• Proceedings of the Korea Contents Association Conference
• /
• 2004.11a
• /
• pp.291-295
• /
• 2004

As a large quantity of information is presented in XML format on the web, there are increasing demands for XML security. Until now research on XML security has been focused on the security of data network using digital signature and encryption technology. As XML data become extensive and complex however XML security comes to involve not only network security but also managerial security. But XML encryption support simple network security. So it cannot support multiple users and multiple access control policy. In this paper, we propose an integration method of encryption and access control policy for securing XML documents. This methodology can support multiple authorization of multiple users with integrating access control. And this can reduce the cost of the existing complicated access evaluation process of access control by using pre-processing.

• The Journal of the Korea Contents Association
• /
• v.6 no.1
• /
• pp.137-142
• /
• 2006

As a large quantity of information is represented in XML format on the web, there are increasing demands for XML security. Until now research on XML security has been focused on the security of data network using digital signature and encryption technology. As XML data become extensive and complex, however, XML security comes to involve not only network security but also managerial security. But XML encryption support only simple network security. So it cannot support multiple users and multiple access control policy. In this paper, we propose an integration method of encryption and access control policy for securing XML documents. This methodology can support multiple authorization of multiple users with integrating access control.

• Journal of Korea Multimedia Society
• /
• v.13 no.4
• /
• pp.575-581
• /
• 2010

With widespread use of the Internet and improvements in streaming media and compression technology, digital music, video, and image can be distributed instantaneously across the Internet to end-users. However, most conventional Digital Right Management are often not secure and not fast enough to process the vast amount of data generated by the multimedia applications to meet the real-time constraints. The SVC offers temporal, spatial, and SNR scalability to varying network bandwidth and different application needs. Meanwhile, for many multimedia services, security is an important component to restrict unauthorized content access and distribution. This suggests the need for new cryptography system implementations that can operate at SVC. In this paper, we propose a new scrambling encryption for reserving the characteristic of scalability in MPEG4-SVC. In the base layer, the proposed algorithm is applied and performed the selective scambling. And it encrypts various MVS and intra-mode scrambling in the enhancement layer. In the decryption, it decrypts each encrypted layers by using another encrypted keys. Throughout the experimental results, the proposed algorithms have low complexity in encryption and the robustness of communication errors.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.4C
• /
• pp.380-387
• /
• 2009

In this paper, optical image encryption using integral imaging and pixel-scrambling technologies is proposed. In the encryption process, we use pixel scrambling to change the order of subsections into which the cover image is divided, and the utilize the integral imaging scheme to obtain the elemental image from the scrambled image. In order to achieve higher security, we reuse pixel scrambling to the elemental image. In the decryption process, we employ optical integral imaging reconstruction technique and inverse pixel scrambling methode. Computer simulation results prove the feasibility of the proposed method and robustness against data loss and noise.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.11a
• /
• pp.702-705
• /
• 2017

최근 들어 개인정보 보호의 중요성에 대한 인식이 높아지고 있다. 개인정보 위협 요소 증가 및 유출 사고 증가 등으로 개인정보 보호 필요성이 높아지고 있으며, 개인정보보호법 발효 및 시행에 따른 기술적 보호 마련을 위하여 외국계 카드 발행사에서 지속적으로 PCI DSS(Payment Card Industry Data Security Standard)의 준수를 요청하고 있다. 카드 소유자의 데이터를 전송, 처리, 저장하는 환경에 대한 인증으로 적격업체 선정의 자격을 주기도 한다. 이러한 보안성 심의 기준이 강화되고 있으나 DB 암호화 제품인 TDE(Transparent Data Encryption) 방식의 암호화 방법은 암호화 기능 이외에 접근제어, 키 기밀성 보장을 위한 옵션의 추가 도입 검토가 필요하며, 서비스를 위해서 DB 전용 메모리 영역(SGA)의 Buffer Cache에 평문(Plain Text)으로 복호화한 후 로드하여 사용하므로 예상치 못한 또 다른 심각한 데이터 유출의 위험이 있다. 본 논문에서는 개인정보 암호화 방법을 연구하고 구현과정에서 발생한 문제에 대한 해결 과정을 설명하였다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.223-227
• /
• 2001

보안을 위한 암호화는 실시간 통신인 VoIP에 패킷의 추가적인 작업이 요구되므로 음질에 악영향을 미치게 된다. 이러한 영향을 파악하고 분석하기 위해 DES, 3DES, SEED 그리고 AES 등의 암호 알고리즘을 VoIP 시스템에 적용하여 지터나 RTT 혹은 패킷 손실율과 같은 QoS 요소를 측정함으로써 각 암호 알고리즘의 연산이 실시간 통신에 미치는 영향을 알아보았다.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.46 no.1
• /
• pp.39-44
• /
• 2009

The advance of communication and networking technology enables high bandwidth multimedia data transmission. The development of high performance compression technology such as H.264 also encourages high quality video and audio data transmission. The trend requires efficient protection system for digital media rights. We propose an efficient digital media protection system using elliptic curve cryptography. Only key parameters are encrypted to reduce the burden of complex encryption and decryption in the proposed system, and the digital media are not played back or the quality is degraded if the encrypted information is missing. We need a playback system with an ECC processor to implement the proposed system. We implement an H.264 decoding system with a configurable ECC processor to verify the proposed protection system We verify that the H.264 movie is not decoded without the decrypted information.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.1
• /
• pp.3-15
• /
• 2005

As a large quantity of information is presented in XML format on the web, there are increasing demands for XML security. Research area or n security is about Encryption Digital signature, Key management and Access control. until now research on U security has been focused on the security of data network using digital signature and encryption technology. As XML data become extensive and complex XML security comes to involve not only network security but also managerial security. Managerial security is guaranteed through access control. But XML Encryption supports simple network security. So it can't support multiple users and multiple access control policies. In this paper, we propose an integration method of encryption and access control policy for securing XML documents. This methodology can supper multiple authorizations of multiple users with integrating access control. And this can reduce the cost of evaluation process of the existing complicated access authorization with pre-processing.

• Journal of Internet of Things and Convergence
• /
• v.8 no.1
• /
• pp.79-85
• /
• 2022

Internet of Things (IoT) connects devices with various platforms, computing power, and functions. Due to the diversity of networks and the ubiquity of IoT devices, demands for security and privacy are increasing. Therefore, cryptographic mechanisms must be strong enough to meet these increased requirements, while at the same time effective enough to be implemented in devices with long-range specifications. In this paper, we present the performance and memory limitations of modern cryptographic primitives and schemes for different types of devices that can be used in IoT. In addition, detailed performance evaluation of the performance of the most commonly used encryption algorithms in low-spec devices frequently used in IoT networks is performed. To provide data protection, the binary ring uses encryption asymmetric fully homomorphic encryption and symmetric encryption AES 128-bit. As a result of the experiment, it can be seen that the IoT device had sufficient performance to implement a symmetric encryption, but the performance deteriorated in the asymmetric encryption implementation.

• Review of KIISC
• /
• v.29 no.6
• /
• pp.39-48
• /
• 2019

랜섬웨어(Ransomware)는 몸값(Ransom)과 소프트웨어(Software)의 합성어로 사용자 시스템을 장악하여 중요 문서 및 파일을 암호화하고 암호화된 파일의 복호화를 대가로 가상 화폐를 요구한다. 랜섬웨어로 인한 피해는 매년 증가하고 있으며 새로운 랜섬웨어의 등장과 변종의 출현이 빈번하다. 이에 본 논문은 2019년에 등장하거나 영향을 주고 있는 랜섬웨어에 대한 유포방법, 유포 대상, 알고리즘 사용 현황을 밝히고 국내 외 피해 사례를 소개한다. 그리고 분기 별로 감염율 상위 5개의 랜섬웨어를 살펴보고 평균 요구 금액에 대해 기술한다. 마지막으로 주요 및 신규 랜섬웨어 대해 유포 경로, 특징, 암호화 알고리즘, 복호화 요소 및 복호화 도구에 대해서는 표로 요약하며 자세히 서술한다.