• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.905-914
• /
• 2015

Once information security solution is implemented, it requires many services other than just general user management, such as malicious code analysis and security updated for consistent security against external threats or attacks, analysis of threat and attack, effectivity management of obtained security assurance, and advisory activities of security technical professionals. However, even if information security solutions provide those extra services, they are not properly treated in real market. Thus, for the security sustainable services, this study analyzes the service status of domestic information security, and suggest policy measure of price which could reflected the characteristics of information security solutions.

• KIISE Transactions on Computing Practices
• /
• v.23 no.9
• /
• pp.535-541
• /
• 2017

Today, the scale of the computer software market has increased, and massive sized software has been developed to satisfy diverse requirements. In this context, software complexity is increasing and the quality of software is becoming more difficult to manage. In particular, software reuse is important for the improvement of the environments of legacy systems and new system development. In this paper, we propose a method to reuse modules that are certified by quality. Reusable levels are divided into code area (method, class, and component), project domain, and business levels. Based on the coupling and cohesion of software complexity, we propose a reusable module extraction mechanism with reusability metrics, which constructs a visualization of the "reusable module's chunk" based on the method and class levels. By applying reverse engineering to legacy projects, it is possible to identify reusable modules/objects/chunks. If these modules/objects/chunks are to be reused to develop an extension system or similar new system, we need to ensure software reliability in order to reduce the time and cost of software development.

• Journal of the Korea Computer Industry Society
• /
• v.4 no.4
• /
• pp.547-552
• /
• 2003

In this thesis, interference phenomena of bluetooth networks requiring Security were minimized; strengthened security of piconet by assigning an identical PIN code to bluetooth devices, which was establishing a specific piconet during authentication stage. To establish a bluetooth piconet system. an unique ID was assigned to each bluetooth device, communication algorithms having different data formats between devices was designed, and an embedded hardware module using ARM processor and uCOS-II RTOS was implemented. About 30% of CPU efficiency in the module was increased by modifying functions including block parameters to work as nonblocking; by the increased efficiency of total piconet, the module could be used as an access point. The module could transmit maximum 10 frames of image and also audio signal by switching the packet effectively according to channel condition. By above-mentioned process, video, audio, and data could be well transmitted by the bluetooth managing program and the possibility of a commercial remote control system using bluetooth technology was suggested.

• The Journal of the Korea Contents Association
• /
• v.14 no.12
• /
• pp.565-573
• /
• 2014

We have various e-commerce like on-line banking, stock trading, shopping using a PC or SmartPhone. In e-commerce, two parties use the certificate for identification and non-repudiation but, the attack on the certificate user steadily has been increasing since 2005. The most of hacking is stealing the public certificate and private key files. After hacking, the stolen public certificate and private key file is used on e-commerce to fraud. Generally, the private key file is encrypted and saved only with the user's password, and an encrypted private key file can be used after decrypted with user password. If a password is exposed to hackers, hacker decrypt the encrypted private key file, and uses it. For this reason, the hacker attacks user equipment in a various way like installing Trojan's horse to take over the user's certificate and private key file. In this paper, I propose the management method to secure private key of PKI using One Time Password certification technique. As a result, even if the encrypted private key file is exposed outside, the user's private key is kept safely.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.11
• /
• pp.196-201
• /
• 2016

Digital watermarking is a technique used to hide information within digital media. Digital watermarking techniques can be classified as either robust watermarking or fragile watermarking. Robust watermarking techniques are generally used for the purpose of copyright protection. In addition, fragile watermarking techniques are used for the authentication and integrity verification of a digital image. Therefore, fragile watermarks should be easily breakable for trivial tampering of a watermarked image. This paper proposes an efficient fragile watermarking method for image tamper detection in the spatial domain. In the proposed method, a hash code and symmetric key encryption algorithm are used. The proposed method of inserting a watermark by dividing the original image into many blocks of small sizes is not weak against attacks, such as cut and paste. The proposed method can detect the manipulated parts of a watermarked image without testing the entire block of the image.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.849-858
• /
• 2013

In today's mobile computing environment, there are many threats, such as device loss or theft, malware, to the sensitive information stored on end user device. To prevent disclosure of information, encryption and authentication method are properly adjusted to the device. In cryptographic file systems, CBC mode of operation has been commonly used. It requires an IV need not be secret, but must be unpredictable and protect integrity of the IV. In this paper, we propose file system-level encryption mechanism with HSM that satisfy the requirement of the IV and improve the performance. Moreover, Design and experimental results prove the efficiency of our proposed method.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.40 no.2
• /
• pp.146-156
• /
• 2012

In-flight icing remains as one of the most persistent hazards for aircraft operations. The effect of icing on aircraft performance and safety has to be evaluated during the development and airworthiness certification process. The scaling method is a procedure to determine the scaled test conditions in icing wind tunnels in order to produce the same result as when the reference model is exposed to the desired cloud conditions. In this study, a scaling program is developed to provide an easy-to-use tool to the aero-icing community. The Olsen and Ruff 4th methods are employed for this purpose and the velocity is calculated by matching the dimensionless Weber number. To validate the program, the results are compared with the NASA scaling results. The scaling examples based on FAR (Federal Aviation Regulation) Part 25 Appendix C are also presented. Finally, a validation study using a state-of-the-art icing simulation code FENSAP-ICE is presented.

• Journal of Convergence Society for SMB
• /
• v.1 no.1
• /
• pp.29-37
• /
• 2011

As the area of informatization has been expanding followed by the development of information communication technology, cloud computing which can use infra sources like server, storage, and network in IT area as an efficient service whenever and wherever skyrockets. But users who use cloud computing technology may have some problems like exposure personal data, surveillance on person, and process on commercial purpose on their personal data. This paper proposes a security technique which protect user's privacy by creating imaginary user information not to be used by other people. The proposed technique virtualizes user's information as an anonymity value not to let other people know user's identity by combining PIN code with it and guarantees user's anonymity. Also it can manage and certificate personal information that is important in cloud computing, so that it can solve security problem of cloud computing which centers all informations. Therefore this paper can assist upgrading of the level of information of poor SMBs through safe use of cloud computing.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.1
• /
• pp.109-116
• /
• 2018

This paper describes an area-efficient design of SHA-256 hash function that is widely used in various security protocols including digital signature, authentication code, key generation. The SHA-256 hash processor includes a padder block for padding and parsing input message, so that it can operate without software for preprocessing. Round function was designed with a 16-bit data-path that processed 64 round computations in 128 clock cycles, resulting in an optimized area per throughput (APT) performance as well as small area implementation. The SHA-256 hash processor was verified by FPGA implementation using Virtex5 device, and it was estimated that the throughput was 337 Mbps at maximum clock frequency of 116 MHz. The synthesis for ASIC implementation using a $0.18-{\mu}m$ CMOS cell library shows that it has 13,251 gate equivalents (GEs) and it can operate up to 200 MHz clock frequency.

• Journal of Digital Convergence
• /
• v.12 no.10
• /
• pp.299-308
• /
• 2014

Today, a number of users using smartphone is very rapidly increasing by development of smartphone performance and providing various services. Also, they are using it for enjoying various services(cloud service, game, banking service, mobile office, etc.). today's mobile security solution is simply to detect malicious code or stay on the level of mobile device management. In particular, the services which use sensitive information, such as certificate, corporation document, personal credit card number, need the technology which are prevented from hacking and leaking it. Recently, interest of these mobile security problems are increasing, as the damage cases been occurred. To solve the problem, there is various security research such as mobile virtualization, ARM trustzone, GlobalPlatform for mobile device. Therefore, in this paper, I suggested efficient method that uses the mobile virtualization techniques of certification, security policy and access control, password/key management, safe storage, etc. and Trustzone of ARM for preventing information leakage and hacking.