• Journal of the Korea Society of Computer and Information
• /
• v.29 no.1
• /
• pp.121-130
• /
• 2024

In this paper, we propose an installation approach for Naval Combat Management System(CMS) software that identifies potential data anomalies during installation. With the popularization of wireless communication methods, such as Low Earth Orbit(LEO) satellite communications, various utilization methods using wireless networks are being discussed in CMS. One of these methods includes the use of wireless network communications for installation, which is expected to enhance the real-time performance of the CMS. However, wireless networks are relatively more vulnerable to security threats compared to wired networks, necessitating additional security measures. This paper presents a method where files are transmitted to multiple nodes using encryption, and after the installation of the files, a validity check is performed to determine if there has been any tampering or alteration during transmission, ensuring proper installation. The feasibility of applying the proposed method to Naval Combat Systems is demonstrated by evaluating transmission performance, security, and stability, and based on these evaluations, results sufficient for application to CMS have been derived.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.11
• /
• pp.4163-4183
• /
• 2021

As measures for protecting users and ensuring security of electronic financial transactions, such as online banking, financial institutions in South Korea have implemented network segregation policies. However, a revision of such domain-centered standardized network segregation policies has been increasingly requested because of: 1) increased demand for remote work due to changes resulting from COVID-19 pandemic; and 2) the difficulty of applying new technologies of fintech companies based on information and communications technologies (ICTs) such as cloud services. Therefore, in this study, problems of the remote work environment arising from the network segregation policy currently applied to the financial sector in South Korea and those from the application of new ICTs such as fintech technology have been investigated. In addition, internal network protection policies of foreign financial sectors, such as those of the United States, United Kingdom, European Union, and Russia, and internal network protection policies of non-financial sectors, such as control systems, have been analyzed. As measures for the effective improvement of the current network segregation policy, we propose a policy change from domain-based to data-centric network segregation. Furthermore, to resolve threats of hacking at remote work, recently emerging as a global problem due to COVID-19 pandemic, a standard model for remote work system development applicable to financial companies and a reinforced terminal security model are presented, and an alternative control method applicable when network segregation is not applied is proposed.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.6
• /
• pp.1102-1106
• /
• 2015

To provide social security and for cooperative smart camera context awareness processing, each camera stores and exchange context data. For a specific event, measured values with other context data is stored RDB. RDB is transformed to ontology RDF file and is used for context reasoning. Interoperability between smart cameras conforms to ONVIF and constitutes intelligent surveillance system. To guarantee the confidentiality and integrity, securiy techniques are adopted. Security overhead between agents is analyzed in the prototype system implemented.

• Convergence Security Journal
• /
• v.12 no.3
• /
• pp.107-113
• /
• 2012

Due to the development of communications technology, it is now possible to be offered online from remote places. This kind of communications technology can be applied to the medical field. The medical treatment appointments in hospitals can be its typical example. But still, in most of hospitals, patient or guardian have to physically visit or call to the hospital to set up an appointment for the medical treatment. In addition, they have to wait in line in order to pay after receiving the medical treatment. The patient or guardian, after paying, receive a paper prescription and they go to a nearby pharmacy to take the medicines. They must wait in line again there in order to receive the medicine from the pharmacy. In this paper, we would like to suggest a smart medical treatment system in order to solve the problems discussed above. With this proposed system, the user will be able to make an appointment, make payments and receive medication quickly and easily without spending extra time. Also, there will be no need for paper prescriptions with this system. We discuss about the security of medical information for this proposed smart medical treatment system proposed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.5
• /
• pp.129-136
• /
• 2003

A representative payment broker system is SET and one of its signature shcemes is a dual digital signature scheme. A dual digital signature scheme expose neither user's payment information(credit card number etc.) to merchandiser, nor user's order information to bank So it keeps user's Privacy safe. The digital signature scheme like this is being necessary as E-commerce is revitalized. But a dual digital signature of SET is not appropriate for wireless environments because it needs so many computations and communications. In this paper, we propose a signcryption scheme that generates a polynomial using a payment information for merchandiser and an order information for bank in order to reduce communications. We analyze the problem of existing signcryption schemes and dual digital signature schemes. Also we analyze the security properties of the proposed scheme.

• Journal of Convergence Society for SMB
• /
• v.5 no.4
• /
• pp.25-30
• /
• 2015

Recently, interest in Fin-Tech, a compound word of finance and technology, has been increased. However, Fin-Tech that is a mixture of finance and IT is exposed in terms of security. In this paper, we propose a method to solve the security-related problem that occurs in the financial sector where the Fin-Tech is used. Proposed method found out different problems of services which are provided by companies through a variety of financial sectors and described a method to facilitate the security service. In particular, proposed method presents a service plan to secure safety and to minimize the damage. Also, proposed method set an objective to stabilize financial services based on analyzed result after analyzing the problems of existing FinTech security services.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.4
• /
• pp.923-948
• /
• 2013

The main concern in mobile peer-to-peer (P2P) networks is security because jamming or eavesdropping on a wireless link is much easier than on a wired one and such damage can be incurred without physical access or contact. In particular, authentication has increasingly become a requirement in mobile P2P environments. This paper presents a new mutual authentication mechanism which requires less storage space and maintains a high level of security in mobile P2P networks. The proposed mechanism improves efficiency by avoiding the use of centralized entities and is designed to be agile in terms of both reliability and low-cost implementation. The mechanism suggested in the simulation evaluates the function costs occurring in authentication between the devices under mobile P2P network environment comparing to existing method in terms of basic operation costs, traffic costs, communications costs, storage costs and scalability. The simulation results show that the proposed mechanism provides high authentication with low cryptography processing overhead.

• Journal of Information Processing Systems
• /
• v.6 no.3
• /
• pp.359-374
• /
• 2010

The Future Internet that includes Real World Objects and the Internet of Things together with the more classic web pages will move communications from a nodecentric organization to an information-centric network allowing new a paradigm to take place. The 4WARD project initiated some works on the Future Internet. One of them is the creation of a Network of Information designed to enable more powerful semantic searches. In this paper, we propose a security solution for a model of information based on a semantic description and search of objects. The proposed solution takes into account both the access and the management of both objects and their descriptions.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.1
• /
• pp.94-102
• /
• 2016

In this work we propose a new method to countermeasure against the abatement attack to the security server that is induced by man-in-the-middle attack. To that purpose, we first investigate the state of the art in the current research about the abatement attack. After that, we propose a new countermeasure method that can cope with the unresolved problems in the current method, which can cover diverse types of network.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.2
• /
• pp.382-389
• /
• 2018

Recently cyber attacks can cause serious damage on various information systems. Log data analysis would be able to resolve this problem. Security log analysis system allows to cope with security risk properly by collecting, storing, and analyzing log data information. In this paper, a security log analysis system is designed and implemented in order to analyze security log data using the Logstash in the Elasticsearch, a distributed search engine which enables to collect and process various types of log data. The Kibana, an open source data visualization plugin for Elasticsearch, is used to generate log statistics and search report, and visualize the results. The performance of Elasticsearch-based security log analysis system is compared to the existing log analysis system which uses the Flume log collector, Flume HDFS sink and HBase. The experimental results show that the proposed system tremendously reduces both database query processing time and log data analysis time compared to the existing Hadoop-based log analysis system.