• Journal of the Institute of Electronics Engineers of Korea TE
• /
• v.37 no.5
• /
• pp.125-131
• /
• 2000

In this paper, we proposed conditional access algorithm for data confidential using smart card. This algorithm is constructed smart card and E-mail gateway for restricting of user's illegal confidential data transmission. After processing of certification procedure in smart card, each E-mail forwarded to E-mail gateway(EG). The EG selects outgoing E-mail and it is sent to fire-wall E-mail processing program, it is checked attached file in transmission mail and if it is attached file, it writes to database. This time, it can be used evidence data about user's illegal confidential data transmission, because of using registered content and smart card certification data in database. in addition to, we can get psychologically effect of prevention to send illegally, and this system can prevent spam mail in EG, also.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.12
• /
• pp.2333-2340
• /
• 2017

Recently industry is suffering severe losses of important internal information, and most of the leaks result from the insiders. Thus, various technological counter measures are being studied in order to protect private organization information. In this paper, among various internal information leakage path protection mechanisms, we propose a technique for preventing files which are defined as confidential from being copied or moved through USB. The implemented confidential file loss prevention system is composed of both signature insert manager and confidential file detect manager. The signature insert manager allows a system administrator to insert a special pattern specifying a classified confidential file, while the confidential file detect manager protects confidential file leakage when a user attempts to move or copy a confidential file to the USB memory. This results would be contributed to reducing the damage caused by leakage of confidential files outside of the company via USB.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.21 no.5
• /
• pp.658-664
• /
• 2018

In this paper, we propose a group key management scheme for very high confidential information in tactical wireless networks. For the proposed scheme, we consider the tactical networks that has a hierarchical topology and the nature of high confidential information. The leader node, which may have higher probability of good channel state than others, provides some data to all the network member in order to generate a geographical group key and it transmits the encrypted information with minimum transmission power level to others. By this scheme, the security and reliability for sharing confidential information is ensured. The performance of the proposed scheme is validated by mathematical analysis. It shows that the proposed scheme makes nodes to share a high confidential information securely if the proper parameters for network design are selected.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.11
• /
• pp.1544-1553
• /
• 2018

Recently internal information leakage in industries is severely increasing in spite of industry security policy. Thus, it is essential to prepare an information leakage prevention measure by industries. Most of the leaks result from the insiders, not from external attacks. In this paper, a real-time internal information leakage prevention system via both storage and network is implemented in order to protect confidential file leakage. In addition, a Hadoop-based user behavior analysis and statistics system is designed and implemented for storing and analyzing information log data in industries. The proposed system stores a large volume of data in HDFS and improves data processing capability using RHive, consequently helps the administrator recognize and prepare the confidential file leak trials. The implemented audit system would be contributed to reducing the damage caused by leakage of confidential files inside of the industries via both portable data media and networks.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12spc
• /
• pp.648-656
• /
• 2021

Color digital images are used in many multimedia applications and in many vital applications. Some of these applications require excellent protection for these images because they are confidential or may contain confidential data. In this paper, a new method of data cryptography is introduced, tested, and implemented. It will be shown how this method will increase the security level and the throughput of the data cryptography process. The proposed method will use a secret image_key to generate necessary private keys for each byte of the data block. The proposed method will be compared with other standard methods of data cryptography to show how it will meet the requirements of excellent cryptography, by achieving the objectives: Confidentiality, Integrity, Non-repudiation, and Authentication.

• ETRI Journal
• /
• v.42 no.1
• /
• pp.138-149
• /
• 2020

In this paper, we describe a simultaneously transmitted jamming (ST-jamming) for bi-directional in-band full-duplex (IFD) system to improve information security at the physical layer. By exploiting ST-jamming, each legitimate user transmits data samples and jamming samples together in one orthogonal frequency division multiplexing symbol according to given traffic asymmetry. Regardless of the traffic difference in both directions in IFD communication, eavesdropping of confidential information is prevented in both directions simultaneously without the loss of data rate. We first propose an encoding scheme and the corresponding decoding scheme for ST-jamming to be used by the legitimate users. In addition, we study a transceiver structure of the legitimate users including a baseband modem uniquely designed for the use of ST-jamming. The leakage of confidential information at an eavesdropper is then quantified by studying the mutual information between the confidential transmit signals and the received signals of the eavesdropper. Simulation results show that the proposed ST-jamming significantly reduces the leakage of legitimate information at the eavesdropper.

• Journal of Information Processing Systems
• /
• v.17 no.2
• /
• pp.284-296
• /
• 2021

The cloud has already become the core infrastructure of information systems, and government institutions are rapidly migrating information systems to the cloud. Government institutions in several countries use private clouds in their closed networks. However, because of the advantages of public clouds over private clouds, the demand for public clouds is increasing, and government institutions are expected to gradually switch to public clouds. When all data from government institutions are managed in the public cloud, the biggest concern for government institutions is the leakage of confidential data. The public-private-partnership (PPP) cloud provides a solution to this problem. PPP cloud is a form participation in a public cloud infrastructure and the building of a closed network data center. The PPP cloud prevents confidential data leakage and leverages the benefits of the public cloud to build a cloud quickly and easily maintain the cloud. In this paper, based on the case of the PPP cloud applied to the Korean government, the concept, architecture, operation model, and contract method of the PPP cloud are presented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.1
• /
• pp.105-111
• /
• 2010

This paper proposes the algorithm which addresses the problem of detecting leak of defaced confidential documents from original confidential document. Generally, a confidential document is defaced into various forms by insiders and then they are trying to leak these defaced documents to outside. Traditional algorithms detecting leak of documents have low accuracy because they are based on similarity of two documents, which do not reflect various forms of defaced documents in detection. In order to overcome this problem, this paper proposes a novel v-SVDD algorithm which is based on SVDD, the novelty detection algorithm. The result of experiment shows that there is significant improvement m the accuracy of the v-SVDD in comparison with the traditional algorithms.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.957-966
• /
• 2020

According to the recent statistics of the National Industrial Security Center, about 80% of the confidential leak are caused by former and current employees in the case of domestic confidential leak accidents. Most of the information leak incidents by these insiders are due to poor security management system and information leak detection technology. Blocking confidential leak of insiders is a very important issue in the corporate security sector, but many previous researches have focused on responding to intrusions by external threats rather than by insider threats. Therefore, in this research, we design an internal information leak scenario to effectively and efficiently detect various abnormalities occurring in the enterprise, analyze the key indicators of the leak symptoms derived from the scenarios by using data analytics and propose a model that accurately detects leak activities.

• Journal of Computing Science and Engineering
• /
• v.5 no.3
• /
• pp.183-196
• /
• 2011

There has recently been a surge of interest in relational database mining that aims to discover useful patterns across multiple interlinked database relations. It is crucial for a learning algorithm to explore the multiple inter-connected relations so that important attributes are not excluded when mining such relational repositories. However, from a data privacy perspective, it becomes difficult to identify all possible relationships between attributes from the different relations, considering a complex database schema. That is, seemingly harmless attributes may be linked to confidential information, leading to data leaks when building a model. Thus, we are at risk of disclosing unwanted knowledge when publishing the results of a data mining exercise. For instance, consider a financial database classification task to determine whether a loan is considered high risk. Suppose that we are aware that the database contains another confidential attribute, such as income level, that should not be divulged. One may thus choose to eliminate, or distort, the income level from the database to prevent potential privacy leakage. However, even after distortion, a learning model against the modified database may accurately determine the income level values. It follows that the database is still unsafe and may be compromised. This paper demonstrates this potential for privacy leakage in multi-relational classification and illustrates how such potential leaks may be detected. We propose a method to generate a ranked list of subschemas that maintains the predictive performance on the class attribute, while limiting the disclosure risk, and predictive accuracy, of confidential attributes. We illustrate and demonstrate the effectiveness of our method against a financial database and an insurance database.