• Asia-Pacific Journal of Business Venturing and Entrepreneurship
• /
• v.7 no.2
• /
• pp.63-76
• /
• 2012

The possibility of successful commercialization of technologically innovative products depends on the degree to which consumers select and utilize the product. Therefore, the research that endeavors to find the usage behavior and the acceptance intention of users of technologically innovative products is a very important quest. This study empirically analyzes the factors that influence commercialization of a technologically innovative product: cloud computing. Existing studies examined acceptance intentions by expanding the TAM model and excluded attitude and usage behavior. This study determined attitude, usage behavior and personal characteristics of consumers to be important influencing factors. The results of the empirical analysis are as follows: First, the self-efficacy of personal characteristics had a significant effect on ease of use and acceptance intention and perceived costs had a significant influence on the factors of perceived usefulness and perceived ease of use. Second, research on the systematic characteristics of cloud computing confirmed that security was an important factor affecting acceptance intention while innovativeness was critical to ease of use. Third, of the usage characteristics among users of technologically innovative products, perceived usefulness had an effect on the acceptance and usage behavior of cloud computing, and perceived ease of use had an important influence on perceived usefulness. Currently, when cloud computing services have not yet become widespread to the public, this study proposed meaningful results for policy direction and commercialization strategies by revealing variables that influence acceptance and usage behavior.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.261-273
• /
• 2019

Recently, with the development of IT technology, there is an increasing interest in cloud services as the number of users using mobile devices such as mobile phones and tablets is increasing. However, there is a need for techniques to control or control various methods of accessing data as the user's service demands increase. In this paper, we propose a dual key based user authentication model that improves the user 's authentication efficiency by using two keys (secret key and access control key) to access the users accessing various services provided in the cloud environment. In the proposed model, the operation process and the function are divided through the sequence diagram of the algorithms (key generation, user authentication, permission class permission, etc.) for controlling the access right of the user with dual keys. In the proposed model, two keys are used for user authentication and service authorization class to solve various security problems in the cloud service. In particular, the proposed model is one of the most important features in that the algorithm responsible for access control of the user determines the service class of the user according to the authority, thereby shortening the management process so that the cloud administrator can manage the service access permission information of the user.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.2
• /
• pp.263-279
• /
• 2024

With the increasing trend of Cloud migration, security threats in the Cloud computing environment have also experienced a significant increase. Consequently, the importance of efficient incident investigation through log data analysis is being emphasized. In Cloud environments, the diversity of services and ease of resource creation generate a large volume of log data. Difficulties remain in determining which events to investigate when an incident occurs, and examining all the extensive log data requires considerable time and effort. Therefore, a systematic approach for efficient data investigation is necessary. CloudTrail, the Amazon Web Services(AWS) logging service, collects logs of all API call events occurring in an account. However, CloudTrail lacks insights into which logs to analyze in the event of an incident. This paper proposes an automated analysis framework that integrates Cloud Matrix and event information for efficient incident investigation. The framework enables simultaneous examination of user behavior log events, event frequency, and attack information. We believe the proposed framework contributes to Cloud incident investigations by efficiently identifying critical events based on the ATT&CK Framework.

• Journal of Internet of Things and Convergence
• /
• v.9 no.3
• /
• pp.21-26
• /
• 2023

The development and distribution approach of applications is transitioning from a monolithic architecture to microservices and containerization, a lightweight virtualization technology, is becoming a core IT technology. However, unlike traditional virtual machines based on hypervisors, container technology does not provide concrete security boundaries as it shares the same kernel. According to various preceding studies, there are many security vulnerabilities in most container images that are currently shared. Accordingly, attackers may attempt exploitation by using security vulnerabilities, which may seriously affect the system environment. Therefore, in this study, we propose an efficient automated deployment pipeline design to prevent the distribution of container images with security vulnerabilities, aiming to provide a secure container environment. Through this approach, we can ensure a safe container environment.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.11
• /
• pp.469-478
• /
• 2019

Car-sharing services have been settled on as a new type of public transportation owing to their enhanced convenience, expanded awareness of practical consumption patterns, the inspiration for environmental conscientiousness, and the diffusion of smart phones following the economic crisis. With development of the market, many people have started using such services. However, security is still an issue. Damage is expected since IDs and passwords are required for log-in when renting and controlling the vehicles. The protocol suggested in this study uses bio-information, providing an optimized service, and convenient (but strong) authentication with various service-provider clouds registering car big data about users through brokers. If using the techniques suggested here, it is feasible to reduce the exposure of the bio-information, and to receive service from multiple service-provider clouds through one particular broker. In addition, the proposed protocol reduces public key operations and session key storage by 20% on mobile devices, compared to existing car-sharing platforms, and because it provides convenient, but strong, authentication (and therefore constitutes a secure channel), it is possible to proceed with secure communications. It is anticipated that the techniques suggested in this study will enhance secure communications and user convenience in the future car-sharing-service cloud environment.

• Journal of Internet Computing and Services
• /
• v.25 no.1
• /
• pp.157-166
• /
• 2024

The Army TIGER System, which is being deployed to implement a future combat system, is expected to bring innovative changes to the army's combat methods and comabt execution capability such as mobility, networking and intelligence. To this end, the Army will introduce various systems using drones, robots, unmanned vehicles, AI(Artificial Intelligence), etc. and utilize them in combat. The use of various unmanned vehicles and AI is expected to result in the introduction of equipment with new technologies into the army and an increase in various types of transmitted information, i.e. data. However, currently in the military, there is an acceleration in research and combat experimentations on warfigthing options using Army TIGER forces system for specific functions. On the other hand, the current reality is that research on cyber threats measures targeting information systems related to the increasing number of unmanned systems, data production, and transmission from unmanned systems, as well as the establishment of cloud centers and AI command and control center driven by the new force systems, is not being pursued. Accordingly this paper analyzes the structure and characteristics of the Army TIGER force integration system and makes suggestions for necessity of building, available cyber defense solutions and Army TIGER integrated cyber protections system that can respond to cyber threats in the future.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.21 no.2
• /
• pp.15-26
• /
• 2021

Recently, as the introduction of cloud, mobile, and IoT has become active, there is a growing need for technology development that can supplement the limitations of traditional security solutions based on fixed perimeters such as firewalls and Network Access Control (NAC). In response to this, SDP (Software Defined Perimeter) has recently emerged as a new base technology. Unlike existing security technologies, SDP can sets security boundaries (install Gateway S/W) regardless of the location of the protected resources (servers, IoT gateways, etc.) and neutralize most of the network-based hacking attacks that are becoming increasingly sofiscated. In particular, SDP is regarded as a security technology suitable for the cloud and IoT fields. In this study, a new access control system was proposed by combining SDP and hash tree-based large-scale data high-speed signature technology. Through the process authentication function using large-scale data high-speed signature technology, it prevents the threat of unknown malware intruding into the endpoint in advance, and implements a kernel-level security technology that makes it impossible for user-level attacks during the backup and recovery of major data. As a result, endpoint security, which is a weak part of SDP, has been strengthened. The proposed system was developed as a prototype, and the performance test was completed through a test of an authorized testing agency (TTA V&V Test). The SDP-based access control solution is a technology with high potential that can be used in smart car security.

• Journal of Industrial Convergence
• /
• v.22 no.4
• /
• pp.1-9
• /
• 2024

Smart factories represent production facilities where cutting-edge information and communication technologies are fused with manufacturing processes, reflecting rapid advancements and changes in the global manufacturing sector. They capitalize on the integration of robotics and automation, the Internet of Things (IoT), and the convergence of artificial intelligence technologies to maximize production efficiency in various manufacturing environments. However, the smart factory environment is prone to security threats and vulnerabilities due to various attack techniques. When security threats occur in smart factories, they can lead to financial losses, damage to corporate reputation, and even human casualties, necessitating an appropriate security response. Therefore, this paper proposes a security authentication mechanism for safe communication in the smart factory environment. The components of the proposed authentication mechanism include smart devices, an internal operation management system, an authentication system, and a cloud storage server. The smart device registration process, authentication procedure, and the detailed design of anomaly detection and update procedures were meticulously developed. And the safety of the proposed authentication mechanism was analyzed, and through performance analysis with existing authentication mechanisms, we confirmed an efficiency improvement of approximately 8%. Additionally, this paper presents directions for future research on lightweight protocols and security strategies for the application of the proposed technology, aiming to enhance security.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.14 no.6
• /
• pp.1187-1196
• /
• 2019

Information security has become a major challenge with the advent of cloud and social networking sites. Conventional encryption algorithms might not be suitable for image encryption because of the large data size and high redundancy among the raw pixels of a digital image. In this paper, we generalize the encryption method for of color image proposed by Jeong et al. to color image encryption using parametric 3-dimensional chaotic cat map using Laplace expansion and C-MLCA. Through rigorous experiments, we demonstrate that the proposed new image encryption system provides high security and reliability.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.719-726
• /
• 2015

As big-data and cloud security technologies become popular, many researchers have recently been conducted on faster and lighter encryption. As a result, National Security Research Institute developed LEA which is lightweight and fast block cipher. To date, there have been various studies on lightweight encryption algorithm (LEA) for speeding up using GPU rather than conventional CPU. However, it is rather difficult to explore any guideline how to manipulate the GPU for the efficient usage of the LEA. Therefore, we introduce a guideline which explains how to implement and design the optimal LEA using GPU.