• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1585-1594
• /
• 2018

In recent years The importance of information security management for securing information collection and analysis, production and distribution is increasing. Companies are assured of confidence in information security through authentication of information Security Management System. However, level assessment and use of domains that make up the management system is limited. On the other hand, the security maturity model is able to diagnose the level of information protection of the enterprise step by step. It is also possible to judge the area to be improved urgently. It is a tool to support goal setting according to the characteristics and level of company. In this paper, C2M2, which is an example of security maturity model, is compared and analyzed with Korea Information Security Management System certification. Benchmark the model to check the level of information security management and derive the priority among the items that constitute the detailed area of information security measures of ISMS certification. It also look at ways to check the level of information security management step by step.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.11
• /
• pp.1946-1953
• /
• 2006

Because the embedded watermark of luminance component guarantees the extraction of ownership information when the color image is converted to gray scale image, the information of ownership right as to the luminance component is embedded in the luminance-chrominance color space such as YCbCr. Therefore, this paper proposes watermark embedding, extraction and authentication algorithm of color image. which considers the device and performance of multimedia contents service by focusing on the robustness and invisibility of watermark. The color image is converted from RGB color space to YCbCr color space, and then the properties of each component of Y(Luminance), Cb(Color Differences) and Cr(Color Differences) are considered in order to embed, extract and certify multi-level watermark in the frequency domain based on the wavelet. As a result, it can guaranteed the robustness for the JPEG compression and invisibility of watermark for multi-level.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1007-1017
• /
• 2019

Currently, most biometrics system authenticates users by using single biometric information. This method has many problems such as noise problem, sensitivity to data, spoofing, a limitation of recognition rate. One method to solve this problems is to use multi biometric information. The multi biometric authentication system performs information fusion for each biometric information to generate new information, and then uses the new information to authenticate the user. Among information fusion methods, a score-level fusion method is widely used. However, there is a problem that a normalization operation is required, and even if data is same, the recognition rate varies depending on the normalization method. A rank-level fusion method that does not require normalization is proposed. However, a existing rank-level fusion methods have lower recognition rate than score-level fusion methods. To solve this problem, we propose a rank-level fusion method with higher recognition rate than a score-level fusion method using correlation coefficient. The experiment compares recognition rate of a existing rank-level fusion methods with the recognition rate of proposed method using iris information(CASIA V3) and face information(FERET V1). We also compare with score-level fusion methods. As a result, the recognition rate improve from about 0.3% to 3.3%.

• Journal of the Korea Convergence Society
• /
• v.9 no.4
• /
• pp.57-63
• /
• 2018

IoT devices are used in many areas to perform various roles and functions in a cloud environment. However, a method of access control that can stably control the IoT device has not been proposed yet. In this paper, we propose a hierarchical multi-level property access control scheme that can perform stable access of IoT devices used in a cluster environment. In order to facilitate the access of the IoT device, the proposed method not only provides the ID key (security token) unique to the IoT device by providing the IoT Hub, but also allows the IoT Hub to authenticate the X.509 certificate and the private key, So that the private key of the IoT device can not be seen outside the IoT device. As a result of the performance evaluation, the proposed method improved the authentication accuracy by 10.5% on average and the processing time by 14.3%. The overhead of IoT Hub according to the number of IoT attributes was 9.1% lower than the conventional method.

• The Journal of Society for e-Business Studies
• /
• v.9 no.1
• /
• pp.285-301
• /
• 2004

Public service provision through internet is one of major parts for e-government implementation. It is essential to link the internal administrative network with internet to provide the services through internet and to support kiosks through internet, which should result in critical issues for security. A relay server, as a front server for the public service processing system and a web server, a control server for kiosks, are placed between the public service processing system and kiosks to solve those security issues. It is the way to solve security issues through protecting direct communication between the public service processing system and a web server and authenticating a relay server and a web server through authentication process. In the implementation of the system this paper provide a design for an architecture model of the public service processing system through internet, which are aiming to develop high level of the quality system effectively, to reduce the risk of initial stage of development, and to reduce the incurring cost due to reworks.

• Journal of Plant Biotechnology
• /
• v.7 no.2
• /
• pp.81-86
• /
• 2005

Panax ginseng is one of the most important medicinal plants in the world. The international trade of ginseng is increasing yearly. The disguise of Chinese and American ginseng into Korean ginseng became a problem in recent years in abroad and Korea. An effective method to authenticate the Korean Panax ginseng from others at a DNA level is necessary for the healthy development of the ginseng market. Amplified fragment length polymorphism (AFLP) analysis was applied to develop a method for the identification of Korean ginseng between Chinese ginseng and American ginseng. It is very difficult to detect the different polymorphic bands among Korean field cultivated ginseng, and between field and wild-cultivated ginseng. The genetic distance coefficient by AFLP analysis between field- and wild cultivated Korean ginseng was very low, 0.056. Whereas, polymorphic bands between Korean and Chinese wild-cultivated ginseng was significantly different. The genetic distance coefficient between wild-cultivated Korean and Chinese ginseng was 0.149. The genetic distance coefficients between the P. ginseng and P. quinquefolius were ranging from 0.626 to 0.666. These results support that the AFLP analysis could be applied to authenticate Korean P. ginseng from others Chinese P. ginseng and American ginseng (P. quinquefolius).

• KDI Journal of Economic Policy
• /
• v.37 no.sup
• /
• pp.1-32
• /
• 2015

Korea witnesses continued debate over the policy that mandates the use of the public authentication certificate (electronic certificate) in electronic financing. The debate mainly centers on the rationale of the government compelling, as a standard, a public electronic certificate based on a specific technology, among several user authentication technologies. This paper looks into the impacts of both adoption and abolition of this mandatory policy and thereby analyzes the effects of government intervention in technology standardization. To that end, two main questions are presented: what conditions would enable a single technology to serve as a standard in the market without government intervention; and what conditions would make the standard determined in the market contribute to maximizing social welfare. This paper demonstrates that the attitude and preference of market participants towards each technology determine the level of market equilibria and social welfare caused by the adoption and abolition of the mandatory policy on electronic certificate.

• Genomics & Informatics
• /
• v.14 no.1
• /
• pp.20-28
• /
• 2016

Internet addiction (IA) has become a widespread and problematic phenomenon as smart devices pervade society. Moreover, internet gaming disorder leads to increases in social expenditures for both individuals and nations alike. Although the prevention and treatment of IA are getting more important, the diagnosis of IA remains problematic. Understanding the neurobiological mechanism of behavioral addictions is essential for the development of specific and effective treatments. Although there are many databases related to other addictions, a database for IA has not been developed yet. In addition, bioinformatics databases, especially genetic databases, require a high level of security and should be designed based on medical information standards. In this respect, our study proposes the OAuth standard protocol for database access authorization. The proposed IA Bioinformatics (IABio) database system is based on internet user authentication, which is a guideline for medical information standards, and uses OAuth 2.0 for access control technology. This study designed and developed the system requirements and configuration. The OAuth 2.0 protocol is expected to establish the security of personal medical information and be applied to genomic research on IA.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.305-314
• /
• 2017

Recently, user authentication through biometric traits such as fingerprint and iris raise more and more attention especially in mobile commerce and fin-tech fields. In particular, commercialized authentication methods using fingerprint recognition are widely utilized mainly because customers are more adopted and used to fingerprint recognition applications. In the meantime, the security issues caused by fingerprint falsification bring lots of attention. In this paper, we propose a new method to improve the performance of fake fingerprint detection using CNN(Convolutional Neural Network). It is common practice to increase the amount of learning data by using affine transformation or horizontal reflection to improve the detection rate in CNN characteristics that are influenced by learning data. However, in this paper we propose an effective data augmentation method based on the database difficulty level. The experimental results confirm the validity of proposed method.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.1
• /
• pp.51-61
• /
• 2016

Because the Apple Pay which created by U.S's Apple Inc. and launch of Samsung pay in last August in domestic, people have high interest in Pin-Tech industries and new method of easy payment. In this paper, it will study newly introduced Pin-Tech industries and marketability of Pin-Tech industries. Also it will propose safe use of Pin-Tech services based on cases in domestic and overseas. This paper is organized as follows. In Chapter 2, it will study concept of Pin-Tech services and status of Pin-Tech services in domestic and overseas. In Chapter 3, it will look technical trends of Pin-Tech services. In Chapter 4, it will propose direction based on analysis of cases of Pin-Tech services. This paper will finish with conclusion in Chapter 5. Given the global trends, Korea is now just took the first steps in new Pin-Tech era. The Pin-Tech services are in situations that it is not yet activated in domestic due to the various financial regulations and procedures. In this paper, it will shows cases of concerns of Pin-Tech services and domestic authentication which relates to easy payment certification. If Pin-Tech services are develop with easy payment certification and adapt to domestic environment and develop based on stability and security as mentioned in this paper, domestic Pin-Tech services and security technology will grow to the world level. Also it requires unceasing research and efforts from relevant government officials, security companies and Pin-Tech ICT companies.