• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.05a
• /
• pp.895-896
• /
• 2015

With the development of sensor, wireless mobile communication, embedded system and cloud computing, the technologies of Internet of Things have been widely used in logistics, Smart devices security, intelligent building and o on. Bridging between wireless sensor networks with traditional communication networks or Internet, IoT gateway plays n important role in IoT applications, which facilitates the integration of wireless sensor networks and mobile communication networks or Internet, and the management and control with wireless sensor networks. The IoT Gateway is a key component in IoT application systems but It has lot of security issues. We analyzed the trends of security and privacy matters.

• The Journal of Economics, Marketing and Management
• /
• v.10 no.6
• /
• pp.17-26
• /
• 2022

Purpose: This study analyzes advanced cases of overseas smart cities and examines policy implications related to the creation of smart cities in Korea. Research design, data, and methodology: Analysis standards were established through the analysis of best practices. Analysis criteria include Technology, Privacy, Security, and Governance. Results: In terms of technology, U-City construction experience and communication infrastructure are strengths. Korea's ICT technology is inferior to major countries. On the other hand, mobile communication, IoT, Internet, and public data are at the highest level. The privacy section created six principles: legality, purpose limitation, transparency, safety, control, and accountability. Security issues enable urban crime, disaster and catastrophe prediction and security through the establishment of an integrated platform. Governance issues are handled by the Smart Special Committee, which serves as policy advisory to the central government for legal system, standardization, and external cooperation in the district. Conclusions: Private technology improvement and participation are necessary for privacy and urban security. Citizens should participate in smart city governance.

• International Journal of Computer Science & Network Security
• /
• v.23 no.4
• /
• pp.25-31
• /
• 2023

Fog computing diversifies cloud computing by using edge devices to provide computing, data storage, communication, management, and control services. As it has a decentralised infrastructure that is capable of amalgamating with cloud computing as well as providing real-time data analysis, it is an emerging method of using multidisciplinary domains for a variety of applications; such as the IoT, Big Data, and smart cities. This present study provides an overview of the security and privacy concerns of fog computing. It also examines its fundamentals and architecture as well as the current trends, challenges, and potential methods of overcoming issues in fog computing.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.93-98
• /
• 2022

Information service technology continues to develop, and information service continues to expand based on the IT convergence trend. The premeter-based security model chosen by many organizations can increase the effectiveness of security technologies. However, in the premeter-based security model, it is very difficult to deny security threats that occur from within. To solve this problem, a zero trust model has been proposed. The zero trust model requires authentication for user and terminal environments, device security environment verification, and real-time monitoring and control functions. The operating environment of the information service may vary. Information security management should be able to response effectively when security threats occur in various systems at the same time. In this study, we proposed a security policy distribution system in the object reference method that can effectively distribute security policies to many systems. It was confirmed that the object reference type security policy distribution system proposed in this study can support all of the operating environments of the system constituting the information service. Since the policy distribution performance was confirmed to be similar to that of other security systems, it was verified that it was sufficiently effective. However, since this study assumed that the security threat target was predefined, additional research is needed on the identification method of the breach target for each security threat.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.4
• /
• pp.239-248
• /
• 2007

There's been a difficulty for general corporate to adopt recent incident response study because those studies focus on nation wide CERT Coordination Center or large organization aspect. This study is focus on study and design on security ticket based CERT system through analysis Security management's threat element, attack element, response element and it also help general corporate establish incident response process that is adjusted on IT operation. Confirmed CERT model's effectiveness and effect of quantitative Security incident management way that propose executing Security incident response experiment on the basis of this way. This study which provides general corporate oriented CERT model can be used to improve corporate's capability of responding incident by quantified management technique and select incident response SLA indicator. Already, formation which operate CERT can heighten corporation's information protection level by measure Security incident response result as metrical and analyze and improve problem continuously.

• Journal of Korea Spatial Information System Society
• /
• v.3 no.2 s.6
• /
• pp.53-61
• /
• 2001

The GIS Network consists of the Clearinghouse Network Gateway and Clearinghouse Node and Geo-spatial Data Server. Recently with the development of Information and Network technologies, GIS Network should be needed to be more secure than ever. In this paper, we proposed the effective access control method for the distributed GIS network. PKI (Public Key Infrastructure) Technologies are used for access control and security for transmission on Geo-spatial data

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2015.07a
• /
• pp.327-328
• /
• 2015

본 논문은 지하공동구에서의 출입자의 통제를 위해 스마트폰을 이용한 출입관리시스템을 제안한다. 제안하는 시스템은 지하공동구 자동개폐기의 MCU를 통해 온습도, 개폐기의 상태, 출입자의 기록 등 다양한 정보를 취득하여 관리한다. 이때 취득한 정보는 블루투스4.0 모듈을 통해 ECB 암호화 방식을 사용하여 스마트폰에 전송한다. 본 논문에서 제안하는 출입관리시스템은 기존 물리적인 키에 의존하던 출입 방식을 대체하여 신뢰성 있는 보안 및 체계적인 관리가 가능할 것으로 기대한다.

• International Journal of Computer Science & Network Security
• /
• v.22 no.4
• /
• pp.237-244
• /
• 2022

Eco-driving of vehicles today presents an advantage that aims to reduce energy consumption and limit CO2 emissions. The application for this option is possible to older vehicles. In this paper, we propose an efficient implementation for IoT (Internet of Things) system for controlling vehicle components that affect the quality of driving (acceleration, braking, clutch, gear change) via Smartphone using Wi-Fi and BLE as communication protocol. The user can see in real-time data from sensors that control driver action on vehicle driving systems such as acceleration, braking, and vehicle shifting through a web interface. Thanks to this communication, the user can control his driving quality and, hence, eco-driving can be achieved

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.330-334
• /
• 2017

Container-based virtualization reduces performance overhead compared with other virtualization technologies and guarantees an isolation of each virtual execution environment. So, it is being studied to block access to host resources or container resources for sandboxing in restricted system resource like embedded devices. However, because security threats which are caused by security vulnerabilities of the host OS or the security issues of the host environment exist, the needs of the technology to prevent an illegal accesses and unauthorized behaviors by malware has to be increased. In this paper, we define additional access permissions to access a virtual execution environment newly and control them in kernel space to protect attacks from illegal access and unauthorized behaviors by malware and suggest the Container Access Control to control them. Also, we suggest a way to block a loading of unauthenticated kernel driver to disable the Container Access Control running in host OS by malware. We implement and verify proposed technologies on Linux Kernel.

• Smart Media Journal
• /
• v.12 no.7
• /
• pp.27-42
• /
• 2023

The development of cloud services and IoT technology has radically changed the cloud environment, and has evolved into a new concept called fog computing and F2C (fog-to-cloud). However, as heterogeneous cloud/fog layers are integrated, problems of access control and security management for end users and edge devices may occur. In this paper, an F2C-based IoT smart health monitoring system architecture was designed to operate a medical information service that can quickly respond to medical emergencies. In addition, a role-based service access control technology was proposed to enhance the security of user's personal health information and sensor information during service interoperability. Through simulation, it was shown that role-based access control is achieved by sharing role registration and user role token issuance information through blockchain. End users can receive services from the device with the fastest response time, and by performing service access control according to roles, direct access to data can be minimized and security for personal information can be enhanced.