• Journal of Industrial Convergence
• /
• v.18 no.6
• /
• pp.147-154
• /
• 2020

It is difficult to educate the overall operation of public and private blockchains with different characteristics. Recently, most education for blockchain is targeted at public blockchains such as Bitcoin and Ethereum. However, in an actual business environment, a private blockchain such as HyperLedger Fabric is used because access to corporate data is controlled through user authentication. In the case of HLF-based education, it is necessary to understand various components that are not in the public blockchain, such as peers, orderers, and channels. In this paper, a lab framework for HLF is designed for an efficient and systematic understanding of the functions and operations. The framework consists of HLF network, chaincode, and decentralized software control functions. Through the framework, the network configuration, distribution and activation of chaincode, and dApp execution process were checked step by step, and it was very easy to understand the overall flow for blockchain services. In addition, it is expected that a systematic understanding of the overall flow will be possible even in future network expansion.

• Journal of Practical Engineering Education
• /
• v.14 no.2
• /
• pp.425-437
• /
• 2022

In this study, the role and function of Edutech, as well as the application and expectations in the field of future vocational competency development, were gathered to define Edutech as a comprehensive working definition. Based on this redefinition of Edutech, this study analyzes Edutech technology trends and examines the level of actual technology applied to education and vocational training based on written interviews with experts, and finds out significant implications from the point of view of vocational training. Finally we propose an Edutech-based Vocational Education and Training Model.

• The Journal of the Korea Contents Association
• /
• v.22 no.9
• /
• pp.104-112
• /
• 2022

The pandemic caused by the COVID-19 virus, which has lasted for the past three years, has changed society and the way people live in many ways. These changes also affect cyberspace, so the pre-pandemic information security model and standards have limitations when applied to the current situation. In this paper, a new method to improve the information security model of public institutions was proposed in consideration of various situations in the new normal era. In other words, through the proposed information security model, the possibility of external intrusion is blocked in advance through the policy and technical supplementation of remote work, which is a weakness of the existing information security operation of public institutions. Also, how to prevent abnormal authentication attempts by building a secure VPN environment, how to prevent social engineering cyber attacks targeting fear and uncertainty caused by COVID-19, and how to use a smooth network and create a remote work environment. For this purpose, methods for securing service availability were additionally presented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1115-1126
• /
• 2021

In this paper, we developed a mobile student ID providing a self sovereignty identity (SSI) which replaces the conventional plastic-type student ID that includes private information of a student such as a name, a student number, a facial photo, etc. The implemented mobile student ID solves the problem of exposing student's identity due to a loss or a theft of a plastic-type student ID, and it has a structure and process of FRANCHISE model which is developed by a concept of a decentralized Identity(DID) of a Blockchain, in which specialized for convenience as an electronic student ID through an application on a smart phone device. In addition, it protects student's privacy by controlling personal information on oneself. By using a smartphone, not only it easily identifies the student but also it expands to several services such as participation in school events, online authentication, and a student's exchange program among colleges.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.649-651
• /
• 2021

In recent years, O2O services for real estate sales are widely distributed in web platforms and apps. This allows sellers, buyers, and real estate brokers to quickly and conveniently conduct real estate sales and charter contracts. However, in the O2O-based real estate sales information system, it wastes time and money for real estate buyers due to the posting of fake information, partial correction of the sales information, and intentional non-posting of the sales information. Therefore, we propose a method of detecting the false or not of real estate property information that can occur on the web platform, and design and implement a proposal system for this. To this end, we propose a method of detecting personal identity and property information based on DID, a distributed identity authentication protocol. The false real estate sales information detection system proposed by us can determine the existence of real estate sales information, partially correct the false sales information, or prove whether or not intentionally unpublished in three steps.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.443-444
• /
• 2021

Security threats to information services are increasingly being developed, and the frequency and damage caused by security threats are also increasing. In particular, security threats occurring inside the organization are increasing significantly, and the size of the damage is also large. A zero trust model has been proposed as a way to improve such a security environment. In the zero trust model, a subject who has access to information resources is regarded as a malicious attacker. Subjects can access information resources after verification through identification and authentication processes. However, the initially proposed zero trust model basically focuses on the network and does not consider the security environment for systems or data. In this study, we proposed a zero trust-based access control mechanism that extends the existing zero trust model to the file system. As a result of the study, it was confirmed that the proposed file access control mechanism can be applied to implement the zero trust model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.13-31
• /
• 2023

Korean Government-PKI (GPKI) is a public-key infrastructure which provides authentication and security functions for information system used by central government, local governments, and public institutions of the Republic of Korea to provide their own administrative and public services. The current cryptosystem of GPKI was established in the early 2000s, and more than ten years have passed since the last improvement in 2010. Over the past decade or so, the information security, including cryptography, has undergone many changes and will continue to face many changes. Therefore, for the sustainable security of GPKI, it is necessary to review the security of the cryptosystem at this point. In this paper, we analyze the current status and the security of technologies and standards used in the system. We identify cryptographic algorithms with degraded security, international standards which are obsoleted or updated, and cryptographic parameters that should be revised for the high security level. And based on this, we make several suggestions on the reorganization of cryptographic algorithms and related technologies for the security enhancement of GPKI.

• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.133-140
• /
• 2024

The spread of Direct-to-Consumer (DTC) genetic testing, where users request tests directly, has been increasing. With growing demand, certification systems have been implemented to grant testing qualifications to non-medical institutions, and the scope of tests has been expanded. However, unlike cases in less regulated foreign countries, disease-related tests are still excluded from the domestic regulations. The existing de-identification method does not adequately ensure the uniqueness and familial sharing of genomic information, limiting its practical utility. Therefore, this study proposes the application of fully homomorphic encryption in the analysis process to guarantee the usefulness of genomic information while minimizing the risk of leakage. Additionally, to safeguard the individual's right to self-determination, a privacy preservation model based on Opt-out is suggested. This aims to balance genomic information protection with maintainability of usability, ensuring the availability of information in line with the user's preferences.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.24 no.2
• /
• pp.197-203
• /
• 2024

Food allergies are common and accidents occur annually. However, many people lack knowledge of the severity of allergies and food ingredients. Allergy-related applications currently on the market have problems such as providing information by relying only on certain certified products, food ingredients, and barcodes. This design plans a customized service application for food allergy patients. In this application, after extracting the text of the image using OCR technology, the food ingredients were read and displayed in large letters. In addition, if the user selects an ingredient that cannot be consumed through filtering technology, the restricted food is quickly and conveniently shown when searching for food ingredients. Finally, when scanning a barcode or searching for a product, food ingredient information is provided through barcode scanning and search engine technology that provides ingredient information of the product. Therefore, the purpose of this paper is to design an app in which users with food allergies can easily check food ingredients and avoid allergic reactions using databases and various information search methods.

• Journal of Korea Society of Industrial Information Systems
• /
• v.29 no.1
• /
• pp.77-89
• /
• 2024

This paper presents an unmanned store management system that can provide inventory management and theft prevention for displayed products using a small camera that can monitor the shelves of sold products in small and medium-sized stores. This system is a service solution that integrates object recognition, real-time communication, security management, access management, and mobile authentication. The proposed system uses a custom YOLOv5-x model to recognize objects on the display, measure quantities in real time, and support real-time data communication with servers through Raspberry Pie. In addition, the number of objects in the database and the object recognition results are compared to detect suspected theft situations and provide burial images at the time of theft. The proposed unmanned store solution is expected to improve the efficiency of small and medium-sized unmanned store operations and contribute to responding to theft.