• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.2
• /
• pp.33-43
• /
• 2006

In order to provide the efficient personalized services, the organizations and the companies collect and manage the personal information. However, there have been increasing privacy concerns since the personal information might be misused and spread over in public by the database administrators or the information users. Even in the systems in which organizations or companies control access to personal information according to their access policy in order to protect personal information, it is not easy to fully reflect the information subjects' intention on the access control to their own Personal information. This paper proposes a policy-based access control mechanism for the personal information which prevents unauthorized information users from illegally accessing the personal information and enables the information subjects to control access over their own information. In the proposed mechanism, the individuals' personal information which is encrypted with different keys is stored into the directory repository. For the access control, information subjects set up their own access control policy for their personal information and the policies are used to provide legal information users with the access keys.

• The Journal of the Acoustical Society of Korea
• /
• v.22 no.4E
• /
• pp.176-182
• /
• 2003

As the needs for wireless Internet service is increasing, the needs for secure m-commerce is also increasing. Conventional security techniques are reinforced by biometric security technique. This paper utilized the voice as biometric security techniques. We developed speaker verification system for m-commerce (mobile commerce) via wireless internet and wireless application protocol (WAP). We named this system the mVprotek. We implemented the system as client-server architecture. The clients are mobile phone simulator and personal digital assistant (PDA). The verification results are obtained by integrating the mVprotek system with SK Telecom's code dimension multiple access (CDMA) system. Utilizing f-ratio weighting and virtual cohort model normalization showed much better performance than conventional background model normalization technique.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.19-27
• /
• 2007

Broadcasting contents protection system for HDTV has many difficult to apply file encryption technology that using the existing DRM systems. Therefore, this system has to be processed as accommodative about broadcasting contents format such as TS and PS and so on. Also, this system must support efficient encryption technology and random access mode. In addition, this system must have suitable key distribution mechanism in broadcasting environment. In this paper, we propose and implement encryption/key distribution scheme applicable to encoder/decoder without changing the existing MPEG system.

• The Journal of Information Technology
• /
• v.6 no.1
• /
• pp.11-20
• /
• 2003

With the development of Information Communication Technique, electronic commerce using PKIs is widely used over the Internet. The goal of access control is to counter the threat of unauthorized operations involving Web-server or data base systems. The RBAC(Role-Based Access Control) has recently received considerable attention as a promising alternative to traditional discretionary and mandatory access controls. In this paper we propose two methods, the RBAC system using attribute certificates and the RBAC system using SPKI certificates. And we analyze and compare the two methods.

• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.419-425
• /
• 2012

In these days, the trends of home networking system is implementation of easily configured system with home security of emergency alarm and visitor verification services. In this paper, we implemented push server system based on Arduino of open source physical computation platform to verify visitors for the homes without home networking services. In the suggested system, visitor verification is performed in and out of home, and home access security of the system could be constructed with low-cost price by use of windows push server system and smart devices with alarm operation in corresponding to not allowed access trying.

• Aerospace Engineering and Technology
• /
• v.7 no.1
• /
• pp.210-215
• /
• 2008

Most of technology information obtained from KSLV-I program have been managed by Program Life-Cycle Management System(PLMS). As involving technologies in the program require high level of confidentiality as those may be dealt with entities in international cooperation, the enforcement of strict security policy is inevitable. Therefore, a document security system has been developed to enhance protection in document management. This paper describes the overview and development status of the security system, integrated with PLMS, which aims at preventing illegal access and inadvertant leakage of the technology information.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 1999.12a
• /
• pp.373-377
• /
• 1999

Role Based Access Control(RBAC) reduces the cost of administering access control policies as well as making the process less error-prone. The administration tool is most important component in the concept of RBAC. The administration tool for the RBAC security system is required the consistency of a relationships between user and role in the RBAC Database. In this paper, we propose formal specification in order to manage user-role and role-role relationships. The proposed formal specification leads to the consistency requirements for the RBAC database which are defined as a set of relationship. This paper can easily derive the implementation of the RBAC administration tool by formal specification of operations.

• Bulletin of the Korean Mathematical Society
• /
• v.46 no.4
• /
• pp.743-769
• /
• 2009

An ID-based DNF signature scheme is an ID-based signature scheme with an access structure which is expressed as a disjunctive normal form (DNF) with literals of signer identities. ID-based DNF signature schemes are useful to achieve not only signer-privacy but also a multi-user access control. In this paper, we formally define a notion of a (non-interactive) ID-based DNF signature and propose the first noninteractive ID-based DNF signature schemes that are secure under the computational Diffie-Hellman and subgroup decision assumptions. Our first scheme uses random oracles, and our second one is designed without random oracles. To construct the second one, we use a novel technique that converts a non-interactive witness indistinguishable proof system of encryption of one bit into a corresponding proof system of encryption of a bit-string. This technique may be of independent interest. The second scheme straightforwardly yields the first ID-based ring signature that achieves anonymity against full key exposure without random oracles. We finally present two extensions of the proposed ID-based DNF signature schemes to support multiple KGCs and different messages.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.2
• /
• pp.139-147
• /
• 2011

More convenient and value-added application services can be provided to user in case of using location-based service on Smart phone. However, privacy problem will be happen when an application disclosures the personal location information. Therefore, each user should securely control and manage his own personal location information by specifying access control list and profiles. In this study, we implemented personal location information self-control protocol and developed secure personal location management system with OTP based authentication procedure.

• Asian Journal of Innovation and Policy
• /
• v.4 no.2
• /
• pp.154-177
• /
• 2015

India faces a formidable challenge in ensuring security of access to modern energy carriers to majority of its population. The fossil-fuel dominated centralized energy system has proved to be ineffective in creating sustainable access to energy, which suggests need for a radical and innovative approach. We present such an approach. First, the need for innovations given the implications of lack of energy access on sustainable development is assessed. Next, possible innovations with respect to technologies, policies, institutions, markets, financial instruments and business models are discussed. Finally, an economic and financial feasibility of implementing such innovations are analyzed. The results indicate that such a proposal needs an investment of US$ 26.2 billion over a period of 20 years for a GHG mitigation potential of 213Tg $CO_{2e}$. The proposition is profitable for the enterprises with IRRs in the range of 39%-66%. The households will get lifeline access to electricity and gas for cooking at an affordable monthly cost of about US$ 5.7.