• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.111-116
• /
• 2007

An eSeal(Electrical Seal) is an active RFID device which installed on the door of a container. The main role of the tag is to make sure the seal is not breaking by unauthorized people. Because an eSeal uses RFID system, we need to prevent eavesdrop and impersonate. Moreover, an eSeal which uses a secure protocol must not be able to duplicate. If duplication resistant property is not provide to a eSeal, an attacker may replace a object in the sealed container and reseal the container with duplicated eseal to hide breaking of the eSeal. In this paper, we provide a protocol which resist duplicate an eSeal during prevent eavesdrop and impersonation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.87-97
• /
• 2023

Containers are an emerging virtualization technology that can build an isolated environment more lightweight and faster than existing virtual machines. For that reason, many organizations have recently adopted them for their services. Yet, the container architecture has also exposed many security problems since all containers share the same OS kernel. In this work, we focus on the fact that an attacker can abuse host resources to make them unavailable to benign containers-also known as host resource exhaustion attacks. Then, we analyze the impact of host resource exhaustion attacks through real attack scenarios exhausting critical host resources, such as CPU, memory, disk space, process ID, and sockets in Docker, the most popular container platform. We propose five attack scenarios performed in several different host environments and container images. The result shows that three of them put other containers in denial of service.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.9
• /
• pp.11-20
• /
• 2020

In this paper, we propose the possibility of using containers in the HPC ecosystem and the criteria for selecting a proper PMI library. Although demand for container has been growing rapidly in the HPC ecosystem, Docker container which is the most widely used has a potential security problem and is not suitable for the HPC. Therefore, several HPC containers have appeared to solve this problem and the chance of performance differences also emerged. For this reason, we measured the performance difference between each HPC container and Docker container through NAS Parallel Benchmark experiment and checked the effect of the type of PMI library. As a result, the HPC container and the Docker container showed almost the same performance as native, or in some cases, rather better performance was observed. In the result of comparison between PMI libraries showed that PMIx was not superior to PMI-2 in all conditions.

• Journal of Navigation and Port Research
• /
• v.41 no.3
• /
• pp.119-126
• /
• 2017

As container vessels get larger, container terminals are also likely to grow. The problem that arises is that the growing volume should be handled in the same amount of time as before. Container terminals are introducing an automation system in order to overcome the limitations of existing manual methods and to continuously reduce operating expenses. Because, Manual handling of carrying containers gate in and out of terminals causes inaccurate data, which results in confusion. An alternative is for containers to be labeled with barcodes that can be scanned into a system with a scanner, but this takes quite a long time and is inconvenient. A RFID system, also known as a gate automation system, can solve these problems by reducing the time of gate management with a technology that detects number identification plates, helping operators more efficiently perform gate management work. Having said that, with this system, when container damage is detected, gate operators make and keep documents manually. These documents, which are insufficient evidence in proving container damage, result in customer claims. In addition, it is difficult for gate operators and other workers to manage containers, exposing them to danger and accidents. This study suggests that if an automation system is introduced at gates, containers can be managed by a video storage system in order to better document damage The video system maintains information on container damage, allowing operators the ability to search for videos they need upon customer request, also allowing them to be better prepared for customer claims. In addition, this system reduces necessary personnel and risk of accidents near gates by integrating a wide range of work.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.375-378
• /
• 2017

Shipping and logistics safety, security system is strengthening worldwide, the development of shipping and logistics safety security core technology for national security logistics system construction has been carried out. In addition, it is necessary to localize the Array Detection System, which is a core component of the container search machine, to cope with the 100% pre-inspection of the container scheduled for 2018 in the United States. In this paper, we propose a study on a self-developed Digital Signal Processing Board among the array detection systems that replace foreign products.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.379-382
• /
• 2017

Shipping and logistics safety, security system is strengthening worldwide, the development of shipping and logistics safety security core technology for national security logistics system construction has been carried out. In addition, it is necessary to localize the Array Detection System, which is a core component of the container search machine, to cope with the 100% pre-inspection of the container scheduled for 2018 in the United States. In this paper, we propose a test software program developed by using TI-RTOS (Texas Instruments - Real Time Operating System) with a test digital signal processing board which is developed self development.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2009.06a
• /
• pp.192-193
• /
• 2009

세계 항만환경은 초대형 컨테이너선의 등장이후, 허브 & 스포크(Hub & Spoke)의 형태로 급속히 변화하고 있다. 이에 해외 선진항만들은 중심항만으로서 자리매김하기 위해 자동화 컨테이너터미널을 구축하는 등 생산성 향상을 위한 노력을 하고 있으나, 국내의 경우 자동화 컨테이너터미널에 관한 연구, 그중 자동화 게이트시스템에 대한 연구는 상대적으로 미흡한 실정이다. 본 연구에서는 자동화 게이트시스템을 구축 시, 최적 기술 대안을 선정하기 위해 국내 외 게이트 운영현황과 관련 기술들의 분석함으로써 자동화 게이트시스템 구축 시 필요한 기술을 도출하다. 그 결과를 컨테이너터미널 운영사의 기술 담당자들을 대상으로 현재 게이트시스템의 만족도와 문제점 그리고 향후 게이트시스템 구축 시 사용하고자 하는 기술과 기대효과를 찾고자 하였다. 하지만 1차 설문결과 내용만으로는 어떤 요소 기술이 사용자가 요구하는 기대효과를 만족시킬 수 있는 최적 기술 대안인지 제시하기 힘들었다. 이를 보완하기 위한 방법으로 정성적인 주관적 평가요소를 객관화하여 각 평가기준에서 나타나는 적용상의 한계를 해결할 수 있는 방법인 AHP 기법을 활용하였으며, 최종적으로 생산성 보안성, 경제성 3가지 평가 기준을 고려하여 최적 기술 대안을 선정한 결과 RFID가 최적의 기술대안으로 평가되었다.

• Journal of Navigation and Port Research
• /
• v.34 no.10
• /
• pp.807-815
• /
• 2010

This study analyzed the correlation between RFID acceptance intention and application, and as a result, extracted the technical stability, system quality and security of RFID as factors that affect the intention of receiving RFID in container terminal gate through preliminary research. This analysis was done on individuals engaged in container terminals which are in operation by adopting RFID in container terminal gate presently, and by distributing totally 255 copies of questionnaire survey, 248 copies were collected. As a result of statistical analysis of this study, the following conclusions were made: First, the technical stability of RFID acceptance in container terminal gate was not statistically significantly high. Second, the system quality and the security of RFID acceptance in container terminal gate were statistically significantly high. Finally, container terminal gate RFID technology acceptance intention was statistically significantly high in application performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.527-535
• /
• 2023

To develop experts capable of responding to cyber security incidents, numerous institutions have established cyber training facilities to cultivate security professionals equipped with effective defense strategies. However, these challenges such as limited resources, scenario-based content development, and cost constraints. To address these issues, this paper proposes a virtual infrastructure variation generation framework. It provides customized, diverse IT infrastructure environments for each organization, allowing cyber defense trainers to accumulate a wide range of experiences. By leveraging Infrastructure-as-Code (IaC) containers and employing Word2Vec, a natural language processing model, mutable code elements are extracted and trained, enabling the generation of new code and presenting novel container environments.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2024.05a
• /
• pp.241-242
• /
• 2024

컨테이너 오케스트레이션 도구로 쿠버네티스가 가장 많이 사용되고 있으며, 관련 취약점 연구는 DevSecOps 관점에서 4C layer로 분류된 클라우드 보안 계층 중, 클러스터 및 코드 계층에 초점이 맞춰져 왔다. 반면에 클러스터 계층에도 네트워크 정책, 인증 제어, 권한 설정 및 매개변수 설정에 관한 취약점이 존재한다. 이에 본 논문은 취약점을 분석하여 OWASP 10과 접목하여 분류한 뒤 예방법을 제시함으로써 앞으로의 안전한 클러스터 계층 구축에 기여하고자 한다.