• International Journal of Internet, Broadcasting and Communication
• /
• v.12 no.2
• /
• pp.8-14
• /
• 2020

Recently, there was an increasing demand for an integrated access control system which is capable of user recognition, door control, and facility operations control for smart buildings automation. The market available door lock access control solutions need to be improved from the current level security of door locks operations where security is compromised when a password or digital keys are exposed to the strangers. At present, the access control system solution providers focusing on developing an automatic access control system using (RF) based technologies like bluetooth, WiFi, etc. All the existing automatic door access control technologies required an additional hardware interface and always vulnerable security threads. This paper proposes the user identification and authentication solution for automatic door lock control operations using camera based visible light communication (VLC) technology. This proposed approach use the cameras installed in building facility, user smart devices and IoT open source controller based LED light sensors installed in buildings infrastructure. The building facility installed IoT LED light sensors transmit the authorized user and facility information color grid code and the smart device camera decode the user informations and verify with stored user information then indicate the authentication status to the user and send authentication acknowledgement to facility door lock integrated camera to control the door lock operations. The camera based VLC receiver uses the artificial intelligence (AI) methods to decode VLC data to improve the VLC performance. This paper implements the testbed model using IoT open-source based LED light sensor with CCTV camera and user smartphone devices. The experiment results are verified with custom made convolutional neural network (CNN) based AI techniques for VLC deciding method on smart devices and PC based CCTV monitoring solutions. The archived experiment results confirm that proposed door access control solution is effective and robust for automatic door access control.

• Journal of Digital Convergence
• /
• v.12 no.8
• /
• pp.229-234
• /
• 2014

Vehicular electronic communication system has continued to develop in favor of high performance and user convenience with the evolution of auto industry. Yet, due to the nature of communication system, concerns over intruder attacks in transmission sections have been raised with a need for safe and secure communication being valued. Any successful intruder attacks on vehicular operation and control systems as well as on visual equipment could result in serious safety and privacy problems. Thus, research has focused on hardware-based security and secure communication protocols. This paper proposed a safe and secure vehicular communication protocol, used the formal verification tool, Casper/FDR to test the security of the proposed protocol against different types of intruder attacks, and verified that the proposed protocol was secure and ended without problems.

• Journal of Korea Multimedia Society
• /
• v.14 no.2
• /
• pp.228-237
• /
• 2011

The risk of leakage or theft of critical data which is stored in database is increasing in accordance with evolution of information security paradigm. At the same time, needs for database security have been on the rapid increase due to endless leakage of massive personal information. The existing technology for prevention of internal information leakage possesses the technical limitation to achieve security goal completely, because the passive control method including a certain security policy, which allows the only authorized person to access to DBMS, may have a limitation. Hence in this study, we propose Query Signature System which signatures the queries accessing to the critical information by interrupting and passing them. Furthermore this system can apply a constant security policy to organization and protect database system aggressively by restricting critical query of database.

• Journal of KIISE:Databases
• /
• v.29 no.6
• /
• pp.417-428
• /
• 2002

XML(extensible Markup Language) is effective to information retrieval and sharing but has defects related to the data security. And, as a solution of this problem, the current XML security researches such as XML digital signature, XML data encryption, and XML access control exclude the validation property of XML document. The validation of XML should be considered for the secure information sharing in the XML-based environment. In this paper, we design and implement the system to support both security and validation to XML document. Our system performs data encryption and maintenance of valid status of XML document by referencing new XML schema namespace. In addition, it also provides the XML schema security function through the XML schema digital signature. During generating XML schema digital signature, DOMHash method which has the advantage of the faster speed than canonical XML method is applied to XML schema. In conclusion, our system shows the improved functions in flexibility, scalability, and reliability compared with the existing XML security researches.

• Korean Security Journal
• /
• no.11
• /
• pp.37-60
• /
• 2006

The area of security service has been maintaining the high growth curve annually by improving security consciousness from increase of the income and the progress of public services's level by the accomplishment in the info-communication field, recently the demand for unmanned security system is extended form commercial purposes into public offices and individual's houses. In addition to, the possible distance of offering services is scheduled to magnify. At the period when security company's influence has been becoming significant, the injustice transaction is the serious factor which obstructs the development of security companies. Therefore, it is urgent thing to devise counterplans to extirpate injustice transactions. There are the legalistic approaches of the breakthroughs against injustice transactions. One thing is settling the standard of the judgment and the other is renovating the provision of injustice transactions. Utilizing the principles of the fair competitions and importing self-obedience programs within the range of trade actions which is permitted by law, acted as the system approach. Moreover, there are such three things which can achieve mutual balances as establishing the range of the permitted action toward business corporations, applying spontaneously the fair competition principles and introducing the system of standard agreements. Gong further, this can establish order of security service areas and control them. Besides, it is possible for every organizations to make and operate the system appropriately by importing the self-observance system.

• Journal of Electrical Engineering and Technology
• /
• v.10 no.1
• /
• pp.83-91
• /
• 2015

This paper presents preventive and emergency control measures for on line transient stability (security) enhancement. For insecure operating state, generation rescheduling based on a real power generation shift factor (RPGSF) is proposed as a preventive control measure to bring the system back to secure operating state. For emergency operating state, two emergency control strategies namely generator shedding and load shedding have been developed. The proposed emergency control strategies are based on voltage magnitudes and rotor trajectories data available through Phasor Measurement Units (PMUs) installed in the systems. The effectiveness of the proposed approach has been investigated on IEEE-39 bus test system under different contingency and fault conditions and application results are presented.

• Journal of Information Processing Systems
• /
• v.3 no.2
• /
• pp.43-53
• /
• 2007

The use of agent paradigm in today's applications is hampered by the security concerns of agents and hosts alike. The agents require the presence of a secure and trusted execution environment; while hosts aim at preventing the execution of potentially malicious code. In general, hosts support the migration of agents through the provision of an agent server and managing the activities of arriving agents on the host. Numerous studies have been conducted to address the security concerns present in the mobile agent paradigm with a strong focus on the theoretical aspect of the problem. Various proposals in Intrusion Detection Systems aim at securing hosts in traditional client-server execution environments. The use of such proposals to address the security of agent hosts is not desirable since migrating agents typically execute on hosts as a separate thread of the agent server process. Agent servers are open to the execution of virtually any migrating agent; thus the intent or tasks of such agents cannot be known a priori. It is also conceivable that migrating agents may wish to hide their intentions from agent servers. In light of these observations, this work attempts to bridge the gap from theory to practice by analyzing the security mechanisms available in Aglet. We lay the foundation for implementation of application specific protocols dotted with access control, secured communication and ability to detect tampering of agent data. As agents exists in a distributed environment, our proposal also introduces a novel security framework to address the security concerns of hosts through collaboration and pattern matching even in the presence of differing views of the system. The introduced framework has been implemented on the Aglet platform and evaluated in terms of accuracy, false positive, and false negative rates along with its performance strain on the system.

• Journal of the Korea Convergence Society
• /
• v.6 no.2
• /
• pp.65-70
• /
• 2015

As the new technologies like IoT and Fintech appear which have not existed before, security threat ranges in existing system are increasing. Especially, IoT has increasing ranges to cause malicious behaviors in specific systems because related IT infrastructure ranges are increasing. Fintech also requires the innovation of traditional security system because it has new structure which didn't exist in the past. As IoT and Fintech technologies are commercialized and related markets are developing in the future, structural security threats could be connected to actual attacks and secondary attacks by the attackers' imbedding of back door in IoT internet devices through remote access. Customer's device cannot be compulsively controlled for security in new system where these various security threats exist. Therefore, these services should minimize the collected information, and now is the time to politically control the utilizing methods of the collected information. In this thesis, security threats are to be suggested which could occur in newly appearing mobile services like IoT and Fintech.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.10
• /
• pp.1381-1390
• /
• 2021

Smart grid is a representative convergence new technology in the era of the 4th industry revolution that deals with three broad security areas consisting of control system, the power grid, and the consumer. As it is a convergence new technology of the 4th industrial society, it is true that it can have a positive effect on the country's technological development, growth engine, and economic feasibility in the future. However, since the smart grid is expected to cause enormous damage in the event of a security accident, energy-related organizations must prepare various security measures to predict and respond to the latest security incidents. In this paper, the current status of domestic and foreign smart grids, trends in security standards, vulnerabilities and threats, and prospects for smart grid security technologies are to be considered.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.8
• /
• pp.641-653
• /
• 2013

Recent cyber attacks targeting control systems are getting sophisticated and intelligent notoriously. As the existing signature based detection techniques faced with their limitations, a whitelist model with security techniques is getting attention again. However, techniques that are being developed in a whitelist model used at the application level narrowly and cannot provide specific information about anomalism of various cases. In this paper, we classify abnormal cases that can occur in control systems of enterprises and propose a new whitelist model for detecting abnormal cases.