• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.353-360
• /
• 2017

The Internet of Things(IoT) security has more need than a technical problem as it needs series of regulations and faultless security system for common purposes. So, this study proposes an efficient key management in order that can be trusted IoT data in cloud computing. In contrast with a key distribution center of existing sensor networks, the proposed a federation key management of cloud proxy key server is not central point of administration and enables an active key recovery and update. The proposed key management is not a method of predetermined secret keys but sharing key information of a cloud proxy key server in autonomous cloud, which can reduce key generation and space complexity. In addition, In contrast with previous IoT key researches, a federation key of cloud proxy key server provides an extraction ability from meaningful information while moving data.

• Journal of KIISE:Software and Applications
• /
• v.35 no.7
• /
• pp.452-461
• /
• 2008

Binary diffing is a method to find differences in similar binary executables such as two different versions of security patches. Previous diffing methods using flow information can detect control flow changes, but they cannot track constant value changes. Biffing methods using assembly instructions can detect constant value changes, but they give false positives which are due to compiling methods such as instruction reordering. We present a binary diffing method and its implementation named SCV which utilizes both structure and value information. SCV summarizes structure and constant value information from disassembled code, and matches the summaries to find differences. By analyzing a Microsoft Windows security patches, we showed that SCV found necessary differences caused by constant value changes which the state-of-the-art binary diffing tool BinDiff failed to find.

• Journal of Convergence for Information Technology
• /
• v.10 no.7
• /
• pp.7-13
• /
• 2020

IoT which is the core IT of the 4^th industrial revolution, is providing various services from users in the conversion with other industries. The IoT convergence technology is leading the communication paradigm of communication environment in accordance with the increase of convenience for users. However, it is urgently needed to establish the security measures for the rapidly-developing IoT convergence technology. As IoT is closely related to digital ethics and personal information protection, other industries should establish the measures for coping with threatening elements in accordance with the introduction of IoT. In case when security incidents occur, there could be diverse problems such as information leakage, damage to image, monetary loss, and casualty. Thus, this paper suggests a certificate management technique for safe control over access in IoT-based Cloud convergence environment. This thesis designed the device/user registration, message communication protocol, and device renewal/management technique. On top of performing the analysis on safety in accordance with attack technique and vulnerability, in the results of conducting the evaluation of efficiency compared to the existing PKI-based certificate management technique, it showed about 32% decreased value.

• Convergence Security Journal
• /
• v.15 no.7
• /
• pp.119-124
• /
• 2015

The purpose of this study was to examine the current status and future prospects through the Classification of sports and ICT convergence technology for the health. Sports and ICT convergence technology could be classified into three types-sports and virtual reality, wearable devices, application and platforms. First, the application of virt ual reality technology gives a user the feeling of reality, fun, and flow through the sensing technology. And this was extended to 'Gamification' concept, gamification of the Nike Plus has become a catalyst in the spread of wea rable devices market. Second, the fastest growing sector in the wearable device area is the health and sports. Chin ese and start-up companies as well as global ICT companies is competing for expanding the pool by releasing the fitness-related wearable devices. Third, the building of platform that can utilize the health and exercise-related dat a collected through the application is expanding.

• Journal of Digital Convergence
• /
• v.12 no.10
• /
• pp.271-282
• /
• 2014

Cloud computing technology will provide application that needs many resources and various services to customers without any restriction of time and place. So, many of companies are now adopting cloud computing technology to this business and this trend is now increasing. However, cloud technology adoption rate is low because of security, compatibility, loss of control, security, data protection, performance and uptime, to the risk of vendor lock-in Cloud computing services, and compatibility with existing systems and anxiety. Now, many people are interest on the migration of existing systems but there are many study on this issue. So, more of study on this issue should be needed. This paper will show you the method that how to adopt cloud computing to their business and also show you evolution of cloud computing for existing system.

• The Journal of Society for e-Business Studies
• /
• v.20 no.3
• /
• pp.1-10
• /
• 2015

The main objective of this study was to identify the factors that can maximize the effect of preventing technology leakage by government support. Therefore we used the 2013 small business technology protection capabilities and level of research which is conducted by the Small and Medium Business Administration, and have analyzed the presence of small business technological assets leakage protection eand skills. Multiple logistic regression analysis was performed to identify 1,518 small companies (43 big companies are excluded) which are divided into 155 technological assets leaked small business and non-leaked 1363 small business. The most important factors associated with technology leakage were entrant control system, security audit, employee absence of security activities and important data protection measures. This result shows that if the government can support more for these details, technological asset leakage prevention effect is expected to be maximized.

• Convergence Security Journal
• /
• v.12 no.2
• /
• pp.87-98
• /
• 2012

The department has established a variety of studies and training courses and has tried to nurture talented people for security companies. However, the research is marginal, and each university department of security guard education, curriculum falling due after graduating students. Moreover, even if students are occupied an employment exceptional adaptability has occurred. Therefore, each university of private security department will need to collaborate with competitive private security company for reinforce and employment rate in center of experienced field. Then, the security's society will be placed in professional occupation, elevate the phase and will decrease the turnover rate. Qualification system of private security have been indicated in distrust, moreover the system have to be adjusted because not enough effort, control system, cooperation system with training center, one-sided emphasis and private inquiry by adding in private security law.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1463-1475
• /
• 2019

Unlike the past, modern high-tech weapons systems are complex and many components are combined to form a weapons system. In addition, unlike the past, where hardware was the main component, the proportion of software is increasing every year, making the security assurance activities of weapon systems more difficult than in the past. The United States has been working to ensure the security of the weapons systems they develop since the 1960s. The findings were made to US internal standards, updated regularly, and are now being applied as RMF. In Korea, research activities have been conducted since 2010 based on the RMF of the United States. However, actual RMF application cases in the United States cannot be classified and obtained, and there are no official cases in Korea. In this paper, we apply Korean RMF research that has been studied so far to apply to the recently developed real weapon system. Thus, detailed guidelines for applying the RMF are presented.

• KIPS Transactions on Software and Data Engineering
• /
• v.9 no.11
• /
• pp.339-344
• /
• 2020

During COVID-19, education industry is organizing the concept of 'Edutech', which has evolved one step further from the existing e-Learning, by introducing various intelligent information technologues based on the core technology of the 4th industrial revolution and spreading it through diverse contents. Meanwhile, each industries are creating new industries by applying new technology to existing businesses and ask for needs of cultivating human resources who understand the existing traditional ICT technology and industrial business which can solve a newly rising problems. However, it is difficult to build contents for cultivating such human resources with the existing e-learning of transferring knowledge by one-way or some two-way commnication system which has established some interactive conversational system. Accordingly, this study conducted a research on a cooperative e-learning system that enables educators to communicate with learners in real time and allows problem-solving education based on the existing two-way communication system. As a result, frame for contents and prototype was developedp and artially applied to the actual class and conducted an efficiency analysis, which resulted in the validation of being applied to the actual class as a simulation-based cooperative content.

• Convergence Security Journal
• /
• v.19 no.2
• /
• pp.123-128
• /
• 2019

In March 2016, the Korean National Assembly passed the Counterterrorism Act called as "Counterterrorism Law for the Protection of the People and Public Safety", and relevant functions and roles of the counterterrorism institution were granted based on the law. However, a number of problems have been raised in the course of the job performance of the counterterrorism related institution, and various improvements have been discussed. This study conducted 'Analytic Hierarchy Process(AHP)' on the experts to identify the issues related to the improvement possibilities of the counterterrorism system that had been discussed previously. The results of the analysis to improve the current counterterrorism system are as follows. First, the priorities of the top factors were identified as in the order of legal institutions, cooperation, and operational aspect. Next, the priorities of the individual sub-factors were identified as the reorganization of the counterterrorism task force, the organic cooperation of domestic counterterrorism institution, and the cultivation of specialized human resources for anti-terrorism work. It was found that we should discuss the reorganization of counterterrorism institution as a policy consideration to improve the counterterrorism system.