• Proceedings of the Korean Information Science Society Conference
• /
• 2004.10a
• /
• pp.325-327
• /
• 2004

무선 인터넷의 보급과 맞물려 모바일 컴퓨팅 환경이 구축됨에 따라 PDA와 같은 소형의 모바일 장비에 최적화된 디지털 컨텐츠의 제작 및 배포가 활발해지고 있으며 불법적인 디지털 컨텐츠의 이용 또한 이에 비례하고 있다. 그러나 유선환경에 기반 한 기존의 DRM 시스템은 상대적으로 속도와 표현능력이 떨어지는 모바일 환경에는 적합하지 않으며 현재 연구.개발된 모바일 환경에서의 DRM 시스템은 음악, 문서, 이미지에 국한되어 있어 동영상과 암호화와 같은 높은 연산 능력을 요구하는 부분의 개발과 연구는 초기 단계에 머물러 있다. 본 논문에서는 모바일 환경에 적합하도록 적은 연산 능력으로도 기존의 DRM 시스템에 준하는 보안 강도를 갖을 수 있도록 동영상의 부분 암호화 방식과 공유키 풀 기반의 인증 방법을 사용하는 DRM 시스템을 설계ㆍ제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2001.04a
• /
• pp.549-552
• /
• 2001

IMT-2000은 유선통신 시장에서 확고히 자리잡은 인터넷 서비스와 멀티미디어 고속 데이터 정보를 무선으로 공급하고자 하는 사용자의 요구를 충족시키기 위해 등장하였다. 그러나 이러한 서비스는 무선망을 통하여 제공되기 때문에 무선망의 특성상 전송로가 노출되어 허가 받지 않은 사용자에 의한 불법적인 절취사용과 공유된 전송매체를 통한 전파의 도청 등의 문제점을 가지고 있다. 이러한 문제를 해결하기 위해 본 논문에서는 IMT-2000에서 사용자 식별을 위한 쌍방향 인증 프로토콜을 설계하고 그 성능을 평가하였다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.5
• /
• pp.1122-1127
• /
• 2014

WLAN is affordability, flexibility, and ease of installation, use the smart device due to the dissemination and the AP (Access Point) to the simplification of the Office building, store, at school. Wi-Fi radio waves because it uses the medium of air transport to reach areas where security threats are always exposed to illegal AP installation, policy violations AP, packet monitoring, AP illegal access, external and service access, wireless network sharing, MAC address, such as a new security threat to steal. In this paper, signature-based of wireless intrusion detection system for Snort to suggest how to develop. The public can use hacking tools and conduct a mock hacking, Snort detects an attack of hacking tools to verify from experimental verification of the suitability of the thesis throughout.

• Journal of Digital Convergence
• /
• v.12 no.12
• /
• pp.357-364
• /
• 2014

There are lots of limits on preventing illegal transaction of digital contents by existing DRM(Digital Right Management) methods because of illegal download and share of contents, which is resulted from advanced information technologies, development of cloud services, and smart instruments. In the other hand, the number of creators based on one person, in the area of music, webtoon, digital magazine and video, is increasing. As a result, it is needed that the necessities of digital contents transaction under the condition of convenience and efficiency through licence and management of contents to protect copyright of contents and to increase the transaction of digital contents. Therefore how to promote the transaction of digital contents should be studied by way of research analysis of contents market through interviewing experts in business.

• The KIPS Transactions:PartC
• /
• v.13C no.4 s.107
• /
• pp.389-396
• /
• 2006

P2P(Peer To Peer) system, a most attractive file sharing system, is the largest channel of contents distribution and it takes 50% of network traffic. But P2P systems are infamous for used to illegal contents distribution channel not only in music industry, but also in movie industry. But, DRM(Digital Right Management) enabled P2P models are not suggested until now that interrupting illegal contents distribution and keeping advantage of P2P. So in this paper, we suggest a DRM enabled P2P model that can support distributed processing ability and high scalability with no modification in exist P2P model or architecture.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.167-174
• /
• 2008

As both a digital camera and a digital camcorder are popularized in recent years, UCC created by general users is also popularized. Unfortunately, according to that, the lack of privacy is also increasing more and more. The UCC is saved on the recordable media(Media) like DVD and deposited personally as well as distributed through Internet portal service. If you use Internet portal service to put up your contents, you can partially prevent the violation of privacy using security technologies such as authentication and illegal copy protection offered by internet portal service providers. Media also has technologies to control illegal copy. However, it is difficult to protect your privacy if your Media having personal contents is stolen or lost. Therefore, it is necessary to develope an additional security mechanism to guarantee privacy protection when you use Media. In this paper, we describe AACS framework for Media Security and propose improved AACS framework to control the access to personal contents saved on Media.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1231-1242
• /
• 2012

Traitor tracing schemes deter traitors from sharing their private keys by tracing at least one of the subscribers who were implicated in the construction of a pirate decoder. In general, it is assumed that the system manager in the scheme generates and distributes the subscribers' private key. But if the system manager knows the subscribers' private keys, he cannot convince a third party of a certain subscriber's piracy. To solve this problem, the system manager should not know the whole parts of subscribers' private keys and this leads to researches of asymmetric schemes. Moreover for the purpose of enhancing subscribers' privacy, there were two proposals of introducing anonymity onto asymmetric traitor tracing schemes, but one of them turned out to be a failure. In this paper, we point out that the other proposal also has flaws. We consider how to introduce anonymity to traitor tracing schemes, as a result, we suggest a new framework which is practical. We also construct a scheme by using an anonymous credential system and an asymmetric traitor tracing scheme. We prove the security of our scheme and consider the typical applications.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.4
• /
• pp.127-132
• /
• 2022

An anonymous encrypted communication networks that make it difficult to identify the trace of a user's access by passing through several virtual computers and/or networks, such as Tor, provides user and data privacy in the process of Internet communications. However, when it comes to abuse for inappropriate purposes, such as sharing of illegal contents, arms trade, etc. through such anonymous encrypted communication networks, it is difficult to detect and take appropriate countermeasures. In this paper, by extending the website fingerprinting technique that can identify access to a specific site even in anonymous encrypted communication, a method for specifying and classifying service types of websites for not only well-known sites but also unknown sites is proposed. This approach can be used to identify hidden sites that can be used for malicious purposes.

• Journal of Digital Convergence
• /
• v.12 no.1
• /
• pp.13-21
• /
• 2014

The problem of the cases of Soribada and Winny is their duplexity that they could be used legally and illegally. The issue called 'The crime of aiding through the neutral behavior' is about whether the program developer who shared the file sharing program letting unspecified public infringe the copyright could be punished or not. Many theories about limiting the traditional scope of punishment of aider have been maintained. However, it is questionable whether it is possible to limit the scope of punishment following the former cases and theories even for the action that is causal and facilitates the principal's criminal conduct, like the aid through the neutral action which is hard to perceive as illegal aid because of its characteristics. Therefore, using the case of Soribada in Korea and the case of Winny in Japan as the examples of illegal aid through neutral behavior case, this paper examines the characteristics and problems of aid through existing theories and cases, and suggests new scope of punishment limitation standard through the elaboration of the action of aid and judgment of degree.

• Convergence Security Journal
• /
• v.3 no.2
• /
• pp.1-10
• /
• 2003

In the distributed-computing environment, applications or users have to share resources and communicate with each other in order to perform their jobs more efficiently. In this case, it is important to keep resources and information integrity from the unexpected use by the unauthorized user. Therefore, there is a steady increase in need for a reasonable way to authentication and access control of distributed-shared resources. In RBAC, there are role hierarchies in which a higher case role can perform permissions of a lower case role. No vise versa. Actually, however, it is necessary for a lower case role to perform a higher case role's permission, which is not allowed to a lower case role basically. In this paper, we will propose a permission delegation method, which is a permission delegation server, and a permission delegation protocols with the secret key system. As the result of a permission delegation, junior roles can perform senior role's permissions or senior role itself on the exceptional condition in a dedicated interval.