• Journal of Internet Computing and Services
• /
• v.11 no.4
• /
• pp.143-158
• /
• 2010

The illegal leakage of enterprise digital confidential information will threaten the enterprise with bankruptcy. Today since most small-and-medium companies have no capability to fight against illegally compromising their critically confidential documents in spite of knowing the leakage of them, strongly safe distribution system of the digital confidential documents should be designed so in secure as to prevent any malicious intent of embezzlement from accessing the critical information. Current DRM-based protection system is not always perfect to protect the digital secrets, even seems to leave the secrets open. Therefore our study has analyzed the illegal leakage paths that hackers attack against and the vulnerability of the current protection systems. As result, we study the group communication based system architecture satisfying the security conditions to make even legitimate working employee keep out of the confidential documents, without performance degradation. The main idea of this architecture is to stay every secrets in encrypted form; to isolate the encrypted documents from the crypto-key; to associate every entity with one activity and to authenticate every entity with DSA-based public key system; multiple authentication method make hackers too busy to get a privilege to access the secrets with too many puzzle pieces. This paper deal with the basic architectural structure for the above issues.

• Convergence Security Journal
• /
• v.10 no.4
• /
• pp.31-37
• /
• 2010

The risks and threats in IT security systems to protect, prevent damage and Risk should be minimized. Context of information security products such as information processing, storage, delivery, and in the process of information system security standards, That is the basic confidentiality, availability, integrity and secondary clarity, potential evidence, detection, warning and defense capabilities, to ensure sufficient and should be. Web services are the most important elements in the security, the web nature of port 80 for the service to keep the door open as a structure, Web applications, web sources and servers, networks, and to hold all the elements are fundamental weaknesses. Accordingly, these elements through a set of Web application development errors and set-up errors and vulnerabilities in Web applications using their own home pages and web servers to prevent hacking and to improve the efficiency of Web services is proposed methodology performs security BMT.

• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.79-88
• /
• 2020

Business consignment using personal information is increasing for the operating profit and work efficiency of Internet companies. If the personal information leakage accident occurs at the consignee, the consigner who provided personal information will be damaged greatly. The purpose of this study is to analyze the business attributes of consignee using consigned personal information and present a model that can be used to select companies with high risk of personal information leakage by considering the importance of the involved personal information. For this, personal information consignment relations, consignment services, and personal information items used were analyzed. Social network analysis and cluster analysis were applied to select companies with high network centrality that are advisable to obtain information security certification. The results of this study could be used to establish information protection strategies for private or public enterprises that manage companies using personal information.

• Journal of Digital Convergence
• /
• v.13 no.2
• /
• pp.177-183
• /
• 2015

Cross Site Scripting enables hackers to steal other user's information (such as cookie, session etc.) or to do abnormal functions automatically using vulnerability of web application. This attack patterns of Cross Site Scripting(XSS) can be divided into two types. One is Reflect XSS which can be executed in one request for HTTP and its reply, and the other is Stored XSS which attacks those many victim users whoever access to the page which accepted the payload transmitted. To correspond to these XSS attacks, some measures have been suggested. They are data validation for user input, output validation during HTML encoding procedures, and removal of possible risk injection point to prevent from trying to insert malicious code into web application. In this paper, the methods and procedures for these two types are explained and a penetration testing is done. With these suggestions, the attack by XSS could be understood and prepared by its countermeasures.

• Management & Information Systems Review
• /
• v.36 no.2
• /
• pp.261-276
• /
• 2017

One of the main objectives of this paper is to identify the mediating effects of both social and intellectual capitals in the relations between entrepreneurship and innovation performance in Small and Medium Businesses. Based on the previous literatures on their relationships, we set our research model and test our hypotheses through a questionnaire survey. The main results of our analyses are as followings: first, entrepreneurship has a significant effect on innovation performance; second, social capital has a significant mediating effect between entrepreneurship and innovation performance; and finally, there exists a significant mediating effect between intellectual capital and entrepreneurship. One of the main policy implications of this study would be that the level of both social and intellectual capitals, coupled with entrepreneurship, should be reinforced in order to improve innovation performance.

• Journal of Digital Convergence
• /
• v.13 no.9
• /
• pp.297-302
• /
• 2015

The increase in applying IT to vehicles has given birth to smart cars or connected cars. As smarts cars become connected with external network systems, threats to communication security are on the rise. With simulation test results supporting such threats to Convergence security in vehicular communication, concerns are raised over relevant vulnerabilities, while an increasing number of studies on secure vehicular communication are published. Hacking attacks against vehicles are more dangerous than other types of hacking attempts because such attacks may threaten drivers' lives and cause social instability. This paper designed a Convergence security protocol for inter-vehicle and intra-vehicle communication using a hash function, nonce, public keys, time stamps and passwords. The proposed protocol was tested with a formal verification tool, Casper/FDR, and found secure and safe against external attacks.

• Proceedings of the Korean Institute Of Construction Engineering and Management
• /
• 2007.11a
• /
• pp.983-986
• /
• 2007

Concrete surface grinding is required for flatness and adhesiveness of concrete surface. The procedure is, however, labor intensive and has a hazardous work condition. Also, the productivity and the quality of concrete surface grinding depend on the levels of worker. Thus, the development of remote controlled concrete surface grinding equipment is necessary to prevent the environmental pollution and to protect the workers from hazardous work condition. However, it is difficult to evaluate the grinded surface objectively in a remote controlled system. The machine vision system developed in this study takes the images of grinded surface with the network camera for image processing. Then, by representing the quality test results to the graphic MMI program of the remote control station, the quality control system is constructed. The machine vision algorithm means the image processing algorithm of grinded concrete surface and this paper presents the objective quality control standard of grinded concrete surface through the application of the suggested algorithm.

• Journal of the Korean Institute of Gas
• /
• v.8 no.1 s.22
• /
• pp.30-36
• /
• 2004

Although the usage of gas as one of the most economical energy source is ever expanding, numerous gas accidents occur as a result of negligence in safety management. The main reason behind such accident is that the current safety control system relies heavily on the manual control mechanism. This paper designed and developed a prototype of a computerized gas safety control system that automates such critical functions as the alarm sensing and the valve control. Since the system is connected through a digital network, the control can be performed remotely. Most importantly, the accidental risk or damage can be greatly reduced since the system monitors and reacts actively to gas leakage in real time.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.9 no.1
• /
• pp.9-14
• /
• 2016

Recently the number of the elderly who live alone are increasing more and more as the average life span is prolonged. The elderly are probably in danger at home without being helped due to external aggressions or sudden health problems. Accordingly, more and more interests are taken in medical welfare for the healthy life of the seniors. In this paper, we have developed a mobility and vitality signal monitoring system based on ZigBee-PSTN gateway for the elderly. This combination of ZigBee wireless sensor network and PSTN can be easily established even in the poor internet infrastructure as is usually common for the elderly, with the advantage of providing non-constrained monitoring feature. The research result can be extended to the future tele-medicine system.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.13 no.3
• /
• pp.177-183
• /
• 2020

Steganography uses digital images as a medium for sending secret messages over insecure networks. There is also a least significant bit(LSB) that is a popular method of embedding secret messages in digital images. The goal of steganography is to securely and flawlessly transmit secret messages using stego media over a communication channel. There is a need for a method to improve resistance to reduce the risk of exposure to third parties. To safely hide secret messages, I propose new algorithms that go through crossing, encryption, chaos and concealment steps. After separating Hangul syllables into choseong, jungseong and jongseong, the bitwised message information is encrypted. After applying the logistic map, bitwised information is reconstructed using the position of the chaotic sequence. The secret message is inserted into the randomly selected RGB channel. PSNR and SSIM were used to confirm the effectiveness of the applied results. It was confirmed as 44.392(dB) and 0.9884, respectively.