• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.1
• /
• pp.205-214
• /
• 2013

The study of the compatibility of EPUB DRM, granted by the Korea Copyright Commission, as a CT R & D project (Project Title: Development of standard reference software technology for the International Standard EPUB-based eBook DRM) developed standards such as profile standards for encryption, digital signature and authentication certificates and standards for technical terms of rights information. In 2012, these four standards have been established as the Korean Industrial Standards under the names of 'Encryption specification for EPUB DRM', 'the Digital signature specification for EPUB DRM', 'the Certificate specification for EPUB DRM', and 'Definitions of Right Terms for EPUB DRM' through the ODPF(Open Digital Standardization Forum) and the TTA(Telecommunications Technology Association). In spite of the establishment of the eBook DRM standards, however, the absence of the standard technology which supports the compatibility for issues and changes of licenses makes it unable to use eBooks served by different eBook distributors. This study tries to investigate technological approaches to methods of license issues supporting eBook DRM compatibility on the basis of the above-mentioned four EPUB DRM standards and to provide an industrially accepted technological model.

• The Journal of the Korea Contents Association
• /
• v.9 no.12
• /
• pp.787-796
• /
• 2009

The electronic commerce keeps going through a tremendous growth since the latter half of 1990's. But the consumer damages are being increased from characteristics such as non-confrontation, anonymity, internationality, unilaterality and possibility of temptation. Accordingly, this thesis has derived legal and systematic improvements for consumer protection in general as follows. First of all, it is necessary to extend the period to exercise the subscription withdrawal rights according to electronic commerce consumer protection law. Second, the electronic commerce has high possibility of causing errors by consumers because it is performed by non-confrontation and the accurate information must be provided to prevent errors in advance because it is not easy for consumers to prove their own errors. Third, a certification mark system on electronic agreement has to be adopted. Fourth, the legal, systematic and technological measures have to be adopted to prevent from having a sense of fear toward leaking or using personal information through a safe personal information management. Fifth, a strict supervision on internet trust mark is required. Finally, because the intervention or interference by a third party may take place through a hacking on messages or documents sent according to procedure in terms of online settlement, it is necessary to raise security on the system through a precise authentication between concerned parties.

• The KIPS Transactions:PartC
• /
• v.15C no.6
• /
• pp.573-586
• /
• 2008

The improved performance and miniaturization of computer and the improvement of wireless communication technology have enabled the emergence of many high quality services. Among them multicast services are receiving much attention and their usage is increasing due to the increase of Internet multimedia services such as video conference, multimedia stream, internet TV, etc. Security plays an important role in mobile multicast services. In this paper, we proposed a secure multicast protocol for a hierarchical micro-mobility environment. The proposed secure multicast protocol provides security services such as authentication, access control, confidentiality and integrity using mechanisms including symmetric/asymmetric key crypto-algorithms and capabilities. To provide forward/backward secrecy and scalability, we used sub-group keys based on the hierarchical micro-mobility environment. With this security services, it is possible to guard against all kinds of security attacks performed by illegal mobile nodes. Attacks executed by internal nodes can be thwarted except those attacks which delete packet or cause network resources to be wasted. We used simulator to measure the performance of proposed protocol. As a result, the simulation showed that effect of these security mechanisms on the multicast protocol was not too high.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.17 no.4
• /
• pp.19-25
• /
• 2017

In the reality that the use of the web is becoming commonplace, the general people are complaining about the inconvenience because they are not standardized when using the web site. Especially, the disabled people such as the social underprivileged classes people suffer from the inconvenience due to the web site that is not accessible. The purpose of this study is to conduct an authentication audit to obtain web accessibility certification mark on the homepage of a specific public institution. Through these practical cases, it is possible to improve the recognition of web accessibility by practitioners or managers, And suggest ways to improve the Aging existing public institution web sites. Although there are a lot of existing literature and previous researches, it is still not being newly produced because of lack of awareness of web accessibility, As a result, the users who access the web site of the public institution for the first time are much inconvenienced. In order to solve this problem, this paper compares the Korean web content accessibility guideline 2.1, revised in April 2015, and verified the effectiveness of the guidelines through web accessibility evaluation of specific public institution sites.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.2
• /
• pp.127-136
• /
• 2013

The study of the compatibility of EPUB DRM, granted by the Korea Copyright Commission, as a CT R & D project (Project Title: The Development of the standard reference software technology for International Standard EPUB-based eBook DRM) developed standards such as profile standards for encryption digital signature and authentication certificates and standards for technical terms of rights information. In 2012, these four standards have been established as the Korean Industrial Standards under the names of 'Encryption specification for EPUB DRM,' 'the Digital signature specification for EPUB DRM,' 'the Certificate specification for EPUB DRM,' and 'Definitions of Right Terms for EPUB DRM' through the ODPF(Open Digital Standardization Forum) and the TTA(Telecommunications Technology Association). The research project also proposed standards of ebook DRM license protocols in order for the four standards to practically apply to ebook DRM compatibility. It is necessary for technology standards to require a compatibility standard test process for testing whether implementations which were developed on the basis of the standard specification, comply with standards. This study suggests an automated compatible standard test method and a test model under the ebook DRM standard technical specification.

• Journal of Internet of Things and Convergence
• /
• v.6 no.3
• /
• pp.67-73
• /
• 2020

The research status of endangered amphibians in Korea was mainly studied the life-cycle and distribution status of species from the 1980s to the early 2000s. Although a relatively diverse range of studies have been conducted on mackerels, studies on habitat prediction, analysis, change and management are insufficient. WEB, which provides biota information using location information in Korea, is a site operated by the National Bio Resource Center under the Ministry of Environment, but there is no information on endangered species and general species information has also been found to be very scantily. For this research, we secured a database of location information of Narrow-mouth frog, an endangered species, by combining literature and field research, and established a system by applying new technologies and open-based platform technologies that can be easily accessed by non-technical personnel of IT among IT technologies. The system was divided into administrator functions and user functions to prevent indiscriminate sharing of information through authentication procedures through user membership of users. The established system was authorized to show the distance between the current location and the location of the Narrow-mouth frog. Considering the ecological characteristics of the Narrow-mouth frog, which is an endangered species, a radius of 500m was marked to determine the habitat range. The system is expected to be applied to the legal system to change existing protected areas, etc. and to select new ones. It is estimated that practical reduction measures can be derived by utilizing the development plan for reviewing the natural environment. In addition, the deployed system has the advantage of being able to apply to a wide variety of endangered species by modifying the information entered.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.6
• /
• pp.333-340
• /
• 2014

Despite the security weakness of reusing passwords, many Internet users are likely to use a single ID and password on various sites to avoid the inconvenience of remembering multiple credentials. This paper proposes a scheme for securely storing, retrieving, and updating randomly chosen (ID, password) pairs by using smart cards as secure and portable storages. The scheme makes a user free from remembering her (ID, password) pairs for Internet accesses. By splitting and scattering the (ID, password) pairs of a user across the user's smart card memory and a remote server's storage, it can protect the logon credentials even from the theft or loss of the smart card. Also, a user, if deemed necessary, can issue and let the server to delete all information belonging to the user. Hence even an attacker who cracked the smart card memory would not be able to obtain any (ID, password) pair of the victim thereafter. The scheme requires a user to input a site information and pass-phrase to her smart card to obtain the logon credentials, but it should be an acceptable overhead considering the benefits of not remembering the freely chosen (ID, password) pairs at all.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.3
• /
• pp.81-90
• /
• 2018

Due to the dramatic advancement of IoT (Internet of Things), it is expected that tens of billions of IoT devices will be connected by the year 2024. Furthermore, as IoT technologies evolves, the security management in IoT platforms has become a critical issue. For example, there are interworking problems between heterogeneous IoT platforms caused by differences from communication protocols, security policies, etc. in each platform. In addition, unsecured interworking can cause major security issues including the information leakage. In this paper, in order to solve these problems, a security interworking architecture is proposed and implemented in both FIWARE and oneM2M, which are representative IoT platforms. First, the security architecture of FIWARE is analyzed and implemented, and then the security framework based on OAuth 2.0 is developed on Mobius platform. Finally, in order to validate the proposed security interworking architecture, a LED (Light-Emitting Diode) example, where the LED is controlled by only authorized users, is developed. The proposed architecture can be extended to the diverse IoT platforms and devices.

• Journal of Internet Computing and Services
• /
• v.22 no.2
• /
• pp.123-131
• /
• 2021

The Fourth Industrial Revolution was triggered by data-driven digital technologies such as AI and big data. There is a rapid movement to expand the scope of data utilization to the privacy area, which was considered only a protected area. Through the revision of the Data 3 Act, laws and systems were established that allow personal information to be freely transferred and utilized under their consent. But, it will be necessary to support the platform that encompasses the entire process from collecting personal information to managing and utilizing it. In this paper, we propose a platform model that can be applied to building mydata ecosystem using personal information. It describes the six essential functional requirements for building MyData platforms and the procedures and methods for implementing them. The six proposed essential features describe consent, sharing/downloading/ receipt of data, data collection and utilization, user authentication, API gateway, and platform services. We also illustrate the case of applying the MyData platform model to real-world, underprivileged mobility support services.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.5
• /
• pp.93-106
• /
• 2006

With the rapid growth of the wireless Internet communication, a new generation of mobile devices have made possible the broad distribution of mobile digital contents, such as image, music, video, games and applications over the wireless Internet. Mobile devices are rapidly becoming the major means to extend communication channels without copy Protection, usage rule controlling and authentication. As a result, mobile digital contents may be illegally altered, copied and distributed among unauthorized mobile devices. In this paper, we take a look at Open Mobile Alliance (OMA) DRM v2.0 in general, its purpose and function. The OMA is uniquely the focal point for development of an open standard for mobile DRM. Next we introduces features for an active content and illustrates the difference between an active content and an inactive content. Enabling fast rendering of an active content, we propose an OMA-based DRM framework. This framework include the following: 1) Extending DCF Header for supporting an selective encryption, 2) Content encryption key management, 3) Rendering API for an active content. Experimental results show that the proposed framework is able to render an active content fast enough to satisfy Quality of Experience. %is framework has been proposed for a mobile device environment, but it is also applicable to other devices, such as portable media players, set-top boxes, or personal computer.