• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.6
• /
• pp.15-26
• /
• 2001

Visual cryptography is a simple method in which secret information can be directly decoded in human visual system without any cryptographic computations. When the secret image is scattered to n random shares(slides), this scheme has some week point such as pixel expansion and contrast degradation. Therefore, it is necessary to reduce the pixel expansion and improve the contrast in recovered image. In this paper, we propose a new construction method for (k, n) visual cryptography using the cumulative matrix. In case k is odd, we can construct the cumulative matrix perfectly. For even k, the contrast of special pair in decoded image can be achieved best by permitting multiple contract. The proposed method is more simple than that of S. Droste\`s in construction and the average contrast of decoded image is improved for the most part. Also, we show that the basis matrices depending on the cumulative matrix are able to be applied for the general access structure.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.135-144
• /
• 2010

Privacy protection can only be achieved by enforcing privacy policies within an enterprise's on and offline data processing systems. There are P-RBAC model and purpose based model and obligations model among privacy policy models. But only these models each can not dynamically deal with the rapidly changing business environment. Even though users are in the same role, on occasion, secure system has to opt for a figure among them who is smart, capable and supremely confident and to give him/her a special mission during a given period and to strengthen privacy protection by permitting to present fluently access control conditions. For this, we propose Integrated Privacy Protection Model based on RBAC. Our model includes purpose model and P-RBAC and obligation model. And lastly, we define high level policy language model based XML to be independent of platforms and applications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1255-1261
• /
• 2020

Cache side-channel attack is a class of attacks to retrieve sensitive information from a system by exploiting shared cache resources in CPUs. As the attacks are delivered to wide range of environments from mobile systems to cloud systems recently, many detection strategies have been proposed. Since the conventional cache side-channel attacks are likely to incur tremendous number of cache events, most of the previous detection mechanisms were designed to carefully monitor mostly cache events. However, recently proposed attacks tend to incur less cache events during the attack. PRIME+ABORT attack, for example, leverages the Intel TSX instead of accessing cache to measure access time. Because of the characteristic, attack detection mechanisms based on cache events may hardly detect the attack. In this paper, we conduct an in-depth analysis of the PRIME+ABORT attack to identify the other useful hardware events for detection rather than cache events. Based on our finding, we present a novel mechanism called PRIME+ABORT Detector to detect the PRIME+ABORT attack and demonstrate that the detection mechanism can achieve 99.5% success rates with 0.3% performance overhead.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1103-1113
• /
• 2020

Hospitals store and manage personal and health information through the electronic medical record (EMR). However, vulnerabilities and threats are increasing with the provision of various services for information sharing in hospitals. Therefore, in this paper, we propose a model to prevent personal information leakage due to the transmission of patient information in EMR. A method for granting permission to securely receive and transmit patient information from hospitals where patient medical records are stored is proposed using OAuth authorization tokens. A protocol was proposed to enable secure information delivery by applying and delivering the record access restrictions desired by the patient to the OAuth Token. OAuth Delegation Token can be delivered by writing the authority, scope, and time of destruction to view patient information.This prevents the illegal collection of patient information and prevents the leakage of personal information that may occur during the delivery process.

• Journal of Internet of Things and Convergence
• /
• v.10 no.1
• /
• pp.7-12
• /
• 2024

To trade cryptocurrency, traders require a personal cryptocurrency wallet. Cryptocurrency itself using blockchain technology is guaranteed excellent security and reliability, so the threat of blockchain hacking is almost impossible, but the exchange environment used by traders for transactions is most subject to hacking threats. Even if transactions are made safely through blockchain during the transaction process, if the trader's wallet information itself is hacked, security cannot be secured in these processes. Exchange hacking is mainly done by stealing a trader's wallet information, giving the hacker access to the victim's wallet assets. In this paper, to prevent this, we would like to reconstruct the existing Hyperledger Fabric structure and propose a system that verifies the identity integrity of traders during the transaction process using whitelisting. The advantage is that through this process, damage to cryptocurrency assets caused by hackers can be prevented and recognized. In addition, we aim to point out and correct problems in the transaction process that may occur if the victim's wallet information is stolen from the existing Hyperledger Fabric.

• International Journal of Computer Science & Network Security
• /
• v.24 no.6
• /
• pp.207-215
• /
• 2024

Cloud computing is now used by most companies, business centres and academic institutions to embrace new computer technology. Cloud Service Providers (CSPs) are limited to certain services, missing some of the assets requested by their customers, it means that different clouds need to interconnect to share resources and interoperate between them. The clouds may be interconnected in different characteristics and systems, and the network may be vulnerable to volatility or interference. While information technology and cloud computing are also advancing to accommodate the growing worldwide application, criminals use cyberspace to perform cybercrimes. Cloud services deployment is becoming highly prone to threats and intrusions. The unauthorised access or destruction of records yields significant catastrophic losses to organisations or agencies. Human intervention and Physical devices are not enough for protection and monitoring of cloud services; therefore, there is a need for more efficient design for cyber defence that is adaptable, flexible, robust and able to detect dangerous cybercrime such as a Denial of Service (DOS) and Distributed Denial of Service (DDOS) in heterogeneous cloud computing platforms and make essential real-time decisions for forensic investigation. This paper aims to develop a framework for digital forensic for the detection of cybercrime in a joined heterogeneous cloud setup. We developed a Digital Forensics model in this paper that can function in heterogeneous joint clouds. We used Unified Modeling Language (UML) specifically activity diagram in designing the proposed framework, then for deployment, we used an architectural modelling system in developing a framework. We developed an activity diagram that can accommodate the variability and complexities of the clouds when handling inter-cloud resources.

• Korean Security Journal
• /
• no.39
• /
• pp.37-61
• /
• 2014

Nowadays the world is threatened because of terrors that take aim at Soft-Targets available and easy to access to the people rather than more secured Hard-Targets. The inspection department of the Presidential Security Service develops and acts a perfect safety plan wherever the President stays so that it is possible to get immediate actions for various contingencies. Some events, in which the President take part, could be held in a lower or higher store in a tall building. Additional to the routine work at this case it is to emphasize on a plan of fire precaution to check the spot and respond to a real fire situation, so that the damage could be minimized. First, the agents of the President Security Service should possess basic knowledge concerning to the fire accidents and be trained on their manuals, even in a busy events plan. An organization, whatever it is, could be improved in that it tries to develop not only the personal abilities, but also education programs of the organization continually. And enhanced abilities of the members lead to the driving force for the advance. The knowledge of fire accident should be able to adapt to the real situation. Second, related to the event, it should be cooperated with the relevant departments, so that it is possible to conduct and control the system. It is urgently required to know that the security event could not be done perfectly with only one part or department. Third, from the time of recognizing of the event it is necessary for the fire department to get an action plan with fire fighting measures, evacuation measures based of the instructions given by the Security Service. Fourth, on the knowledge of the action plan of the fire department the Security Service should inspect the safety activities of the spot and establish the practical operation plan through the fire fighting and evacuation plan. Fifth, the Security Service should share final informations and plan of fire fighting in a high-rise building with the other relevant departments. If not, it could cause a great confusion that could lead to a great damage.

• KIEAE Journal
• /
• v.16 no.6
• /
• pp.39-50
• /
• 2016

Purpose: The purpose of this study is to be performed with studio-type housings among urban life-type housings to investigate the physical characteristic and crime-related factors of studios from the viewpoint of the basic principles of crime prevention through environmental design (CPTED). Method: Eight CPTED guidelines available in Korea were reviewed to select 20 planing factors for actual condition investigation. Five single households in studio-type housings in Gwanak-gu, Seoul, were chosen according to the subject screening criteria to perform the actual condition investigation. Results: First, a lighting plan around a building for natural surveillance should consider the building location, relation with the front road, and surrounding facilities. In a building of a piloti structure, the parking lot and the building gate should be arranged in a manner that enables natural surveillance. Second, the shape of the corridors in studio-type housings should be considered to plan the installation of a lighting at the door of each household, the installation of a viewer window at the door of each household, and the arrangement of the elevator. Third, to support access control, an access control system having the function of video and voice communication is recommended to be installed at the building gate. Criteria for the type of security windows and the floors on which security windows should be installed, and the regulations about the CCTV installation inside and outside the building should be prepared. Fourth, to enhance territoriality in parking lots, ground patterns, parking lot gate, and signs may be installed. Fifth, in view of effective utilization and maintenance, lighting facilities should be installed to increase the usability of ground parking lots, and relevant installation criteria should be prepared regarding the type, number, and brightness of the lightings.

• Journal of Advanced Navigation Technology
• /
• v.13 no.4
• /
• pp.490-502
• /
• 2009

This monograph details the development of communication UAV(Unmanned Aerial Vehicle) in combined modems of HSDPA with Wibro by using two kinds of mobile network. In order to apply mobile network which is currently serviced to a UAV, it is necessary to solve some problems : insurance of wide coverage based on the range of the UAV, electrical transmission of extensive image data for UAV for watching and scouting, security of stable communication environment is related to network traffic. This paper proposes those difficulties to be solved by application of correspondence system to mobile network. The proposed system consists of two parts; HSDPA part and Wibro part. The use of those can not only secure wide range of coverage but also transmit huge data. Furthermore, through utilizing them along with two kinds of mobile network, stable communication environment can be built up. All of these effects can be confirmed by experimentations and simulations.

• The Journal of the Korea Contents Association
• /
• v.10 no.3
• /
• pp.101-112
• /
• 2010

The recent trend of the hacking deals with all the IT infrastructure related to the profit of the companies. Presently, they attack the service itself, the source of the profit, while they tried to access to the service infrastructure through the non-service port in the past. Although they affect the service directly, it is difficult to block them with the old security solution or the old system and they threaten more and more companies with the demand of money menacing the protection of customers and the sustainable management. This paper aims to design and implement multi-platform network packet scanner targeting the exception handling network intrusion detection system which determines normal, abnormal by traffic. Linux and unix have the various network intrusion detection and packet management tools like ngrep, snort, TCPdump, but most of them are based on CUI (Character based User Interface) giving users discomfort who are not used to it. The proposed system is implemented based on GUI(Graphical User Interface) to support the intuitive and easy-to-use interface to users, and using Qt(c++) language that supports multi-platform to run on any operating system.