• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.177-186
• /
• 2003

DRM(Digital Rights Management) is a technology that manages secure distributions and copyrights of digital contents on the Internet. It is general giving the rights to use the encrypted contents that are downloaded by a simple authorization process in the existing DRM system. Once this is done you are allowed to access. In this paper, we use RTP(Real-time Transport Protocol) for end-to-end real-time data transmission. And the system is designed to make it Possible to Protect copyrights and to distribute contents with safety through periodic authentication. We implemented DRM system to stand this basis. The proposed system vests only authorized users with authority to access the license. Hence it prevents contents to be distributed and copied illegally on networks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.2
• /
• pp.295-311
• /
• 2023

Cloud computing has evolved significantly, intending to provide users with fast, dependable, and low-cost services. With its development, malicious users have become increasingly capable of attacking both its internal and external security. To ensure the security of cloud services, encryption, authorization, firewalls, and intrusion detection systems have been employed. However, these single monitoring agents, are complex, time-consuming, and they do not detect ransomware and zero-day vulnerabilities on their own. An innovative Record and Replay-based hybrid Honeynet (R2NET) system has been developed to address this issue. Combining honeynet with Record and Replay (RR) technology, the system allows fine-grained analysis by delaying time-consuming analysis to the replay step. In addition, a machine learning algorithm is utilized to cluster the logs of attackers and store them in a database. So, the accessing time for analyzing the attack may be reduced which in turn increases the efficiency of the proposed framework. The R2NET framework is compared with existing methods such as EEHH net, HoneyDoc, Honeynet system, and AHDS. The proposed system achieves 7.60%, 9.78%%, 18.47%, and 31.52% more accuracy than EEHH net, HoneyDoc, Honeynet system, and AHDS methods.

• The KIPS Transactions:PartD
• /
• v.10D no.7
• /
• pp.1197-1206
• /
• 2003

This paper describes the IPP (Internet Printing Protocol), a standard that makes network setup for printers potentially much easier and, not so incidentally, also user can print over the Internet and specifies an implementation of IPP client/server system. It allows the system administrator and operators to control IPP system users and printer devices. The focus of this effort is optimized capabilities the security features for authentication, authorization, and policies, also improved compatibility with existing WP devices. Finally this paper presents conclusions and further researches.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.3
• /
• pp.19-26
• /
• 2007

In recent rears. web portal system has received much attention as a user interface for the grid environment. Grid system uses symmetric key for authenticating user identity while the traditional portal system does a password-based authentication. Regarding this, many researches are progressing to integrate portal accounts with symmetric key. Specially. researches such as GAMA and PURSE are active and those focus on easy usability for users who familiar with password-based authentication. However the protection of data and resources is a critical issue in Grid environment, because those are shared through a wide-area network. In this paper, we suggest a new authentication mechanism which unify authentication mechanisms between portal system and grid service by using symmetric key. It will improve a security level in UI layer as much as in grid service.

• Journal of Environmental Science International
• /
• v.13 no.10
• /
• pp.871-882
• /
• 2004

Korea's national park system resembles that of Japan in many ways. In this study, National park Systems of the two countries are compared from a standpoint of their historical backgrounds to be formed and in aspect of its conservation by the main revision of national park laws in perspective. In conclusion it was found out that Korea's toleration-based regulations on building park amenities have gradually neglected the park conservation effort, whereas Japan's authorization-oriented regulations have streng thened their emphasis on park conservation. From the comparison as above, the polices to be modified for Korean national park are proposed as follows: 1. National park system, which values diversity of species, is to be proposed. For this, the Article 8 which allows a development of National parks, Enforcement Ordinance Article 4, The Article 18 of Law, Enforcement Regulation Article 6 & 7 of National Park Law should be reviewed for deletion and revision. 2. On the basis of the laws, zoning system should be readjusted by discriminated conservation policy. Also, the readjustment of zoning system should be enforced after thorough analysis and research on the value of natural resources in the national park. 3. Korea should closely review the recently revised Japanese laws on the national parks and nature revitalization promotion for applying them to conservation policy of Korean national parks.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.8
• /
• pp.1855-1860
• /
• 2010

This paper describes construction of web services system for secure message transmission appling web services standards. This system composes single sign on module, SSL module and secure message module. We applied these modules to price comparison site. Single sign on module used SAML standards. This module was designed, in order to provide authentication and authorization. As SSL module processes message encryption among end to end, messages of this system are secure. Secure message module is designed according to WS-Security standards and processes authentication, XML signature and XML encryption.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.873-875
• /
• 2014

In this paper, we propose the access control system based bluetooth using the MAC address of the smart device. Access control system that propose compares the smart device MAC address entry and exit and MAC address that is registered with the server. Depending on whether the match was compared, access control is performed. Result of the experiment, control of door is possible only by bluetooth pairing of the bluetooth module and smart device. Therefore, it does not require access to another tool.In addition, Action for access approval is omitted. Therefore, the access authorization procedure is simplified compared to existing access control systems, it is possible to improve the convenience.

• The Korean Society of Law and Medicine
• /
• v.21 no.1
• /
• pp.223-259
• /
• 2020

With COVID-19 spreading rapidly around the world, research and development issues on treatments and vaccines for the virus are of high interest. Among them, Remdesivir was the first to show noticeable therapeutic effects and began clinical trials, with each country authorizing the use of the drug through emergency approval. However, Gilead Co., Ltd., the developer of Remdesivir, received a lot of criticism from civic groups for submitting the application for the marketing authorization as an orphan drug. This is because when a new drug got a marketing authorization as an orphan drug could be granted an exclusive status for seven year. The long-term exclusive status of an orphan drug comes from the policy purpose of motivating pharmaceutical companies to develop treatment opportunities for patients suffering from rare diseases, which was not appropriate to apply to infectious disease treatments. This paper provides a review of the problems and improvement directions of the domestic system through comparative legal consideration against the United States, Europe and Japan for the statutes which give exclusive status to medicines. The domestic system has a fundamental problem that it does not have explicit provisions in the statute in the manner of granting exclusive status, and that it uses the review system to give it exclusive status indirectly. In addition, in the case of orphan drugs, the "Rare Diseases Management Act" and the "Regulations on Examination of Items Permission and Reporting of Drugs" provide overlapping review periods, and despite the relatively long monopoly period, there seems to be no check clause to recover exclusive status in the event of a change in circumstances. Given that biopharmaceuticals are difficult to obtain patents, the lack of such provisions is a pity of domestic legislation, although granting exclusive rights may be a great motivation to induce drug development. In the United States, given that the first biosimilar also has a one-year monopoly period, it can be interpreted that domestic legislation is quite strictly limited to granting exclusive status to biopharmaceuticals. The need for improvement of the domestic system will be recognized in that it could undermine local pharmaceutical companies' willingness to develop biopharmaceuticals in the future, and in that it is also necessary to harmonize international regulations. Taking advantage of the emergence of COVID-19 as an opportunity, we look again at the problems of the domestic system that grants exclusive rights to medicines and hope that an overall revision of the relevant legislation will be made to establish a unified legal basis.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.573-586
• /
• 2016

With the adoption of cloud computing, the number of companies that take advantage of cloud computing has increased. Additionally, various of existing service providers have moved their service onto the cloud and provided user with various cloud-based service. The management of user authentication and authorization in cloud-based service technology has become an important issue. This paper introduce a new technique for providing authentication and authorization with other inter-cloud IAM (Identity and Access Management). It is an essential and easy method for data sharing and communication between other cloud users. The proposed system uses the credentials of a user that has already joined an organization who would like to use other cloud services. When users of a cloud provider try to obtain access to the data of another cloud provider, part of credentials from IAM server will be forwarded to the cloud provider. Before the transaction, Access Agreement must be set for granting access to the resource of other Organization. a user can access the resource of other organization based on the control access configuration of the system. Using the above method, we could provide an effective and secure authentication system on the cloud.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2006.05a
• /
• pp.979-982
• /
• 2006

암호 API 및 PKI 클래스를 토대로 하는 PKI 시스템의 개발은 암호 알고리즘을 활용한 보안 서비스의 중요한 위치를 차지하고 있으며, 현재 네트워크 기반의 각종 서비스에서 강력한 보안 기능을 제공하는 부분으로, 각종 보안 서비스의 제공을 위해서 가장 먼저 구축되어야 할 부분이다. 본 논문에서는 자바 암호 API 및 PKI 관련 클래스를 바탕으로 사용자 인증(User Authentication), 인가(Authorization), 부인-방지(Non-Requdation), 전자서명(Electronic Signature) 등의 보안 서비스를 제공할 수 있는 X.509 전자인증서를 발행하는 PKI 시스템을 연구하였으며, 향후 각종 보안 서비스의 제공에 있어서 중요한 위치를 차지할 수 있을 것이다. 또한, 자바 기반의 PKI 시스템은 이식성이 매우 높으며, 개별 서비스에 대한 모듈 형식으로 구성되어 있어, 그 활용의 범위가 고정되지 않고 다양한 시스템 및 서비스에 적용할 수 있는 장점을 가지고 있다.