• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.6
• /
• pp.49-58
• /
• 2005

In this paper, we have proposed a secure dynamic ID allocation protocol using mutual authentication on the RFID tag. Currently, there are many security protocols focused on the low-price RFID tag. The conventional low-price tags have limitation of computing power and rewritability of memory. The proposed secure dynamic ID allocation protocol targets to the high-performance RFID tags which have more powerful performance than conventional low-price tag by allocating dynamic ID to RFID using mutual authentication based on symmetric encryption algorithm. This protocol can be used as a partial solution for ID tracing and forgery.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.17-22
• /
• 2009

Certificateless cryptography eliminates the need of certificacates in the public key crytosystems and solves the inherent key escrow problem in identity-based cryptosystems. This paper demonstrates that two certificateless signature schemes proposed by Guo et al. and Wang et al. respectively are insecure against key replacement attacks by a type I adversary. We show that the adversary who can replace a signer's public key can forge signatures under the replaced public key. We then make a suggestion to prevent the attacks.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.599-600
• /
• 2009

현재 센서 네트워크의 보안 기술 연구는 센서 네트워크 내의 정보전달 및 처리과정에서의 정보 보호 및 중요 센서 노드의 보호를 위한 정보인증, 노드인증, 보안 라우팅, 키 관리, 도처, 위조 방지 등에 중점을 두고 진행되고 있다. 그러나 대부분의 연구는 USN 응용 서비스 유형에 종속되는 단점을 가진다. 즉, 특정 서비스에만 유용한 보안 기술 연구가 대부분이라 하겠다. 따라서, 특정 USN 응용 서비스에 국한되지 않는 다양한 USN 응용 서비스를 지원할 수 있는 정보보호 기술이 개발이 이루어져야 하며, 이를 위해서는 다양한 USN 응용 서비스를 지원할 수 있도록 보안을 고려한 센서 네트워크의 구성에 대한 연구가 선행되어야 한다. 이에 본 논문에서는 현재 개발된 다양한 USN 응용 서비스를 분석하여 공통적인 센서 네트워크의 구성 요소를 도출하였으며, 이를 토대로 보안을 고려한 센서 네트워크 분류기준을 제시하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.11a
• /
• pp.854-857
• /
• 2011

전자 결재 시스템은 오프라인 문서 결재보다 효율적인 문서 관리가 가능 하고 예산 낭비를 방지할 수 있으며, 작업 능률을 극대화 할 수 있다는 장점 때문에 현재 많은 기업에서 도입하여 사용하고 있다. 하지만 상용화되어 있는 전자 결재 시스템에서 사용되는 이미지 서명은 복제 및 위조가 가능하다는 위협이 존재한다. 이러한 문제를 해결하기 위해서 단순 서명 방식을 적용한 전자 결재 시스템이 제안되었다. 하지만 단순 서명 방식을 이용한 전자 결제 시스템은 단 한 명의 결재자만을 고려한 시스템으로 실제 기업에는 다양한 직책의 결재자가 존재하기 때문에 적용하기가 어렵다. 이에 본 논문에서는 C.Boyd 의 순차 다중서명 방식을 사용하여 다수의 결제자가 서명할 수 있는 전자 결제 시스템을 제안한다.

• Journal of the Korean Society of Safety
• /
• v.14 no.4
• /
• pp.204-210
• /
• 1999

We propose an optical fingerprint identification system using volume hologram for database of matched filter. Matched filters in VanderLugt correlator are recorded into a volume hologram that can store data with high density, transfer them with high speed, and select a randomly chosen data element. The multiple reference fingerprint photographs of database are prerecorded in a photorefractive material in the form of Fourier transform images, simply by passing the image displayed in a spatial light modulator through a Fourier transform lens. The angular multiplexing method for multiple holograms of database is achieved by controlling the reference directions with a step motor. Experimental results show that the proposed system can be used for secure entry systems to identify individuals for access to a restricted area, security verification of credit cards, passports, and other IDs.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.19 no.1
• /
• pp.327-334
• /
• 2024

In this paper, we developed a system with a near-infrared LED light source with a wavelength of 950nm to acquire palm vein images and a white LED light source to acquire palm creases based on Raspberry Pi. In addition, we implemented a unique pattern-extractable image processing technology that can prevent counterfeiting and enhance security of mixed creases and palmprints through image pre-processing (Gray scaling, Histogram Equalization, Blurring, Thresholding, Thinning) for the acquired vein and palm images, and secured a source technology that can be used in a security-enhanced system.

• Development and Reproduction
• /
• v.15 no.1
• /
• pp.71-76
• /
• 2011

Due to its role in maintaining the health of scientific societies, research ethics (or integrity) is notably receiving attention by academia, governments and even individuals who are not engaged in scientific researches. In this paper, I will introduce some valuable papers dealt with plagiarism as a representative research misconduct. In general, researcher's results that will soon be published must meet the crucial scientific criteria: originality, accuracy, reproducibility, precision and research ethics. The definition of plagiarism is "appropriation of another person's ideas, processes, results, or words without giving appropriate credit." Compared to fabrication and falcification, plagiarism is often considered as a minor misconduct. With intentionality, however, plagiarism can be corresponding to 'theft of intellectual product'. The context of plagiarism is not restricted to the stage of publication. It can be extended to prior stages of proposing (i.e. preparing the research proposal) and performing (executing the research), and reviewing (writing the review papers). Duplicate publication is regarded as a self-plagiarism in broad interpretation of plagiarism. To avoid dangers of plagiarism, earnest efforts from all members of scientific community are needed. First of all, researchers should keep 'transparency' and 'integrity' in their scientific works. Editorial board members and reviewers should keep fairness and well-deserved qualification. Government and research foundations must be willing to provide sufficient financial and policy support to the scientific societies; Up-graded editorial services, making good use of plagiarism detection tools, and thorough instruction on how to write a honest scientific paper will contribute to building up a healthy basis for scientific communities.

• Journal of Bio-Environment Control
• /
• v.10 no.4
• /
• pp.232-236
• /
• 2001

Four air temperature levels of 23, 25, 27 and 29$^{\circ}C$, three humidity levels of 85, 90 and 95% R.H. at photosynthetic photon flux (PPF) of 50 $\mu$mol.m$^{-2}$ .s$^{-1}$ were provided to investigate the effect of vapor pressure deficit on the evapotranspiration rate (EVTR) and graft-taking of watermelon grafted seed-increase. Thus EVTR of grafted seedlings increased with increasing air temperature at high humidity of 95%R.H. At relatively low humidity of 85% R.H., grafted seedlings showed a high EVTR and some wilting of scions was observed at this condition. This result would be ascribed to the low supply of water to vascular bundles according to the insufficient joining of scions and rootstocks. Differences in EVTR between 90% R.H. and 95% R.H. were not observed. Grafted seedlings showed high graft-taking at high relative humidity. Relative humidity had highly influenced to the graft-taking as compared to the air temperature. Graft-taking increased with decreasing vapor pressure deficit. Graft-taking greater than 90% was found at vapor pressure deficit less than 0.4kPa which could be obtained at humidity higher than 90% R.H. Therefore it is required to control the humidity higher than 90% R.H. for suppressing EVTR of grafted seedlings and preventing some wilting of scoins and thus enhancing the graft-taking of grafted seedlings.

• Korean Security Journal
• /
• no.48
• /
• pp.79-111
• /
• 2016

This study aims at analyzing the global trend of standardization in the field of Industrial Security through ISO/TC 292. It covers broad areas from risk management for industrial property protection and loss prevention through supply chain security, product and document fraud and counterfeiting countermeasures and control and community resilience. It also explores the historical background of the standardization in the security field, how ISO TC 292 came out as a leading group in order to standardize relevant security management systems. TC 292 deals with terminology, general security-related standards and supply chain security management. One of the major findings from this analysis is that security targets and threats are diversified and so organizations like enterprises should have proper flexibility to adapt themselves to new security environment and take appropriate resilience system to cope with the threats and incidents. Also the ISO standardization requires public or private entities to take holistic approaches in security management. Finally, it was found that South Korea has to prepare for this global trend of standardization in this field so that ISO certification market demand and the requirements for transnational trades can be well met.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.4
• /
• pp.635-643
• /
• 2014

Most of the web-based services are provided by a web browser. A web browser receives a text-based web page from the server and translates the received data for the user to view. There are a myriad of add-ons to web browsers that extend browser features. The browser's add-ons may access web pages and make changes to the data. This makes web-services via web browsers are vulnerable to security threats. A web browser stores web page data in memory in the DOM structure. One method that prevents modifications to web page data applies hash values to certain parts in the DOM structure. However, a certain characteristic of web-pages renders this method ineffective at times. Specifically, the user-input data is not pre-determined, and the hash value cannot be calculated prior to user input. Thus the modification to the data cannot be prevented. This paper proposes a method that both detects and inhibits any attempt to change to user-input data. The proposed method stores user-input from the keyboard and makes a comparison with the data transmitted from the web browser to detect any anomalies.