• Journal of Digital Convergence
• /
• v.14 no.10
• /
• pp.295-302
• /
• 2016

Many countries, especially ICT powers, are supporting IoT-based technology at a national level and this technology is actively being researched in the businesses and research institutes in an aim to develop technology and create an ecosystem. Roads in the Seoul city are building public facilities based on IoT to provide various services and conveniences for the users. However, for the full-fledged introduction and development of IoT, there are many cases where infringement on security and privacy and threat for life and safety happen. Also, as the IoT environment includes various environment technologies such as the existing sensor network, heterogeneous communication network, and devices optimized for the IoT environment, it inherits the existing security threat and various attack techniques. This paper researches the attribute based encryption technology for safe communication in the IoT environment. The data collected from the device is transmitted utilizing the attribute based encryption and by designing the key generation protocol, grades and authorities for the device and users are identified to transmit safe messages.

• The KIPS Transactions:PartC
• /
• v.11C no.7 s.96
• /
• pp.981-992
• /
• 2004

The established NEIS has a lot of problems in the management of security. It does not realize access control in following authority because it only uses PKI certification in user certification and the use of central concentration DBMS and plain text are increased hacking possibility in NEIS. So, This paper suggests a new NEIS for the secure management of data and authority certification. First, we suggest the approached authority in AC pf PMI and user certification in following the role, RBAC. Second, we realize DB encryption plan by digital signature for the purpose of preventig DB hacking. Third, we suggest SQL counterfeit prevention by one-way hash function and safe data transmission per-formed DB encryption by digital signature.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.1
• /
• pp.1080-1083
• /
• 2005

Can speak that DTD is meta data that define meaning of expressed data on XML document. Therefore, in case DTD information is damaged this information to base security of XML document dangerous. Not that attach digital signature on XML document at send-receive process of XML document in this research, proposed method to attach digital signature to DTD. As reading DTD file to end first, do parsing, and store abstracted element or attribute entitys in hash table. Read hash table and achieve message digest if parsing is ended. Compose and create digital signature with individual key after achievement. When sign digital, problem that create entirely other digest cost because do not examine about order that change at message digest process is happened. This solved by method to create DTD's digital signature using DOM that can embody tree structure for standard structure and document.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.688-690
• /
• 2013

최근 스마트 기기는 결제, 할인쿠폰 등 각종 기능을 제공하는 수단으로 진화되면서 통신과 금융이 융합된 모바일 NFC 서비스의 시장이 급성장할 것으로 전망되고 있다. NFC의 이와 같은 속성은 모바일 쿠폰을 사용하기 위한 환경에 매우 적합하다고 할 수 있다. 하지만 현재 NFC 기반의 쿠폰 서비스를 위한 관련 보안 기술 및 관련 연구가 미진한 상태이다. 특히 NFC 서비스 활성화 동향을 ?기 바쁜 국내 업체들은 검증되지 않은 다양한 서비스를 내놓으며 서비스 활성화에 열을 올리고 있으며 이는 NFC 기반 쿠폰 서비스 사용의 증가에 따른 다양한 보안상 침해요소에 대해 대처하기 힘들 것으로 예상된다. 따라서 본 논문에서는 연산능력이 떨어지는 NFC 태그를 이용한 Schnorr 기반의 사용자 인증 기법에 대하여 제안한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.8
• /
• pp.1777-1782
• /
• 2004

I propose a prescription transmission system based on XML in this paper, and it is not to attach a former signature to only a XML document for encoding of XML/EDI, and it is construction, one with the prescription transmission system which is safer with what use a way to attach a digital signature to DTD. I defined sub element to manage information prescription DTD defined prescription information, patient information, medical care organ information, prescription details information, compounding of medicines details information element according to for each a component of a prescription I went along, and to have looked up, and to have obeyed information transmission at he low rank. I read a DTD file for safe prescription transmission, and I do element or property, the entity which I do it, and is extracted here, and Pasing is saved in a table while being a field. If Pasing is finished, I read and lift a hash table and carry out message a digest. I compose it with an early private key and create a digital signature.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.4
• /
• pp.722-727
• /
• 2007

We propose a prescription transmission system based on XML in his paper, and it is not to attach a former signature to only a XML document for encoding of XML/EDI, and it is construction, one with the prescription transmission system which is safer with what use a way to attach a digital signature to DTD. I defined sub element to manage information prescription DTD defined prescription information, patient information, medical care organ information, prescription details information, compounding of medicines details information element according to for each a component of a prescription I went along, and to have looked up, and to have obeyed information transmission at he low rank. I read a DTD file for safe prescription transmission, and I do element or property, the entity which I do it, and is extracted here, and Pasing is saved in a table while being a field. If Pasing is finished, I read and lift a hash table and carry out message a digest. I compose it with an early private key and create a digital signature.

• Journal of Digital Convergence
• /
• v.12 no.7
• /
• pp.279-284
• /
• 2014

Recently, m-health care is be a problem that the patient's information is easily exposed to third parties in case of emergency situation. This paper propose an attribute-based access control protocol to minimize the exposure to patient privacy using patient information in the emergency environment. Proposed protocol, the patient's sensitive information to a third party do not expose sensitive information to the patient's personal health information, including hospital staff and patients on a random number to generate cryptographic keys to sign hash. In addition, patient information from a third party that is in order to prevent the illegal exploitation of the patient and the hospital staff to maintain synchronization between to prevent the leakage of personal health information.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.26 no.5
• /
• pp.375-382
• /
• 2016

In this paper, we presents a signatures verification by using the nonlinear quantization histogram of polar coordinate based on multi-dimensional adjacent pixel intensity difference. The multi-dimensional adjacent pixel intensity difference is calculated from an intensity difference between a pair of pixels in a horizontal, vertical, diagonal, and opposite diagonal directions centering around the reference pixel. The polar coordinate is converted from the rectangular coordinate by making a pair of horizontal and vertical difference, and diagonal and opposite diagonal difference, respectively. The nonlinear quantization histogram is also calculated from nonuniformly quantizing the polar coordinate value by using the Lloyd algorithm, which is the recursive method. The polar coordinate histogram of 4-directional intensity difference is applied not only for more considering the corelation between pixels but also for reducing the calculation load by decreasing the number of histogram. The nonlinear quantization is also applied not only to still more reflect an attribute of intensity variations between pixels but also to obtain the low level histogram. The proposed method has been applied to verified 90(3 persons * 30 signatures/person) images of 256*256 pixels based on a matching measures of city-block, Euclidean, ordinal value, and normalized cross-correlation coefficient. The experimental results show that the proposed method has a superior to the linear quantization histogram, and Euclidean distance is also the optimal matching measure.

• Review of KIISC
• /
• v.31 no.4
• /
• pp.29-33
• /
• 2021

암호학을 세대로 구분하면 단순 패스워드 인증을 1 세대, 송수신 및 데이터 저장 암호를 2 세대, 서명 및 키 공유에 활용하는 암호를 3세대, 키를 사용하지 않는 암호를 4 세대라고 분류 할 수 있다. 현재 암호는 3 세대에 있으며, 암호키를 많이 사용함으로 인하여, 키의 노출로 인한 안전성의 문제를 해결하고자 연구가 있었으며, 4세대 암호로 동형암호가 제시되고 있다. 동형암호는 종대종(End-to-End) 암호의 신뢰성을 보장하며, 중간 과정에서 데이터 처리를 위하여 복호하지 않고서도 가공이 가능하도록 가단성(Malleability)을 제공한다. 이러한 속성을 기반으로 비식별화 처리하지 않고서 원데이터를 처리할 수 있어서, 데이터의 가치가 보존되고, 신뢰성 있는 데이터를 체득할 수 있다. 더욱이 중간단계에서 복호하지 않고서 데이터를 처리는 개인정보보호를 원천적으로 제공할 수 있는 메커니즘으로 파악된다. 본 고에서 동형암호 관련 산업동향 및 국제표준화 동향을 살펴본다.

• Journal of the Korea Convergence Society
• /
• v.9 no.7
• /
• pp.69-75
• /
• 2018

The key technology of Industry 4.0, Smart factory is evaluated as the driving force of our economic development hereafter and a lot of researches have been established. Various entities including devices, products and managers exist in smart factory, but roles of these entities may be continuous or variable and can become extinct not long after. Existing methods for access control are not suitable to adapt to the variable environment. If we don't consider certain security level, important industrial data can be the targets of attacks. We need a new access control method satisfying desired level of efficiency and security without excessive system loads. In this paper, we propose a new RBAC-PAC which extend AC defined for PKC to the authority attribute of roles. We distribute PACs for roles through block chain method to provide the efficient access control. We verified that RBAC-PAC is more efficient in the smart factory with large number of entities which need a frequent permission update.