• Informatization Policy
• /
• v.23 no.4
• /
• pp.38-58
• /
• 2016

The ever-evolving Internet environment along with changes in the mass media has been creating a new way of communicating in the virtual cyber world. The Internet users have more services at their disposal to communicate with ease. Such a new way of communication styles, however, makes them vulnerable to personal information leakage, increasing the concerns of cyber security. A thorny issue is how we can control the disclosure of personal information. Lately, the Korean government implemented privacy policies to resolve and prevent personal information leakage incidents that incur social problems. Here, we seek to identify problems in the privacy policies for better solutions.

• Review of KIISC
• /
• v.30 no.6
• /
• pp.47-53
• /
• 2020

4G/LTE로 일컫는 4세대 이동통신 이후 등장한 5세대 이동통신 기술은 초고속, 초연결, 초저지연 등을 기술적 요구사항으로 정의하다. 특히, 초연결을 위한 요구사항으로 1㎢단위 면적당 1백만개의 사용자 단말장치 또는 기기 등을 이동통신망에 연결토록 하는 것이고. 사용자 및 개체와 이동통신망 사이에서 식별을 포함하여 상호 인증 및 키 일치와 같은 암호기술을 요구하고 있다. 이때 사용자 및 개체 인증을 위한 많은 양의 난수가 소요되며, 이를 구현하기 위한 홈 네트워크 뿐만 아니라 단말 등에 적합한 난수기반의 암호장비 수요가 가시화 되고 있다. 본 논문에서는 5G 이동통신 환경에서 암호기술을 소개하고, 5G 이후 초연결을 위한 암호기술의 연구결과를 제시한다.

• Journal of KIISE:Computer Systems and Theory
• /
• v.36 no.5
• /
• pp.387-395
• /
• 2009

The establishment of security architecture is essential because security vulnerabilities occur such as user's unjustifiable connection for the opened gateway and access to resources without permission in OSGi service platform environment. In this paper, it proposes a authentication technique for an Automatic user authentication which is used the Symmetric Key and the Service bundle authentication to consider the constraints of the hardware in the OSGi service platform environment. Typically, the type of entering a password is used for the user authentication mechanism however OSGi platform environment studies not entering the password but using MAC address and encrypted identifier of the automatic user authentication mechanism because the devices are limited in their input. In this paper, the Symmetric Key is used for bundle authentication mechanism. Therefore operation becomes quick and secure authentication process has been successfully completed by using the time data and a ticket which contains a license. Based on these two different authentication mechanisms, it could eliminate the constraints of resources and improve the convenience of users and administrators. Also it shows an effect from omitting the waiting time to enter a password and reducing operations which need for authentication in the OSGi service platform environment.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.06d
• /
• pp.109-114
• /
• 2007

RFID 기술은 유비쿼터스 환경의 편리성을 위한 목적을 쉽게 이룰 수 있는 기술로 현재 주목 받고 있으며 많은 장점을 가지고 있다. 이러한 RFID 환경에서 가장 보안적인 문제를 갖는 것은 RFID 태그에 저장 관리되어지는 식별 정보에 대한 프라이버시 침해 문제의 보호이다. 본 논문에서는 정형검증 방법인 모델 체킹을 이용하여 RFID 태그와 리더기간의 상호 인증 및 태그의 식별 정보에 대한 안전성을 분석하기 위해 RFID 보안 프로토콜의 취약성 분석 및 수정된 프로토콜을 제안함으로써 안전한 유비쿼터스 네트워크 환경을 구축하고자 한다.

• Korea Information Processing Society Review
• /
• v.11 no.2
• /
• pp.17-24
• /
• 2004

음성정보처리 기술은 사람의 말을 음향, 언어, 심리학 및 공학적인 측면에서 연구하여 사람과 기계사이의 인터페이스를 자연스럽게 하는 것을 목표로 하고 있으며, 음성인식, 음성합성 및 언어처리 기술로 이루어져 있다. 음성인식기술이란 사람의 말을 이해하는 것뿐만 아니라 화자를 식별하고 인증하는 기술도 포함하고 있으며, 음성합성 기술이란 문자로부터 음성을 생성하는 기술을 의미한다. 그리고 언어처리 기술은 음성인식, 음성합성기술 속에 포함될 수 있으나 최근 마크업 언어를 활용하여 음성인식, 합성 등을 제어하는 경향이 도래함에 따라 언어처리 기술을 따로 분류하기도 한다［1］［2］.(중략)

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.10a
• /
• pp.92-93
• /
• 2007

RFID(Radio Frequency Identification : 무선주파수식별) 기술은 유비쿼터스 구조 기술의 중요한 한 부분을 이루고 있다. 태그를 이용한 모든 제품들이 이러한 서비스의 대상이 되고 있지만 불행이도 다방면에 이용되는 이면에는 사용자의 사생활과 사용자 밀 판매자간의 인증문제를 이용한 서비스 공격 대상이 되고 있다. 현재 이러한 RFID 시스템의 보안 메커니즘들은 매우 중요하며 본 논문에서는 여러가지 메커니즘들 중 보안 프로토콜을 이용한 사생활과 인증문제 해결을 위해 정형검증을 통해 분석하고 새로운 프로토콜을 제안 및 구현가능성을 언급하고자 한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.5
• /
• pp.1125-1130
• /
• 2015

In this paper, a method to identify components per unit task system is expressed with node, module, and interface. We define security subject per unit task system and explain node, module, and interface per component. According to the defined security standard in design phase, we also perform to design and elaborate security attributes for node and module as identified security subjects in their defined tables. And then we describe the composition standard for security attribute design with some examples, after classifying it into security subject, access subject, access control area, identification or verification area, and encryption.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.5
• /
• pp.127-136
• /
• 2018

In this paper, we propose a PIN entry method that combines with machine learning technique on smartphone. We use not only a PIN but also touch time intervals and locations as factors to identify whether the user is correct or not. In the user registration phase, a remote server was used to train/create a machine learning model using data that collected from end-user device (i.e. smartphone). In the user authentication phase, the pre-trained model and the saved PIN was used to decide the authentication success or failure. We examined that there is no big inconvenience to use this technique (FRR: 0%) and more secure than the previous PIN entry techniques (FAR : 0%), through usability and security experiments, as a result we could confirm that this technique can be used sufficiently. In addition, we examined that a security incident is unlikely to occur (FAR: 5%) even if the PIN is leaked through the shoulder surfing attack experiments.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.11
• /
• pp.121-128
• /
• 2021

After entering the 4th Industrial Revolution, the digital content market, which was only dependent on existing contents supply enterprises, is providing various digital content through the participation of users like YouTube. Accordingly, it activated the digital content market, but it causes a negative influence on the digital content market due to the copyright of the creator and the indiscriminate illegal use and usage of the content. This study researched digital content management technology based on blockchain technology to protect digital content and the copyright of the creator. The suggested technology protects the digital content and the copyright holder and discerns the users and prevents the indiscriminate approach and illegal use of digital content. For the safe management of digital content, hash function applied as the certification technology of blockchain is used to certify the users and manage the digital content and provide integrity and authentication service.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.4
• /
• pp.61-70
• /
• 1999

In this paper we propose the verifiable self-certified schemes(key distribution scheme identification scheme digital signature scheme) based on ${\gamma}$th -residuosity which make up for defects of Girault's self-certified schemes allow the authenticity of public keys to be verified during the use of the keys. The security of our schemes is based on the difficulty of ${\gamma}$th -residuosity problem and discrete logarithm problem simultaneously.