• Proceedings of the KSRS Conference
• /
• 2005.10a
• /
• pp.120-122
• /
• 2005

With the commercial availability of very high resolution satellite imagery, the concealment of national confidential targets such as military facilities became one of the most bothering task to the image distributors. This task has been carried out by handwork masking of the target objects. Therefore, the quality of the concealment was fully depends on the ability and skill of a worker. In this study, a spectral clustering based technique for the seamless concealment of confidential targets in high resolution imagery was developed. The applicability test shows that the proposed technique can be used as a practical procedure for those who need to hide some information in image before public distribution

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.2
• /
• pp.73-86
• /
• 2016

The purpose of this study is to examine a security investment for firms experienced in confidential information leak. Information security is an apparatus for protection of secret information. The competence of information security is a competitiveness to avoid information leakage in changing business environment. The type of information security is divided into administrative security, technical security and physical security. It is necessary to improve the incident correspondence competence through information security investment of the three types. Therefore, the investment of information security is to enhance information-asset protection of firms. To reinforce accident response competence, an organization discussed an establishment, security technology development, expand investment and legal system of the security system. I have studied empirically targeting the only information leak of firms. This data is a technical security competence and technology leakage situation of firms happened in 2010. During recovery of the DDos virus damage on countries, company and individual, the collected data signify a reality of information security. The data also identify a security competence of firms worrying information security management. According to the study, the continuous investment of information security has a high competence of accident correspondence. In addition, the most of security accidents showed a copy and stealing of paper and computer files. Firm on appropriate security investment is an accident correspondence competence higher than no security investment regardless of a large, small and medium-sized, and venture firm. Furthermore, the rational security investment should choose the three security type consideration for firm size.

• Journal of information and communication convergence engineering
• /
• v.14 no.4
• /
• pp.233-239
• /
• 2016

A remote control system (RCS) can monitor a user's confidential information by using the broadcast receivers in Android OS. However, the current RCS detection methods are based only on a virus vaccine. Therefore, if the user's smartphone is infected by a brand new RCS, these methods cannot detect this new RCS immediately. In this paper, we present a secure message transmission medium. This medium is completely isolated from networks and can communicate securely through a QR code channel by using symmetric key cryptography such as the AES block cipher and public key cryptography such as elliptic curve cryptography for providing security. Therefore, the RCS cannot detect any confidential information. This approach is completely immune to any RCS attacks. Furthermore, we present a secure QR code-based key exchange protocol by using the elliptic curve Diffie-Hellman method and message transmission protocols; the proposed protocol has high usability and is very secure.

• Journal of Information Processing Systems
• /
• v.17 no.2
• /
• pp.284-296
• /
• 2021

The cloud has already become the core infrastructure of information systems, and government institutions are rapidly migrating information systems to the cloud. Government institutions in several countries use private clouds in their closed networks. However, because of the advantages of public clouds over private clouds, the demand for public clouds is increasing, and government institutions are expected to gradually switch to public clouds. When all data from government institutions are managed in the public cloud, the biggest concern for government institutions is the leakage of confidential data. The public-private-partnership (PPP) cloud provides a solution to this problem. PPP cloud is a form participation in a public cloud infrastructure and the building of a closed network data center. The PPP cloud prevents confidential data leakage and leverages the benefits of the public cloud to build a cloud quickly and easily maintain the cloud. In this paper, based on the case of the PPP cloud applied to the Korean government, the concept, architecture, operation model, and contract method of the PPP cloud are presented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.957-966
• /
• 2020

According to the recent statistics of the National Industrial Security Center, about 80% of the confidential leak are caused by former and current employees in the case of domestic confidential leak accidents. Most of the information leak incidents by these insiders are due to poor security management system and information leak detection technology. Blocking confidential leak of insiders is a very important issue in the corporate security sector, but many previous researches have focused on responding to intrusions by external threats rather than by insider threats. Therefore, in this research, we design an internal information leak scenario to effectively and efficiently detect various abnormalities occurring in the enterprise, analyze the key indicators of the leak symptoms derived from the scenarios by using data analytics and propose a model that accurately detects leak activities.

• 제어로봇시스템학회:학술대회논문집
• /
• 2004.08a
• /
• pp.917-921
• /
• 2004

Principle of mailing list was distributed messages to all subscribers in one time. But mailing list operation has constructed a network traffic problem. Because mailing list manager distributed mails without concentrate on subscriber network. If our network has many of subscribers, there will be redundant data in traffic channel. Submailing list has purpose to reduce problems. Analyses of mailing list characteristic in electronic mail were a feature of submailing list system, which manage by human hand (Network Administrator). That will cause trouble for network traffic if Network Administrator could not seek for mailing list characteristic from e-mails in due time. This article will present ideas and recognize methodology for automatic working in submailing list system. Recognize step begin with capture process, which use to trap e-mail information from transfer channel. Next process is preparing raw data into recognition format. Then the third one is recognize part and find out confidential factor. The last process is make decision and determine which electronic mail has properties of mailing list characteristic. Afterward deliver result to submailing list for carry on.

• The Korean Society of Law and Medicine
• /
• v.9 no.2
• /
• pp.339-382
• /
• 2008

Medical information is one of significant private information that includes in-dividual's own diverse information. Once opened, it exposes one's health condition and medical history to a third party, which could bring about serious troubles. On this account, the third parties are of much concerns about the information. If medical information collected through various routes is used with another purpose, oilier than the initial intention, it might cause serious results beyond one's control. Thus, it is essential to keep the information confidential. Also, the discrimination based on the medical information ought to be banned because it is likely to happen that exposed information socially stigmatizes a person, being discriminated in a work place or a school when he/she is employed or gets an insurance. In the current system, only medical institutions are responsible for protecting or securing medical records. Despite the information technology development and the increased interests in medical information, there are quite a few limitations in legal, technical, and administrative aspects. All kinds of organizations, involved in collecting and using the information, as well as medical institutions primarily producing and managing it should share the responsibilities.

• Journal of Computing Science and Engineering
• /
• v.5 no.3
• /
• pp.183-196
• /
• 2011

There has recently been a surge of interest in relational database mining that aims to discover useful patterns across multiple interlinked database relations. It is crucial for a learning algorithm to explore the multiple inter-connected relations so that important attributes are not excluded when mining such relational repositories. However, from a data privacy perspective, it becomes difficult to identify all possible relationships between attributes from the different relations, considering a complex database schema. That is, seemingly harmless attributes may be linked to confidential information, leading to data leaks when building a model. Thus, we are at risk of disclosing unwanted knowledge when publishing the results of a data mining exercise. For instance, consider a financial database classification task to determine whether a loan is considered high risk. Suppose that we are aware that the database contains another confidential attribute, such as income level, that should not be divulged. One may thus choose to eliminate, or distort, the income level from the database to prevent potential privacy leakage. However, even after distortion, a learning model against the modified database may accurately determine the income level values. It follows that the database is still unsafe and may be compromised. This paper demonstrates this potential for privacy leakage in multi-relational classification and illustrates how such potential leaks may be detected. We propose a method to generate a ranked list of subschemas that maintains the predictive performance on the class attribute, while limiting the disclosure risk, and predictive accuracy, of confidential attributes. We illustrate and demonstrate the effectiveness of our method against a financial database and an insurance database.

• Journal of Advanced Navigation Technology
• /
• v.15 no.3
• /
• pp.462-470
• /
• 2011

Since, Davis(1991) has proposed the TAM(Technology Acceptance Model) through a literature review of informatization promotion, which insists that a user conveniency is judged by the degree of effectiveness caused by IT, the advancement of IT such as the Internet, e-mail, electronic data exchange, and groupware have brought into various changes in ordinary corporations and public institutions. However, with the right function, the advancement of IT has provided various benefits including additional reverse functions. Based on an integrated environment of business process, unauthorized user could access to information and a management of information becomes more difficult than before due to informatization of critical information. Furthermore, external hacking or information leakage by insider becomes easier owing to advancement in communication technology. This study has tried to develop a specified management procedure and implementation method for confidential documents.

• Convergence Security Journal
• /
• v.19 no.5
• /
• pp.11-18
• /
• 2019

In current public blockchain, any node can see every blocks, so that public blockchain provider transparent property. However, some application requires the confidential information to be stored in the block. Therefore, this paper proposes a multi-layer blockchain that have the public block layer and the private block for confidential information. This paper suggests the requirement for encryption of private block. Also, this paper shows the t-of-n threshold cryptosystem without dealer who is trusted third party. Finally proposed scheme satisfies the requirements for encryption and fairness.