• Journal of information and communication convergence engineering
• /
• v.9 no.5
• /
• pp.562-566
• /
• 2011

As telecommunication technologies in telemedicine services are developed, the expeditious development of wireless and mobile networks has stimulated wide applications of mobile electronic healthcare systems. However, security is an essential system requirement since many patients have privacy concerns when it comes to releasing their personal information over the open wireless channels. Due to the invisible feature of mobile signals, hackers have easier access to hospital networks than wired network systems. This may result in several security incidents unless security protocols are well prepared. In this paper, we analyzed authentication and authorization procedures for healthcare system architecture to apply secure M-health systems in the hospital environment. From the analyses, we estimate optimal requirements as a countermeasure to its vulnerabilities.

• Journal of the Korea Society of Computer and Information
• /
• v.20 no.7
• /
• pp.49-56
• /
• 2015

In this paper, we introduce recent cloud system security technologies categorizing them according to Reliability, Availability, Serviceability, Integrity, and Security (RASIS), terms that evaluate robustness of the computer system. Then we describe examples of security attacks and corresponding security technologies for each of them. We introduce security technologies based on Software Defined Network (SDN) for Reliability, security technologies based on hypervisor and virtualization for Availability, disaster restoration systems for Serviceability, authorization and access control technologies for Integrity, and encryption algorithms for Security. We believe that this paper provide wise view and necessary information for recent cloud system security technologies.

• Proceedings of the KSR Conference
• /
• 2006.11b
• /
• pp.885-889
• /
• 2006

Metro Subway System is widely known as the leader of public transportation in a metropolitan area. The signal interlocking is one of the most important organs that plays a major role in the system. By improving the quality of signal lights on the traffic system and keeping its maintenance on a high level will not only repair the current state, but it will also let the LED type signal semi-permanent. The device, which underwent a process of fine manufacture establishment and a close examination, obtained a patented article (2004, as a new device). Utilizing the equipment with cautious preservation on the system will enhance the current state of the signal device. Especially, the test for improvement and development based upon the technique that decreases the frequency of defect produced will further precipitate its efficiency. With authorization of imposing the LED lights on production, installment, and investigation of the system, the newly made equipment will bring improvement to the signal technology and to the industry at largest extent.

• Environmental Analysis Health and Toxicology
• /
• v.30 no.sup
• /
• pp.7.1-7.10
• /
• 2015

Objectives For successful adoption of legislation controlling registration and assessment of chemical substances, it is important to obtain sufficient toxicological experimental evidence and other related information. It is also essential to obtain a sufficient number of predicted risk and toxicity results. Particularly, methods used in predicting toxicities of chemical substances during acquisition of required data, ultimately become an economic method for future dealings with new substances. Although the need for such methods is gradually increasing, the-required information about reliability and applicability range has not been systematically provided. Methods There are various representative environmental and human toxicity models based on quantitative structure-activity relationships (QSAR). Here, we secured the 10 representative QSAR-based prediction models and its information that can make predictions about substances that are expected to be regulated. We used models that predict and confirm usability of the information expected to be collected and submitted according to the legislation. After collecting and evaluating each predictive model and relevant data, we prepared methods quantifying the scientific validity and reliability, which are essential conditions for using predictive models. Results We calculated predicted values for the models. Furthermore, we deduced and compared adequacies of the models using the Alternative non-testing method assessed for Registration, Evaluation, Authorization, and Restriction of Chemicals Substances scoring system, and deduced the applicability domains for each model. Additionally, we calculated and compared inclusion rates of substances expected to be regulated, to confirm the applicability. Conclusions We evaluated and compared the data, adequacy, and applicability of our selected QSAR-based toxicity prediction models, and included them in a database. Based on this data, we aimed to construct a system that can be used with predicted toxicity results. Furthermore, by presenting the suitability of individual predicted results, we aimed to provide a foundation that could be used in actual assessments and regulations.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.5
• /
• pp.3-16
• /
• 2001

With the development of Internet, it is widely spreaded to a Intranet based on Internet technology. Intranet is a private, unique network to share the information of organization such as incorporate, research institute and university. With the increase of Intranet using, Intranet environment is developing into Extranet environment which is connected many Intranet. Currently such Intranet and Extranet environments, above all, it is important to solve security problems which can appear through use of information between domains. Thus, in this paper, we propose SSO(Single Sign-on System) model with authorization management and single sign-on operation, and we extend it to enable mutual authentication through inter-working based on PKI(Public Key Infrastructure) in Extranet environments.

• The KIPS Transactions:PartC
• /
• v.11C no.1
• /
• pp.47-54
• /
• 2004

The growth of computer resource and network speed has increased requests for the use of remotely located computer systems by connecting through computer networks. This phenomenon has hoisted research activities for application service provision that uses server-based remote computing paradigm. The server-based remote computing paradigm has been developed as the ASP (Application Service Provision) model, which provides remote users through application sharing protocol to application programs. Security requirement such as confidentiality, availability, integrity should be satisfied to provide ASP service using centralized computing system. Existing Telnet or FTP service for a remote computing systems have satisfied security requirement by a simple access control to files and/or data. But windows-based centralized computing system is vulnerable to confidentiality, availability, integrity where many users use the same application program installed in the same computer. In other words, the computing system needs detailed security level for each user different from others, such that only authorized user or group of users can run some specific functional commands for the program. In this paper, we propose windows based centralized computing system that sets security policies for each user for the use of instructions of the application programs, and performs access control to the instructions based on the security policies. The system monitors all user messages which are executed through graphical user interface by the users connecting to the system. Ail Instructions, i.e. messages, for the application program are now passed to authorization process that decides if an Instruction is delivered to the application program based on the pre-defined security polices. This system can be used as security clearance for each user for the shared computing resource as well as shared application programs.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.04a
• /
• pp.482-484
• /
• 2015

M2M technology enables us to "Things" and collect various kinds of information from "Things". M2M is defined as a technology that enables electronic and mechanical devices to communicate with each other seamlessly and perform actions without human intervention. In this paper, we review some security solutions for M2M devices and show our light weight framework which is responsible for security of constrained M2M devices. In addition to the above-mentioned ones, we propose the framework can be applied for constrained environment and give conclusion and future works.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.616-617
• /
• 2010

This paper presents a model of e-learning based on ubiquitous computing configuration. The proposed e-learning model as following. we propose the e-learning system's hardware and software configurations which are server and networking systems. Also, we construct the proposed e-learning systems's services. There are attendance and absence service, class management service, common knowledge service, score processing service, facilities management service, personal management service, personal authorization issue management service, campus guide service, lecture-hall management service. Also, we propose the laboratory equipment management service, experimental materials management service etc.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2001.05a
• /
• pp.706-710
• /
• 2001

컴퓨터와 통신 기술의 발전으로 인해, 멀티미디어 정보처리와 멀티미디어를 이용, 다양한 응용이 출현하고 있습니다. 그 중에 인터넷의 발전과 함께 많은 성장을 하고 있는 멀티미디어 응용서비스 중의 하나인 인터넷폰은 '95년 2월 이스라엘의 보컬텍사에 의해 첫선을 보인 이후 빠른 속도로 세계에 보급되고 있습니다. 하지만 아직은 일반전화에 비해서 통화 음질이 떨어지고, 인터넷에 가입된 상대방도 동시에 온라인 대기상태에 있어야 하는 등의 문제점들이 지적되고 있지만 새로운 기술도입으로 음질이나 호환성이 많이 개선되어 가고 있습니다. 본 논문에서는 인터넷폰 사설교환 시스템의 효율적인 서비스를 위한 교환시스템의 사용자 인증 서비스 및 호제어 상태전이도에 관한 설계에 대하여 연구하였다.

• Proceedings of the IEEK Conference
• /
• 2002.07c
• /
• pp.1944-1947
• /
• 2002

The importance of security in WLAN(Wireless LAN) service is very critical, so IEEE organization has made the IEEE 802.1x standard. The IEEE 802.1x standard uses the EAP as authentication protocol which requires AAA(Authentication, authorization, and Accounting) server for authentication & accounting. for the reliable and scalable AAA service, the Diameter protocol has more advanced characteristics than existing radius protocol. So the Diameter protocol can be used for WLAN service provider who has large scale WLAN system and a large number of subscriber. This paper proposes the design of Diameter AAA server for the authentication and accounting of WLAN system which is adopting IEEE 802.1x standard.