• The KIPS Transactions:PartD
• /
• v.13D no.5 s.108
• /
• pp.699-708
• /
• 2006

The latest biometric field have marched fast with security technology of IT. As importance of present biometrics is realized, internal and external biometrics software market is trend that is soaring. Accordingly, high reliability of biometric software and request of high quality software are enlarged. Evaluation items and criteria must be established for biometric software quality assurance. In this paper, we development the evaluation module for biometric software test based on ISO/IEC 12119 that is the standard about software quality requirement and test, and ISO/IEC 9126 that is standard about evaluation of software product, and ISO/IEC 14598-6 that is the standard about construction of the evaluation module. Constituents of biometric software products(product descriptor, user document program and data) is subject to the quality evaluation module that we developed in this paper, we can expect improvement in the quality of software by using with a standard such as ISO/IEC 9126-3 that can be used in software development process.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.44 no.10
• /
• pp.127-136
• /
• 2007

It is easy to install and maintain a mobile multi-hop wireless network due to its self-organizing characteristics. However it has security weakness of the authentication of mobile multi-hop relay stations. Specially, the mobile multi-hop relay network in the IEEE 802.16j has the additional security weakness caused by the requirement of backward compatibility for mobile stations of the conventional IEEE 802.16 system. In this paper, we propose a novel mutual authentication scheme applicable to IEEE 802.16j-based mobile multi-hop relay network architecture. The scheme is able to resolve the initial trust gain problem of a multi-hop node at its entry to the network, the problem of rogue mobile multi-hop node and the problem of hop-by-hop authentication between multi-hop nodes. Effectively, the scheme is a hybrid scheme of the distributed authentication method and the centralized authentication method which have been considered to be deployed in the wireless ad-hoc network and the wireless network connected to wired authentication servers, respectively. Also, we analyze the effectiveness of the proposed hybrid authentication method.

• Nuclear Engineering and Technology
• /
• v.45 no.6
• /
• pp.731-744
• /
• 2013

Energy security is a topic of high importance to many countries throughout the world. Countries with access to vast energy supplies enjoy all of the economic and political benefits that come with controlling a highly sought after commodity. Given the desire to diversify away from fossil fuels due to rising environmental and economic concerns, there are limited technology options available for baseload electricity generation. Further complicating this issue is the desire for energy sources to be sustainable and globally scalable in addition to being economic and environmentally benign. Nuclear energy in its current form meets many but not all of these attributes. In order to address these limitations, TerraPower, LLC has developed the Traveling Wave Reactor (TWR) which is a near-term deployable and truly sustainable energy solution that is globally scalable for the indefinite future. The fast neutron spectrum allows up to a ~30-fold gain in fuel utilization efficiency when compared to conventional light water reactors utilizing enriched fuel. When compared to other fast reactors, TWRs represent the lowest cost alternative to enjoy the energy security benefits of an advanced nuclear fuel cycle without the associated proliferation concerns of chemical reprocessing. On a country level, this represents a significant savings in the energy generation infrastructure for several reasons 1) no reprocessing plants need to be built, 2) a reduced number of enrichment plants need to be built, 3) reduced waste production results in a lower repository capacity requirement and reduced waste transportation costs and 4) less uranium ore needs to be mined or purchased since natural or depleted uranium can be used directly as fuel. With advanced technological development and added cost, TWRs are also capable of reusing both their own used fuel and used fuel from LWRs, thereby eliminating the need for enrichment in the longer term and reducing the overall societal waste burden. This paper describes the origins and current status of the TWR development program at TerraPower, LLC. Some of the areas covered include the key TWR design challenges and brief descriptions of TWR-Prototype (TWR-P) reactor. Selected information on the TWR-P core designs are also provided in the areas of neutronic, thermal hydraulic and fuel performance. The TWR-P plant design is also described in such areas as; system design descriptions, mechanical design, and safety performance.

• The Journal of the Korea Contents Association
• /
• v.8 no.5
• /
• pp.246-259
• /
• 2008

This study was to minimize the trial and error in the primary step of the C4I system(ATCIS) of the each army corps on the front line, and test the economy and efficiency was tested by reviewing related papers and the system characteristics of other countries. The relationship was researched by analyzing the collected survey data and survey data related to the user's requirement level such as the army standards, that is, commonality, timeliness, simplification, automaticity, field availability and viability, multi-stage security and interoperability, unification. The result showed that the C4I system was efficiently operated through the system reliability for the specification of the system and operation manual, maneuverability and security, adaptability of the war field and system support and management, and good education and training about system operation, and less system maintenance and supplementary element. As a result, the development plan confirmed that the continuous operator education and the construction of the maintenance, and the upgrade digitalization(C4ISR+D) with the korean characteristics based on IT of network systems, and system development of the measurement model of the operator performance must be continuously supplemented in the near future.

• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.42 no.2 s.302
• /
• pp.49-58
• /
• 2005

In this paper, we proposed a blind watermarking algerian to use characteristics of a scalar quantizer which is the recommended in the JPEG2000 and JPEG. The proposed algorithm shifts a quantization index according to the value of each watermark bit to prevent losing the watermark information during the compression by quantization. Therefore, the watermark is embedded during the process of quantization, not an additional process for watermarking, and is adaptively applied as a assigned quantizer according application areas. Before embedding process, a LFSR(Linear feedback shift register) rearranged the watermark for the security of the watermark itself and in the embedding process, a LFSR is used to hide the watermarking positions. Therefore the embedded watermark can he extracted by only the owner who knows the initial value of LFSR without the original image. The visual recognizable pattern such as a binary image was used as the watermark. The experimental results showed that the proposed algerian satisfies the robustness and imperceptibility corresponding to the major requirement of watermarking. The results showed the largest error rate to be $5.7\%$ for attack. The experimental result which compares the proposed algorithm with the Mohamed algorithm showed that the proposed algorithm was better than it, exactly $4\~5$ times for the attacks of JPEG and JPEG2000.

• Journal of KIISE:Databases
• /
• v.34 no.1
• /
• pp.1-17
• /
• 2007

As XML is becoming a de facto standard for distribution and sharing of information, the need for an efficient yet secure access of XML data has become very important. To enforce the fine-level granularity requirement, authorization models for regulating access to XML documents use XPath which is a standard for specifying parts of XML data and a suitable language for both query processing. An access control environment for XML documents and some techniques to deal with authorization priorities and conflict resolution issues are proposed. Despite this, relatively little work has been done to enforce access controls particularly for XML databases in the case of query access. Developing an efficient mechanism for XML databases to control query-based access is therefore the central theme of this paper. This work is a proposal for an efficient yet secure XML access control system. The basic idea utilized is that a user query interaction with only necessary access control rules is modified to an alternative form which is guaranteed to have no access violations using tree-aware metadata of XML schemes and set operators supported by XPath 2.0. The scheme can be applied to any XML database management system and has several advantages over other suggested schemes. These include implementation easiness, small execution time overhead, fine-grained controls, and safe and correct query modification. The experimental results clearly demonstrate the efficiency of the approach.

• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.43 no.2 s.308
• /
• pp.19-29
• /
• 2006

As the security of personal information is becoming more important in mobile phones, we are starting to apply iris recognition technology to these devices. In conventional iris recognition, magnified iris images are required. For that, it has been necessary to use large magnified zoom & focus lens camera to capture images, but due to the requirement about low size and cost of mobile phones, the zoom & focus lens are difficult to be used. However, with rapid developments and multimedia convergence trends in mobile phones, more and more companies have built mega-pixel cameras into their mobile phones. These devices make it possible to capture a magnified iris image without zoom & focus lens. Although facial images are captured far away from the user using a mega-pixel camera, the captured iris region possesses sufficient pixel information for iris recognition. However, in this case, the eye region should be detected for accurate iris recognition in facial images. So, we propose a new fast iris detection method, which is appropriate for mobile phones based on corneal specular reflection. To detect specular reflection robustly, we propose the theoretical background of estimating the size and brightness of specular reflection based on eye, camera and illuminator models. In addition, we use the successive On/Off scheme of the illuminator to detect the optical/motion blurring and sunlight effect on input image. Experimental results show that total processing time(detecting iris region) is on average 65ms on a Samsung SCH-S2300 (with 150MHz ARM 9 CPU) mobile phone. The rate of correct iris detection is 99% (about indoor images) and 98.5% (about outdoor images).

• Journal of Intelligence and Information Systems
• /
• v.17 no.4
• /
• pp.157-173
• /
• 2011

As the Internet use explodes recently, the malicious attacks and hacking for a system connected to network occur frequently. This means the fatal damage can be caused by these intrusions in the government agency, public office, and company operating various systems. For such reasons, there are growing interests and demand about the intrusion detection systems (IDS)-the security systems for detecting, identifying and responding to unauthorized or abnormal activities appropriately. The intrusion detection models that have been applied in conventional IDS are generally designed by modeling the experts' implicit knowledge on the network intrusions or the hackers' abnormal behaviors. These kinds of intrusion detection models perform well under the normal situations. However, they show poor performance when they meet a new or unknown pattern of the network attacks. For this reason, several recent studies try to adopt various artificial intelligence techniques, which can proactively respond to the unknown threats. Especially, artificial neural networks (ANNs) have popularly been applied in the prior studies because of its superior prediction accuracy. However, ANNs have some intrinsic limitations such as the risk of overfitting, the requirement of the large sample size, and the lack of understanding the prediction process (i.e. black box theory). As a result, the most recent studies on IDS have started to adopt support vector machine (SVM), the classification technique that is more stable and powerful compared to ANNs. SVM is known as a relatively high predictive power and generalization capability. Under this background, this study proposes a novel intelligent intrusion detection model that uses SVM as the classification model in order to improve the predictive ability of IDS. Also, our model is designed to consider the asymmetric error cost by optimizing the classification threshold. Generally, there are two common forms of errors in intrusion detection. The first error type is the False-Positive Error (FPE). In the case of FPE, the wrong judgment on it may result in the unnecessary fixation. The second error type is the False-Negative Error (FNE) that mainly misjudges the malware of the program as normal. Compared to FPE, FNE is more fatal. Thus, when considering total cost of misclassification in IDS, it is more reasonable to assign heavier weights on FNE rather than FPE. Therefore, we designed our proposed intrusion detection model to optimize the classification threshold in order to minimize the total misclassification cost. In this case, conventional SVM cannot be applied because it is designed to generate discrete output (i.e. a class). To resolve this problem, we used the revised SVM technique proposed by Platt(2000), which is able to generate the probability estimate. To validate the practical applicability of our model, we applied it to the real-world dataset for network intrusion detection. The experimental dataset was collected from the IDS sensor of an official institution in Korea from January to June 2010. We collected 15,000 log data in total, and selected 1,000 samples from them by using random sampling method. In addition, the SVM model was compared with the logistic regression (LOGIT), decision trees (DT), and ANN to confirm the superiority of the proposed model. LOGIT and DT was experimented using PASW Statistics v18.0, and ANN was experimented using Neuroshell 4.0. For SVM, LIBSVM v2.90-a freeware for training SVM classifier-was used. Empirical results showed that our proposed model based on SVM outperformed all the other comparative models in detecting network intrusions from the accuracy perspective. They also showed that our model reduced the total misclassification cost compared to the ANN-based intrusion detection model. As a result, it is expected that the intrusion detection model proposed in this paper would not only enhance the performance of IDS, but also lead to better management of FNE.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.5C
• /
• pp.664-672
• /
• 2004

Widespread popularity of wireless data communication devices, coupled with the availability of higher bandwidths, has led to an increased user demand for content-rich media such as images and videos. Since such content often tends to be private, sensitive, or paid for, there exists a requirement for securing such communication. However, solutions that rely only on traditional compute-intensive security mechanisms are unsuitable for resource-constrained wireless and embedded devices. In this paper, we propose a selective partial image encryption scheme for image data hiding , which enables highly efficient secure communication of image data to and from resource constrained wireless devices. The encryption scheme is invoked during the image compression process, with the encryption being performed between the quantizer and the entropy coder stages. Three data selection schemes are proposed： subband selection, data bit selection and random selection. We show that these schemes make secure communication of images feasible for constrained embed-ded devices. In addition we demonstrate how these schemes can be dynamically configured to trade-off the amount of ded devices. In addition we demonstrate how these schemes can be dynamically configured to trade-off the amount of data hiding achieved with the computation requirements imposed on the wireless devices. Experiments conducted on over 500 test images reveal that, by using our techniques, the fraction of data to be encrypted with our scheme varies between 0.0244％ and 0.39％ of the original image size. The peak signal to noise ratios (PSNR) of the encrypted image were observed to vary between about 9.5㏈ to 7.5㏈. In addition, visual test indicate that our schemes are capable of providing a high degree of data hiding with much lower computational costs.

• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.83-94
• /
• 2006

This paper describes ATM cell encipherment method using Rijndael Algorithm adopted as an AES(Advanced Encryption Standard) by NIST in 2001. ISO 9160 describes the requirement of physical layer data processing in encryption/decryption. For the description of ATM cell encipherment method, we implemented ATM data encipherment equipment which satisfies the requirements of ISO 9160, and verified the encipherment/decipherment processing at ATM STM-1 rate(155.52Mbps). The DES algorithm can process data in the block size of 64 bits and its key length is 64 bits, but the Rijndael algorithm can process data in the block size of 128 bits and the key length of 128, 192, or 256 bits selectively. So it is more flexible in high bit rate data processing and stronger in encription strength than DES. For tile real time encryption of high bit rate data stream. Rijndael algorithm was implemented in FPGA in this experiment. The boundary of serial UNI cell was detected by the CRC method, and in the case of user data cell the payload of 48 octets (384 bits) is converted in parallel and transferred to 3 Rijndael encipherment module in the block size of 128 bits individually. After completion of encryption, the header stored in buffer is attached to the enciphered payload and retransmitted in the format of cell. At the receiving end, the boundary of ceil is detected by the CRC method and the payload type is decided. n the payload type is the user data cell, the payload of the cell is transferred to the 3-Rijndael decryption module in the block sire of 128 bits for decryption of data. And in the case of maintenance cell, the payload is extracted without decryption processing.