• Journal of Internet Computing and Services
• /
• v.20 no.5
• /
• pp.57-65
• /
• 2019

Creative works such as webtoon and web novel are part of property rights. However, illegal copies of them are distributed on the internet easily, which raises social issues in today's society. In order to tackle these problems, this paper proposes and presents a blockchain based copyright management system that ensures forgery prevention, robust security features, improving trading performance, cost-effective, and enhanced visibility. The system allows a user to register creative works formally just the same as before registration and also to register simple creative ideas just anytime. In the latter case, if an idea or a thought flashes across through somebody's mind, he or she can register it to the system immediately without formal registration process and afterward, can utilize a way to prove its originality through the system. Regarding large size images and video files of creative works, the system reduces data size and storage volume sharply to be processed by network entities by storing original creative works separately and including only the hash result of creative works to the transactions.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.12
• /
• pp.1688-1696
• /
• 2020

The paradigm of Internet-of-things(IoT) systems is changing from a cloud-based system to an edge-based system to solve delays caused by network congestion, server overload and security issues due to data transmission. However, edge-based IoT systems have fatal weaknesses such as lack of performance and flexibility due to various limitations. To improve performance, application-specific hardware can be implemented in the edge device, but performance cannot be improved except for specific applications due to a fixed function. This paper introduces a edge-centric metamorphic IoT(mIoT) platform that can use a variety of hardware through on-demand partial reconfiguration despite the limited hardware resources of the edge device, so we can increase the performance and flexibility of the edge device. According to the experimental results, the edge-centric mIoT platform that executes the reconfiguration algorithm at the edge was able to reduce the number of server accesses by up to 82.2% compared to previous studies in which the reconfiguration algorithm was executed on the server.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.1
• /
• pp.57-70
• /
• 1999

Since a hybrid firewall filters packets at a network layer along with providing gateway functionalities at an application layer, it has a better performance than an If filtering firewall. In addition, it provides both the various kinds of access control mechanisms and transparent services to users. However, the security policies of a network layer are different from those of an application layer. Thus, the user interfaces for managing a hybrid firewalls in a consistent manner are needed. In this paper, we implement a graphical user interface to provide access control mechanisms and management facilities for a hybrid firewall such as log analysis, a real-time monitor for network traffics, and the statisics on traffics. And we also propose a new rule script language for specifying access control rules. By using the script language, users can generate the various forma of access control rules which are adapted by the existing firewalls.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.2
• /
• pp.23-33
• /
• 2004

Because of a rapid growth of internet environment, it is also fast increasing to exchange message using e-mail. But, despite the convenience of e-mail, it is rising a currently bi9 issue to waste their time and cost due to the spam mail in an individual or enterprise. Many kinds of solutions have been studied to solve harmful effects of spam mail. Such typical methods are as follows; pattern matching using the keyword with representative method and method using the probability like Naive Bayesian. In this paper, we propose a classification method of spam mails from normal mails using Support Vector Machine, which has excellent performance in pattern classification problems, to compensate for the problems of existing research. Especially, the proposed method practices efficiently a teaming procedure with a word dictionary including a generated index by the n-Gram. In the conclusion, we verified the proposed method through the accuracy comparison of spm mail separation between an existing research and proposed scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.4
• /
• pp.3-11
• /
• 2004

The XML has been becoming a basis of the related application and industry standards with proliferation of electronic transactions on the web, and the standardization on XML Signature, which can be applied to the digital contents including XML objects from one or more sources, is in the progress through a joint effort of W3C(World Wide Web Consortium) and IETF(Internet Engineering Task Force). Along with this trend, the development of products implementing XML Signature has been growing, and the XML Signature products are required to implement the relevant standards correctly to guarantee the interoperability among different XML Signature products. In this paper, we propose a conformance testing method for testing the XML Signature products, which includes a testing procedure and test cases. The test cases were obtained through analysis of XML Signature standards. Finally we describe the design and uses of our XML Signature conformance testing tools which implements our testing method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.5
• /
• pp.151-166
• /
• 2009

To prove the integrity of digital evidence on the investigation procedure, the data which is using the MD 5(Message Digest 5) hash-function algorithm has to be discarded, if the integrity was damaged on the investigation. Even though a proof restoration of the deleted area is essential for securing the proof regarding a main phase of a case, it was difficult to secure the decisive evidence because of the damaged evidence data due to the difference between the overall hash value and the first value. From this viewpoint, this paper proposes the novel model for the mobile forensic procedure, named as "E-Finder(Evidence Finder)", to ,solve the existing problem. The E-Finder has 5 main phases and 15 procedures. We compared E-Finder with NIST(National Institute of Standards and Technology) and Tata Elxsi Security Group. This paper thus achieved the development and standardization of the investigation methodology for the mobile forensics.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.5
• /
• pp.59-71
• /
• 2005

A RFID (Radio Frequency Identification) system receives attention as the technology which can realize the ubiquitous computing environment. However, the feature of the RFID tags may bring about new threats to the security and privacy of individuals. Recently, Juels proposed the minimalist cryptography for very low-cost RFID tags, which is secure. but only under the impractical assumption such that an adversary is allowed to eavesdrop only the pre-defined number of sessions. In this paper, we propose a scheme to protect privacy for very low-cost RFID systems. The proposed protocol uses only bit-wise operations without my costly cryptographic function such as hashing, encryption which is secure which is secure against an adversary who is allowed to eavesdrop transmitted message in every session any impractical assumption. The proposed scheme also is more efficient since our scheme requires less datas as well as few number of computations than Juels's scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.3
• /
• pp.3-16
• /
• 2006

Encipherment in existing OS(Operating Systems) has typically used the techniques which encrypt and decrypt entirely a secret file at the application level with keys chosen by user In this mechanism it causes much overhead on the performance. However when a security-classified user-process writes a secret file, our proposed mechanism encrypts and stores automatically and efficiently the file by providing transparency to the user at the kernel level of Linux. Also when the user modifies the encrypted secret file, this mechanism decrypts partially the file and encrypts partially the file for restoring. When user reads only the part of the encrypted file, this mechanism decrypts automatically and partially the file. Therefore our proposed mechanism provides user much faster enciphering speed than that of the existing techniques at the application level.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.6
• /
• pp.25-35
• /
• 2006

Radio Frequency identification (RFID) will become an important technology in remotely object identification systems. However, the use of RFID tags may create new threats to the sniな and Privacy of individuals holding RFID tags. These threats bring several problems which are information leakage of a tag, location trace of individuals and impersonation of a tag. Low-cost RFID systems have much restrictions such as the limited computing power, passive power mechanism and low storage space. Therefore, the cost of tag's computation should be considered as an important factor in low-cost RFID systems. We propose an authentication protocol, OHLCAP which requires only one one-way hash function operation and hence is very efficient. Furthermore, our protocol is suitable to distribution database environment. Hence our scheme can be applied to ubiquitous computing environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1169-1178
• /
• 2012

Recently, since the most software intensive systems are using internet environment for data exchange, the software security is being treated as a big issue. And, to minimize vulnerability of software system, security ensuring steps which are applying secure coding rules, are introduced in the software development process. But, since actual attacks are using a variety of software vulnerabilities, it is hard to analyze software weakness by monotonic analysis. In this paper, it is tried to against the complex attack on the variety of software vulnerability using the coupling which is one of the important characteristic of software. Furthermore, pre-analysis of the complex attack patterns using a combination of various attack methods, is carried out to predict possible attack patterns in the relationship between software modules. And the complex attack pattern analysis method is proposed based on this result.