• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.39 no.2
• /
• pp.153-161
• /
• 2011

Korea Aerospace Research Institute (KARI) has implemented an integrity monitor testbed (IMT) to provide archived GPS data and test results for integrity monitoring algorithm development. To verify that the system is implemented based on international standard requirements, this paper represents the basic functional verification test results of the implemented testbed as a GBAS reference station. It compares the IMT generated GBAS message fields with those of PEGASUS, which is a baseline toolset accepted by international GBAS experts, to show the validity of the correction information. It also verifies the integrity and availability of the system through analysis on GBAS user data in the range and position domain.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.835-838
• /
• 2013

클라우드 컴퓨팅을 사용하면 컴퓨팅 자원을 구축하는 비용을 절감할 수 있다는 장점이 있다. 문제는 클라이언트가 데이터 센터와 서비스제공자를 완전히 신뢰할 수 없다는 것이다. 예를 들어, 클라우드에 저장된 파일이 손실되었을 때 서비스 제공자는 서비스의 신뢰도가 떨어지는 것을 막기 위해 이를 숨길 수 있다. 이때, 데이터가 저장 후에 손실되었다는 것을 증명하지 못하면, 그 피해는 클라이언트에게 돌아오게 된다. 따라서, 클라이언트의 데이터를 보호하기 위하여 무결성을 검증할 수 있는 적절한 기법을 적용하여야 한다. 기존 연구로는 homomorphic tags 기반의 기법들이 많이 제안되었으나 이 기법은 많은 지수연산을 필요로 하므로 상용화할 수 있을 만큼의 효율성을 가지지 못한다. 특히, 클라이언트가 증거 생성을 위해 많은 연산을 부담해야 한다. 본 논문에서는 효율성에 중점을 둔, 특히 클라이언트의 효율성에 중점을 둔 무결성 검증 기법을 제안한다. 제안하는 기법은 Modular arithmetic을 기반으로 설계되었으며, 무결성 검증뿐만 아니라 데이터가 자주 업데이트 되는 환경을 지원한다. Simulation result는 제안하는 기법이 기존 기법에 매우 효율적임을 보여준다.

• Journal of KIISE
• /
• v.42 no.1
• /
• pp.97-106
• /
• 2015

Recently, research on database encryption for data protection and query result authentication methods has been performed more actively in the database outsourcing environment. Existing database encryption schemes are vulnerable to order matching and counting attack of intruders who have background knowledge of the original database domain. Existing query result integrity auditing methods suffer from the transmission overhead of verification object. To resolve these problems, we propose a group-order preserving encryption index and a query result authentication method based on the encryption index. Our group-order preserving encryption index groups the original data for data encryption and support query processing without data decryption. We generate group ids by using the Hilbert-curve so that we can protect the group information while processing a query. Finally, our periodic function based data grouping and query result authentication scheme can reduce the data size of the query result verification. Through performance evaluation, we show that our method achieves better performance than an existing bucket-based verification scheme, it is 1.6 times faster in terms of query processing time and produces verification data that is 20 times smaller.

• Journal of Navigation and Port Research
• /
• v.33 no.6
• /
• pp.395-400
• /
• 2009

In order to prepare for the DGNSS recapitalization and implementation of the functions for software based reference station and integrity monitor (RSIM) system, this paper proposes a design of integrity monitor functions of maritime differential GPS RSIM. The most critical functions of the integrity monitor (IM) are to generate and send flags to the reference station (RS) along with system feedback. Firstly, it presents the architecture of software based RSIM, and analyzes the performance standard of integrity monitor for maritime DGPS reference station This paper then designs the functions of integrity monitor for DGPS reference station based on the performance standard. Finally, this paper presents the results of performance analysis for the functionality of integrity monitor using the GNSS simulator. it discusses the study method and its application for the system implementation.

• Journal of Software Assessment and Valuation
• /
• v.10 no.1
• /
• pp.19-26
• /
• 2014

In this paper, we propose a method for protecting Android applications against reverse engineering attacks. In this method, the server encrypts the original executable code (DEX) included in an APK file, inserts into the APK file a stub code that decrypts the encrypted DEX later at run-time, and distributes the modified APK file. The stub code includes an integrity validation code to detect attacks on itself. When a user installs and executes the APK file, the stub code verifies the integrity of itself, decrypts the encrypted DEX, and loads it dynamically to execute. Since the original DEX is distributed as an encrypted one, we can effectively protect the intellectual property. Further, by verifying the integrity of the stub code, we can prevent malicious users from bypassing our method. We applied the method to 15 Android apps, and evaluated its effectiveness. We confirmed that 13 out of them operates normally.

• Journal of Korean Society of Archives and Records Management
• /
• v.20 no.3
• /
• pp.1-21
• /
• 2020

Although the National Archives of Korea has been receiving transfer of standard electronic documents with a retention period of more than 30 years from the central administration since 2015, errors and inefficiencies persist. Despite this, however, there remain no studies that analyze or address these issues. This study aims to bridge this gap and found that most errors in the transfer process occur at the production stage. To address such, this study proposes a four-step solution. First, before electronic document approval, the text and attached files are checked for defects to prevent errors. Second, as soon as the signature is made, digital signatures are applied on a file-by-file basis to ensure integrity. Third, integrity verification and transfer inspection are automatically performed through digital signature investigation and defect check procedure during transfer and preservation. Fourth and last, the criteria of acquiring records and integrity guarantee technologies are properly applied in production stage with proper management and supervision.

• Journal of KIISE
• /
• v.41 no.11
• /
• pp.982-991
• /
• 2014

The integrity assurance of recorded video by car black boxes are necessary as the car black box is becoming more popular. In this paper, we propose a video data integrity assurance scheme reflecting the features of car black box. The proposed method can detect any kind of deletion, insertion, modification of frames by cyclic chaining using inter block relation. And, it provides the integrity assurance function consistently even in cases of file overwriting because of no more free space in storage, partial file data lost. And non-repudiation is supported. Experimental results with a car black box embedded system with A8 application processor show that our method has a feasible computational overhead to process full HD resolution video at 30 frames per second in a real time.

• KIISE Transactions on Computing Practices
• /
• v.23 no.8
• /
• pp.504-509
• /
• 2017

Preserving the integrity of the booting process is important. Recent rootkit attacks and subverting OS attacks prove that any post-OS security mechanism can be easily circumvented if the booting process is not properly controlled. Using an actual case as an example, the hacker of the Se-jong government office simply bypassed the user's password authentication by compromising the normal booting process. This paper analyzes existing pre-OS protection using secure boot and measured boot, and proposes another bootloader that overcomes the limitations. The proposed bootloader not only guarantees the integrity of all the pre-OS binaries, bootloaders, and kernel, it also makes explicit records of integrity in the booting process to the external TPM device, so that we can track modifications of BIOS configurations or unintended booting process modifications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.223-230
• /
• 2013

Recently, a large number of corporations are adopting cloud solution in order to reduce IT-related costs. By the way, Digital Trace should have admissibility to be accepted as digital evidence in court, and integrity is one of the factors for admissibility. In this context, this research implemented integrity verification test to VM Data which was collected by well-known private cloud solutions such as Citrix, VMware, and MS Hyper-V. This paper suggests the effective way to verify integrity of VM data collected in private cloud computing environment based on the experiment and introduces the error that EnCase fails to mount VHD (Virtual Hard Disk) files properly.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2022.06a
• /
• pp.350-352
• /
• 2022

자율운항선박을 IMO 자율화등급 3단계 이상으로 운용하기 위해서는 내·외부 통신시스템의 사이버보안뿐만 아니라 실시간으로 데이터를 교환하는 데이터 및 시스템 사이버안전에 대한 고려가 필수적으로 요구된다. 본 연구에서는 자율운항선박 사이버안전체계 구축방안에 대해서 살펴본다. 자율운항선박 사이버안전체계 구축을 위해서는 선박 내 사이버위협을 실시간으로 탐지하고 영향을 모니터링하는 통합 보안 시스템 구축이 필요하며, 선박 사이버안전 설계 타당성을 검증하는 사이버리스크평가 기술, 사이버안전체계를 검증하기 위한 CVE(Common Vulnerabilities Enumeration)기반 취약성 진단 및 침투테스트 기술, V-Model을 활용한 통합 소프트웨어 품질인증 기술, ISO 25024 기반 데이터 무결성 검증 기술 적용이 필요하다.