• Convergence Security Journal
• /
• v.20 no.2
• /
• pp.59-68
• /
• 2020

In January 2020, the National Assembly passed the revisions of three bills which ease regulations on the use of personal information. The revised laws include the launch of an independent supervisory body, the arrangement of redundant regulations, and regulations for the development of the data economy. This paper analyzes the content and meaning of each law of the Three Revised Bills that Ease Regulations on the Use of Personal Information. And the future challenges outline three aspects: the establishment of a system to ensure the right to informational self-determination of privacy concerns, the establishment of a certification system and the presentation of reasonable guidelines, and the expectation of professional performance by the Personal Information Protection Commission.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.1C
• /
• pp.68-78
• /
• 2008

The transmission of multimedia information over error-prone channels such as wireless networks has become an important area of research. In this paper, we propose two Error Concealment(EC) schemes for wireless transmission of JPEG2000 image. The Multiple Representation(MR) is employed as the preprocessing in our schemes, whereas the main error concealing operation is applied in wavelet domain at receiver side. The compressed code-stream of several subsampled versions of original image is transmitted over a single channel with random bit errors. In the decoder side, the correctly reconstructed wavelet coefficients are utilized to recover the corrupted coefficients in other sub-images. The recovery is carried out by proposed basic(MREC-BS) or enhanced(MREC-ES) methods, both of which can be simply implemented. Moreover, there is no iterative processing during error concealing, which results a big time saving. Also, the simulation results confirm the effectiveness and efficiency of our proposed schemes.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.5
• /
• pp.237-242
• /
• 2012

Cyber attacks have rapidly increased by exploiting the underlying vulnerabilities in the target software. However, identifying and correcting these vulnerabilities are extremely difficult and time consuming tasks. To address these problems efficiently, we propose a systematic methodology for security vulnerability assessment process on binary code in the paper. Specifically, we first classified the existing vulnerabilities based on whether the target software run in a Web environment and features of the software. Based on the classification, we determined the list and scope of the vulnerabilities. As our future research direction, we need to further refine and validate our methodology.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.6
• /
• pp.173-180
• /
• 2015

The advent of personal healthcare record(PHR) technology has been changing the uses as well as the paradigm of internet services, and emphasizing the importance of services being personalization. But the problem of user's privacy infringement and leaking user's sensitive medical information is increasing with the fusion of PHR technology and healthcare. In this paper, we propose a security labeling scheme for privacy protection in PHR system. In the proposed scheme, PHR data can be labeled also manually based on patient's request or the security labelling rules. The proposed scheme can be used to control access, specify protective measures, and determine additional handling restrictions required by a communications security policy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.4
• /
• pp.1057-1071
• /
• 2016

Privacy-right infringement using unmanned aerial vehicle (UAV) usually occurs due to the unregistered small UAV with the image data processing equipment. In this paper we propose that privacy protection acts, Personal Information Protection Act, Information and Communications Network Act, are complemented to consider the mobility of image data processing equipment installed on UAV. Furthermore, we suggest the regulations for classification of small UAVs causing the biggest concern of privacy-right infringement are included in aviation legislations. In addition, technological countermeasures such as recognition of UAV photographing and masking of identifying information photographed by UAV are proposed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.4
• /
• pp.973-983
• /
• 2016

It's been almost 6 years since PIA was implemented based on legislation. So I analyzed problems of PIA from the perspective of ITSM 3 elements. I mainly took account of quality improvement of the report when I assessed systems processing personal informations. So, I propose in terms of logical validity improvement of assessment report. The improvements on 4 different outputs for each phase are many cases that I assessed systems processing personal informations. And I propose improvements on qualified assessors having capability of GRC and on process for managing the assessment system. To settle down PIA system as the reasonable and effective assessment system even after 2016, the statutory deadline for completion of PIA, assessors and appointed assessment firms and authorities should cooperate to complete the assessment system.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.3B
• /
• pp.421-430
• /
• 2010

Now a days, as a communications network is being broadband, IPTV(Internet Protocol Television) service which provides various two-way TV service is increasing. But as the data which is transmitted between IPTV set-top box and smart card is almost transmitted to set-top box, the illegal user who gets legal authority by approaching to the context of contents illegally using McComac Hack Attack is not prevented perfectly. In this paper, set-top box access security model is proposed which is for the protection from McComac Hack Attack that tries to get permission for access of IPTV service illegally making data line which is connected from smart card to set-top box by using same kind of other set-top box which illegal user uses. The proposed model reports the result of test which tests the user who wants to get permission illegally by registration the information of a condition of smart card which is usable in set-top box in certification server so that it prevents illegal user. Specially, the proposed model strengthen the security about set-top box by adapting public key which is used for establishing neighbor link and inter-certification process though secret value and random number which is created by Pseudo random function.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.11C
• /
• pp.1090-1096
• /
• 2002

The HTTP does not support continuity for browser-server interaction between successive visits or a user due to a stateless feature. Cookies were invented to maintain continuity and state on the Web. Because cookies are transmitted in plain and contain text-character strings encoding relevant information about the user, the attacker can easily copy and modify them for his undue profit. In this paper, we design a secure cookies scheme based on X.509 public key certificate for solving these security weakness of typical web cookies. Our secure cookies scheme provides not only mutual authentication between client and server but also confidentiality and integrity of user information. Additionally, we implement our secure cookies scheme and compare it to the performance with SSL(Secure Socket Layer) protocol that is widely used for security of HTTP environment.

• Journal of Digital Convergence
• /
• v.16 no.9
• /
• pp.179-185
• /
• 2018

Technology of Internet of Things (IoT) which is receiving the spotlight recently as a new growth engine of Information Communications Technology (ICT) industry in the $4^{th}$ Industrial Revolution needs trustworthiness beyond simple technology of security. IoT devices should consider trustworthiness from planning and design of IoTs so that everyone who develop, evaluate and use the device can measure and trust its security. Increased number of IoTs and long lifetime result in the increased securituy vulnerability due to the difficulty of software patch and update. In this paper, we investigated security and scalability issues of current IoT devices through research of the technical, political and industrial trend of IoT. In order to overcome the limitations, we propose an automatic verification of software integrity utilizing and a political solution to apply cyber killchain based security mechanism using hash which is an element technology of blockchain to solve these problems.

• International Journal of Computer Science & Network Security
• /
• v.23 no.4
• /
• pp.156-165
• /
• 2023

IEEE 802.15.4e-TSCH is recognized as a wireless industrial sensor network standard used in IoT systems. To ensure both power savings and reliable communications, the TSCH standard uses techniques including channel hopping and bandwidth reserve. In TSCH mode, scheduling is crucial because it allows sensor nodes to select when data should be delivered or received. Because a wide range of applications may necessitate energy economy and transmission dependability, we present a distributed approach that uses a cluster tree topology to forecast scheduling requirements for the following slotframe, concentrating on the Poisson model. The proposed Optimized Minimal Scheduling Function (OMSF) is interested in the details of the scheduling time intervals, something that was not supported by the Minimal Scheduling Function (MSF) proposed by the 6TSCH group. Our contribution helps to deduce the number of cells needed in the following slotframe by reducing the number of negotiation operations between the pairs of nodes in each cluster to settle on a schedule. As a result, the cluster tree network's error rate, traffic load, latency, and queue size have all decreased.