• Journal of Korea Multimedia Society
• /
• 제17권2호
• /
• pp.170-179
• /
• 2014

Recently the U-Healthcare system has been rapidly advanced to manage emergence rescue for seniors. We can access emergency rescue systems with high quality services anytime, anywhere under ubiquitous healthcare systems. The more the various systems develop, the more software security systems become important. Therefore, the safety-critical system has been widely spread to the world by advancement of the information and communication technologies. There are a lot kind of fault analysis methods to evaluate software security systems. However due to characteristics of software that is not applied by human error, it can be prevented the enormous damages and losses from improving the safety of safety-critical system. So this paper proposes an integration method of FTA and Forward and Backward FMECA. This method has each strength of FTA and FMECA which is visual and numeric in normalization. First, by use of FTA, we can redraw FTA with Forward FMECA and Backward FMECA in consideration of occurrence, severity, detection, correctness, robustness, and security. Also according to value of NRVP at each event, we can modify FTA diagrams as shown critical paths given by severity and occurrence. Also, we propose the improved emergency rescue service platform of ubiquitous healthcare systems through identifying priorities of the criticality according to normalized risk priority values (NRPV).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제25권1호
• /
• pp.133-146
• /
• 2015

Ever sophisticated e-finance fraud techniques have led to an increasing number of reported phishing incidents. Financial authorities, in response, have recommended that we enhance existing Fraud Detection Systems (FDS) of banks and other financial institutions. FDSs are systems designed to prevent e-finance accidents through real-time access and validity checks on client transactions. The effectiveness of an FDS depends largely on how fast it can analyze and detect abnormalities in large amounts of customer transaction data. In this study we detect fraudulent transaction patterns and establish detection rules through e-finance accident data analyses. Abnormalities are flagged by comparing individual client transaction patterns with client profiles, using the ruleset. We propose an effective flagging method that uses decision trees to normalize detection rules. In demonstration, we extracted customer usage patterns, customer profile informations and detection rules from the e-finance accident data of an actual domestic(Korean) bank. We then compared the results of our decision tree-normalized detection rules with the results of a sequential detection and confirmed the efficiency of our methods.

• The KIPS Transactions:PartA
• /
• 제8A권4호
• /
• pp.391-398
• /
• 2001

To design and develop secure operating systems, the BLP (Bell-La Padula) model that represents the MLP (Multi-Level Policy) has been widely adopted. However, user\`s security level in the most developed systems based on the BLP model is inherited to a process that is actual subject on behalf of the user, regardless whatever the process behavior is. So, there could be information disclosure threat or modification threat by malicious or unreliable processes even though the user is authorized in the system. These problems can be solved by defining the subject as (user, process) ordered pair and by defining the process reliability. Moreover, when the leveled programs which exist as objects in a disk are executed by a process and have different level from the process level, the security level decision problem occurs. This paper presents an extended BLP (E-BLP) model in which process reliability is considered and solves the security level decision problem. And this model is implemented into the Linux kernel 2.4.7.

• Journal of Convergence Society for SMB
• /
• 제6권4호
• /
• pp.31-36
• /
• 2016

User authentication is the first step to network security. There are lots of authentication types, and more than one authentication method works together for user's authentication in the network. Except for biometric authentication, most authentication methods can be copied, or someone else can adopt and abuse someone else's credential method. Thus, more than one authentication method must be used for user authentication. However, more credential makes system degrade and inefficient as they log on the system. Therefore, without tradeoff performance with efficiency, this research proposed user's behavior based authentication for secure communication, and it will improve to establish a secure and efficient communication.

• Journal of Information Technology Services
• /
• 제15권3호
• /
• pp.195-209
• /
• 2016

IoT (Internet of Things) is a collective term referring to application services that provide information through sensors/devices connected to the internet. The real world application of IoT is expanding fast along with growing number of sensors/devices. However, since IoT application relies on vertical combination of sensors/devices networks, information sharing within IoT services remains unresolved challenge. Consequently, IoT sensors/devices demand high construction and maintenance costs, rendering the creation of new IoT services potentially expensive. One solution is to launch an IoT open market for information sharing similar to that of App Store for smart-phones. Doing so will efficiently allow novel IoT services to emerge across various industries, because developers can purchase licenses to access IoT resources directly via an open market. Sharing IoT resource information through an open market will create an echo-system conducive for easy utilization of resources and communication between IoT service providers, resource owners, and developers. This paper proposes the new business model of IoT open market for information sharing, and the requirements for ensuring security and standardization of open markets.

• Journal of the Korea Institute of Military Science and Technology
• /
• 제2권1호
• /
• pp.159-169
• /
• 1999

Recently a firewall is being employed to protect hacking by controlling the traffics. The security services in the firewall include authentication, access control, confidentiality, integrity, and audit trail. A token is adapted for authentication to the firewall. A token has a small battery within which has restricted power capacity, This paper proposes a novel cost-effective firewall token for hacking protecting on transmission control protocol/internet protocol (TCP/IP) based network. This paper proposes a fast exponentiation method with a sparse prime that take a major operation for a public-key crypto-system and a major power consumption in the token. The proposed method uses much less amount of modular operations in exponentiation that is reduced of battery's capacity or CPU's price in the token.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• 제30권10B호
• /
• pp.648-659
• /
• 2005

One's identity on the Internet has been disclosed and abused without his consent. Personal information must be protected by appropriate security safeguard. An Individual should have the right to know whether his personal details have been collected and stored. This paper proposes various conceptual models for designing privacy enabling service architecture in the Internet identity management system. For the restriction of access to personal information, we introduce the owner's policy and the management policy The owner's policy should provide the user with enough information to manage easily and securely his data. To control precisely and effectively all personal information in the Identity provider, we propose the privacy management policy and the privacy authorization model.

• Journal of Korea Society of Digital Industry and Information Management
• /
• 제8권2호
• /
• pp.31-40
• /
• 2012

Face recognition refers to the process of identifying individuals based on their facial features. It has recently become one of the most popular research areas in the fields of computer vision, machine learning, and pattern recognition because it spans numerous consumer applications, such as access control, surveillance, security, credit-card verification, and criminal identification. However, illumination variation on face generally cause performance degradation of face recognition systems under practical environments. Thus, this paper proposes an novel face recognition system using a fusion approach based on local binary pattern and two-dimensional principal component analysis. To minimize illumination effects, the face image undergoes the local binary pattern operation, and the resultant image are divided into two sub-images. Then, two-dimensional principal component analysis algorithm is separately applied to each sub-images. The individual scores obtained from two sub-images are integrated using a weighted-summation rule, and the fused-score is utilized to classify the unknown user. The performance evaluation of the proposed system was performed using the Yale B database and CMU-PIE database, and the proposed method shows the better recognition results in comparison with existing face recognition techniques.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• 제10권1호
• /
• pp.128-134
• /
• 2009

Iris recognition is a biometric technology which can identify a person using the iris pattern. Recently, using iris information is used in many fields such as access control and information security. But Perform complex operations to extract features of the iris. because High-end hardware for real-time iris recognition is required. This paper is appropriate for the embedded environment using local gradient histogram embedded system using iris feature extraction methods have implement. Experimental results show that the performance of proposed method is comparable to existing methods using Gabor transform noticeably improves recognition performance and it is noted that the processing time of the local gradient histogram transform is much faster than that of the existing method and rotation was also a strong attribute.

• Proceedings of the KIEE Conference
• /
• 대한전기학회 2004년도 하계학술대회 논문집 A
• /
• pp.88-90
• /
• 2004

Data are a critical utility asset. Collecting correct data on site leads to accurate information. Data, when gathered with foresight & properly formatted, are useful to both existing database and easily transferable to newer, more comprehensive historical outage data. However, when investigating data items options, the task, can be an arduous one, often requiring the efforts of entire committees. This paper firstly discusses the KEPCO's past 10 years of historical outage data which include meterological data, and also by several elements of the National Weather Service, failure rate, outage duration, and probability classification, etc. Then, these collected data are automatically stored in an Outage Data Management System (ODMS), which allows for easy access and display. ODMS has a straight-forward and easy-to-use interface. It lets you to navigate through modules very easily and allows insertion, deletion or editing of data. In particular, this will further provide the KEPCO that not only helps with probabilistic security assessment but also provides a platform for future development of Probability Estimation Program (PEP).