• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1549-1560
• /
• 2015

For the past few years, personal information breach incidents, great and small, occurred constantly. Accordingly, the Personal Information Protection related Ordinances are enacted and amended persistently, and the information security products also keep advancing and developing in the same way. There are the certification systems such as Common Criteria Evaluation and Validation(CC) and Korea Cryptographic Module Validation Program(KCMVP) for the information security products. These are also strictly carried out. This paper analyzes and categorizes the 5 Personal Information Protection related Ordinances in the aspects of technical protection measures by using key words. Here are the 5 related ordinances; 'the Personal Information Protection Act', 'the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc', 'the Act on the Protection, Use, Etc, of Location Information', 'the Use and Protection of Credit Information Act', and 'the Electronic Financial Transactions Act.' Moreover, this study analyzes the association between the technical protection measures in the 5 relevant laws and the information security products that are obtaining the CC Evaluation & Validation(CC) and the products that are now produced at KISIA's member companies.

• Journal of Communications and Networks
• /
• v.14 no.4
• /
• pp.396-409
• /
• 2012

With the proliferation of diverse wireless devices, there is an increasing concern about the security of location information which can be spoofed or disrupted by adversaries. This paper investigates the characterization and detection of location spoofing attacks, specifically those which are attempting to falsify (degrade) the position estimate through signal strength based attacks. Since the physical-layer approach identifies and assesses the security risk of position information based solely on using received signal strength (RSS), it is applicable to nearly any practical wireless network. In this paper, we characterize the impact of signal strength and beamforming attacks on range estimates and the resulting position estimate. It is shown that such attacks can be characterized by a scaling factor that biases the individual range estimators either uniformly or selectively. We then identify the more severe types of attacks, and develop an attack detection approach which does not rely on a priori knowledge (either statistical or environmental). The resulting approach, which exploits the dissimilar behavior of two RSS-based estimators when under attack, is shown to be effective at detecting both types of attacks with the detection rate increasing with the severity of the induced location error.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.2B
• /
• pp.228-239
• /
• 2004

Information Security industry in Korea is growing rapidly but is confronted with many challenges in business environment. One of the worst hardships is the mismatch in the demand and supply of manpower. Thus the government is developing a manpower policy to relieve the situation. To suggest policy implications, this study analyzes the demand and supply of Information Security manpower in the systematic and behavioral point of views. Using System Dynamics approach, we formulate a model to analyze the demand and supply of Information Security manpower. Finally we simulate the model and interpret the results.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.5C
• /
• pp.642-653
• /
• 2004

Information Security industry in Korea is growing rapidly but is confronted with many challenges in business environment. One of the worst hardships is the mismatch in the demand and supply of manpower. Thus the government is developing a manpower policy to relieve the situation. To suggest policy implications, this study analyzes the demand and supply of Information Security manpower in the systematic and behavioral point of views. Using System Dynamics approach we formulate a model to analyze the demand and supply of Information Security manpower. Finally we simulate the model and interpret the results.

• Journal of Communications and Networks
• /
• v.14 no.4
• /
• pp.364-373
• /
• 2012

In this paper, we propose combined relay selection and cooperative beamforming schemes for physical layer security. Generally, high operational complexity is required for cooperative beamforming withmultiple relays because of the required information exchange and synchronization among the relays. On the other hand, while it is desirable to reduce the number of relays participating in cooperative beamforming because of the associated complexity problem, doing so may degrade the coding gain of cooperative beamforming. Hence, we propose combined relay selection and cooperative beamforming schemes, where only two of the available relays are selected for beamforming and data transmission. The proposed schemes introduce a selection gain which partially compensates for the decrease in coding gain due to limiting the number of participating relays to two. Both the cases where full and only partial channel state information are available for relay selection and cooperative beamforming are considered. Analytical and simulation results for the proposed schemes show improved secrecy capacities compared to existing physical layer security schemes employing cooperative relays.

• Journal of Advanced Navigation Technology
• /
• v.16 no.6
• /
• pp.1014-1023
• /
• 2012

Recently with improvement of SMART Grid, AMI network security has been affecting the environment for Electric information and communication. The system and communication protection consists of steps taken to protect the AMI components and the communication links between system components from cyber intrusions. The addition of two way communications between SUN and HAN introduces additional risk for unauthorized access to the AMI system. In this paper, we propose new AMI device authentication infrastructure, key establishment and security algorithm based on public key encryption to solve AMI network security problems.

• Journal of Korea Multimedia Society
• /
• v.18 no.2
• /
• pp.178-188
• /
• 2015

The proliferation of devices such as tablets and smart phones, which are now used by many people in their daily lives, has led to a number of companies allowing employees to bring their own devices to work due to perceived productivity gains and cost savings. However, despite many advantage, security breaches (e.g., information leakage) can happen for various reasons (e.g., loss or theft of devices, and malicious code) and privacy breaches can happen by using personal devices for business. We should carefully scrutinize security threats in this area. We present the security threats analysis and the technical approach in this area, and discuss privacy threats and countermeasures.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.5
• /
• pp.67-74
• /
• 2012

Since current paid video contents have a security vulnerability, anyone can obtain the information of video contents. In this paper, we analyze current video encryption methods which are used commercially to prevent illegal downloading movies. And we propose an address encryption method which can encrypt and decrypt video contents in program itself. In the performance evaluation, we compare the proposed method with the conventional method to show the improvement of security with the reduced delay for encoding and decoding through encryption.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.10
• /
• pp.3256-3274
• /
• 2022

With the rapid development of information and communications technology, the construction of efficient, reliable, and safe Internet of Things (IoT) is an inevitable trend in order to meet high-quality demands for the forthcoming 6G communications. In this paper, we study a secure intelligent reflecting surface (IRS)-assisted IoT system where malicious eavesdropper trying to sniff out the desired information from the transmission links between the IRS and legitimate IoT devices. We discuss the system overall performance and propose a hybrid resource allocation scheme for maximizing the secrecy capacity and secrecy energy efficiency. In order to achieve the trade-off between transmission reliability, communication security, and energy efficiency, we develop a quantum-inspired marine predator algorithm (QMPA) for realizing rational configuration of system resources and prevent from eavesdropping. Simulation results demonstrate the superiority of the QMPA over other strategies. It is also indicated that proper IRS deployment and power allocation are beneficial for the enhancement of system overall capacity.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.161-169
• /
• 2011

There is a consensus in the field of vehicular network security that public key cryptography should be used to secure communications. A certificate revocation list (CRL) should be distributed quickly to all the vehicles in the network to protect them from malicious users and malfunctioning equipment as well as to increase the overall security and safety of vehicular networks. Thus, a major challenge in vehicular networks is how to efficiently distribute CRLs. This paper proposes a CRL distribution method aided by terrestrial digital multimedia broadcasting (T-DMB). By using T-DMB data broadcasting channels as alternative communication channels, the proposed method can broaden the network coverage, achieve real-time delivery, and enhance transmission reliability. Even if roadside units are not deployed or only sparsely deployed, vehicles can obtain recent CRLs from the T-DMB infrastructure. A new transport protocol expert group (TPEG) CRL application was also designed for the purpose of broadcasting CRLs over the T-DMB infrastructure.