• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.5
• /
• pp.1653-1660
• /
• 2010

The user information stored in database have been leaked frequently. To protect information against malevolent manager on the inside or outside aggressor, it is one of the most efficient way to encrypt information and store to database. It is better to destruct information than not to use encrypted information stored in database. The encrypted database search system is developed variously, and used widely in many fields. In this paper, we implemented the scheme that can search encrypted document without exposing user's information to the untrusted server in mobile device. We compared and analyzed the result embodied with DES, AES, and ARIA based on symmetric key by searching time.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.6
• /
• pp.2188-2203
• /
• 2021

With the rapid development of mobile Internet, smart phones have been widely popularized, among which Android platform dominates. Due to it is open source, malware on the Android platform is rampant. In order to improve the efficiency of malware detection, this paper proposes deep learning Android malicious detection system based on behavior features. First of all, the detection system adopts the static analysis method to extract different types of behavior features from Android applications, and extract sensitive behavior features through Term frequency-inverse Document Frequency algorithm for each extracted behavior feature to construct detection features through unified abstract expression. Secondly, Long Short-Term Memory neural network model is established to select and learn from the extracted attributes and the learned attributes are used to detect Android malicious applications, Analysis and further optimization of the application behavior parameters, so as to build a deep learning Android malicious detection method based on feature analysis. We use different types of features to evaluate our method and compare it with various machine learning-based methods. Study shows that it outperforms most existing machine learning based approaches and detects 95.31% of the malware.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.5B
• /
• pp.478-485
• /
• 2006

In this paper, we analyze the conditions of generating the dynamic Web documents in multi-user server and propose effective method for it. PSSI technique leads to replace the complex process of modifying a CGI source program by simply correcting the HTML Web document in the external file form. This technique has the strong points of CGI, flexibility and security of programming as well as those of SSI, easiness of modifying Web documents. Due to the characteristics of PSSI that Web source documents are in the form of external file, we show that with a single CGI program an individual user can design and modify his own Web documents in his directory. This means that PSSI technique has more advantage in managing the server than the CGI method which requires CGI program to be set up whenever that service is needed.

• The KIPS Transactions:PartC
• /
• v.12C no.1 s.97
• /
• pp.37-44
• /
• 2005

As wireless network was developed and Capability of Wireless Phone was increased, M-Commerce was activates In Wireless network environment. User Authentication and Security in E-Commerce Environment is very important, so Authentication Technology, such as WPKI and Hermes System, XML Digital Signature in Wire Network is studying. But if authentication systems was implemented heterogeneous, WPKI is difficult to implement the system, it's not interoperate with authentication system on wire internet, not support XML digital Signature. Hermes system also not interoperate with XML digital signature system. So our paper designed System that can interoperate among digital signature systems and XML document to apply XML digital signature technology on wire network to wireless network, and then implemented system that can XML digital signature to use Java Card.

• International Commerce and Information Review
• /
• v.6 no.2
• /
• pp.107-127
• /
• 2004

The rapid development of internet information technology has increased interest in e-Trade these days, but it is not activated greatly up to now. In order to promote e-Trade, it is essential to construct cooperative process such as connecting systems among trade related parties. Building e-Trade platform which is based on the infrastructure of the past trade automatic system is key point of promoting e-Trade. To do this, a study on the basic concept and specific components of e-Trade platform is needed absolutely. At this point of view, after this paper has examined domestic and foreign studies on the fundamental technologies about electronic commerce, it drew several key technologies that could be applied to e-Trade considering the current IT trend. Then it evaluates these technologies according to Technology Reference Model(TRM) of the National Computerization Agency. This will help us to show the operation strategy as well as the concept of future e-Trade platform and its composition. On the basis of the theoretical background, this paper classified NCA's technology model into 6 fields, which are application. data, platform, communication, security and management. Considering the key technologies, e-Trade platform has to be mutually connected and accept international standards such as XML. In the aspect of business side, trade relative agencies' business process as well as trading company's process has to be considered. Therefore, e-Trade platform can be classified into 3 parts which are service, infrastructure and connection. Infrastructure part is compared of circulating and managing system of electronic document, interface and service framework. Connecting service (application service) and additional service (application service) consist of service part. Connecting part is a linking mutual parts and can be divided into B2B service and B20 service. The organization operating this e-trade platform must have few responsibilities and requirements. It needs to positively accept existing infrastructure of trade automatic system and improving the system to complete e-trade platform. It also have to continuously develop new services and possess ability to operate the system for providing proper services to demanders. As a result, private sector that can play a role as TTP(Third Trust Party) is adequate for operating the system. In this case, revising law is necessary to support the responsibility and requirement of private sector.

• The Journal of Korean Institute of Next Generation Computing
• /
• v.13 no.2
• /
• pp.7-17
• /
• 2017

In this paper, we propose the TPS (TPM-enhanced Privacy Protection System) which is an automated privacy protection system enhanced with a TPM (Trusted Platform Module). The TPS detects documents including personal information by periodic scanning the disk of clients at regular intervals and encrypts them. Hence, system manages the encrypted documents in the server. In particular, the security of TPS was greatly enhanced by limiting the access of documents including the personal information with regard to the client in an abnormal state through the TPM-based platform verification mechanism of the client system. In addition, we proposed and implemented a VTF (Virtual Trusted File) interface to provide users with the almost identical user interface as general document access even though documents containing personal information are encrypted and stored on the remote server. Consequently, the TPS automates the compliance of the personal information protection acts without additional users' interventions.

• Journal of Platform Technology
• /
• v.12 no.3
• /
• pp.55-61
• /
• 2024

As the digital environment becomes more complex and cyber attacks become more sophisticated, the importance of data protection is emerging. As various security threats such as data leakage, system intrusion, and authentication bypass increase, secure key management is emerging. Key Management System (KMS) manages the entire encryption key life cycle procedure and is used in various industries. There is a need for a key management system that considers requirements suitable for the environment of various industries including public and finance. The purpose of this paper is to derive the characteristics of the key management system for each industry by comparing and analyzing key management systems used in representative industries. As for the research method, information was collected through literature and technical document analysis and case analysis, and comparative analysis was conducted by industry sector. The results of this paper will be able to provide a practical guide when introducing or developing a key management system suitable for the industrial environment. The limitations are that the analyzed industrial field was insufficient and experimental verification was insufficient. Therefore, in future studies, we intend to conduct specific performance tests through experiments, including key management systems in various fields.

• The Journal of Information Technology
• /
• v.6 no.1
• /
• pp.85-105
• /
• 2003

The study revealed that the companies are still reluctant to stop using document-based payment methods although they are aware the use of electronic payment system would reduce express and save time. Considering problems that are suggested in the conventional payment method, more companies will introduce and utilize the electronic payment system. Moreover, as the refined electronic payment system is essential in electronic trade, active studies on this field would greatly contribute to the development of electronic payment system. The prevailing settlement of international trade still relies on trading documents while the legal issues are not finalized for electronic bill of lading (B/L) and electronic bill. This research purpose on comparing some e-trading models in character and presenting the obstacles of e-trading activation and the solutions. e-trading models this research has studied are BOLERO, TradeCard, electronic L/C etc. Comparing characteristic points of the e-trading model in this article are as follows; 1)Access ways as a global e-trading model, 2)Structural and Functional characteristic, 3)Role as a global e-trading model, 5)Legal and Application issues in practice, 6)Security issues for Technology. But Further studies on this subject would be needed.

• Journal of Digital Convergence
• /
• v.12 no.9
• /
• pp.201-207
• /
• 2014

In the cloud environment, the company needs data integration and analysis to make decision and policy. If new system is added to this environment, a lot of time and cost is needed due to disparate properties among systems when data is integrated. Therefore, in this paper, we propose a DBaaS hub system for multi-database service. The DBaaS may require a different database and need data integration for relevant service. Using the ontology, we propose a metadata query to resolve the interoperability issues between data of DBaaS. The meta-query is not a query to access the real data, but the query for the upper level. This method provides data integration by accessing the data with the converted query through an ontology when we access the actual database.We also constructs a document-oriented database system using the metadata.

• Journal of Korean Society of Archives and Records Management
• /
• v.7 no.1
• /
• pp.61-82
• /
• 2007

With changes of information environment on records managements, ERMS can be a suitable solution for managing multi-typed records. In this point, this study performed analysis and design of ERMS based on key functions and requirements to perform creation, preservation, management and use of electronic records. Especially, this study focused on interoperability with the related systems, security issues and back-up methods for secured preservation and management including fundamental requirements. Also, ERMS has a close relation with related systems such as intranet system, electronic document settlement system, and so on. compared to digital library managing information resources. Considering those features mentioned above, this study proposes functional requirements and a system architecture of ERMS which is satisfied with four characteristics of electronic records mentioned on ISO 15489 and environmental requirements.