• Title/Summary/Keyword: Browser Security

Search Result 97, Processing Time 0.033 seconds

Development of Smartphone Application for Monitoring Container Cargo (컨테이너화물 모니터링을 위한 스마트폰 애플리케이션 개발)

  • Choi, Hyung-Rim;Son, Hee-Mok
    • Journal of Information Technology Services
    • /
    • v.13 no.1
    • /
    • pp.209-220
    • /
    • 2014
  • Most of monitoring systems in logistics industry have limitations on monitoring container information in real-time. And customers only could check information gathered from certain points through web browser. That is why it is very hard to take actions in advance when emergency situation has happened. But if customers could check information such as position and status of freight in real-time through their mobile devices, they could take prompt actions. So, in this study, mobile application based on mobile devices is developed to monitor position and status information of the container in real-time. Entire devices monitoring container in aspect of logistics security are handled by workers in the field. So it is strongly required to develop monitoring system operated in mobile devices. For that reason this study aims to develop mobile application in order to monitor information related to container security and safety in real-time.

Internet-Based Remote Control System Using Virtual Reality (VR을 이용한 인터넷 기반 원격 제어 시스템)

  • 차주헌;이순걸;전희연
    • Korean Journal of Computational Design and Engineering
    • /
    • v.5 no.1
    • /
    • pp.88-94
    • /
    • 2000
  • This paper presents new type remote home automation that can control and manage hi-directionally and efficiently home appliances and home security systems in home through Internet. The system is used virtual reality technology to construct very easy user interface and used Internet as network for remote control. Here, the user interface is 3D GUI which gives user feeling to be at his home on web-browser, and also shows him present state of control objects at home. This system has been implemented on the basis of Java and VRML. In this paper we propose the internet-based remote control system, and show usefulness of the suggested system by applying to home automation system.

  • PDF

An Implementation of Image Security System Based oil Web (웹기반 화상 감시 시스템의 구현)

  • 조평기;박영석
    • Proceedings of the Korea Institute of Convergence Signal Processing
    • /
    • 2000.08a
    • /
    • pp.49-52
    • /
    • 2000
  • In this paper we have developed an image security system based on Internet Web in order to overcome the problem of existing systems that use the dedicated network. The developed system resolves the safety problem of the centralized control model by adapting the distributed control model based on Web, and has the functions of remote control and automatic monitoring for grouped multiple sites on Web browser. And the system can operate various computers or operating system because it's operating software was designed by the concepts of Java Virtual Machine and Virtual Instrument. Also, our system has not need of additional cost for network construction by using Internet and can greatly improve the managemental efficiency of system because the maintenance and publishing of software updates can be performed through Web Server.

  • PDF

Design and Implementation of Web Security Module for a Safe Data Transmission in Heterogeneous Systems (이기종 시스템에서 안전한 데이타 전송을 보장하는 웹 보안 모듈의 설계 및 구현)

  • Kim, Ki-Sung;Kim, Kwang;Heu, Shin
    • Journal of KIISE:Software and Applications
    • /
    • v.32 no.12
    • /
    • pp.1238-1246
    • /
    • 2005
  • This thesis is written with web security module for safe data transmission between heterogeneous systems(ex. OS). Web system has allowed users to have great convenience and a lot of information. Though web service business has been progressed much, because of the limitation of it's own system, lots of loss, derived from data spillage which is the weakest point of security, has also followed. Suggested security module is realized by two module. One for server security module for web server, the other is client security module for client. The security structure, suggested on this thesis guarantee safe data transmission by only simple installation of modules in clients and servers. for speed sensitive transmission between web server and browser, Triple-DES, symmetric encryption system suitable for fast encryption communication, is adapted. To solve problems caused from key management, Diffie-Hellman's key exchange algorithm is adapted. By this method, all symmetric encryption troubles from key distribution and management, speed could be work out a solution. And Diffie-Hellman type algorithm secures Authentication for safe data Protection.

Drivers for Trust and Continuous Usage Intention on OTP: Perceived Security, Security Awareness, and User Experience (OTP에 대한 신뢰 및 재사용의도의 결정요인: 인지된 보안성, 보안의식 및 사용자경험을 중심으로)

  • Yun, Hae-Jung;Jang, Jae-Bin;Lee, Choong-C.
    • Journal of the Korea Society of Computer and Information
    • /
    • v.15 no.12
    • /
    • pp.163-173
    • /
    • 2010
  • PKI(Public Key Infrastructure)-based information certification technology has some limitations to be universally applied to mobile banking services, using smart phones, since PKI is dependent on the specific kind of web browser, Internet Explorer. OTP(One Time Password) is considered to be a substitute or complementary service of PKI, but it still shows low acceptance rate. Therefore, in this research, we analyze why OTP has not been very popular, and provide useful implications of making OTP more extensively and frequently used in the mobile environment. Perceived security of OTP was set as a higher-order construct of integrity, confidentiality, authentication, and non-repudiation. Research findings show that security awareness and perceived security of OTP is positively associated, and the relationship between perceived security and trust on OTP is statistically significant. Also, trust is positively related to intention to use OTP continuously.

A Study on the Digital Forensics Artifacts Collection and Analysis of Browser Extension-Based Crypto Wallet (브라우저 익스텐션 기반 암호화폐 지갑의 디지털 포렌식 아티팩트 수집 및 분석 연구)

  • Ju-eun Kim;Seung-hee Seo;Beong-jin Seok;Heoyn-su Byun;Chang-hoon Lee
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.33 no.3
    • /
    • pp.471-485
    • /
    • 2023
  • Recently, due to the nature of blockchain that guarantees users' anonymity, more and more cases are being exploited for crimes such as illegal transactions. However, cryptocurrency is protected in cryptocurrency wallets, making it difficult to recover criminal funds. Therefore, this study acquires artifacts from the data and memory area of a local PC based on user behavior from four browser extension wallets (Metamask, Binance, Phantom, and Kaikas) to track and retrieve cryptocurrencies used in crime, and analyzes how to use them from a digital forensics perspective. As a result of the analysis, the type of wallet and cryptocurrency used by the suspect was confirmed through the API name obtained from the browser's cache data, and the URL and wallet address used for the remittance transaction were obtained. We also identified Client IDs that could identify devices used in cookie data, and confirmed that mnemonic code could be obtained from memory. Additionally, we propose an algorithm to measure the persistence of obtainable mnemonic code and automate acquisition.

Design and Implementation of ACM-based Web Security Access Control System for Intranet Security (인트라넷 보안을 위한 ACM기반 웹 보안 접근 제어 시스템의 설계 및 구현)

  • Cho Nam-Deok;Park Hyun-Gun
    • The KIPS Transactions:PartC
    • /
    • v.12C no.5 s.101
    • /
    • pp.643-648
    • /
    • 2005
  • Intranet system for use within an organization, usually a corporation, is to basically pass through user authentication, but information can be leaked, modified, and deleted by malevolent users who disguise an authorized user or due to user's mistakes in using various functions of web browser. Thus, there is a need for measures to protect the information from illegal use, transformation through partial modification, and illegal leakage such as fraudulent use. This paper presents a flexible Web Security Access Control system based ACM which Provide efficient suity Policy to Protect information in intranet. This Web Security Access Control system not only enhances security by Performing encryption/decryption of information in intranet but also, for sharing confidential information among departments, performs effective and useful access control by assigning different authority to the secured web page. And, by controlling the functions of client PC in various ways, information leakage on malicious purpose or by mistake can be prevented.

Certificate-based SSO Protocol Complying with Web Standard (웹 표준을 준수하는 인증서기반 통합 인증 프로토콜)

  • Yun, Jong Pil;Kim, Jonghyun;Lee, Kwangsu
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.20 no.8
    • /
    • pp.1466-1477
    • /
    • 2016
  • Public key infrastructure(PKI), principle technology of the certificate, is a security technology providing functions such as identification, non-repudiation, and anti-forgery of electronic documents on the Internet. Our government and financial organizations use PKI authentication using ActiveX to prevent security accident on the Internet service. However, like ActiveX, plug-in technology is vulnerable to security and inconvenience since it is only serviceable to certain browser. Therefore, the research on HTML5 authentication system has been conducted actively. Recently, domestic bank introduced PKI authentication complying with web standard for the first time. However, it still has inconvenience to register a certification on each website because of same origin policy of web storage. This paper proposes the certificate based SSO protocol that complying with web standard to provide user authentication using certificate on several sites by going around same origin policy and its security proof.

A Study of PKI-Based E-commerce Security System Design under Java Code Environment (Java Code를 중심으로한 PKI기반 전자상거래 보안시스템 설계)

  • Bang, Kee-Chun;Noh, Si Choon
    • Convergence Security Journal
    • /
    • v.13 no.1
    • /
    • pp.51-57
    • /
    • 2013
  • RSA is the most widely used public key algorithms. Payment via the SSL communications, and user authentication using RSA secure shopping mall that can protect the user's valuable information in the process of building. SSL-based electronic signature technology and encryption protocols for this technology are electronic documents are delivered to the other party through a separate encryption process, the information sender to enter information on a web browser (user) and the recipient (the Web server of the site Manager), except you will not be able to decrypt the contents. Therefore, the information is encrypted during the transfer of electronic documents even if hackers trying to Sniffing because its contents can never understand. Of internet shopping mall in the user authentication 'and' Communications' SSL secure shopping mall built with the goal of the methodology are presented.

Fuzzing Method for Web-Assembly Module Safety Validation (웹 어셈블리 모듈 안전성 검증을 위한 퍼징 방법)

  • Park, Sunghyun;Kang, Sangyong;Kim, Yeonsu;Noh, Bongnam
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.2
    • /
    • pp.275-285
    • /
    • 2019
  • Web-assemblies are a new binary standard designed to improve the performance of Web browser JavaScript. Web-assemblies are becoming a new web standard that can run at near native speed with efficient execution, concise representation, and code written in multiple languages. However, current Web-assembly vulnerability verification is limited to the Web assembly interpreter language, and vulnerability verification of Web-assembly binary itself is insufficient. Therefore, it is necessary to verify the safety of the web assembly itself. In this paper, we analyze how to operate the web assembly and verify the safety of the current web-assembly. In addition, we examine vulnerability of existing web -assembly and analyze limitations according to existing safety verification method. Finally, we introduce web-assembly API based fuzzing method to overcome limitation of web-assembly safety verification method. This verifies the effectiveness of the proposed Fuzzing by detecting crashes that could not be detected by existing safety verification tools.