• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.1
• /
• pp.45-52
• /
• 2009

Currently broadcasting and telecommunication has integrated, And IPTV Service has appeared who called TPS(Triple Play Service) which integrated with broadcasting, telecommunication and Phone Service. IPTV provide broadcasting service and VOD(Video on Demand) service, and it must be satisfied digital content security. For this condition, IPTV Forum working on standardization of interface for digital content security. The Security solution for broadcasting and VOD are CAS (Conditional Access System) and DRM(Digital Rights Management). But these solutions manufactured by many vendors, so there is no inter-operability. And after finished standardization of interface for CAS and DRM system, the problem of inter-operability with them will be issued. For this reason, Rights management system which possible to operate independently with platform is necessary. In this paper, To protect multimedia digital content, we designed and implemented Conditional Access Management System.

• The Journal of the Korea Contents Association
• /
• v.9 no.8
• /
• pp.158-165
• /
• 2009

Counselling between a patient and a doctor is crucial in telemedicine. In order for the doctor to examine the patient accurately, it needs an auscultation, at least. Currently, some video conference systems are implemented but it is hard to use them in the case of an cardiac disorder, because the patients suffering from cardiac disorder cannot be examined by a stethoscope over Internet. To solve this problem, the remote counselling service has to support real time transmission of the heart sound of the patient. In this paper, we present a remote counselling system with stethoscope. We also design and implement the system in order for health monitor to connect the patient with his attending physician for the environment of u-healthcare service. The proposed system supports a mobility for doctor and patient by exchanging IP addresses at an user authentication protocol. The system implemented by this paper can be used for cardiac patients in remote clinical setting in the future.

• Journal of Korea Multimedia Society
• /
• v.5 no.6
• /
• pp.674-682
• /
• 2002

Nowadays economic and commercial businesses have been increased because of the Internet. As a result of this, electronic commerce is becoming one of the most Interesting topic of discussion. Electronic commerce is equal to a real market, only the place of business is the imaginary space supported by the Internet. There are a few conditions to consider, making electronic commerce work safely. The electronic commerce should be connected by a substantial system and an on-line Protocol. There are some conditions needed for information security, authentication, and payment by electronic currency etc. Although there are many kinds of existing systems, which create services successfully, further research for security is required. Therefore, this paper suggests an authenticated Agent management, which offers more convenience and security than before. Also, this paper shows many authenticated methods for a management system. An Agent that is one of interesting things to study can handle information problems and works related to electronic commerce.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.7C
• /
• pp.985-996
• /
• 2004

In order to solve the increasing security problems, IDSs(Intrusion Detection System) have appeared. However, local IDSs have a limit to detect various intrusions in a large-scale network environment. So there are a lot of researches in progress which organize the elements of IDS in a distributed or hierarchical manner. In this paper, we design a integrated IDS which exchanges messages between them through the standardized message format (IDMEF) and communication protocol (IDXP). We also propose a policy profile for an effective control of IDSs, and employ the PKI mechanism for mutual authentication. We implement a prototype system for the proposed IDSs communicating with Snort and analyze its performance.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.4
• /
• pp.2276-2291
• /
• 2017

Data protection of removable storage devices is an important issue in information security. Unfortunately, most existing data protection mechanisms are aimed at protecting computer platform which is not suitable for ultra-low-power devices. To protect the flash disk appropriately and efficiently, we propose a trust based USB flash disk, named UTrustDisk. The data protection technologies in UTrustDisk include data authentication protocol, data confidentiality protection and data leakage prevention. Usually, the data integrity protection scheme is the bottleneck in the whole system and we accelerate it by WH universal hash function and speculative caching. The speculative caching will cache the potential hot chunks for reducing the memory bandwidth pollution. We adopt the symmetric encryption algorithm to protect data confidentiality. Before mounting the UTrustDisk, we will run a trusted virtual domain based lightweight virtual machine for preventing information leakage. Besides, we prove formally that UTrustDisk can prevent sensitive data from leaking out. Experimental results show that our scheme's average writing throughput is 44.8% higher than that of NH scheme, and 316% higher than that of SHA-1 scheme. And the success rate of speculative caching mechanism is up to 94.5% since the access pattern is usually sequential.

• Journal of Internet Computing and Services
• /
• v.13 no.6
• /
• pp.55-62
• /
• 2012

Grid web applications by standard Web technology are increasingly used to provide grid service to users as normal Web user interface and service. It is however difficult to integrate a grid security system such as Grid Security Infrastructure (GSI) into Web applications because the delegation way of standard Web security is not the same as the one of Grid security. This can be solved by allowing Web applications to get a Grid credential by using an online credential repository system such as MyProxy. In this paper, we investigate the problem that occurs when MyProxy, which assumes mutual trust between a user and Grid web application, is adapted for achieving security integration between Web and Grid, and we propose a new Grid proxy delegation service to delegate a Grid credential to the Web without assuming mutual trust. In the service, the X.509 proxy delegation process is added to OAuth protocol for credential exchange, and authentication can be done by an external service such as OpenID. So, users can login onto the Grid web application in a single sign-on manner, and are allowed to securely delegate and retrieve multiple credentials for one or more Virtual Organizations.

• Journal of Korean Society of Water and Wastewater
• /
• v.32 no.4
• /
• pp.309-315
• /
• 2018

Currently, the commercialization of the $5^{th}$ Generation (5G) service is becoming more prevalent in domestic communication network technology. This has reduced communication delay time and enabled large-capacity data transmission and video streaming services in real-time. In order to keep pace with these developments, K-water has introduced a smart process control system in water purification plants to monitor the status of the water purification process. However, since wireless networks are based on the public Long Term Evolution (LTE) network, communication delay time remains high, and high-resolution video services are limited. This is because communication networks still have a closed structure due to expense and security issues. Therefore, with 5G in its current form, it is very difficult to accommodate future services without improving the infrastructure of its communication networks. In recognition of these problems, this study implemented the authentication and management function of wireless networks on a wired network management system in the K-water Bansong water purification plant. The results confirmed that wired Local Area Network (LAN) services give a higher security performance than an expensive commercial wireless LAN system. This was achieved by using an Internet Protocol (IP) address management system of wired networks and the packet filtering function of the Layer2 (L2) switch. This study also confirmed that it is possible to create a wireless LAN service that is 3.7 times faster than the existing LTE communication network.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.803-813
• /
• 2013

As the developments of smart devices and social network services, the amount of data has been exploding. The world is facing Big data era. For these reasons, the Big data processing technology which is a new technology that can handle such data has attracted much attention. One of the most representative technologies is Hadoop. Hadoop Distributed File System(HDFS) designed to run on commercial Linux server is an open source framework and can store many terabytes of data. The initial version of Hadoop did not consider security because it only focused on efficient Big data processing. As the number of users rapidly increases, a lot of sensitive data including personal information were stored on HDFS. So Hadoop announced a new version that introduces Kerberos and token system in 2009. However, this system is vulnerable to the replay attack, impersonation attack and other attacks. In this paper, we analyze these vulnerabilities of HDFS security and propose a new protocol which complements these vulnerabilities and maintains the performance of Hadoop.

• Journal of Korea Multimedia Society
• /
• v.9 no.10
• /
• pp.1304-1313
• /
• 2006

Biometric-based authentication can provide strong security guarantee about the identity of users. However, security of biometric data is particularly important as the compromise of the data will be permanent. In this paper, we propose a secure and efficient protocol to transmit fingerprint images from a fingerprint sensor to a client by exploiting characteristics of fingerprint images. Because the fingerprint sensor is computationally limited, however, such encryption algorithm may not be applied to the full fingerprint images in real-time. To reduce the computational workload on the resource-constrained sensor, we apply the encryption algorithm to a specific bitplane of each pixel of the fingerprint image. We use the LSB as specific bitplane instead of MSB used to encrypt general multimedia contents because simple attacks can reveal the fingerprint ridge information even from the MSB-based encryption. Based on the experimental results, our proposed algorithm can reduce the execution time of the full encryption by a factor of six and guarantee both the integrity and the confidentiality without any leakage of the ridge information.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.516-519
• /
• 2008

Currently broadcasting and telecommunication has integrated, And IPTV Service has appeared who called TPS(Triple Play Service) which integrated with broadcasting, telecommunication and Phone Service. IPTV provide broadcasting service and VOD(Video on Demand) service, and it must be satisfied digital content security. For this condition, IPTV Forum working on standardization of interface for digital content security. The Security solution for broadcasting and VOD are CAS(Conditional Access System) and DRM(Digital Rights Management). But these solutions manufactured by many vendors, so there is no inter-operablity. And after finished standardization of interface for CAS and DRM system, the problem of inter-operability with them will be issued. For this reason, Rights management system which possible to operate independently with platform is necessary. In this paper, To protect multimedia digital content, we designed and implemented Conditional Access Management System.