked in recent years, is typically in the form of Locky, Petya, Cerber, Samam, and Jigsaw. As of now, Ransomware defense is not 100% free. However, it can counter to Ransomware through automatic updates, installation of vaccines, and periodic backups. There is a need to find a multi-layered approach to minimize the risk of reaching the network and the system. Learn how to prevent Ransomware from corporate and individual users.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.793-798
• /
• 2003

The P2P service is a technology that can share their information with each other who is able to be connected ith a relating program without passing by a server. Since all personal compiters that linked to the internet under the P2P service can opetate as server or a client, they can provide and share both their information and services through the direct connection. Currently, the P2P service is giving an equal privilege to all users for sharing their resources,.Under this situation, a lot of vulnerability against the various sttacks through the Unternet is possoble, more sophisticated security services are necessary. In this paper, We propose and access control schemae using SPKI(Simple Public Key Infrastructure). The scheme designates and access and acces control by providing the certificate to users who request a connection for resource sharing and limits the resource usage of information provider according to the access right that is given to their own rights.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.2
• /
• pp.248-256
• /
• 2007

Recently, the network Infrastructure grows rapidly and the digital image compression technique has made remarkable progress. Therefore, the demand of the real-time image surveillance system which uses a network camera server has been increasing. Network Camera Server has emerged as an attractive alternative to the CCTV for the wireless video surveillance. In this article, the model of JPEG Streamer for collecting and delivering JPEG image is designed and realized as a key module for the wireless video surveillance system. The thread pool and shared memory have been used to improve the stability and efficiency of the JPEG Streamer. In addition, the concept of double buffering is of much benefit to improve the quality of real-time image. In this article, the wireless video surveillance system by using JPEG Streamer is suggested to send the real-time image through the wireless internet with the personal digital assistance (PDA).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.5
• /
• pp.53-62
• /
• 2001

Fast diffusion of personal computer and network, and developed security technology are augmenting specific gravity of convenient and safe electronic voting system supplementing much problems of existent off-line vote form. But in spite of enlargement of these weight, much limitations are extravagant. Specially, problem that secure voter\`s anonymousness and accuracy of poll can be important urea that judge if electronic voting system can be applied actually. Also, problems such as buying and selling of vote remain to subject that must solve yet. In this paper, we introduce items that is considered to design the safe electronic voting system, and present limitation of electronic polling system announced in [1]. And we propose improvement way. Improved protocol keeping advantages that is presented in [1], designed to keep away voter\`s anonymousness defamation by conspiracy of Election Administration Committee and Totaling Committee, and block unlawful election intervention as original.

• Journal of Internet of Things and Convergence
• /
• v.8 no.1
• /
• pp.79-85
• /
• 2022

Internet of Things (IoT) connects devices with various platforms, computing power, and functions. Due to the diversity of networks and the ubiquity of IoT devices, demands for security and privacy are increasing. Therefore, cryptographic mechanisms must be strong enough to meet these increased requirements, while at the same time effective enough to be implemented in devices with long-range specifications. In this paper, we present the performance and memory limitations of modern cryptographic primitives and schemes for different types of devices that can be used in IoT. In addition, detailed performance evaluation of the performance of the most commonly used encryption algorithms in low-spec devices frequently used in IoT networks is performed. To provide data protection, the binary ring uses encryption asymmetric fully homomorphic encryption and symmetric encryption AES 128-bit. As a result of the experiment, it can be seen that the IoT device had sufficient performance to implement a symmetric encryption, but the performance deteriorated in the asymmetric encryption implementation.