• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.4
• /
• pp.43-51
• /
• 2016

Preventing the forgery and alteration of test reports is important, in order to maintain the reliability of military supplies. Based on a survey of reports on testing institutions and a case study of established electronic document systems in the public sector, we propose a system architecture, which helps prevent the forgery and alteration of test reports with legal force. The proposed architecture takes advantage of both the time stamp that records the time a document is received and a server synchronized with the testing institution. Using the proposed system architecture, the user is able to request a test and receive reports from the testing institution without delay. Also, a defense agency is able to conveniently prove the authenticity of the test reports and utilize the statistical data collected by the architecture. Therefore, we expect that the proposed system architecture will help defense agencies to prevent the forgery and alteration of test reports and ensure their reliability and quality.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.4
• /
• pp.845-850
• /
• 2011

In this paper, we proposed the digital contents distribution business model for the operation of integration between heterogeneous systems in order to use IPTV. Also, we designed and implemented the protection management system through this distribution business model. This proposed model maintains interoperability between the heterogeneous systems, creates rights protection document based on REL, and provides the new version of packaged digital contents to itself by packaging the digital contents. Overall, it ultimately offers an interoperable environment. Moreover, since we pre-defines the relations among REL data based on MPEG-21 standard, which creates the newly packaged digital contents, it is easy to edit data. We can expect to save expenses of digital contents distribution and rights protection technology. Additionally, we can further improve security by encapsulating the security technology of CAS and DRM system.

• Journal of the Korea Computer Industry Society
• /
• v.3 no.7
• /
• pp.861-870
• /
• 2002

The area of business applications in the internet are extended enormously in result of fast development of computing and communication technologies, increase of internet use, and use of intranet/extranet in enterprise information system. Widely spread the use of the internet, there are various applications for Business to Business (B to B) or Business to Customer(B to C) model that are based on the intranet or extranet. This paper designed and implemented the Web-based Electronic Bidding System for Business to Business (B to B) model. The technical issues of electronic bidding system in the internet are involved in the connection between web client and server, electronic data interchange for the contract document, and security solution during the bidding and contracting processes. The web-based electronic bidding system in this paper is implemented using Java applet and servlet as a connection interface for web client and sewer, XML/EDI-based documents for a bid and a contract, and bidding server and notary server for enhancing the security using PKI(Public Key Infrastructure)-based public key cryptography, digital signature and Certification Authority (CA).

• Journal of KIISE:Databases
• /
• v.35 no.1
• /
• pp.29-43
• /
• 2008

Although RDF ontologies might be expressed in XML tree model, existing methods for protection of XML documents are not suitable for securing RDF ontologies. The graph style and inference feature of RDF demands a new security model development. Driven by this goal, this paper proposes a new query-oriented model for the RDF ontology access control. The proposed model rewrites a user query using a three-layered ontology view. The proposal resolves the problem that the existing approaches should generate inference models depending on inference rules. Accessible ontology concepts and instances which a user can visit are defined as ontology views, and the inference view defined for controling an inference query enables a controlled inference capability for the user. This paper defines the three-layered view and describes algorithms for query rewriting according to the views. An implemented prototype with its system architecture is shown. Finally, the experiment and comparative evaluation result of the proposal and the previous approach is described.

• Convergence Security Journal
• /
• v.10 no.2
• /
• pp.1-9
• /
• 2010

Snort is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and approximately 300,000 registered users. Snort identifies network indicators by inspecting network packets in transmission. A process on a host's machine usually generates these network indicators. This means whatever the snort signature matches the packet, that same signature must be in memory for some period (possibly micro seconds) of time. Finally, investigate some security issues that you should consider when running a Snort system. Paper coverage includes: How an IDS Works, Where Snort fits, Snort system requirements, Exploring Snort's features, Using Snort on your network, Snort and your network architecture, security considerations with snort under digital forensic windows environment.

• Journal of KIISE:Computing Practices and Letters
• /
• v.16 no.2
• /
• pp.157-162
• /
• 2010

Previous process for issuing and messaging tax-invoice needs too much cost and has risky problems such as loss or forgery. A rule for an electronic tax-invoice can make up for the weak points. In the tax-invoice system based on web environment, the messaging electronic tax-invoices is more important than the issuing it. Therefore, a messaging system should be developed for submitting tax-invoice efficiently and safely. In this paper, we implement an electronic tax-invoice messaging system based on Hermes 2 which is an open source framework for electronic document messaging.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.11 no.6
• /
• pp.611-618
• /
• 2016

The suggested paper studies communications network and system technology, designing data to sync to both USB memories and cloud storages at the same time, which would allow users to safely keep and manage data even in case of network troubles, affecting cloud storages, and/or loss of physical USB memories, resulting in lost data in the physical memory. The need of secure data management policy for cloud storage users form the basis of this study, offering solutions to network failures and loss of physical storage by creating hybrid cloud system. To provide convenience to windows users, the UI design should integrate that of windows explorer to maximize security and convenience.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.11 no.1
• /
• pp.100-106
• /
• 2018

Since the concept of virtual currency called Bitcoin was announced in 2008, the blockchain technology, which is the basis of Bitcoin, is attracting attention as an important platform technology in the era of the 4th industrial revolution that can change our society in the future. Although Existing electronic financial transactions store and manage all transaction history at a reliable central organization such as government and bank, blockchain-based electronic financial transactions are composed of a distributed structure in which all participants participating in the transaction store and manage the transaction history, it is possible to secure transaction transparency while reducing system construction and operation costs. Besides the virtual currency that started with bit coins, the technology of these blockchains has been extended in various fields such as smart contracts and document management. The key technology area of this blockchain is security based on proven cryptographic technology to make it difficult to forge and hack, but there are security risks such as security vulnerabilities in the virtual currency trading service, We will discuss security risks in using virtual currency and discuss countermeasures. Especially security accidents of virtual currency exchanges are occurring frequently recently, the damage of users who trade the virtual currency is also increasing, we propose security threats and security countermeasures against virtual currency exchanges.

• Electronics and Telecommunications Trends
• /
• v.16 no.2 s.68
• /
• pp.40-52
• /
• 2001

본 논문은 반도체 공정이나 설계환경에 무관하게 재사용이 가능하면서 라이센스에 의해 보호되는 전자회로 설계 모듈 IP에 관한 세계적인 표준안들에 대하여 살펴본다. 현재 선진 외국의 반도체, 통신 관련 기업들은 자신들의 기능 모듈을 IP화 하는 데 있어서 1996년에 설립된 IP의 국제 표준화 단체인 VSIA의 표준안에 부합하도록 노력하고 있다. 현재까지 VSIA는 약 1,000페이지에 달하는 13종의 사양서와 표준안 및 기술문서를 개발하였으며, 전세계 200여 개의 회원기관에 공개하고 있다. 이와 같은 표준안들은 모든 회원사들이 제안하는 시스템 통합, 테스트, 혼성신호, 온칩버스, 검증, 보안 등의 표준관련 제안들을 8개의 VSIA DWG에서 심의하여 확정하며 계속적인 보완과 수정 및 추가가 진행되고 있다. 본 고는 가장 최신 버전들을 중심으로 IP의 표준화 동향을 파악 분석하고, 표준안들의 본질을 정의하였으며, VSIA 표준안에 부합 시킬 수 있는 절차를 체계화 함으로 국내의 IP 개발에 일조를 하고자 하였다.

• 한국IT서비스학회:학술대회논문집
• /
• 2002.11a
• /
• pp.355-359
• /
• 2002

웹 서비스의 등장으로 XML이 기반 기술로서 자리 매김하고 있는 현재, XML을 이용하여 여러 표준기술을 제정하려는 움직임이 많아지고 있다. XACML은 접근제어 리스트 (access control list)를 통해 보안이 요구되는 자원에 대해 미세한 접근 제어 서비스를 제공 할 수 있는 XML 기반의 언어이다. XACML은 SAML PDP(Policy Decision Point)의 일부로서 역할을 수행 할 수 있으며 각 정의에 따라 각각의 사용자 별 XML 문서 접근 정책을 수립하고 적용 할 수 있다. 본 논문에서는 XML기반의 Access Control 표준인 XACML에 대하여 분석하고 적용 방법에 대하여 연구하였다.