• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.559-572
• /
• 2020

As internet technology advances, users can share content online, and many sharing services exist. According to a recently published digital forensic study, when playing an online streaming service, you can restore the played video by reconstructing the Chrome cache file left on local device such as a PC. This can be seen as evidence that the user watched illegal video content. From a different point of view, copyright infringement occurs when a malicious user restores video stream and share it to another site. In this paper, we selected 23 online streaming services that are widely used both at home and abroad. After streaming videos, we tested whether we can recover original video using cache files stored on the PC or not. As a result, the paper found that in most sites we can restore the original video by reconstructing cache files. Furthermore, this study also discussed methodologies for preventing copyright infringement in online streaming service.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.1
• /
• pp.652-657
• /
• 2015

BitTorrent is an innovative protocol related to file-sharing and file-transferring, which allows users to receive pieces of files from multiple sharer on the Internet to make the pieces into complete files. In reality, however, free distribution of illegal or copyright related video data is counted for crime. Difficulty of regulation on the copyright of data on BitTorrent is caused by the fact that data is transferred with the pieces of files instead of the complete file formats. Therefore, the classification process of file formats of the digital contents should take precedence in order to restore digital contents from the pieces of files received from BitTorrent, and to check the violation of copyright. This study has suggested SVM classifier for the classification of digital files, which has the feature vector of histogram differential on the pieces of files. The suggested classifier has evaluated the performance with the division factor by applying the classifier to three different formats of video files.

• Journal of KIISE:Computer Systems and Theory
• /
• v.26 no.11
• /
• pp.1391-1400
• /
• 1999

이동 통신은 대기를 전달매체로 하고 이동단말기를 사용하기 때문에 가로채기나 불법사용과 같은 공격에 취약하다. 이를 극복하기 위해, 이동 통신 환경에서 이동단말기와 기지국 사이에 안전한 통신을 제공하기 위한 많은 프로토콜들이 제안되어왔다. 그러나 이동단말기의 부족한 계산능력과 전력량 때문에 공개키를 이용한 프로토콜들은 많은 장점에도 불구하고 충분히 활용되지 못했다. 본 논문에서는 이동 통신 환경에서 기지국과 이동단말기 사이의 상호인증 및 세션키 공유 프로토콜들의 성능을 향상시킬 수 있는 기법을 제안한다. 본 논문에서 제안하는 기법은 이동단말기의 비밀 정보를 기지국에게 드러나게 하지 않으면서 많은 계산을 기지국으로 하여금 대신 수행하도록 하는 것이다. 제안된 기법은 기존의 프로토콜들을 최대 5배까지 성능을 향상시키며 해당하는 만큼 이동단말기의 전력량 소모를 감소시킬 수있다.Abstract Mobile communication is more vulnerable to security attacks such as interception and unauthorized access than fixed network communication. To overcome these problems, many protocols have been proposed to provide a secure channel between a mobile station and a base station. However, these public-key based protocols have not been fully utilized due to the poor computing power and small battery capacity of mobile stations. In this paper, we propose techniques for accelerating public-key based key establishment protocols between a mobile station and a base station. The proposed techniques enable a mobile station to borrow computing power from a base station without revealing its secret information. The proposed schemes accelerate the previous protocols up to five times and reduce the amount of power consumption of mobile stations.

• Journal of Convergence for Information Technology
• /
• v.8 no.5
• /
• pp.69-75
• /
• 2018

The purpose of access control is to prevent computing resources from illegal behavior such as leakage, modification, and destruction by unauthorized users. As the cloud computing environment is expanded to resource sharing services using virtualization technology, a new security model and access control technique are required to provide dynamic and secure cloud-based computing services. The virtualization management convergence access control model provides a flexible user authorization function by applying the dynamic privilege assignment function to the role based access control mechanism. In addition, by applying access control mechanism based on security level and rules, we solve the conflict problem in virtual machine system and guarantee the safeness of physical resources. This model will help to build a secure and efficient cloud-based virtualization management system and will be expanded to a mechanism that reflects the multi-level characteristics.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.1
• /
• pp.97-101
• /
• 2007

The purpose of DRM is to protect the copyrights of content providers and to enable only designated users to access digital contents. From the consumers' point of view, they have a tendency to go against complex and confusing limitations. Moreover, consumers' rights of use of the content obtained legally were frequently harmed by arbitrary limitations. The concept of Authorized Domain (AD) was presented to remove such problems. However, the previous work on authorized domain has two problems. The first is that it requires a rather expensive revocation mechanism for withdraw process. The second is that the modules still can play contents which are previously obtained even though they are currently out of the authorized domain. On the contrary, our scheme presents the content from being played by modules which are out of the domain for better security. Furthermore our scheme does not need to maintain a revocation list and prevent replay attack.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.287-290
• /
• 2006

디지털 기술의 발전으로 인해 원본과 동일한 품질을 가지는 디지털 콘텐츠의 무한한 복제가 가능할 뿐만 아니라 인터넷을 통해 전 세계 어디라도 전파될 수 있다. 이러한 디지털 콘텐츠의 불법복제에 따른 문제를 해결해 줄 수 있는 것이 바로 DRM(Digital Rights Management)이다. 하지만 현재의 DRM은 콘텐츠를 구매하여 License를 받은 최초의 디바이스에서만 사용이 가능하도록 설계 되어 있다. 이러한 방식은 콘텐츠를 구매한 사용자의 권리를 제한하는 것이다. 본 논문에서는 Home Network와 같은 특정 Domain영역 안에서만 콘텐츠의 사용이 가능한 DRM 시스템을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.04a
• /
• pp.812-815
• /
• 2017

소셜 미디어를 이용하는 사용자의 수가 증가함에 따라 소셜 미디어에서 공유되고 있는 유해 정보(불법, 음란)의 심각성의 대두되고 있다. 기존의 단어 DB기반의 유해 사이트 판별 방법은 단어 DB의 갱신 문제점과 유해 정보와 낮은 연관성을 가진 단어가 DB에 저장되는 문제점을 가지고 있었다. 또한 링크 주소를 짧게 해주는 Short URL 서비스를 고려하지 않아 잘못된 웹 문서를 판별 대상으로 삼을 수 있는 문제점이 있다. 본 논문에서 제안하는 유해 사이트 판별 방법은 기 구축한 유해 단어 DB에서 유해 단어를 추출하고, 추출된 단어를 포함하는 소셜 미디어상의 유해 게시물을 조회한다. 유해 단어 DB를 구축하는 방법으로, 유해 게시물 조회시 내용에 포함되는 해시태그를 저장하는 방법을 사용하여 게시물 수집과 동시에 유해 단어 DB를 갱신시킨다. 또한 유해 게시물 내용에 있는 URL 링크의 웹 문서를 문자열로 치환하여, 해당 문자열내의 유해 단어 DB에 있는 유해 단어의 등장 빈도 수를 계산하고 이를 기준치와 비교하여 유해도를 판단한다. Short URL을 사용한 URL 링크인 경우 HTTP 응답 메시지의 헤더 부에 존재하는 실제 목적지 URL 주소를 가져와 유해도 검사를 실시한다.

• Journal of the Korean Society for information Management
• /
• v.22 no.3 s.57
• /
• pp.163-181
• /
• 2005

In order to adapt the digital rights management community for the standardisation of expressing rights information in the libraries' content for the control of the rights of the digital works, it is necessary to establish rights information, that can build effective system of the distribution structure by the public ownership of the rights information and the interoperability of system. This research developed rights information constructing system in order to protect and enforce their rights over digital assets and embodied utilizing use-process of rights information.

• Journal of Convergence for Information Technology
• /
• v.10 no.10
• /
• pp.32-39
• /
• 2020

In the large-scale infrastructure of cloud environment, illegal access rights are frequently caused by sharing applications and devices, so in order to actively respond to such attacks, a strengthened access control system is required to prepare for each situation. We proposed an entity attribute-based access control(EABAC) model based on security level and relation concept. This model has enhanced access control characteristics that give integrity and confidentiality to subjects and objects, and can provide different services to the same role. It has flexibility in authority management by assigning roles and rights to contexts, which are relations and context related to services. In addition, we have shown application cases of this model in multi service environment such as university.

• Knowledge Management Research
• /
• v.17 no.1
• /
• pp.113-133
• /
• 2016

Why illegal digital contents sharing happens? This study pays attention to the fact that file sharing is an exchanging behavior between people and it is expanding despite of an illegal behavior and proposes that it is necessary for the phenomenon to be understood from social cultural point of view beyond a personal dimension. Based on the social exchange theory, this study demonstrates effects of file sharing attitudes and continuity, regarding 'group norm', 'popular demand', 'reciprocity' and 'social solidarity' as main factors. The main findings of this study are as followed;- First, it is shown that a tacit agreement of a group on file sharing is a determinant of positive attitude to file sharing and the intent of continual file sharing. Second, it is not found that the social relationship factors that are regarded as potential influential factors on file sharing attitude have effects on file sharing behavior, except for 'group norm'. Unlike previous studies, the results may come from the fact that this study deals with an illegal behavior. The third finding indicates a structural relationship between social relationship factors. When members of a group have more amicable attitude to file sharing including silence or a tacit agreement on file sharing, more people ask illegal sharing of files that they need. Such public demand creates expectation of reciprocity. As reciprocity maintains, social connectedness is strengthened. Then, strong social connectedness escalates the intent to maintain file sharing. It is important to notice that this study promotes understanding of how digital contents sharing happens by structuring and demonstrating influential relationship between characteristic factors of the social relationship.