• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.803-813
• /
• 2013

As the developments of smart devices and social network services, the amount of data has been exploding. The world is facing Big data era. For these reasons, the Big data processing technology which is a new technology that can handle such data has attracted much attention. One of the most representative technologies is Hadoop. Hadoop Distributed File System(HDFS) designed to run on commercial Linux server is an open source framework and can store many terabytes of data. The initial version of Hadoop did not consider security because it only focused on efficient Big data processing. As the number of users rapidly increases, a lot of sensitive data including personal information were stored on HDFS. So Hadoop announced a new version that introduces Kerberos and token system in 2009. However, this system is vulnerable to the replay attack, impersonation attack and other attacks. In this paper, we analyze these vulnerabilities of HDFS security and propose a new protocol which complements these vulnerabilities and maintains the performance of Hadoop.

• The Journal of the Korea Contents Association
• /
• v.5 no.5
• /
• pp.43-50
• /
• 2005

POS system that become that is supply net administration and computerization fetters of customer management that become point in istribution network constructed database and use XML-Encryption that is certificate techniques of PKI and standard of security for security that is XML's shortcoming and design distributed processing POS system using XML for data integration by introduction of Ubiquitous concept. This POS system has four advantages. First, Because there is no server, need not to attempt authentication and data transmission every time. Second, can integrate data base by XML and improve portability of program itself. Third, XML data in data transmission because transmit data after encryption data safe .Fourth, After encode whenever process data for data breakup anger of POS system client program and elevation of the processing speed, transmit at because gathering data at data transmission.

• Journal of Korea Multimedia Society
• /
• v.6 no.5
• /
• pp.861-869
• /
• 2003

The rapid growth of multimedia network systems has caused overflowing illegal copies of digital contents. Among digital contents, watermarking technique can be used to protect ownership about the image. Copyright protection involves the authentication of image ownership and the identification of illegal copies of image. In this paper, a new digital watermarking technique using HVS and adaptive scale factor based on the wavelet transform is proposed to use the binary image watermark. The original image is decomposed by 3-level wavelet transform. It is embedded to baseband and high frequency band. The embedding in the baseband is considered robustness, the embedding in the high frequency band is concerned about HVS and invisibility. The watermarking of a visually recognizable binary image used the HVS and random permutation to protect the copyright. From the experimental results, we confirm that the proposed technique is strong to various attacks such as joint photographic experts ground(JPEG) compression, cropping, collusion, and inversion of lines.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.769-772
• /
• 2012

Personal Information Article2 defines personal authentication information, secret information, bio information for personal information and it is stipulated under article29 that the one who have duties must take adequate technological, administrative, physical measures to prevent from illegal reading and sneaking. Also it is stipulated under information communication network law28(1), enforcement regulation9, Korea Communications Commitee notice. To satisfy this, the one who have to take security actions of personal information are required to take technological measures and establish positive measures to continuously manage it.The insurance of technological security is possible by encryption of personal information, secure management and operation of encryption key,taking personal information security level of providin access control of personal information reading and audit.In this paper, we will analyze various technologies of personal information encryption which are essencial component in technological security measuresof personal information. This paper will help choose which technological measures you should take in personal information security.

• The KIPS Transactions:PartB
• /
• v.12B no.3 s.99
• /
• pp.291-300
• /
• 2005

We are required to adequately adjust the distributed contents to each device and users' demands on the network and to obtain authentication of ownership for our information to prevent the illegal usage of our digital information by non-owners. In this paper, we propose scalable digital watermarking of contents within a compression domain based on Orthogonal Forward Wavelet Transforms, and the proposed method focuses on robust watermark algorithms that are not visually recognizable to embedded ownership information. Therefore, it proposes a watermark insertion methods based on spread spectrum techniques and Provides a watermark key. As a result, it not only extracted the contained watermark from the intentionally altered images, but also secured the watermark information extraction from partial images and ensure the decrease of BER (Bit Error Rate) in the images containing watermarks even when more watermark inserted images are transmitted.

• The KIPS Transactions:PartC
• /
• v.10C no.1
• /
• pp.17-26
• /
• 2003

Mobile agent system comes into the spotlight since it contributes largely to mobile computing on distributed network environment. However, this system has a number of significant security Problems. In this Paper, we analyze suity attacks to mobile agent system Presented by NIST[3]. In order to protect this system from them, we suggest a security protocol for mobile agent system by employing R based key distribution and digital multi-signature scheme. To solve these problems described in NIST, securities for mobile agent and agent platform shouid be accomplished. Comparing with other protocols, our protocol performs both of these securities, while other protocols mentioned only one of them. Proposed Protocol satisfies simplicity of key management, providing security service such as confidentiality, integrity, authentication and preventing reputation, liveness guarantee, protection of excution-result data and preventing replay attack. Furthermore, it is designed to detect message modification immediately by verifying each step of agent execution at a corresponding server.

• The KIPS Transactions:PartC
• /
• v.14C no.1 s.111
• /
• pp.55-64
• /
• 2007

Behind the popularity of VoIP in these days, it may present significant security challenges in privacy and accounting. Authentication and message encryption are considered to be essential mechanisms in VoIP to be comparable to PSTN. SIP is responsible for setting up a secure call in VoIP. SIP employs TLS, DTLS or IPSec combined with TCP, UDP or SCTP as a security protocol in VoIP. These security mechanisms may introduce additional overheads into the SIP performance. However, this overhead has not been understood in detail by the community. In this paper we present the effect of the security protocol on the performance of SIP by comparing the call setup delays among security protocols. We implement a simulation of the various combinations of three security protocols and three transport layer protocols suggested for SIP. UDP with any combination of security protocols performs a lot better than the combination of TCP. TLS over SCTP may impose higher impact on the performance in average because TLS might have to open secure channels as the same number of streams in SCTP. The reasons for differences in the SIP performances are given.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.4
• /
• pp.141-146
• /
• 2015

Data have been increased enormously due to the development of IT technology such as recent smart equipments, social network services and streaming services. To meet these environments the technologies that can treat mass data have received attention, and the typical one is Hadoop. Hadoop is on the basis of open source, and it has been designed to be used at general purpose computers on the basis of Linux. To initial Hadoop nearly no security was introduced, but as the number of users increased data that need security increased and there appeared new version that introduced Kerberos and Token system in 2009. But in this method there was a problem that only one secret key can be used and access permission to blocks cannot be authenticated to each user, and there were weak points that replay attack and spoofing attack were possible. Hence, to supplement these weak points and to maintain efficiency a protocol on the basis of group key, in which users are authenticated in logical group and then this is reflected to token, is proposed in this paper. The result shows that it has solved the weak points and there is no big overhead in terms of efficiency.

• Journal of Internet Computing and Services
• /
• v.2 no.3
• /
• pp.51-62
• /
• 2001

Recently, as computers and networks become popular, distributing information on the Internet is common In our daily life. also, the explosion of the Internet. of wireless digital communication and data exchange on Internet has rapidly changed the way we connect with other people. The e-mail has been commonly used by users as well recognizing It as the standard of manners among users on the Internet. In the past, e-mail has been the primary choice of exchanging Information, but secure mail is gaining popularity abroad and domestically because of their nature of providing security. That is. it has been used a variety of fields such as general mail and e-mail for advertisement. But, As the data transmitted on network can be easily opened or forged with simple operations. most of existing e-mail system don't have any security on the transmitted information. Thus. security mail system need to provide security including message encryption, content Integrity, message origin authentication, and non-repudiation. In this paper, we design implement secure mail system with non-repudiation service and encryption capability to provide services for certification of delivery and certification of content as well as the basic security services. API.

• Journal of Internet Computing and Services
• /
• v.11 no.4
• /
• pp.143-158
• /
• 2010

The illegal leakage of enterprise digital confidential information will threaten the enterprise with bankruptcy. Today since most small-and-medium companies have no capability to fight against illegally compromising their critically confidential documents in spite of knowing the leakage of them, strongly safe distribution system of the digital confidential documents should be designed so in secure as to prevent any malicious intent of embezzlement from accessing the critical information. Current DRM-based protection system is not always perfect to protect the digital secrets, even seems to leave the secrets open. Therefore our study has analyzed the illegal leakage paths that hackers attack against and the vulnerability of the current protection systems. As result, we study the group communication based system architecture satisfying the security conditions to make even legitimate working employee keep out of the confidential documents, without performance degradation. The main idea of this architecture is to stay every secrets in encrypted form; to isolate the encrypted documents from the crypto-key; to associate every entity with one activity and to authenticate every entity with DSA-based public key system; multiple authentication method make hackers too busy to get a privilege to access the secrets with too many puzzle pieces. This paper deal with the basic architectural structure for the above issues.