• Journal of Society of Preventive Korean Medicine
• /
• v.18 no.3
• /
• pp.11-21
• /
• 2014

The rapid development and distribution of information communication industry facilitates the changes of hospital administration, introducing EMR(Electronic Medical Record) instead of paper-based medical record in the medical field. The developed countries such as U.S. have established EMR system after in the middle of 1970s because the primary advantages of EMR is to store and handle vast amounts of records efficiently and increase the quality of health care. Most of health organizations in Korea also apply medical record system to their administration. As the result, they have accomplished a scientific administration system through the use of medical record to handle a variety of patient's information including patient's confidentiality and privacy such as family history, social status, income level, and so on. However, access to and the misuse of EMR causes illegal infringement of patient's information and finally it becomes a very serious medical issue. Potential leakage and misuse of records may seriously infringe patient's privacy rights. In this respect, the related agencies in the public and private sector have been making efforts to prevent patient's records leakages. Especially, the revision bill of Medical Law in 2002 establishes the ways on the security and standards of electronic records. However, it does not provide the proper guidelines which is applied to the rapid changes of the medical environment. One of the most priorities in the hospital administration is the production and maintenance of an accurate medical records fulfilled by medical recorders. Therefore, it is very important for health care providers to hire ethical-based medical recorders. But, unfortunately most of hospitals overlook the importance of their roles. All parts including government, physician and patient must have more concerns on the problems related to EMR. Therefore, this study aims to propose the proper ways to resolve the problems coming from EMR.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.9
• /
• pp.6282-6289
• /
• 2015

Today, there is an increasing number of cases in which certificate information is leak, and accordingly, electronic finance frauds are prevailing. As certificate and private key a file-based medium, are easily accessible and duplicated, they are vulnerable to information leaking crimes by cyber-attack using malignant codes such as pharming, phishing and smishing. Therefore, the use of security token and storage toke' has been encouraged as they are much safer medium, but the actual users are only minimal due to the reasons such as the risk of loss, high costs and so on. This thesis, in an effort to solve above-mentioned problems and to complement the shortcomings, proposes a system in which digital signature for Internet banking can be made with a simply bio-authentication process. In conclusion, it was found that the newly proposed system showed a better capability in handling financial transitions in terms of safety and convenience.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.4
• /
• pp.677-684
• /
• 2017

Smart devices are used in a variety of industries, because applications for them are easy to develop and portable. However, industrial equipment can cause security problems for information and accidents when controlling the actuator of the equipment at a remote location. In this paper, we studied methods of solving these problems and the advantages of applying smart control systems to industrial equipment. We propose a manual manipulation method using queries and a smart control access procedure for controlling equipment using a smart device. In addition, we propose a data transmission method employing multiple encryption protocols and a user authentication method using unique information from the smart device and Q & A as the communication data protection and user authentication methods, respectively. In order to evaluate its performance, an operation test of the smart control system and user authentication comparison experiment were performed. In order to understand the advantages of applying the smart control system to the equipment, we conducted a comparative experiment with a teach pendant and evaluated its reaction time in case of error.

• Journal of Korea Society of Industrial Information Systems
• /
• v.29 no.1
• /
• pp.77-89
• /
• 2024

This paper presents an unmanned store management system that can provide inventory management and theft prevention for displayed products using a small camera that can monitor the shelves of sold products in small and medium-sized stores. This system is a service solution that integrates object recognition, real-time communication, security management, access management, and mobile authentication. The proposed system uses a custom YOLOv5-x model to recognize objects on the display, measure quantities in real time, and support real-time data communication with servers through Raspberry Pie. In addition, the number of objects in the database and the object recognition results are compared to detect suspected theft situations and provide burial images at the time of theft. The proposed unmanned store solution is expected to improve the efficiency of small and medium-sized unmanned store operations and contribute to responding to theft.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.48 no.2
• /
• pp.105-115
• /
• 2011

User authentication service is an absolutely necessary condition while securely implementing an IT service system. It allows for valid users to securely log-in the system and even to access valid resources from database. For efficiently and securely authenticating users, smart-card has been used as a popular tool because of its convenience and popularity. Furthermore the smart-card can maintain its own power for computation and storage, which makes it easier to be used in all types of authenticating environment that usually needs temporary storage and additional computation for authenticating users and server. First, in 1981, Lamport has designed an authentication service protocol based on user's smart-card. However it has been criticized in aspects of efficiency and security because it uses hash chains and the revealment of server's secret values are not considered. Over the years, many smart-card based authentication service protocol have been designed. Very recently, Xu, Zhu, Feng have suggested a provable and secure smart-card based authentication protocol. In this paper, first, we define all types of attacks in the smart-card based authentication service. According to the defined attacks, however, the protocol by Xu, Zhu, Feng is weak against an attack that an attacker with secret values of server is able to impersonate a valid user without knowing password and secret values of user. An efficient and secure countermeasure is suggested, then the security is analyzed.

• Convergence Security Journal
• /
• v.11 no.1
• /
• pp.71-77
• /
• 2011

NCW(Network Centric- Warfare) encompasses the concept to use computer data processing and network linkage communications techniques, share information and furthermore, enhance the effectiveness of computer-operating systems. As IT(Information & Technology) have become developed in the recent years, the existing warfare system-centered conventional protocol is not use any longer. Instead, network-based NCW is being widely-available, today. Under this changing computer environment, it becomes important to establish algorithm and build the stable communication systems. Tools to identify malign node factors through Wireless Ad-hoc network cause a tremendous error to analyze and use paths of even benign node factors misreported to prove false without testing or indentifying such factors to an adequate level. These things can become an obstacle in the process of creating the optimum network distribution environment. In this regard, this thesis is designed to test and identify paths of benign node factors and then, present techniques to transmit data through the most significant open short path, with the tool of MP-SAR Protocol, security path search provider, in Ad-hoc NCW environment. Such techniques functions to identify and test unnecessary paths of node factors, and thus, such technique users can give an easy access to benign paths of node factors.

• Convergence Security Journal
• /
• v.23 no.2
• /
• pp.27-36
• /
• 2023

In recent years, ransomware attacks have become more organized and specialized, with the sophistication of attacks targeting specific individuals or organizations using tactics such as social engineering, spear phishing, and even machine learning, some operating as business models. In order to effectively respond to this, various researches and solutions are being developed and operated to detect and prevent attacks before they cause serious damage. In particular, honeypots can be used to minimize the risk of attack on IT systems and networks, as well as act as an early warning and advanced security monitoring tool, but in cases where ransomware does not have priority access to the decoy file, or bypasses it completely. has a disadvantage that effective ransomware response is limited. In this paper, this honeypot is optimized for the user environment to create a reliable real-time dynamic honeypot file, minimizing the possibility of an attacker bypassing the honeypot, and increasing the detection rate by preventing the attacker from recognizing that it is a honeypot file. To this end, four models, including a basic data collection model for dynamic honeypot generation, were designed (basic data collection model / user-defined model / sample statistical model / experience accumulation model), and their validity was verified.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.10a
• /
• pp.277-280
• /
• 2016

Currently, systems for finding missing children are composed of using communication between a QR code and RFID chip, as the use of a smartphone. However, the current systems for finding missing children have limitations in that children can only be found if there are people in the surrounding area; there is an economic burden on parents required to purchase a smartphone for their children; along with difficulties in finding the missing children without the assistance of those in the surrounding area in critical situations such as a kidnapping, due to the limited duration of the battery life. In order to solve such problems, approaches need to be made from two perspectives: having someone in the surrounding area; and absence of anyone in the surrounding area. This thesis is centered on the development of a IoT (Internet of Things) system for finding missing children that combines two methods, namely, the method of finding missing children without a guardian in the surrounding area -within the limited space in which AP is installed by using a beacon and open source hardware being highlighted as the IoT technology - and the method of finding missing children with the smartphone application in which each individual becomes the Access Point (AP). The Main purpose is to provide accurate information of missing children's location for the 2situations and it is found that the accuracy of smartphones APP is 97.7% and security device AP is 91.1%.

• Journal of Korean Society of Archives and Records Management
• /
• v.1 no.2
• /
• pp.101-119
• /
• 2001

In this paper we explain the definition and component of electronic records, and reestablish the principle of the preservation. Also we discuss the conceptual approaches and requirements for long-term preservation in an electronic environment. The preservation in digital environment is to protect itself of record identity with the reliability and authenticity, and to ensure the accessibility of records. It needs to be periodical migration along with digital environment change for the long-term preservation of the electronic records. and to select software independent standard format. to ensure the integrity of electronic records along with this preservation strategy, process and relative information required for digital preservation are to record in the form of metadata. The preservation system is separated into four functional entities ; registration process, preservation process, access process, main record management system. Also, this article is conceptually to introduce the selection criteria of storage media, the security provision for the archive collections and the disaster recovery which apply to the digital archives.

• Journal of Korea Multimedia Society
• /
• v.13 no.4
• /
• pp.582-593
• /
• 2010

Recently the commercial value of GIS(geographic information system) has been increased with growing application demands of spatial information in life space. Also, GIS has been expanded to the integrated information system that provides the ease access to map information by public users and also the combined service of GIS map data and various multimedia contents. But several security problems of GIS map data have brought up at GIS industries, such as the illegal copy and distribution of GIS map data. Furthermore, the copyright protection of GIS map data has not been researched yet compared with image and video contents. This paper presents a polyline based watermarking scheme for the copyright protection of GIS vector map. The proposed scheme analyzes the structure of vector map and embeds adaptively the watermark by using the distance distribution of polyline components. From experimental results, we verified that the proposed scheme satisfies the invisibility and the robustness of geometrical attacks.