• Information Systems Review
• /
• v.15 no.2
• /
• pp.1-19
• /
• 2013

Smart working sparked by iPhone3 opens a revolution in smart ways of working at any time, regardless of location and environment. Also, It provide real-time information processing and analysis, rapid decision-making and the productivity of businesses, including through the timely response and the opportunity to increase the efficiency. As a result, every company are developing mobile information systems. But company data is accessed from the outside, it has problems to solve like security, hacking and information leakage. Also, Mobile devices such as smart phones belonging to the privately-owned asset can't be always controlled to archive company security policy. In the meantime, public smart phones owned by company was always applied security policy. But it can't not apply to privately-owned smart phones. Thus, this paper is focused to archive company security policy, but also enable the individual's free to use of smart phones when we use mobile information systems. So, when we use smart phone as individual purpose, the normal operation of all smart phone functions. But, when we use smart phone as company purpose like mobile information systems, the smart phone functions are blocked like screen capture, Wi-Fi, camera to protect company data. In this study, we suggest the design and implementation of real time control and management of mobile device using MDM(Mobile Device Management) solution. As a result, we can archive company security policy and individual using of smart phone and it is the optimal solution in the BYOD(Bring Your Own Device) era.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1215-1224
• /
• 2014

Various research was done to protect user's private data from malicious application which expose user's private data and abuse exposed data. However, a new type of malicious application were appeared. And these malicious applications use a smart phone as a new tools to perform secondary attack. Therefore, in this paper, we propose a method to detect the DDoS attack application installed inside the mobile device using the Android logging system.

• Convergence Security Journal
• /
• v.14 no.7
• /
• pp.3-8
• /
• 2014

Recently, A utilization request of the U-Healthcare services are increasing rapidly. This is because the increase in smartphone users and ubiquitous computing technology was developed. Furthermore, the demand for access to and use of medical information systems is growing rapidly with a smartphone. This system have the advantage such as they can access from anywhere and anytime in the healthcare information system using their smartphone quickly and easily. But this system have various problems that are a privacy issue, the location disclosure issue, and the potential infringement of personal information. this problems are arise very explosive. Therefore, we propose a secure information security system that can solve the security problems in healthcare information systems for healthcare workers using smartphone. Our proposed system, doctors record, store, modify and manage patient medical information and this system would be safer than the existing healthcare information systems. The proposed system allows the doctor to perform further authentication by transmitting using SMS to GOTP message when they accessing medical information systems. So our proposed system can support to more secure system that can protect user individual information stealing and modify attack by two-factor authentication scheme. And this system can support confidentiality, integrity, location information blocking, personal information steal prevent using cryptography algorithm that is easy and fast.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.11
• /
• pp.101-105
• /
• 2012

Various social problems through violating personal information and privacy are growing with the rapid spread of smartphones. For this reason, variety of researches and technology developments to protect personal information being made. The smartphone, contains almost all of the personal information, can cause data spill at any time. Collecting or analyzing evidence is not an easy job with forensic analyzing tool. Android forensics research has been focused on techniques to collect and analyze data from non-volatile memory but research for volatile data is very slight. Android log is the non-volatile data that can be collected by volatile storage. It is enough to use as a material to track the usage of the Android phone because all of the recent driven records from system to application are stored. In this paper, we propose a method to respond to determining the existence of personal information leakage by filtering logs without forensic analysis tools.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2024.01a
• /
• pp.193-194
• /
• 2024

스마트홈과 연동하는 안전한 방범창은 외부의 침입자를 차단하고 주거 내의 물품 도난 및 개인의 신변을 보호하기 위한 안전설비로 다양한 형태의 방범창이 존재한다. 스마트홈은 건물 내의 센서가 화재를 감지하면 방범창 내부의 원격시스템이 자동으로 방범창을 매우 짧은 시간 안에 개방할 수 있도록 설계한다. 화재 등 재난시 상하부 방법창이 자동으로 개폐되도록 랙피니언을 이용하여 방범창의 위쪽 창틀을 상승시켜 창살이 움직일 수 있도록 개방하고 동시에 아래쪽 창틀이 회전하도록 구성하여 화재 및 폭우 등에 인명피해를 줄일 수 있도록 설계한다. 스마트홈 시스템과의 연계로 재난을 미리 감지하고 탈출구를 개방한다면 신속하고 안전한 대피가 가능하고, 기존의 프레임 부분 변경에 간단한 시스템만 변경하여 적용할 수 있어, 간단한 구조로 설치할 수 있고 낮은 비용으로 스마트홈을 구성할 수 있다. 특히 스마트홈과 연동하여 재난을 미리 감지하고 탈출구를 개방함으로써 신속하고 안전한 대피가 가능하여 다양한 재난을 대비할 수 있다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.537-544
• /
• 2012

With wireless network infrastructure, the number of smart-phone users is remarkably increasing in the world and the amounts of damage due to the smart-phone malwares are also raised. Many security solutions for wireless network have come into the market but these solutions are for companies or large enterprises, therefore, the public users of smart-phone don't feel easy to select as their solutions and it is difficult to detect unknown malwares. In this paper, we propose the mobile security diagnostic system for public smart-phone users, which provides functions like smart-phone system check, comparison with blacklist of applications and collecting malwares.

• Smart Media Journal
• /
• v.10 no.2
• /
• pp.84-91
• /
• 2021

In the EU GDPR, when collecting personal information, the right of the information subject(user) to consent or refuse is given the highest priority. Therefore, the information subject must be able to withdraw consent and be forgotten and claim the right at any time. Especially, restricted IoT devices(Constrained Node) implement the function of consent of the data subject regarding the collection and processing of privacy data, and it is very difficult to post the utilization content of the collected information. In this paper, we designed and implemented a management system that allows data subjects to monitor data collected and processed from IoT devices, recognize information leakage problems, connect, and control devices. Taking into account the common information of the standard OCF(Open Connectivity Foundation) of IoT devices and AllJoyn, a device connection framework, 10 meta-data for information protection were defined, and this was named DPD (Data Protection Descriptor). we developed DPM (Data Protection Manager), a software that allows information subjects to manage information based on DPD.

• Convergence Security Journal
• /
• v.21 no.2
• /
• pp.37-46
• /
• 2021

Decentralized Identifier (DID) technology is a technology that uses blockchain technology to prove an individual's identity through information owned by the individual rather than through a central system. In this paper, we would like to present an access control system using decentralized identifier technology. The access control system using decentralized identifier technology (DID access control system) is a system that allows users to verify their identity from the DID blockchain server through their smartphone (mobile employee ID) and access when they are confirmed to be registered in the access control system. Through this, access control can be managed only by verifying identification with smartphones (mobile employee ID) and DID blockchain servers without having to store information to prove an individual's identity in the access control system.

• Smart Media Journal
• /
• v.12 no.7
• /
• pp.27-42
• /
• 2023

The development of cloud services and IoT technology has radically changed the cloud environment, and has evolved into a new concept called fog computing and F2C (fog-to-cloud). However, as heterogeneous cloud/fog layers are integrated, problems of access control and security management for end users and edge devices may occur. In this paper, an F2C-based IoT smart health monitoring system architecture was designed to operate a medical information service that can quickly respond to medical emergencies. In addition, a role-based service access control technology was proposed to enhance the security of user's personal health information and sensor information during service interoperability. Through simulation, it was shown that role-based access control is achieved by sharing role registration and user role token issuance information through blockchain. End users can receive services from the device with the fastest response time, and by performing service access control according to roles, direct access to data can be minimized and security for personal information can be enhanced.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.04a
• /
• pp.253-256
• /
• 2002

본 논문에서는 MMORPG 게임에서 스마트카드를 이용한 시스템을 설계하였다. 스마트카드가 갖고 있는 기능적 특성들을 이용하여 MMORPG 게임에서 시스템 유해 코드 차단 및 개인 사용자의 정보 보호, 서비스 이용에 대한 과금 시스템 구축 등을 위해 기존의 서버-클라이언트 시스템상의 소프트웨어 설치를 통해 이루어졌던 사용자들이 신뢰할 수 없는 과금 체계나 보안 기능이 아닌 하드웨어적인 접근을 통하여 보안적으로 좀더 견고하고 안정적인 시스템을 구축할 수 있도록 하였다.