• Journal of Advanced Navigation Technology
• /
• v.22 no.2
• /
• pp.133-140
• /
• 2018

In recent years, model-based design techniques have been used as a way to support cost reduction and safety certification in the development of avionics systems. In order to support performance analysis and safety analysis of aircraft and avionics equipment (item) using model based design, we developed a multi-domain simulation environment that inter-works with heterogeneous simulators. We present a multi-domain simulation environment that can verify air data computers and integrated multi-function probes at the aircraft level. The model was developed by Simulink and the flight simulator X-Plane 10 was used to verify the model at the aircraft level. Avionics model functions were tested at the aircraft level and the air data errors of the model and flight simulator were measured within 0.1%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.6
• /
• pp.121-130
• /
• 2007

In this paper, we propose a reversible watermarking scheme in the JPEG compression domain. The reversible watermarking is useful to authenticate the content without the quality loss because it preserves the original content when embed the watermark information. In the internet, for the purpose to save the storage space and improve the efficiency of communication, digital image is usually compressed by JPEG or GIF. Therefore, it is necessary to develop a reversible watermarking in the JPEG compression domain. When the watermark is embedded, the lossless compression was used and the original image is recovered during the watermark extracting process. The test results show that PSNRs are distributed from 38dB to 42dB and the payload is from 2.5Kbits to 3.4Kbits where the QF is 75. Where the QF of the Lena image is varied from 10 to 99, the PSNR is directly proportional to the QF and the payload is around $1.6{\sim}2.8Kbits$.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.27-38
• /
• 2007

One of the most important security issues of e-mail service is user privacy. Currently, various security protocols, like PGP(pretty Good Privacy), S/MIME(Secure/Multipurpose Internet Mail Extension), have been proposed. These protocols, however, do not provide forward secrecy. Recently, some security protocols that provide forward secrecy were proposed. But all of them require changes to the current e-mail infrastructure. Moreover, contrary to authors' intention, some of them do not actually provide perfect forward secrecy. In this paper, we propose a new practical e-mail security protocol. The proposed protocol provides perfect forward secrecy and uses a practical e-mail model that dose not require any changes to existing e-mail servers. It encrypts and authenticates messages efficiently using elliptic curve based signcryption scheme. In addition, we provide a way to send secure group e-mails.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.81-92
• /
• 2009

Recently, there is a drastic increase in users interested in real-time multimedia services in the WLAN environment, as the demand of IEEE 802.11 WLAN-based services increases. However, the handoff delay based on 802.11i security policy is not acceptable for the seamless real-time multimedia services provided to MS frequently moving in the WLAN environment, and there is a possibility of DoS attacks against session key derivation process and handoff mechanism. In this paper, a secure and efficient handoff mechanism in the centralized WLAN environment is introduced to solve the security problems. The 4-way Handshake for both mutual authentication and session key derivation is replaced by the 2-way Reassociation process.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.6
• /
• pp.47-58
• /
• 2002

The access control techniques, which can control unauthorized members to access to multicast service, have not been studied very often while there are a lot of on-going study on secure multicast architecture, multicast key distribution and sender authentication scheme have been studied. Multi level access control scheme in multicast can be used in a remote secure conference or to provide graduated multimedia services to each customers. In fact, multicast network has its own virtual networks according to different security levels. However, Early schemes are not effective when it protects unauthorized access in multi-access network environment. Furthermore this scheme does not provide us with hierarchical access control mechanism. This paper, therefore, proposes hierarchical access control scheme to provide the effectiveness in network layer by security level comparison. And we also suggests hierarchical key distribution scheme for multi level access control in application layer and effective hierarchical key renewal scheme in dynamic multicast environment which is easy to join and leaving the multicast group.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.2
• /
• pp.83-90
• /
• 2011

Recently, pairings over elliptic curve have been applied for various ID-based encryption/signature/authentication/key agreement schemes. For efficiency, the $Eta_T$ pairings over GF($P^n$) (P = 2, 3) were invented, however, they are vulnerable to side channel attacks such as DPA because of their symmetric computation structure compared to other pairings such as Tate, Ate pairings. Several countermeasures have been proposed to prevent side channel attacks. Especially, Masaaki Shirase's method is very efficient with regard to computational efficiency, however, it has security flaws. This paper examines closely the security flaws of RVA-based countermeasure on $Eta_T$ Pairing algorithm from the implementation point of view.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.31-40
• /
• 2010

The evolution of internet have opened the world of IPTV. With internet protocol, IPTV broadcasts contents stream. The IP protocol doesn't provide secure service due to IP characteristics. So, it is important to provide both connect and secure service. Conditional Access System and/or Digital Right Management are being used to protect IPTV contents. However, there exist restrictions in the view of security. In this paper, we analyse existing security technologies for IPTV and propose a novel method to enforce security efficiently. In the proposed method, OTP is used for encryption/decryption contents and CAS controls key for encryption/decryption and the right of user. With this scheme, it reduces the load of the system and provides more security.

• Journal of Internet Computing and Services
• /
• v.23 no.4
• /
• pp.1-9
• /
• 2022

Recently, the functions of smart speakers have diversified, and the penetration rate of smart speakers is increasing. As it becomes more widespread, various techniques have been proposed to cause anomalous behavior against smart speakers. Dolphin Attack, which causes anomalous behavior against the Voice Controllable System (VCS) during various attacks, is a representative method. With this method, a third party controls VCS using ultrasonic band (f>20kHz) without the user's recognition. However, since the method uses the ultrasonic band, it is necessary to install an ultrasonic speaker or an ultrasonic dedicated device which is capable of outputting an ultrasonic signal. In this paper, a smart speaker is controlled by generating an audio signal modulated at a frequency (18 to 20) which is difficult for a person to hear although it is in the human audible frequency band without installing an additional device, that is, an ultrasonic device. As a result with the method proposed in this paper, while humans could not recognize voice commands even in the audible band, it was possible to control the smart speaker with a probability of 82 to 96%.

• Journal of Korea Society of Industrial Information Systems
• /
• v.27 no.6
• /
• pp.115-126
• /
• 2022

The purpose of this study is to try to IPA(Importance-Performance Analysis) by applying text mining approaches to user review data for korea mobile banking applications, and to derive priorities for improvement. User review data on mobile banking applications of korea commercial banks (Kookmin Bank, Shinhan Bank, Woori Bank, Hana Bank), local banks (Gyeongnam Bank, Busan Bank), and Internet banks (Kakao Bank, K-Bank, Toss) that gained from Google playstore were used. And LDA topic modeling, frequency analysis, and sentiment analysis were used to derive key attributes and measure the importance and satisfaction of each attribute. Result, although 'Authorizing service', 'Improvement of Function', 'Login', 'Speed/Connectivity', 'System/Update' and 'Banking Service' are relatively important attributes when users use mobile banking applications, their satisfaction is not at the average level, indicating that improvement is urgent.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.7
• /
• pp.1060-1070
• /
• 2022

With the development of information technology, the size of the system has become larger and diversified, and the existing role-based access control has faced limitations. Blockchain technology is being used in various fields by presenting new solutions to existing security vulnerabilities. This paper suggests efficient role-based access control in a blockchain where the required gas and processing time vary depending on the access frequency and capacity of the storage. The proposed method redefines the role of reusable units, introduces a hierarchical structure that can efficiently reflect dynamic states to enhance efficiency and scalability, and includes user-centered authentication functions to enable cryptocurrency linkage. The proposed model was theoretically verified using Markov chain, implemented in Ethereum private network, and compared experiments on representative functions were conducted to verify the time and gas efficiency required for user addition and transaction registration. Based on this in the future, structural expansion and experiments are required in consideration of exception situations.