• Convergence Security Journal
• /
• v.14 no.7
• /
• pp.85-90
• /
• 2014

Cloud computing originated simply to request and execute the desired operation from the network of clouds. It means that an IT resource that provides a service using the Internet technology. It is getting the most attention in today's IT trends. In cloud computing networks, devices and data centers which are composed of the server, storage and application are connected over network. That is, data of computers in different physical locations are integrated using the virtualization technology to provide a service. Therefore cloud computing system is a key information resource, standardized methods and assessment system are required. In this paper, we aims to derive the parameters and information for research of technical standards stability evaluation method associated with various cloud computing equipment.

• Convergence Security Journal
• /
• v.15 no.1
• /
• pp.19-26
• /
• 2015

The threat of international terrorism has been increasing in international society. It could be no exception in northeastern Asian countries. First, north eastern Asian countries have exercised influences on many areas in international society such as politics, military and diplomacy. So international terrorism could occur in the countries. Second, as the north eastern Asian countries such as Korea, China, Russia and Japan have their own unique politics, religions, ethnic group and culture, terrorism have happened or could happen in their own countries. In this research, it will analyze the tendency of seven regional international conventions on anti-terrorism of international society. The result is as follows. It dealt with the following issues. 1. Reason and purpose of terrorism, 2. Contents of conventions on anti-terrorism, 3. Psychological and physical aspects of attacking types of terrorism, 4. Personal and physical aspects of damage of terrorism, 5. Hard targets and soft targets of victims of terrorism. It could be necessary for the north eastern Asian countries to review regional international convention on anti-terrorism based on this.

• Convergence Security Journal
• /
• v.15 no.4
• /
• pp.113-119
• /
• 2015

Recent, cyber violence is increasing in a school and the severity of the problems encountered day by day. In particular, the severity of the cyber force using the smart phone is recognized as a very high and great problems socially. Cyberbullying have long damage degree and a wide range time duration against of existed physical cyber violence. Then student's affects is very seriously. Therefore, we analyzes the relationship and languages in the classroom for students to use to identify signs of cyber violence that may occur between friends in the class. And we support this information to identified parent, classroom teachers and school sheriff for prevent cyberbullying accidents in the school. For this research, we will design and implement a messenger in the cyber classroom. It have many components that are Big-data vocabulary, analyzer, and communication interface. Our proposed messenger can analyze lingual sign and friendship between students using Big-data analysis method such as text mining. It can analysis relationship by per-student, per-classroom.

• Convergence Security Journal
• /
• v.14 no.4
• /
• pp.95-100
• /
• 2014

The trend of business work that is related to supply chain changed into e-business using the electronic document However, the small and medium enterprise organizations still use huge volume of paper document, especially in private sector. Recently, the need for eco-friendly and low cost logistics becomes increasing. For this, it has expanded to exchange or to use e-document rather than the paper or manual processing in supply chain business. Therefore, this paper proposed the electronic access system for supply chain by business process modeling. If it is using the proposed system, it can be saving the exchanged or the scanned document to system, and user can utilize that document on just accessing system whenever they need the document. We believe it might reduce the burden of each organization because they don't need to save large volume data to their system or place. Furthermore, the benefits will effect across the national as well as global.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.315-327
• /
• 2017

Security threats such as unauthorized access and data tampering can occur during the virtual machine migration process. In particular, since virtual machine migration requires users to transfer important data and infrastructure information, it is relatively risky to other cloud services in case of security threats. For this reason, there is a need for dynamic authentication for virtual machine migration. Therefore, this paper proposes an OTP-based dynamic authentication framework to improve the vulnerabilities of the existing authentication mechanism for virtual machine migration. It consists of a virtual machine migration request module and an operation module. The request module includes an OTP-based user authentication process and a migration request process to a data center when a user requests a migration. The operation module includes a secure key exchange process between the data centers using SPEKE and a TOTP-based mutual authentication process between the data center and the physical server.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.1
• /
• pp.151-158
• /
• 2010

The industrial foundation of the inside and outside of a country has brought significant damages due to attacks from hackers. Especially, if the national primary core infrastructures(like electric power, dam, railroad, atomic energy, etc.) has been significantly damaged, it can be directly linked not only to economic problems but also to people's lives. These national primary core infrastructures usually constitute SCADA system using Modbus RS486 communication. Because of this characteristic, SCADA system has RTU master and slave linked to RJ11 cables to directly pass commands. RJ11 is possible in data spoofing using physical connection because the transmission range of RJ11 has a wide bandwidth(almost 1km). Hence, this paper designed an idle-time measurement system for SCADA system for emerging security improvement in the national primary core infrastructures.

• Journal of the Institute of Convergence Signal Processing
• /
• v.8 no.1
• /
• pp.51-57
• /
• 2007

In this paper we introduce the concept of MPLS-based VPN and propose a scheme for providing VPN services in MPLS networks. Furthermore, we design the control components and the operational procedures and evaluated the performance of traditional VPN implementation methods and MPLS-based VPN. In this scheme it is possible to solve several problems that IP-based VPN pertains via the allocation of VPN ID and virtual space without tunneling, thereby providing effective VPN services. In other words, the MPLS-based VPN scheme uses MPLS networking technology together with the PSTN which can achieve a perfect segregation of user traffic on per-customer basis in a physical link and can guarantee high reliability and security levels. Specially, in the perspective of customers, it can save networking facilities installation and maintenance costs considerably. On the contrary, it possesses some shortcomings in that its deployment tends to be restricted within an ISP's network boundary and it is vulnerable to external security break-ins when going through public networks such as the Internet due to its lack of data encryption capability.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.9C
• /
• pp.1345-1351
• /
• 2004

Due to the overwhelming importance the Internet gained nowadays, more and more sophisticated security services are requested. However many applications such as Internet Banking, Home Trading System, Electronic Medical Recede, electronic commerce, etc. are related to non-repudiation. Non-repudiation services are one of these new security requirements. ill comparison to other security issues, such as privacy or authenticity of communications, non-repudiation has not been studied intensively. Informally, we say that a protocol is fair if at the end of the protocol execution either originator receives a non-repudiation of receipt evidence and recipient receives a non-repudiation of origin evidence or none of them receives any valid evidence. The most non-repudiation protocols rely on a trusted third party(TIP) that has to intervene during each protocols run. the TIP may create a communication bottleneck. ill this paper, we suggest the digital signature recorder that guarantees fairness logically and supplies minimal network bottleneck to be composed verification server physically.

• Journal of the Korea Society for Simulation
• /
• v.20 no.1
• /
• pp.39-49
• /
• 2011

Nowaday, Many equipments like TabletPC, Digital kiosk, ATM using touch-panel service instead of keyboard or button, to support intuitively input for user. Furthermore these days touch-panels recognize up to 5 contact points using recent technology. On this study, I Introduce password input/store methodology on multi-touch environment. On past, User must input password 1 character by 1 character, like [1, 2, 3, 4]. but, on multi-touch environment user can input more than one character at the same time, like [(1,3), 2, (3,4), (1,2,3)]. In result, users can use password more intensely. This study is utilized post security technology study on multi-touch environment.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.46 no.2
• /
• pp.10-18
• /
• 2009

In this paper, we propose a novel method for authenticating a user's personal-usage using a secure portable storage, so that the user carrying the secure portable storage is able to consume his/her own broadcast programs freely, regardless of the location of the devices. The proposed authentication process is performed by a portable personal-usage authentication device, an access-control module for the portable personal-usage authentication device, and a player integrating the access control module. The portable personal-usage authentication device plays a role of secure storage in which domain authentication information is securely stored, while the access-control module is in charge of accessing the authentication information and, consequently, acquiring a decryption key. The player decrypts the broadcast programs in real time and processes the decrypted media streams. In this Paper, we describe the structure and procedure of the proposed model, and verify its feasibility by implementation.