• The KIPS Transactions:PartD
• /
• v.10D no.6
• /
• pp.1033-1040
• /
• 2003

In order to provode information services on M-Commerce, a payment solution with security function should be required. User's mobile terminals for using M-Commerce services are diversifying to cellular phone, PDA, Smart phone etc. Among them, intergration of PDA's interface and mobile connection overcomes the weak point of existing cullular phone depending on information via the internet. In this paper, the protocol for a credit card transaction on PDA using ECC is presented. Secure Card module on this protocol encrypts user's information such as private information, delivery information and credit card information and store them on PDA in order to free from inputting information whenever it is used. This scheme also offers security services on M-Commerce including authentication, confidentiality, integration, non-repudiation and so on.

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.47-52
• /
• 2015

The aim of this study is to suggest the effective protocol to manage the obese children using the data based on PAPS(Physical Activity Promotion System). In the school, there are a lot of efforts for the management of increasing obese children through the data obtained from PAPS which is conducted annually includes the assessment of obesity. But the follow-up of obese children was not effective due to the workload of teachers and the lack of available manpower. For more active and systematic management, the combination of a smart device transfer in the existing ways for facilitating access to the information is more effective. The information of obese children such as fitness, health, and obesity automatically will be sent in web-PAPS, And when personalized exercise prescription, proper nutrition education for obesity are shared with their parent, it will be more effective in weight management.

• Convergence Security Journal
• /
• v.12 no.2
• /
• pp.107-113
• /
• 2012

Recently, according to the establishment of personal information protection Act, the public and private organizations are taking a step to protect personal information rights and interests by employing the technical methods such as the access control mechanism, cryptography, etc. The result of the personal information leakage causes a serious damage for the organization image and also has to face with the responsibility by law. However, applying access control and cryptographic approach on the personal information item for every connection to large database system causes significant performance degradation in a large database system. In this paper, we designed and implemented the light weight system using JVM (Java Virtual Machine) for the Oracle DBMS environment which the concurrent transaction occurs many, thereby the proposed system provides the minimum impact on the system performance and meets the need of personal information protection. The proposed system was validated on the personal information protection system which sits on a 'A' public organization's portal site and personnel information management system.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.7 no.7
• /
• pp.1471-1477
• /
• 2003

In order to realize the Gbps VPN system, however, newer and more advanced technologies are required to enable wire-rate processing across a wide range of functions and layers. While it is generally accepted that a software soluTion on general-purpose processors cannot scale to process these functionsa wire rate, the KEY POINT is that a software solution on general-purpose processors is the most practical way by which these security allocationscan be developed. Many of these security functions require application layer processing on the content of the packets, and the very nature of application layer software development is characterized by relatively large code size with a high need for portability an flexibility. We have analysed the consideration and specification for realizing Gbps VPN system. from this work. we can obtain a technology of originality.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.285-288
• /
• 2010

Chinese hackers hack the e-commerce site by bypass South Korea IP to connect to the third country, finance damaging a violation incident that fake account. 7.7.DDoS attack was the case of a hacker attack that paralyzed the country's main site. In this paper, the analysis is about vulnerabilities that breaches by hackers and DDoS attacks. Hacker's attacks and attacks on the sign of correlation analysis is share the risk rating for in real time, Red, Orange, Yellow, Green. Create a blacklist of hackers and real-time attack will be studied security and air conditioning systems that attacks and defend. By studying generate forensic data and confirmed in court as evidence of accountability through IP traceback and detection about packet after Incident, contribute to the national incident response and development of forensic techniques.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.5
• /
• pp.19-24
• /
• 2019

The development of ICT technology has a huge impact on the existing closed CCTV security equipment market. With the importance of video data particularly highlighted in areas such as self-driving cars, unmanned vehicles and smart cities, various technologies using video are emerging. In this paper, we proposed a method to transmit videos and metadata as a part of smart city integration, and to solve the traffic, environment and security problems caused in urban life by utilizing the metadata instead of using CCTV videos for simple recording purposes, and reverse tunneling technique was designed and implemented as a method for accessing CCTV videos for vehicles from remote locations. Integrated management of CCTV videos and metadata for vehicles that have been used only for limited purposes in closed environments will enable efficient operation of integrated centers in real time required by smart cities, such as vehicle status check, road conditions and facility management.

• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.11-18
• /
• 2017

Now the ways in which information is exchanged by computers are changing, a variety of this information exchange method also requires corresponding change of responding to an illegal attack. Among these illegal attacks, the IP spoofing attack refers to the attack whose process are accompanied by DDoS attack and resource exhaustion attack. The way to detect an IP spoofing attack is by using traceback information. The basic traceback information analysis method is implemented by comparing and analyzing the normal router information from client with routing information existing in routing path on the server. There fore, Such an attack detection method use all routing IP information on the path in a sequential comparison. It's difficulty to responding with rapidly changing attacks in time. In this paper, all IP addresses on the path to compute in a coordinate manner. Based on this, it was possible to analyze the traceback information to improve the number of traceback required for attack detection.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.12
• /
• pp.498-506
• /
• 2018

Recently, the US commanded a wargame simulation system of a combined ROK-US exercise with single federation. However, after the OPCON transfer, many limitations to the single federation have been cited such as security policies and information protection. We suggest a hierarchical federation as a way to overcome these problems. Regarding HLA rules, the participants use the same FOM and RTI in single federation. There are limitations to implement CI in applying heterogeneous FOMs and RTIs in current single federation. Therefore, we propose implementing CI with heterogeneous FOMs and RTIs in a hierarchical federation. This system overcomes the weaknesses of the system structure, which is a disadvantage of the single federation. In the federation test, we can apply heterogeneous FOMs and RTIs and achieve similar performance to the current combined exercise simulation. In conclusion, ROK should lead the simulation system of combined exercises using the CI after the OPCON transfer.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.91-103
• /
• 2004

The survey of network firewall system has been focused on the deny policy that protects information from the unlicensed and the intrusion detection system. Government has solved several firewall problems as building the intranet separated from the intranet. However, the new firewall system would been satisfied both the denialpolicy and information share with the public, according as government recently emphasizes electronic service. Namely, it has to provide the functions such as the information exchange among divisions, partial share of information with the public, network connection and the interception of illegal access. Also, it considers the solution that protects system from hacking by inner user and damage of virus such as Worm. This Paper suggests the protects information system using the intrusion prevention system and role-based security policy to support the partial opennessand the security that satisfied information share among governments and public service.

• KIPS Transactions on Computer and Communication Systems
• /
• v.12 no.6
• /
• pp.197-208
• /
• 2023

In the coming future, anyone using the Internet will have more than one NFT. Unlike FT, NFT can specify the owner, and tracking management is easier than FT. Even in the 2022 survey, WPA2 is the most widely used wireless protocol worldwide to date. As it is a protocol that came out in 2006, it is a protocol with various vulnerabilities at this time. In order to use WPA2-EAP or WPA3 (2018), which were released to compensate for the vulnerabilities of WPA2, additional equipment upgrades are required for STA (station) and AP (access point, router), which are connected devices. The use of expensive router equipment solves the security part, but it is economically inefficient to be introduced in Small Office Home Office (SOHO). This paper uses NFT as a means of authentication and uses the existing WPA2 as it is without equipment upgrade, defend crack tools of WPA2 that have been widely used so far and compared to the existing WPA2, it was shown that it was not difficult to actually use them in SOHO.