• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.05a
• /
• pp.580-583
• /
• 2013

하드웨어, 소프트웨어 등 각종 IT 자원을 필요한 만큼 빌려서 사용하고 사용한 정도에 따라 과금이 되는 클라우드 컴퓨팅이 대중적으로 보급됨에 따라 공공 서비스에서의 클라우드 컴퓨팅 활용방안에 대해서 관심이 증가하고 있다. 따라서 다수의 사용자가 하나의 공공 클라우드 스토리지를 사용하는 환경에 적합한 안전하고 효율적인 데이터 관리의 중요성이 요구되고 있다. 그러나 신원이 불분명한 사용자의 공공 클라우드 스토리지 무단접근과 악의적인 목적으로 공공 클라우드에 악성코드가 추가된 데이터의 업로드 및 데이터 위변조 등의 다양한 위협이 존재한다. 따라서 본 논문에서는 공공 클라우드 환경에 적합한 안전한 데이터 관리 기법에 대해 제안한다. 제안하는 기법은 공공 클라우드 서버로부터 인증정보를 전송받아 구성원임을 증명받고, 전송받은 서버 인증정보를 바탕으로 사용자 인증값을 생성하여 데이터와 함께 저장하여 데이터를 보호한다. 따라서 신원이 불분명한 사용자의 접근을 막고, 악의적인 데이터의 클라우드 스토리지 저장을 방지하고, 추가적으로 데이터의 출처를 명확하게 하여 공공 클라우드 스토리지의 신뢰성을 높일 수 있다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.10d
• /
• pp.18-21
• /
• 2007

콘텐츠의 다양화로 인해 콘텐츠의 관리를 위해 CMS(contents Management System)가 다양하게 운영되고 있다. 현재 CMS들은 단지 소속회원들을 기반으로 DRM기술을 적용하여 콘텐츠 저작권을 보호하고 있다. 따라서 콘텐츠의 글로벌 사용이 제한되고 상호운용이 불가능하고 콘텐츠의 원천적 저작권보호가 불가능하다. 따라서 이 논문에서는 저작권 보호를 위하여 공개키 기반의 라이선스관리 모듈을 설계하였으며 이를 기반으로 콘텐트 암호화하는 패키저 모듈, 암호화된 콘텐트를 복호화하는 언 패키저 모듈, 콘텐트 공유서버 및 클라이언트 모듈을 설계하였다. 이기종간의 CMS는 트랜젝션 서버를 통해 통합 메타데이터를 공유하며 통합 CMS를 운영하여 다양한 콘텐츠를 다양한 CMS에서도 활용 가능하도록 제안하였으며 웹 콘텐츠 인증코드를 이용한 DRM 기술을 기반으로 콘텐츠 사용 제한 및 저작권 보호를 지원한다.

• Convergence Security Journal
• /
• v.12 no.3
• /
• pp.53-58
• /
• 2012

Network Access Control System that is one of the efforts to protect the information of internal applies to effectively control of insider and automatic network management and security. However, it has some problems : spoofing the authorized PC or mobile devices, connect to the internal network using a system that authorized users are away. In addition, information leakage due to malicious code in the same system. So in this paper, Network 2-Factor Access Control System based on RFID security control system is proposed for safety communication environment that performing a two-factor authentication using authorized user and devices to connect to the internal network.

• Journal of the Korea Society of Computer and Information
• /
• v.6 no.4
• /
• pp.146-153
• /
• 2001

A new password authentication method Is proposed in this paper for the purpose of providing web page authors the convenience in deploying password-protected Web realms at a web server. According to this method. a web realm is mapped to a secret directory at the web server. in which access-controlled web pages are stored. A password is used to construct the name of the secret directory. A javaScript code is embedded in a sign-in web pageoutside the secret directory, which converts the user-entered password into the directory name and forms a complete URL pointing to an access-controlled web page inside the secret directory. Thus, only users knowing the password can compose a valid URL and retrieve the access-controlled web page. Using this method, web page authors can deploy password-protected web realms in a server-independent manner.

• Journal of Korea Society of Industrial Information Systems
• /
• v.25 no.3
• /
• pp.21-30
• /
• 2020

With the widespread of smartphones, the Quick response (QR) code became one of the most popular codes. In this paper, a new type of QR code is proposed to increase the storage capacities and also to contain private information by changing the colors and the shape of patterns in the codes. Then, for a variety of applications of the printed QR codes, this paper proposes an efficient authentic certification system, which is built on an conventional CNN (Convolutional neural network) architecture - VGGNet and classifies authentic or counterfeit with smartphones, easily. For authentic codes, the proposed system extracts the embedded private information. Through practical experiments with a printed QR code, it is shown that the proposed system can classify authentic or counterfeit code, perfectly, and also, are useful for extracting private information.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.6
• /
• pp.281-288
• /
• 2014

QR code (abbreviated from Quick Response Code) is code system that is strong in against to apply image processing techniques (skew, warp, blur, and rotate) as QR codes can store several hundred times the amount of information carried by ordinary bar codes. For this reason, QR code is used in various fields, e.g., air ticket (boarding control system), food(vegetables, meat etc.) tracking system, contact lenses management, prescription management, patient wrist band (patient management) etc. In this paper, we proposed reversible data hiding for binary images. A reversible data hiding algorithm, which can recover the original image without any distortion from the marked (stego) image after the hidden data have been extracted, because it is possible to use various kinds of purposes. QR code can be used to generate by anyone so it can be easily used for crime. In order to prevent crimes related QR code, reversible data hiding can confirm if QR code is counterfeit or not as including authentication information. In this paper, we proved proposed method as experiments.

• Journal of Internet Computing and Services
• /
• v.21 no.4
• /
• pp.25-34
• /
• 2020

In the current medical information system, a system environment is constructed in which Biometric data generated by using IoT or medical equipment connected to a patient can be stored in a medical information server and monitored at the same time. Also, the patient's biometric data, medical information, and personal information after simple authentication using only the ID / PW via the mobile terminal of the medical staff are easily accessible. However, the method of accessing these medical information needs to be improved in the dimension of protecting patient's personal information, and provides a quick authentication system for first aid. In this paper, we implemented an automatic authentication system based on the patient's situation and evaluated its performance. Patient's situation was graded into normal and emergency situation, and the situation of the patient was determined in real time using incoming patient biometric data from the ward. If the patient's situation is an emergency, an emergency message including an emergency code is send to the mobile terminal of the medical staff, and they attempted automatic authentication to access the upper medical information of the patient. Automatic authentication is a combination of user authentication(ID/PW, emergency code) and mobile terminal authentication(medical staff's role, working hours, work location). After user authentication, mobile terminal authentication is proceeded automatically without additional intervention by medical staff. After completing all authentications, medical staffs get authorization according to the role of medical staffs and patient's situations, and can access to the patient's graded medical information and personal information through the mobile terminal. We protected the patient's medical information through limited medical information access by the medical staff according to the patient's situation, and provided an automatic authentication without additional intervention in an emergency situation. We performed performance evaluation to verify the performance of the implemented automatic authentication system.

• Journal of Digital Convergence
• /
• v.18 no.11
• /
• pp.227-232
• /
• 2020

The one of the biggest challenges in using e-mail is that it is difficult to filter out unconfirmed senders. Therefore, in this study, an email group authentication API was designed using blockchain technology, which has been widely used as an authentication method. As the proposed model, the node-node weighting index was obtained through the relationship association network, and after designing the email reliability model, the reliability calculation model of the Rotten Tomato method was obtained. Based on this, the system structure was designed, chain code methods were defined, and API was developed. Through this study, it is expected that it will be used in various fields requiring authentication as well as email user authentication, and it is expected that the relationship of group authentication can be proved by allowing a large number of users to use the API in the future.

• The Journal of the Acoustical Society of Korea
• /
• v.23 no.3
• /
• pp.228-234
• /
• 2004

In this paper, we proposed the compensation technique that overcomes the limitations of the conventional approaches through summing up the bias terms between world's codebook and individual codebook vectors of feature parameters. But, mean compensation without condition can bring higher false acceptance. Therefore, the proposed technique compensates the channel mis-match condition by weighted bias sum using nonlinear function regarding to the distortion between speech and silence. The simulation results show that the FRR (flase reject rate) is decreased 14.95% when the proposed algorithm was applied.

• The Journal of the Korea Contents Association
• /
• v.16 no.8
• /
• pp.90-96
• /
• 2016

The 3390 million people, around 83% of the adult population in Korea use smartphone. Although the safety problem of the certificate has been occurred continuously, most of these users use the certificate. These safety issues as a solution to 'The owner of a mobile phone using SMS authentication technology', 'Biometric authentication', etc are being proposed. but, a secure and reliable authentication scheme has not been proposed for replace the certificate yet. and there are many attacks to steal the certificate and private key. For these reasons, security experts recommend to store the certificate and private key on usb flash drive, security tokens, smartphone. but smartphones are easily infected malware, an attacker can steal certificate and private key by malicious code. If an attacker snatchs the certificate, the private key file, and the password for the private key password, he can always act as valid user. In this paper, we proposed a safe way to keep the private key on smartphone using smartphone's unique information and user password. If an attacker knows the user password, the certificate and the private key, he can not know the smart phone's unique information, so it is impossible to use the encrypted private key. Therefore smartphone user use IT service safely.