• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.457-459
• /
• 2014

최근 Wellness 산업과 스마트 디바이스가 융합되면서 기존의 질병관리 체계보다 앞서 예방하는 건강관리 u-Healthcare 가 개발되고 있다. 하지만 u-Healthcare 에서 취급되는 개인정보 및 의료정보는 메시지 탈취/변조로 인해 공격자에게 악용되어 의료사고를 유발하고 환자의 생명까지 앗아갈 수 있으며 또한 프라이버시 침해로 인해 사용자의 신변을 보장 받을 수 없다. 본 논문에서는 웰니스 서비스의 u-Healthcare 보안의 고려사항과 연구동향에 대해 살펴보고 현재 u-Healthcare 분야에서 보안이 적용된 시스템에 대해 분석하고 취급되는 정보보호의 중요성에 대해 고찰한다.

• Journal of Intelligence and Information Systems
• /
• v.28 no.1
• /
• pp.29-43
• /
• 2022

With the advent of the Internet and the development of mobile digital devices such as smartphones and tablet PCs, the communication service paradigm began to shift from existing voice services to data services. Recently, as social network services (SNS) are activated and 4th industrial revolution technologies centered on ICT (Information and Communication Technologies) such as Big Data, Blockchain, Cloud, and 5G/6G are rapidly developed, the amount of shared data type and the amount of data are increasing rapidly. As the transition to a digital society begins actively, the importance of using data information, as well as the economic and social values of personal information are becoming increasingly important. As a result, they are actively discussing policies to revitalize the data information industry around the world and ways to efficiently obtain, analyze, and utilize increasingly diverse and vast data, as well as to protect/guarantee the rights of information subjects (providers) in various fields such as society, culture, economy, and politics.. In this paper, in order to improve the self-determination right of personal information on data produced by information subjects, and further expand the use of safe data and the data economy, a differentiated data trusts system was considered and suggested. In addition, the components and data trusts procedures necessary to efficiently operate the data trusts system in Korea were considered, and the non-profit data trusts system and the for-profit data trusts system were considered as a way to flexibly operate the data trusts system. Furthermore, the legal items necessary for the implementation of the data trusts system were investigated and considered. In this paper, in order to propose a domestic data trusts system, cases related to existing data trusts systems such as the United States, Japan, and Korea were reviewed and analyzed. In addition, in order to prepare legislation necessary for the data trusts system, data-related laws in major countries and domestic legal and policy trends were reviewed to study the rights that conflict or overlap with existing laws, and differences were investigated and considered. The Data trusts system proposed in this paper is a reasonable system that is expected to recognize the asset value of data in the capitalist market economy system, to provide legitimate compensation for data produced by data subjects, and further to contribute greatly to the use of safe data and creation of a new service market.

• The KIPS Transactions:PartA
• /
• v.10A no.5
• /
• pp.433-438
• /
• 2003

To provede public services through Internet, there are several prerequisites such as security issue resolutions for public area installation and hardware support for authorized signatures etc. in addition to web-based system development. A kiosk-based system is a right solution for public services provision through Internet because a kiosk has hardware features supporting authorized signatures and also it can be installed at public area through Internet without security exposure, meeting security guidelines of National Intelligence Service. The process to provide public services through a koisk is that a client requests a kind of public services selecting menu through the kiosk, then the system issues a civil service documents after taking authentification and payment process. To support those kinds o processes it is required to support electronic payment using SMART card in addition to cash payment and to apply government standard security guidelines to protect administrative and personal information. This kiosk-based Internet public service system support and meet those all requirements.

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.173-180
• /
• 2016

There has been a growing interest in automation of factories in the country. And, the development in this regard has been actively attempted. In particular, on the basis of the "innovation 3.0 strategy of manufacturing industry", interest in the smart of the manufacturing plant of small and medium-sized enterprises has increased rapidly. As well as policy for building smart plant, technical, seeking a strategic approach. But, in order to introduce such a smart plant or factory automation systems, manufacturing plant security with vulnerability and personal information protection problems, it should always be top priority there. Accordingly, we provide the applicable lightweight secure protocols in RFID communication. It is a wireless communication technology that is most often introduced for factory automation. Our proposed lightweight secure protocol in this study, less the number of calculations in comparison with the existing public key-based and the symmetric key encryption algorithm. And it is fast in compare with the existing protocol. Furthermore, we design that it system can support to low power consumption and small consume the memory size.

• Journal of the Korea Convergence Society
• /
• v.9 no.9
• /
• pp.15-22
• /
• 2018

As smart devices become popular, users can use authentication services in various methods. Authentication services include authentication using an ID and a password, authentication using a sms, and authentication using an OTP(One Time Password). This paper proposed an authentication system that solves the security problem of knowledge-based authentication using optical character recognition and can easily and quickly authenticate users. The proposed authentication system extracts a character from an uploaded image by a user and authenticates the user using the extracted character information. The proposed authentication system has the advantage of not using a password or an OTP that are easily exposed or lost, and can not be authenticated without using accurate photographs. The proposed authentication system is platform independent and can be used for user authentication, file encryption and decryption.

• Journal of the Institute of Convergence Signal Processing
• /
• v.23 no.2
• /
• pp.91-96
• /
• 2022

At the current camera-based technology level, sensor-based basic life pattern recognition technology has to suffer inconvenience to obtain accurate data, and commercial band products are difficult to collect accurate data, and cannot take into account the motive, cause, and psychological effect of behavior. the current situation. In this paper, radar technology for life pattern recognition is a technology that measures the distance, speed, and angle with an object by transmitting a waveform designed to detect nearby people or objects in daily life and processing the reflected received signal. It was designed to supplement issues such as privacy protection in the existing image-based service by applying it. For the implementation of the proposed system, based on TI IWR1642 chip, RF chipset control for 60GHz band millimeter wave FMCW transmission/reception, module development for distance/speed/angle detection, and technology including signal processing software were implemented. It is expected that analysis of individual life patterns will be possible by calculating self-management and behavior sequences by extracting personalized life patterns through quantitative analysis of life patterns as meta-analysis of living information in security and safe guards application.

• Smart Media Journal
• /
• v.10 no.1
• /
• pp.9-15
• /
• 2021

The eye tracking system designed in this paper is an eye-based computer input device designed to give an easy access for those who are uncomfortable with Lou Gehrig's or various muscle-related diseases. It is an eye-based-computer-using device for users whose potential demand alone amounts to 30,000. Combining the number of Lou Gehrig's patients in Korea estimated at around 1,700, and those who are unable to move their bodies due to various accidents or diseases. Because these eye input devices are intended for a small group of users, many types of commercial devices are available on the market. It is making them more expensive and difficult to use for these potential users, less accessible. For this reason, each individual's economic situation and individual experience with smart devices are slightly different. Therefore, making it difficult to access them in terms of cost or usability to use a commercial eye tracking system. Accordingly, attempts to improve accessibility to IT devices through low-cost but easy-to-use technologies are essential. Thus, this paper proposes a complementary superior performance eye tracking system that can be conveniently used by far more people and patients by improving the deficiencies of the existing system. Through voluntary VoCs(Voice of Customers) of users who have used different kinds of eye tracking systems that satisfies it through various usability tests, and we propose a reduced system that the amount of calculation to 1/15th, and eye-gaze tracking error rate to 0.5~1 degree under.

• Journal of the HCI Society of Korea
• /
• v.12 no.2
• /
• pp.13-19
• /
• 2017

Various life-logging based on cloud service have developed social network according to the advanced technology of smartphone and wearable device. Daily digital life on social networks has been shared information and emotion and developed new social relationships. Recent life-logging has required social relationships beyond extension of personal memory and anonymity for privacy protection. This study is to determine social network group by using life-logging data obtained in daily lives and to categorize emotion behavior with anonymity guarantee. Social network group was defined by grouping similar representative emotional behavior. The public's patterns and trends was able to be inferred by analyzing representative emotion and behavior of the social groups network.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1235-1241
• /
• 2016

Personalized App recommendation system is recently famous since the number of various apps that can be used in smart phones that increases exponentially. However, the site users using google play site with malwares have experienced severe damages of privacy exposure and extortion as well as a simple damage of satisfaction descent at the same time. In addition, Sybil attack (Sybil) manipulating the score (rating) of each app with falmay also present because of the social networks development. Up until now, the sybil detection studies and malicious apps studies have been conducted independently. But it is important to determine finally the existence of intelligent attack with Sybil and malware simultaneously when we consider the intelligent attack types in real-time. Therefore, in this paper we experimentally evaluate the relationship between malware and sybils based on real cralwed dataset of goodlplay. Through the extensive evaluations, the correlation between malware and sybils is low for malware providers to hide themselves from Anti-Virus (AV).

• Journal of the Korea Convergence Society
• /
• v.11 no.5
• /
• pp.19-25
• /
• 2020

As the number of mobile device users increases, research on various user authentication methods has been actively conducted to protect sensitive personal information. Knowledge-based techniques have the disadvantage that security is deteriorated due to easy exposure of authentication means, and proprietary-based techniques have a problem of increasing construction cost and low user convenience to use the service. In order to solve this problem, a FIDO authentication system, which is a user authentication method using a smart device, has been proposed. Since the FIDO authentication system performs authentication based on the biometric information of the user, the risk of the authentication means being leaked is low, and since the authentication information is stored in the user's smart device, the user information due to server hacking is solved. Through this, it is possible to select and utilize user authentication technology suitable for the security level of the service. In this paper, we introduce the FIDO authentication system, explain the main parts required for FIDO UAF client-server development, and show examples of implementation using UAF open source provided by ebay.