• Journal of the Korean Society for information Management
• /
• v.39 no.3
• /
• pp.241-261
• /
• 2022

The present study aims to investigate the effects of information poverty on North Korean refugees' social adaptation to South Korea based on Chatman's Theory of Information Poverty (1996). Based on the Theory of Information Poverty, information poverty consists of four variables: Secrecy, Deception, Risk-taking, and information acceptance in response to situational relevance. And based on the previous studies, adaptation to South Korean life is divided into social adaptation and psychological adaptation. From August 4 to August 30, 2021, after approval by the IRB through the North Korean refugee support organization , surveys were conducted with North Korean refugees who had lived in South Korea for at least one year and were aged 19 or older. The 100 collected valid data were analyzed using frequency analysis, reliability analysis, correlation analysis, and multiple linear regression analysis. Findings of the study indicated that information poverty had significant effects on North Korean refugees' social and psychological adaptation. In particular, the "deception" variable had negative effects on social and psychological adaptation. The study has theoretical implications that it explains North Korean refugees' adaptation to South Korea based on Theory of Information Poverty by defining them as information poor. Above all, it attempts a quantitative approach through operationalization of key concepts unlike previous studies that were conducted with qualitative approaches.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.789-801
• /
• 2018

Currently widely used IP cameras provide the ability to control IP cameras remotely via mobile devices. To do so, the IP camera software is installed on the website specified by the camera manufacturer, and authentication is performed through the password between the IP camera and the mobile device. However, many products currently used do not provide a secure channel between the IP camera and the mobile device, so that all IDs and passwords transmitted between the two parties are exposed. To solve these problems, we propose an authentication and key exchange protocol using ID-based signature scheme. The proposed protocol is characterized in that (1) mutual authentication is performed using ID and password built in IP camera together with ID-based signature, (2) ID and password capable of specifying IP camera are not exposed, (3) provide forward-secrecy using Diffie-Hellman key exchange, and (4) provide security against external attacks as well as an honest-but-curious manufacturer with the master secret key of the ID-based signature.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.95-101
• /
• 2016

With the rapid development of Internet and communication network technology, various studies had proceeded to develop the technology of wireless sensor networks. Authentication schemes for user and sensor are critical and important security issue to use wireless sensors legally. First, Das introduce a user authentication scheme using smart card and password for wireless sensor networks, various studies had proceeded. Chem et al. suggested a secure user authentication scheme against smart card loss attack but Chen et al. scheme does not still resolve some security vulnerability such as perfect forward secrecy, session key exposure by gateway node, anonymity, and the password check. To resolve the problems, this paper proposes a security enhanced user authentication using the fuzzy extraction, elliptic curves cryptography and dynamic ID and analyzes the security.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.7
• /
• pp.1493-1500
• /
• 2004

Today's Commercial security server system which provide secrecy, integrity and availability may still be vulnerable to denial-of-service attacks. Authentication system whith use a public key cryptography and process RSA encryption is relatively slow and the slowness has become a major security threat specifically in service flooding attacks caused by authentication requests. The service flooding attacks render the server incapable of providing its service to legitimitive clients. Therefore the importance of implementing systems that prevent denial of service attacks and provide service to legitimitive users cannot be overemphasized. In this paper, we propose a puzzle protocol which applies to authentication model. our gradually strengthening authentication model improves the availability and continuity of services and prevent denial of service attacks and we implement flooding of service tolerance system to verify the efficiency of our model. This system is expected to be ensure in the promotion of reliability.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.81-92
• /
• 2022

The rapidly growing IoT market is expanding not only in general households but also in smart homes and smart cities. Among the major protocols used in IoT, ZigBee accounts for more than 90% of the smart home's door lock market and is mainly used in miniaturized sensor devices, so the safety of the protocol is very important. However, the device using Zig Bee is not satisfied with the omnidirectional safety because it uses a fixed key during the authentication process that connects to the network, and it has not been resolved in the recently developed ZigBee 3.0. This paper proposes a design method that provides omnidirectional safety to the ZigBee authentication protocol and can be quickly applied to existing protocols. The proposed improved ZigBee authentication protocol analyzed and applied the recently developed OWE protocol to apply ECDH, which has low computational volume and provides omnidirectional safety in IoT. Based on this, it provides the safety of the ZigBee authentication protocol, and it is expected that it will be able to provide user convenience as it does not require a separate certificate or password input.

• The KIPS Transactions:PartC
• /
• v.15C no.6
• /
• pp.573-586
• /
• 2008

The improved performance and miniaturization of computer and the improvement of wireless communication technology have enabled the emergence of many high quality services. Among them multicast services are receiving much attention and their usage is increasing due to the increase of Internet multimedia services such as video conference, multimedia stream, internet TV, etc. Security plays an important role in mobile multicast services. In this paper, we proposed a secure multicast protocol for a hierarchical micro-mobility environment. The proposed secure multicast protocol provides security services such as authentication, access control, confidentiality and integrity using mechanisms including symmetric/asymmetric key crypto-algorithms and capabilities. To provide forward/backward secrecy and scalability, we used sub-group keys based on the hierarchical micro-mobility environment. With this security services, it is possible to guard against all kinds of security attacks performed by illegal mobile nodes. Attacks executed by internal nodes can be thwarted except those attacks which delete packet or cause network resources to be wasted. We used simulator to measure the performance of proposed protocol. As a result, the simulation showed that effect of these security mechanisms on the multicast protocol was not too high.

• The Korean Journal of Archival Studies
• /
• no.12
• /
• pp.81-135
• /
• 2005

The release of administrative information has been the challenge of our age following the maturation of democratic ideology in our society. However, differences of opinion and conflict still exist between the government and private sectors regarding the issue, and it seems that the technical and policy-related insufficiencies of information and record management that actually operate the release of information are the main causes. From the perspective of records management, records or information are variable in their nature, value, and influence during their life span. The most controversial issue is the records and information in the current stage of carrying out business activities. This is because the records and information pertaining to finished business are but evidence to ascertain the past, and have only a limited relationship to the ideal of the 'democratic participation' by citizens in activities of the public sector. The current information release policies are helpless against the 'absence of information,' or incomplete records, but such weakness can be supplemented by enforcing record management policies that make obligatory the recording of all details of business activities. In addition, it is understood that the installation of 'document offices("Jaryogwan")' that can manage each organization's information and records will be an important starting point to integrate the release, management, and preservation of information and records. Nevertheless, it seems that the concept of 'release' in information release policies refers not to free use by all citizens but is limited to the 'provision' of records according to public requests, and the concept of 'confidential' refers not to treating documents with total secrecy but varies according to the particulars of each situation, making the actual practice of information release difficult. To solve such problems, it is absolutely necessary to collect the opinions of various constituents associated with the recorded information in question, and to effectively mediate the collective opinions and the information release requests coming from applicants, to carry out the business more practically. Especially crucial is the management of the process by which the nature and influence of recorded information changes, so that information which has to be confidential at first may become available for inquiry and use over time through appropriate procedures. Such processes are also part of the duties that record management, which is in charge of the entire life span of documents, must perform. All created records will be captured within a record management system, and the record creation data thus collected will be used as a guide for inquiry and usage. With 'document offices(Jaryogwan)' and 'archives' controlling the entire life span of records, the release of information will become simpler and more widespread. It is undesirable to try to control only through information release policies those records the nature of which has changed because, unlike the ones still in the early stages of their life span and can directly influence business activities, their work has finished, and they have become historical records or evidences pointing to the truth of past events. Even in the past, when there existed no formal policy regarding the release of administrative information, the access and use of archival records were permitted. A more active and expanded approach must be taken regarding the 'usage' of archival records. If the key factor regarding 'release' lies in the provision of information, the key factor regarding 'usage' lies in the quality and level of the service provided. The full-scale usage of archival records must be preceded by the release of such records, and accordingly, a thorough analysis of the nature, content, and value of the records and their changes must be implemented to guarantee the release of information before their use is requested. That must become a central task of document offices and "Today's information" will soon become "yesterday's records," and the "reality" of today will become "history" of the past. The policies of information release and record management share information records as their common objective. As they have a mutual relationship that is supplementary and leads toward perfection, the two policies must both be differentiated and integrated with each another. It is hoped that the policies and business activities of record management will soon become normalized and reformed for effective and fair release of information.