• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.291-294
• /
• 2014

By building an environment that can utilize big data, many companies are interested in the cloud computing technology that has increased its popularity recently. By developing cloud environments from existing virtual environments, in the process, we discovered a variety of security vulnerabilities such as management, virtual machines, hypervisors, hardware etc. The security techniques from administrative aspects in the cloud environment provide the environment which can securely store data by the identification and control of security threats. In this paper, we investigate a list of companies which supports the cloud services and the types of services, and analyze the security threats according to the administrative aspects in the cloud environment. In addition, we suggest the direction for future improvements by investigating accidents or incidents which occurred recently.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.7
• /
• pp.1047-1059
• /
• 2022

With the development of cloud computing technology, container technology that provides services based on a virtual environment is also developing. Container orchestration technology is a key element for cloud services, and it has become an important core technology for building, deploying, and testing large-scale containers with automation. Originally designed by Google and now managed by the Linux Foundation, Kubernetes is one of the container orchestrations and has become the de facto standard. However, despite the increasing use of Kubernetes in container orchestration, the number of incidents due to security vulnerabilities is also increasing. Therefore, in this paper, we study the vulnerabilities of Kubernetes and propose a security policy that can consider security from the initial development or design stage through threat analysis. In particular, we intend to present a specific security guide by classifying security threats by applying STRIDE threat modeling.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.7 no.6
• /
• pp.871-880
• /
• 2017

Recently, service based on internet is inter-connected and integrated with a variety of connection. This kind of internet of things consist of heterogenous devices such as sensor node, devices and end-to end equipment which used in conventional protocols and services. The representative system is healthcare system. From healthcare appliance used by IoT, patient and doctor can utilize healthcare information with safety and high speed management. It is very convenient management to operate mobility. But it induced security and vulnerability issues because it has small memory capacity, low power supply and low computing power. This made impossible to implement security algorithm with embedded engine based on hardware. Nowdays, we can't realize conventional standard algorithm due to these kinds of reasons. From the critical issues, it occurred security and vulnerability issues. Therefore, we analysed and compared with conventional method and proposed techniques. Finally, we evaluated security issues and requirement for end-to-end point healthcare system based on internet of things.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.4
• /
• pp.207-215
• /
• 2014

Password based authentication systems are most widely used for user convenience in web services. However such authentication systems are known to be vulnerable to various attacks such as password guessing attack, dictionary attack and key logging attack. Besides, many of the web systems just provide user authentication in a one-way fashion such that web clients cannot verify the authenticity of the web server to which they set access and give passwords. Therefore, it is too difficult to protect against DNS spoofing, phishing and pharming attacks. To cope with the security threats, web system adopts several enhanced schemes utilizing one time password (OTP) or long and strong passwords including special characters. However there are still practical issues. Users are required to buy OTP devices and strong passwords are less convenient to use. Above all, one-way authentication schemes generate several vulnerabilities. To solve the problems, we propose a multi-channel, multi-factor authentication scheme by utilizing QR-Code. The proposed scheme supports both user and server authentications mutually, thereby protecting against attacks such as phishing and pharming attacks. Also, the proposed scheme makes use of a portable smart device as a OTP generator so that the system is convenient and secure against traditional password attacks.

• Journal of Korea Spatial Information System Society
• /
• v.10 no.4
• /
• pp.1-10
• /
• 2008

In wireless internet, the location information of the user is one of the important resources for many applications. One of these applications is Location-Based Services (LBSs) which are being popular. Because, in the LBS system, users request a location-based query to LBS servers by sending their exact location, the location information of the users can be misused by adversaries. In this regard, there must be a mechanism which can deal with privacy protection of the users. In this paper, we propose a cloaking method considering both features of K-anonymity and L-diversity. Our cloaking method creates a minimum cloaking region by finding L number of buildings (L-diversity) and then finding number of users (K-anonymity). To support this, we use a R*-tree based index structure and use filtering methods especially for the m inimum cloaking region. Finally, we show from a performance analysis that our method outperforms the existing grid based cloaking method.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.8
• /
• pp.311-317
• /
• 2016

Many services have been developed that are based on smart devices, and security between devices is emphasized. A beacon on the current IoT(Internet of Things) services has been utilized in the commercial field and is being applied to the services of the home IoT. On the other hand, the beacon is weak to security using Bluetooth-based services. Therefore, it is important to strengthen the security of the beacon. This paper proposes a dual security technique that can enhance the security of beacon-based services. The dual security architecture and security process is proposed based on beacon and authentication service. In addition, mobile application was developed and validated based on the beacon for proving the suitability of the proposed technique. The experimental method for verification are the authentication failure case, such as 1st authentication fail, and authentication success case, such as 1st authentication success and 2nd authentication success. The components of the verification experiments consists of two beacons (matched with Beacon ID, mismatched with Beacon ID), one mobile device and authentication application. This was tested to verify the compatibility of the dual security architecture and 1st/2nd authentication process.

• Proceedings of The Korean Society of Health Promotion Conference
• /
• 2004.10a
• /
• pp.111-129
• /
• 2004

This paper develops the argument that the 'Healthy Cities Approach' extends beyond the boundaries of officially designated Healthy Cities and suggests that signs of it are evident much more widely in efforts to promote health in the United Kingdom and in national policy. It draws on examples from Leeds, a major city in the north of England. In particular, it suggests that efforts to improve population health need to focus on the wider determinants and that this requires a collaborative response involving a range of different sectors and the participation of the community. Inequality is recognised as a major issue and the need to identify areas of deprivation and direct resources towards these is emphasised. Childhood poverty is referred to and the importance of breaking cycles of deprivation. The role of the school is seen as important in contributing to health generally and the compatibility between Healthy Cities and Health Promoting Schools is noted. Not only can Health Promoting Schools improve the health of young people themselves they can also develop the skills, awareness and motivation to improve the health of the community. Using child pedestrian injury as an example, the paper argues that problems and their cause should not be conceived narrowly. The Healthy Cities movement has taught us that the response, if it is to be effective, should focus on the wider determinants and be adapted to local circumstances. Instead of simply attempting to change behaviour through traditional health education we need to ensure that the environment is healthy in itself and supports healthy behaviour. To achieve this we need to develop awareness, skills and motivation among policy makers, professionals and the community. The 'New Health' education is proposed as a term to distinguish the type of health education which addresses these issues from more traditional forms.

• Review of KIISC
• /
• v.20 no.3
• /
• pp.43-47
• /
• 2010

오늘날 멀티미디어 응용의 인기는 매우 빠르게 확대되고 있는 추세이며, VoD 서비스 또는 화상 업무회의 등의 상업적 용도에서 영상의 암호화는 기본적인 요구사항으로 간주되고 있다. 본 논문에서는 영상통신의 필수요소인 데이터 압축과 암호화의 관계에 따라 암호 알고리즘을 분류하고, 알고리즘들의 성질과 응용 한계에 대한 조사 결과를 소개한다. 소개된 결과에 따르면, 영상 암호 알고리즘 각각은 고유의 강점과 취약점들이 있으며, 어떠한 알고리즘도 모든 조건들을 만족하지 않음을 알 수 있다. 이러한 조사 결과에 의해, 사용자들은 자신의 응용에 적합한 암호 알고리즘을 선택할 수 있다. 본 논문에서는 또한 다양한 기법들이 제안되고 있는 카오스 사상 기반 영상 암호 알고리즘 동향을 소개한다.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2000.11a
• /
• pp.597-607
• /
• 2000

전자상거래 보안은 전자상거래의 성공여부를 결정할 수 있는 신뢰성 확보를 위한 기반기술로서 인식되고 있다. 이러한 보안 서비스의 문제는 전자상거래 활성화의 가장 큰 요소 중의 하나로서 정보기술과 인터넷 기술의 발전과 함께 꾸준히 연구 및 보완되어야 할 중대한 이슈가 되었다. 특히 전자상거래의 급성장과 함께 보안사고가 잇따르고 있는 상황에서 이를 대처하기 위한 전문인력이 절대적으로 부족함에도 불구하고 이런 상황을 타개하기 위한 전문인력 양성제도나 기관은 극히 취약한 실정이다. 이와 같은 상황에서 보안 전문인력의 양성을 위한 자격인증 제도의 도입이 절실히 요구되고 있다. 따라서 본 연구는 전자상거래 보안 전문가를 양성하기 위한 연구로서 자격증 인증제도의 도입에 관하여 실무적으로 접근한다는 점에서 그 의의를 갖는다. 즉 본 연구는 전자상거래 보안전문가 자격제도의 도입, 관련 교육에 관한 이론적, 실무적 체계 마련 등 전자상거래 보안전문가 자격인증제도의 기반을 연구함으로써 국내 전자상거래 보안 수준을 향상시키고 나아가 전자상거래 발전에 기여하게 될 것이다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.04a
• /
• pp.259-261
• /
• 2001

본 논문에서는 ATM 스위칭 시스템에서 사용되는 다단계 상호연결망(MIN)에서의 고장 허용 멀티캐스팅 알고리즘을 제안하고 그 신뢰도에 대해 분석한다. 멀티미디어 통신 서비스를 효율적으로 제공하기 위해서, 멀티캐스트는 ATM 스위칭 시스템에서 중요한 기능 중 하나이다. 또한, 고장에 취약한 MIN에서 고장 허용하는 것을 필수적인 요소이다. 제안된 알고리즘은 MIN에서 다수의 스위칭 소자의 고장을 허용하며, 멀티캐스트 목적지들을 표현하기 위해 큐브 부호화 방식을 사용한다. 이 알고리즘은 고장난 MIN에서 임의의 멀티캐스트 패킷을 두 번 순환시킴으로써 고장을 우회하면서 그 패킷의 목적지들로 라우팅을 한다. 그리고, 시스템의 신뢰도 측면에서 알고리즘의 고장 허용 능력을 기존의 알고리즘과 비교하여 분석한다.