• Journal of Korean Society of Water and Wastewater
• /
• v.33 no.5
• /
• pp.329-339
• /
• 2019

Recently, the advancement of information and communication technology(ICT) is expanding the connectivity through Internet of Things(IoT), and the media of connection is also expanding from wire/cable transmission to broadband wireless communication, which has significantly improved mobility. This hyperconnectivity has become a key element of the fourth industrial revolution, whereas the supervisory control network of purification plants in korea is operated as a communication network separated from the outside, thereby lagging in terms of connectivity. This is considered the best way to ensure security, and thus there is hardly any consideration of establishing alternatives to operate an efficient and stable communication network. Moreover, security for management of a commercialized communication network and network management solution may be accompanied by immense costs, making it more difficult to make new attempts. Therefore, to improve the conditions for the current supervisory control network of purification plants, this study developed a industrial security L2 switch that supports modbus TCP(Transmission Control Protocol) communication and encryption function of the transmission section. As a result, the communication security performance improved significantly, and the cost for implementing the network management system using Historical Trend and information of HMI(Human Machine Interface) could be reduced by approximately KRW 200 million. The results of this study may be applied to systems for gas, electricity and social safety nets that are infrastructure communication networks that are similar to purification plants.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.3
• /
• pp.49-59
• /
• 2002

As the electronic commerce increases rapidly in the mobile communication, security issues become more important. A suitable authentication and key agreement for the mobile communication environment is a essential condition. Some protocols based on the public key cryptosystem such as Diffie-Hellman, EIGamal etc. were adapted in the mobile communication. But these protocols that are based on the difficult mathematical problem in the algebra, are so slow and have long key-length. Therefore, these have many limitation to apply to the mobile communication. In this paper, we propose an authentication and key agreement protocol based on NTRU to overcome the restriction of the mobile communication environment such as limited sources. low computational fewer, and narrow bandwidth. The proposed protocol is faster than other protocols based on ECC, because of addition and shift operation with small numbers in the truncated polynomial ring. And it is as secure as other existent mathematical problem because it is based on finding the Shortest or Closest Vector Problem(SVP/CVP).

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.71-76
• /
• 2015

Financial Intelligence Unit Law doesn't include investigation on important cases that could influence the security and existence of the nation that are the core jobs of national intelligence agency. So the agency has a difficulty to investigate the international crime of North Korea and other security incidents. It is also difficult to catch an international crime organization working in Korea. It also produces problems such as difficulty in investigating the illegal leak of strategic materials and investigating people related to illegal funding to international terrorism. So it is urgently needed to revise Financial Intelligence Law as soon as possible. Foreign intelligence agencies use the information of financial intelligence unit in many different ways. National Security Agency of China and Australian Security Intelligence Organization freely use the information of financial intelligence unit based on their own laws and systems. Central Intelligence Agency and Federal Bureau of Investigation of USA and Secret Intelligence Service and Security Service of Britain request financial intelligence units to supply them with the information of financial intelligence unit. But the national intelligence agency of Korea isn't able to approach to FIU and can't share the FIU information with foreign intelligence agencies. To solve the problem, they should revise Financial Intelligence Unit Law so that national intelligence agency can receive or request information from Korean Financial Intelligence Unit.

• Journal of Venture Innovation
• /
• v.5 no.4
• /
• pp.91-108
• /
• 2022

This study is an empirical analysis regarding what kind of factors affect the intention to use autonomous vehicles. For the empirical analysis the research model was derived from value-based adoption model base and integrated some aspects that only autonomous vehicles have. At default variables of VAM are usefulness, enjoyment, technicality, perceived cost, some autonomous vehicle related variables were added, and those are convenience, safety, security, social influence. A survey was done in order to empirically analyze with this research model, and 216 valid survey answers were chosen to analyze. Empirical analysis was done by structural equation using AMOS24. The result of empirical analysis were as follows. Variables usefulness, enjoyment, safety, security had a significant positive effect on perceived value. Technicality and perceived cost had a significant negative effect of perceived value. In addition, security and social influence had no significant effect on perceived value. Furthermore, perceived value had significant positive effect on intention to use. Among the variables that came out to be significantly positive, the most influencing variable was safety, followed by convenience, perceived cost, enjoyment, usefulness and then technicality. In addition, the analysis of mediating effect of perceived value shows that usefulness, enjoyment, convenience, safety, technicality, perceived cost had mediating role towards intention to use. However, security and social influence had no siginificant mediating effect towards intention to use. Considering all these research results this study has provided theoretical and practical implications to researchers on the intention to use autonomous vehicles.

• Journal of Venture Innovation
• /
• v.6 no.4
• /
• pp.153-170
• /
• 2023

Generative AI services, including ChatGPT, were becoming increasingly active. This study aimed to empirically analyze the factors that promoted and hindered the diffusion of such services from a consumer perspective. Accordingly, a research model was developed based on the Value-based Adoption Model (VAM) framework, addressing both benefit and sacrifice factors. Benefits identified included usefulness and enjoyment, while sacrifices were security and hallucination. The study analyzed how these factors affected the intention to use generative AI services. A survey was conducted among college students for empirical analysis, and 200 valid responses were analyzed. The analysis utilized structural equation modeling with AMOS 24. The empirical results showed that usefulness and enjoyment had a significant positive impact on perceived value, while security and hallucination had a significant negative impact. The order of influence on perceived value was usefulness, hallucination, security, and then enjoyment. Perceived value had a significant positive impact on usage intention. Moreover, perceived value was found to mediate the relationship between usefulness, enjoyment, security, hallucination, and the intention to use generative AI services. These findings expanded the research horizon academically by validating the effectiveness of generative AI services based on existing models and demonstrated the continued importance of usefulness in a practical context.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.7
• /
• pp.325-330
• /
• 2017

Bluetooth 4.0 is a technology suitable for the Internet of things that is used for communication between various devices. This technology is suitable for developing a service by combining with automobiles. In this study, a security authentication system was designed by linking Bluetooth 4.0 technology and a vehicle system as an implementation example of an object internet service. A procedure was designed for security authentication and an authentication method is proposed using a data server. When the security authentication function is provided, various additional services can be developed using the information collection function of the risk notification and user action history. In addition, BLE (Bluetooth Low Energy) technology, which is a wireless communication technology that enables low-power communication and low-power communication in the process of the standardization and development of Bluetooth technology and technology, improves the battery life through the use of RFID or NFC This study expanded the range possible. The security service can be extended by expanding the scope of authentication by the contactless type. Using the proposed system, a customized service can be provided while overcoming the problems of an existing radio frequency (RF)-based system, portability, and battery usage problem.

• Journal of Internet Computing and Services
• /
• v.16 no.5
• /
• pp.1-9
• /
• 2015

As attacks in cyber space become advanced and complex, monotonous defense approach of one-one matching manner between attack and defense may be limited to defend them. More efficient defense method is required. This paper proposes multi layers security scheme that can support to defend assets against diverse cyber attacks in systematical and adaptive. We model multi layers security scheme based on Defense Zone including several defense layers and also discuss essential technical elements necessary to realize multi layers security scheme such as cyber threats analysis and automated assignment of defense techniques. Also effects of multi layers security scheme and its applicability are explained. In future, for embodiment of multi layers security scheme, researches about detailed architecture design for Defense Zone, automated method to select the best defense technique against attack and modeling normal state of asset for attack detection are needed.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.11
• /
• pp.1554-1561
• /
• 2018

This paper surveys the DDS, a real - time communication middleware, and proposes ways to improve the DDS secure communication performance. DDS is a communication middleware standard by the OMG. The OMG has released the DDS Security standard to resolve the security issues. The security performance of DDS can be considered into transmission speed and confidentiality. In terms of confidentiality, AES-GCM, currently the encryption algorithm specified by DDS Security, is a very strong encryption algorithm, but there are well known weaknesses associated with authentication. In terms of speed, The computational load for the security function is a restriction to use DDS in systems which requires real-time performance. Therefore, in order to improve the DDS security, algorithms that are faster than AES-GCM and strong in encryption strength are needed. In this paper, we propose a DDS message encryption method applying AES-OCB algorithm to meet these requirements and Compared with the existing DDS, the transmission performance is improved by up to 12%.

• KIPS Transactions on Computer and Communication Systems
• /
• v.12 no.6
• /
• pp.189-196
• /
• 2023

Today, in the era of the 4th industrial revolution based on the paradigm of hyper-connectivity, super-intelligence, and superconvergence, the remote work environment is becoming central based on technologies such as mobile, cloud, and big data. This remote work environment has been accelerated by the demand for non-face-to-face due to COVID-19. Since the remote work environment can perform various tasks by accessing services and resources anytime and anywhere, it has increased work efficiency, but has caused a problem of incapacitating the traditional boundary-based network security model by making the internal and external boundaries ambiguous. In this paper, we propse a method to improve the limitations of the traditional boundary-oriented security strategy by building a security model centered on core components and their relationships based on the zero trust idea that all actions that occur in the network beyond the concept of the boundary are not trusted.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.187-196
• /
• 2020

In order to manage information security risk, various information security level evaluation and information security management system certification have been conducted on a larger scale than ever. However, there are continuous cases of infringement of information protection for companies with excellent information security evaluation and companies with excellent information security management system certification. The existing information security risk management methodology identifies and analyzes risks by identifying information assets inside the information system. Existing information security risk management methodology lacks a review of where cyber threats come from and whether security devices are properly operated for each route. In order to improve the current risk management plan, it is necessary to look at where cyber threats come from and improve the containment level for each inflow section to absolutely reduce unnecessary cyber threats. In addition, it is essential to measure and improve the appropriate configuration and operational level of security equipment that is currently overlooked in the risk management methodology. It is necessary to block and enter cyber threats as much as possible, and to detect and respond to cyber threats that inevitably pass through open niches and use security devices. Therefore, this paper proposes additional evaluation items for evaluating the containment level against cyber threats in the ISMS-P authentication items and vulnerability analysis and evaluation items for major information and communication infrastructures, and evaluates the level of security equipment configuration for each inflow.