• Journal of Internet Computing and Services
• /
• v.9 no.6
• /
• pp.1-13
• /
• 2008

Trusted Computing is a hardware-based technology that aims to guarantee security for machines beyond their users' control by providing security on computing hardware and software. TPM(Trusted Platform Module), the trusted platform specified by the Trusted Computing Group, acts as the roots for the trusted data storage and the trusted reporting of platform configuration. Data sealing encrypts secret data with a key and the platform's configuration at the time of encryption. In contrast to the traditional data sealing based on binary hash values of the platform configuration, a new approach called property-based data sealing was recently suggested. In this paper, we propose and analyze a new property-based data sealing protocol using the weakest precondition concept by Dijkstra. The proposed protocol resolves the problem of system updates by allowing sealed data to be unsealed at any configuration providing the required property. It assumes practically implementable trusted third parties only and protects platform's privacy when communicating. We demonstrate the proposed protocol's operability with any TPM chip by implementing and running the protocol on a software TPM emulator by Strasser. The proposed scheme can be deployed in PDAs and smart phones over wireless mobile networks as well as desktop PCs.

• Korean Security Journal
• /
• no.53
• /
• pp.211-228
• /
• 2017

In May 2012, the police was empowered to electronically obtain location information of mobile devices from the telecommunication service provides for the purpose of rescue by the Act on the Protection, Use, ETC. of Location Information, after years of pressure with repeated serious violent crime outbreaks and controversy concerning the risk of breaching privacy. This study examines the environmental, legal, and technological challenges related to location tracking at the time of five years after the amendment of the law. The bottom line of police's locating power is to secure the lives of people in deadly emergent circumstance. Therefore, location tracking using given information should be swiftly proceeded after consideration and judgment of justification in timely manner to electronically request information to mobile carriers, and it is necessary to have somewhat flexibility of interpretation to be applied to diverse situation. In addition, location tracking technology should be continuously updated through cooperation with the stake-holders. Recognizing substantial problems in practice, we identified and explored the issues including obtaining prior consent for tracking the user's location in case of emergency, confirmation of emergency situation requiring police presence, qualification of legitimate requester, and limited applicability in various circumstances, which are required to reconsidered in conjunction with the personal information protection laws. Additional practical issues may include the expenses for information provision and other incentives to promote active cooperation by the telecom companies.

• Journal of the Society of Disaster Information
• /
• v.15 no.2
• /
• pp.301-311
• /
• 2019

Purpose and Method: In this study, a questionnaire interview survey was conducted for the victims living in the temporary house by the Pohang earthquake, and improvements were derived. Results: As a result, major improvements in terms of facilities are as follows. First, in order to expand the toilet and cooking space, the existing inner gate and the wall are removed and the width of the toilet is expanded. Minimize the inconvenience by adding a cooking table as wide as the extended toilet. Second, a separate sleep compartment is set up to secure storage space in a limited area. And the storage closet is installed below and used as a storage space. At this time, the size of the sleeping space is set to double bed size. Third, curtains and blinds are installed on both windows to secure privacy, thereby protecting privacy and psychological stability. Conclusion: If the remodeling of the temporary house proposed in this study is utilized and applied, it is possible to provide a better living environment. In addition, it is expected that it will be possible to improve the efficiency of space and overcome existing spatial limitations by minimizing inconveniences reflecting the needs of the victims.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.621-635
• /
• 2012

Although most proposed security schemes have scrutinized their own security models for protecting different types of threats and attacks, this naturally causes a problem as follows-- if a security analysis tool would fit a certain scheme, it may not be proper to other schemes. In order to address this problem, this paper analyzes how security requirements of each paper could be different by comparing with two schemes: Agrawal et al.'s scheme OPES (Order Preserving Encryption Scheme) and Zdonik et al.'s FCE (Fast Comparison Encryption). Zdonik et al. have formally disproved the security of Agrawal et al.'s scheme OPES. Thereafter, some scholars have wondered whether the OPES can guarantee its applicability in a real world for its insecurity or not. However, the analysis by Zdonik et al. does not have valid objectivity because they used the security model INFO-CPA-DB for their scheme FCE to analyze Agrawal et al.'s scheme OPES, in spite of the differences between two schemes. In order to analyze any scheme correctly and apply it to a real world properly, the analysis tool should be comprehensively standardized. We re-analyze Zdonik et al.'s analysis for OPES and then propose general formalizations of security and privacy for all of the encrypted retrieval systems. Finally, we recommend the minimum level of security requirements under our formal definitions. Additional considerations should be also supplemented in accordance with the conditions of each system.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.3
• /
• pp.1740-1748
• /
• 2014

In this paper, we propose an RBAC based personalized health care service platform in order to provide smart management of personal health record using smart devices. It helps to guide healthful service and provide useful information according to one's individual health record. Personalized health care services platform supports a healthy lifestyle by measuring personal health information in a hospital clinical, imaging, and drug data, as well as that can be obtained from smart devices. Everyone can enter his health related data in everyday life such as food, sleeping time, mood, movement and exercise so that one can manage his personal health information of modern smart features. In addition, if necessary, personal health information can be provided to the hospital information system and staff with the consent of the individual. It can be contributed to simplify the complex process for remote medical. The proposed platform, which applies role based access control model to protect security and privacy, supports a smart health care services for users by providing personalized health care services through the smart applications.

• Journal of Digital Convergence
• /
• v.13 no.5
• /
• pp.213-218
• /
• 2015

In parallel with evolving information communication technology, M2M(Machine-to-Machine) industry has implemented multi-functional and high-performance systems, and made great strides with IoT(Internet of Things) and IoE(Internet of Everything). Authentication, confidentiality, anonymity, non-repudiation, data reliability, connectionless and traceability are prerequisites for communication security. Yet, the wireless transmission section in M2M communication is exposed to intruders' attacks. Any security issues attributable to M2M wireless communication protocols may lead to serious concerns including system faults, information leakage and privacy challenges. Therefore, mutual authentication and security are key components of protocol design. Recently, secure communication protocols have been regarded as highly important and explored as such. The present paper draws on hash function, random numbers, secret keys and session keys to design a secure communication protocol. Also, this paper tests the proposed protocol with a formal verification tool, Casper/FDR, to demonstrate its security against a range of intruders' attacks. In brief, the proposed protocol meets the security requirements, addressing the challenges without any problems.

• Journal of the Korean Applied Science and Technology
• /
• v.39 no.5
• /
• pp.692-700
• /
• 2022

In this study, the effect of e-service quality of O2O cosmetic delivery service app on satisfaction and loyalty was investigated. To this end, a total of 210 questionnaires were collected and frequency analysis, exploratory factor analysis, reliability analysis, correlation analysis, and regression analysis were performed using the statistical package SPSS 25.0. The main results are as follows. Efficiency, order fulfillment, system availability, and privacy, which are components of O2O cosmetic delivery service app e-service quality, all had a significant effect on satisfaction and loyalty. Also, satisfaction was found to have a significant effect on loyalty. In order to increase the number of consumers who use the O2O cosmetic delivery service app, it is necessary to increase the availability and efficiency of the system, which has the greatest impact on satisfaction and loyalty. To this end, it is necessary to provide a comfortable environment without interruption and fast access while using the O2O cosmetic delivery service app, and to build a system so that it can be used efficiently.

• The Journal of the Acoustical Society of Korea
• /
• v.42 no.2
• /
• pp.133-142
• /
• 2023

The office environment is changing according to work types, Information Technology (IT) advancements, and the Coronavirus disease (COVID)-19 situation. In order for office space users to perform their tasks comfortably and efficiently, it is necessary to secure individual privacy as well as easy communication among members. In Korea, the demand for improving the acoustic performance of office spaces is also increasing, but the related performance criteria and guidelines have not been established. In this study, standardization of office space acoustic performance measurement and evaluation methods and European countries' acoustic performance criteria were compared and reviewed. It is proposed to comprehensively review international standardization trends and acoustic performance standards in each country and to establish and utilize criteria for evaluating the acoustic performance and satisfaction of office spaces in Korea through our survey. Considering the international standardization direction and compatibility with communication and Public Address (PA) systems, it is appropriate to establish criteria using the speech transmission index or Speech Transmission Index (STI) application index. This criterion will be highly utilizable and compatible. In addition, since the office furniture industry is interested in improving the acoustic performance of office space, it is necessary to establish a labelling system for speech level reduction of office furniture.

• Journal of the Korea Convergence Society
• /
• v.8 no.9
• /
• pp.1-7
• /
• 2017

As the network environment develops and speeds up, a lot of smart devices is developed, and a high-speed smart society can be realized while allowing people to interact with objects. As the number of things Internet has surged, a wide range of new security risks and problems have emerged for devices, platforms and operating systems, communications, and connected systems. Due to the physical characteristics of IoT devices, they are smaller in size than conventional systems, and operate with low power, low cost, and relatively low specifications. Therefore, it is difficult to apply the existing security solution used in the existing system. In addition, IoT devices are connected to the network at all times, it is important to ensure that personal privacy exposure, such as eavesdropping, data tampering, privacy breach, information leakage, unauthorized access, Significant security issues can arise, including confidentiality and threats to facilities. In this paper, we investigate cases of security threats and cases of network of IoT, analyze vulnerabilities, and suggest ways to minimize property damage by Internet of things.

• The KIPS Transactions:PartC
• /
• v.14C no.5
• /
• pp.431-438
• /
• 2007

RFID system is core technology that construct ubiquitous environment for replacement of barcode technology. Use ratio of RFID system rapidly increase because the technology has many good points such as identification speed, storage space, convenience etc. But low-cost tag operates easily by query of reader, so the system happened user privacy violent problem by tag information exposure. The system studied many ways for security application, but operation capability of low-cost tag is about $5K{\sim}10K$ gates, but only $250{\sim}3K$ gates allocated security part. So it is difficult to apply security to the system. Therefore, this scheme uses dividing 64 bits and reduces arithmetic, so proposed scheme provide mutual authentication that can apply to low-cost RFID system. Existing methods divide by 4 and used 96 bits. However, that reduces 32 bits length for lightweight and reduced from communication number of times of 7 times to 5 times. Also, because offer security by random number than existing scheme that generate two random numbers, that is more efficient. However, uses hash function for integrity that was not offered by XOR arithmetic and added extension of proposed scheme. Extended scheme is not offered efficiency than methods that use XOR arithmetic, but identification distance is mode that is proposed secure so that can use in for RFID system.