• Journal of Korea Multimedia Society
• /
• v.11 no.3
• /
• pp.404-413
• /
• 2008

As toward a ubiquitous society, a lot of methods have been proposed to protect personal privacy. Smart Cards with CPU and Memory are widely being used to implement the methods. The use of Java Card is also gradually getting expanded into more various applications. Because there is no standards in Java Card File System, Generally, Java Card File System follows the standards of Smart Card File System. However, one of disadvantages of the Java Card File System using a standard of Smart Card File System is that inefficient memory use and increasing processing time are caused by redundancy of data and program codes. In this paper, a File Cache method and a Direct Access method are proposed to solve the problems. The proposed methods are providing efficient memory use and reduced processing time by reduce a program codes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.63-70
• /
• 2003

In the modern electronic world, the authentication of a person is an important task in many areas of online-transactions. Using biometrics to authenticate a person's identity has several advantages over the present practices of Personal Identification Numbers(PINs) and passwords. To gain maximum security in the verification system using biometrics, the computation of the verification as well as the store of the biometric pattern has to be taken place in the security token(smart card, USB token). However, there is an open issue of integrating biometrics into the security token because of its limited resources(memory space, processing power). In this paper, we describe our implementation of the USB security token system having 206MHz StrongARM CPU, 16MBytes flash memory, and 1MBytes RAM. Also, we evaluate the performance of a light-weighted In-gerprint verification algorithm that can be executed in the restricted environments. Based on experimental results, we confirmed that the RAM requirement of the proposed algorithm was about 6.8 KBytes and the Equal Error Rate(EER) was 1.7%.

• The Journal of the Korea Contents Association
• /
• v.15 no.10
• /
• pp.607-615
• /
• 2015

Mosts user of internet and smart phone has certificate, and uses it when money transfer, stock trading, on-line shopping, etc. Mosts user stores certificate in a hard disk drive of PC, or the external storage medium. In particular, the certification agencies are encouraged for user to store certificate in external storage media such as USB memory rather than a hard disk drive. User think that the external storage medium is safe, but when it is connect to a PC, certificate may be copied easily, and can be exposed to hackers through malware or pharming site. Moreover, if a hacker knows the user's password, he can use user's certificate without restrictions. In this paper, we suggest secure management scheme of the private key file using a password of the encrypted private key file, and a USB Memory's hardware information. The private key file is protected safely even if the encrypted private key file is copied or exposed by a hacker. Also, if the password of the private key file is exposed, USB Memory's container ID, additional authentication factor keeps the private key file safe. Therefore, suggested scheme can improve the security of the external storage media for certificate.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.183-186
• /
• 2014

Increasingly important user based service on the smart media era, and increasing awareness about the user experience. As the connected Internet information systems increases, one of the problems happening between users and information systems such as Internet shopping-malls, portal sites, and corporate web sites is related with the information privacy concerns issues. Thus, we have reviewed extensive previous studies on information privacy in local and foreign information systems, marketing and other fields. The purpose of this study is to provide future directions of studies on information privacy concerns by analyzing past and recent trends of the studies. By considering these realities, we were conducted review on the influencing factors of information privacy concerns on behavior intention based the online environment. Based on these findings, several theoretical and practical implications were suggested and discussed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.803-813
• /
• 2013

As the developments of smart devices and social network services, the amount of data has been exploding. The world is facing Big data era. For these reasons, the Big data processing technology which is a new technology that can handle such data has attracted much attention. One of the most representative technologies is Hadoop. Hadoop Distributed File System(HDFS) designed to run on commercial Linux server is an open source framework and can store many terabytes of data. The initial version of Hadoop did not consider security because it only focused on efficient Big data processing. As the number of users rapidly increases, a lot of sensitive data including personal information were stored on HDFS. So Hadoop announced a new version that introduces Kerberos and token system in 2009. However, this system is vulnerable to the replay attack, impersonation attack and other attacks. In this paper, we analyze these vulnerabilities of HDFS security and propose a new protocol which complements these vulnerabilities and maintains the performance of Hadoop.

• Journal of Digital Convergence
• /
• v.16 no.9
• /
• pp.133-145
• /
• 2018

This study was investigated the necessity and possibility of using block-chain technology in online used-goods trading platform. Current online used-goods trading platforms operate a safety trading system, but it is difficult to utilize due to relatively high commission rate. As a result, people mainly use the method of meeting and purchasing in person, which is a relatively costly method. This study discusses how to build a platform to solve or mitigate problems such as privacy, information distortion and omission, fraud, etc. In the platform proposed in this study, it is possible to solve the major fraud and personal information protection problems that may occur in the transaction proceeding by appropriately reflecting the types and characteristics of the block-chain technology. In future work, we will discuss legal framework and technology development plan to apply the proposed platform in this study.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.05a
• /
• pp.277-280
• /
• 2015

Smishing, Phishing personal privacy caused by Incident accidents such as Phishing information security has become a hot topic. Such incidents have privacy in personal information management occurs due to a lack of user awareness. This paper is based on the existing structure of the XML Tag question bank used a different Key-Value Structure-based JSON. JSON is an advantage that does not depend on the language in the text-based interchange format. The proposed system is divided into information security sector High, Middle and Low grade. and Provides service to the user through the free space and the smart device and the PC to the constraints of time. The use of open source Apache Load Balancing technology for reliable service. It also handles the user's web page without any training sessions Require server verification result of the training(training server). The result is sent to the training server using jQuery Ajax. and The resulting data are stored in the database based on the user ID. Also to be used as a training statistical indicators. In this paper, we design a level training system to enhance the user's information security awareness.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.2
• /
• pp.51-58
• /
• 2022

Blockchain technology is a system in which data from users participating in blockchain networks is distributed and stored. Bitcoin and Ethereum are attracting global attention, and the utilization of blockchain is expected to be endless. However, the need for blockchain data privacy protection is emerging in various financial, medical, and real estate sectors that process personal information due to the transparency of disclosing all data in the blockchain to network participants. Although studies using smart contracts, homomorphic encryption, and cryptographic key methods have been mainly conducted to protect existing blockchain data privacy, this paper proposes data privacy using matrix character relocation techniques differentiated from existing papers. The approach proposed in this paper consists largely of two methods: how to relocate the original data to matrix characters, how to return the deployed data to the original. Through qualitative experiments, we evaluate the safety of the approach proposed in this paper, and demonstrate that matrix character relocation will be sufficiently applicable in private blockchain environments by measuring the time it takes to revert applied data to original data.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.4
• /
• pp.41-46
• /
• 2016

Recently, many domestic and foreign corporates are concentrating in investment to wearable devices and users are provided with various service based on wearable devices 26% more than compared to last year. It is widely used in previous healthcare, smart work, smart home environment, and it is now introduced to get connection to fused service environment. However, as products of G company are commercialized, the security issue of personal information is causing dispute in society, and the danger of data management and security regarding telecommunication is increasing. Also, because the password system used in previous wireless environment is still in use, there are possible vulnerability considering the new and mutant security threat. This thesis conducted study about protocols that can exercise safe telecommunication in the basis of wearable devices. In the registration and certification process, the signature value is created based on the code value. The telecommunication method is designed to conduct safe telecommunication based on the signature value. As for the attack method occurring in the wearable device environment, the safety was analyzed and conducted performance evaluation of previous password system and proposal system, and verified about 14% of efficiency.

• Journal of Convergence for Information Technology
• /
• v.9 no.9
• /
• pp.27-32
• /
• 2019

Along with the growth of u-Healthcare, we propose a security enhancement based on network separation for CloudHIS with for handling healthcare information to cope with cyber attack. To protect against all security threats and to establish clear data security policies, we apply desktop computing servers to cloud computing services for CloudHIS. Use two PCs with a hypervisor architecture to apply physical network isolation and select the network using KVM switched controller. The other is a logical network separation using one PC with two OSs, but the network is divided through virtualization. Physical network separation is the physical connection of a PC to each network to block the access path from both the Internet and the business network. The proposed system is an independent desktop used to access an intranet or the Internet through server virtualization technology on a user's physical desktop computer. We can implement an adaptive solution to prevent hacking by configuring the CloudHIS, a cloud system that handles medical hospital information, through network separation for handling security enhancement.