• Journal of Internet Computing and Services
• /
• v.17 no.6
• /
• pp.93-101
• /
• 2016

As the Android smart phones become more popular, applications that handle users' personal data such as IDs or passwords and those that handle data directly related to companies' income such as in-game items are also increasing. Despite the need for such information to be protected, it can be modified by malicious users or leaked by attackers on the Android. The reason that this happens is because debugging functions of the Linux, base of the Android, are abused. If an application uses debugging functions, it can access the virtual memory of other applications. To prevent such abuse, access controls should be reinforced. However, these functions have been incorporated into Android O.S from its Linux base in unmodified form. In this paper, based on an analysis of both existing memory access functions and the Android environment, we proposes a function that verifies thread group ID and then protects against illegal use to reinforce access control. We conducted experiments to verify that the proposed method effectively reinforces access control. To do that, we made a simple application and modified data of the experimental application by using well-established memory editing applications. Under the existing Android environment, the memory editor applications could modify our application's data, but, after incorporating our changes on the same Android Operating System, it could not.

• Journal of Digital Convergence
• /
• v.17 no.10
• /
• pp.49-58
• /
• 2019

In the era of the 4th industrial revolution, the development of information technology brought various benefits, but it also increased social interest in privacy issues. As the possibility of personal privacy violation by big data increases, academic discussion about privacy management has begun to be active. While the traditional view of privacy has been defined at various levels as the basic human rights, most of the recent research trends are mainly concerned only with the information privacy of online privacy protection. This limited discussion can distort the theoretical concept and the actual perception, making the academic and social consensus of the concept of privacy more difficult. In this study, we analyze the privacy concept that is exposed on the internet based on 12,000 news data of the portal site for the past one year and compare the difference between the theoretical concept and the socially accepted concept. This empirical approach is expected to provide an understanding of the changing concept of privacy and a research direction for the conceptualization of privacy for current situations.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.21 no.2
• /
• pp.116-131
• /
• 2022

With the recent progress of the 4th industrial revolution, the logistics industry is also making efforts to introduce smart logistics, and various attempts are being made to spread logistics informatization, which is the core of smart logistics. Among these, blockchain technology is considered as a technology that will contribute to the spread of logistics informatization and is being applied to various fields. Accordingly, in this study, to discuss the applicability of blockchain technology to the logistics industry, the characteristics of blockchain technology were defined, related cases were reviewed, and a survey was conducted on the possibility of application in the industry. Blockchain technology can be defined as having the characteristics of economic feasibility, speed, transparency in terms of work efficiency, and scalability, decentralization (decentralization), reliability (security) in terms of added value creation. It was confirmed that many are being introduced in the fields of distribution, finance, personal information, and public services. As a result of the survey on the logistics industry, it was confirmed that the level of informatization of the logistics industry had entered the stage of generating profits by using information, but the industry was passive in sharing and utilizing information due to concerns about information leakage. Nevertheless, the awareness and expectation of the need for informatization is high, and it is expected that the informatization of the logistics industry and realizing smart logistics based on it will advance one step further with the introduction of blockchain technology in the future.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.18 no.3
• /
• pp.465-474
• /
• 2023

As the effective use and strong protection of an organization's information resources are recognized as a condition for the growth of an organization, they are increasing technological and policy investments in IS(information security). However, information exposure can occur from external invasions such as hacking and incidents related to misuse and abuse by insiders. This study proposes a mechanism that considers the organizational environment and individual characteristics from the viewpoint of promoting employees' IS participation activities. In other words, the study presents the complex effects of organizational environmental factors (ethical leadership, IS collaborative communication) and personal factors (person-organization fit) on organization trust and IS voice behavior. We surveyed office workers who asked for IS-related business activities and tested hypotheses using 422 samples. As a result, ethical leadership influenced organization trust through collaborative communication, and organization trust strengthened IS voice behavior by having an interaction effect with person-organization fit. This study suggests direction for establishing an organizational environment for promoting IS-related activities by office workers, so it provides practical implications for organizations with goals related to internal information exposure control.

• Korea Journal of Hospital Management
• /
• v.8 no.4
• /
• pp.59-75
• /
• 2003

This study was conducted to investigate the degree of utilization of outsourcing in large hospitals in Korea. We also investigated the outcome and the level of satisfaction for adopting outsourcing in these hospitals. Types of work areas that were currently operated by outsourcing and were planned to adopt outsourcing in the future were identified. A total of 83 hospitals were eligible for this study, which had more than 500 beds, and were identified from the 2003 National Hospital List published by the Korean Hospital Association. A self-administered Questionnaire survey was conducted between April 25th and May 20th in 2003 with a personnel being charged of arrangement of outsourcing in each hospital. Among the 58 hospitals responding the survey(response rate=69.9%), 49 hospitals(84.5%) utilized outsourcing in at least one work field in their organizations. The largest proportion of the hospitals(85.7%) using outsourcing responded that the biggest outcome after introducing outsourcing were cost reduction(49.0%), followed by improved efficiency in operating the organization or human resources(34.7%) and the improved quality of the work(6.1%). The degree of satisfaction for outsourcing among the hospital managers(3.43) was significantly higher than that among the employees(3.l4) on a S-point Likert-type scale(p<0.05). Among the 7 work areas, the hospitals used outsourcing most frequently in facility management(housekeeping, building maintenance, hospital security and parking management), followed by non-medical profit business(funeral, convenient store, and cafeteria), logistics(provision of patient meal, in-house delivery, and purchasing), and information and computing system(hospital information system, maintenance of personal computers and printers). The work areas that the hospitals planned to adopt or expand the outsourcing in the future most frequently were facility management, non-medical profit business, logistics, and information and computing systems. In conclusion, outsourcing was highly diffused in large Korean hospitals, particularly in the work field of facility management and non-medical profit business. The satisfaction for outsourcing was not high yet in Korean hospitals.

• Journal of Digital Contents Society
• /
• v.16 no.3
• /
• pp.389-395
• /
• 2015

Digital image provides many conveniences at the internet environment recently. A great number of applications, like Digital Library, Stock Image, Personal Image and Important Information, require the use of digital image. However it has fatal defect which is easy to be modified because digital image is only electronic file. Numerous digital image forgeries have become a serious problem due to the sophistication and accessibility of image editing software. Copy-Move forgery is the simplest type of forgery that involves copying portion of an image and paste it on different location within the image. There are many approaches to detect Copy-Move forgery, but all of them have their own limitations. In this paper, visual and invisible feature based forgery detection techniques are tested and analyzed. The analysis shows that pros and cons of these two techniques compensate each other. Therefore, a hybrid of visual based and invisible feature based forgery detection that combine the merits of both techniques is proposed. The experimental results show that the proposed algorithm has enhanced performance compared to individual techniques. Moreover, it provides more information about the forgery, like identifying copy and duplicate regions.

• The Transactions of the Korea Information Processing Society
• /
• v.13 no.9
• /
• pp.395-403
• /
• 2024

Recently, with the advancement of technology, the automotive industry has seen an increase in network connectivity. CAN (Controller Area Network) bus technology enables fast and efficient data communication between various electronic devices and systems within a vehicle, providing a platform that integrates and manages a wide range of functions, from core systems to auxiliary features. However, this increased connectivity raises concerns about network security, as external attackers could potentially gain access to the automotive network, taking control of the vehicle or stealing personal information. This paper analyzed abnormal messages occurring in CAN and confirmed that message occurrence periodicity, frequency, and data changes are important factors in the detection of abnormal messages. Through DBC decoding, the specific meanings of CAN messages were interpreted. Based on this, a model for classifying abnormalities was proposed using the GRU model to analyze the periodicity and trend of message occurrences by measuring the difference (residual) between the predicted and actual messages occurring within a certain period as an abnormality metric. Additionally, for multi-class classification of attack techniques on abnormal messages, a Random Forest model was introduced as a multi-classifier using message occurrence frequency, periodicity, and residuals, achieving improved performance. This model achieved a high accuracy of over 99% in detecting abnormal messages and demonstrated superior performance compared to other existing models.

• The Korean Society of Law and Medicine
• /
• v.23 no.4
• /
• pp.29-74
• /
• 2022

As social disasters occur under the Disaster Management Act, which can damage the people's "life, body, and property" due to the rapid spread and spread of unexpected COVID-19 infectious diseases in 2020, information collected through inspection and reporting of infectious disease pathogens (Article 11), epidemiological investigation (Article 18), epidemiological investigation for vaccination (Article 29), artificial technology, and prevention policy Decision), (3) It was used as an important basis for decision-making in the context of an infectious disease crisis, such as promoting vaccination and understanding the current status of damage. In addition, medical policy decisions using infectious disease data contribute to quarantine policy decisions, information provision, drug development, and research technology development, and interest in the legal scope and limitations of using infectious disease data has increased worldwide. The use of infectious disease data can be classified for the purpose of spreading and blocking infectious diseases, prevention, management, and treatment of infectious diseases, and the use of information will be more widely made in the context of an infectious disease crisis. In particular, as the serious stage of the Disaster Management Act continues, the processing of personal identification information and sensitive information becomes an important issue. Information on "medical records, vaccination drugs, vaccination, underlying diseases, health rankings, long-term care recognition grades, pregnancy, etc." needs to be interpreted. In the case of "prevention, management, and treatment of infectious diseases", it is difficult to clearly define the concept of medical practicesThe types of actions are judged based on "legislative purposes, academic principles, expertise, and social norms," but the balance of legal interests should be based on the need for data use in quarantine policies and urgent judgment in public health crises. Specifically, the speed and degree of transmission of infectious diseases in a crisis, whether the purpose can be achieved without processing sensitive information, whether it unfairly violates the interests of third parties or information subjects, and the effectiveness of introducing quarantine policies through processing sensitive information can be used as major evaluation factors. On the other hand, the collection, provision, and use of infectious disease data for research purposes will be used through pseudonym processing under the Personal Information Protection Act, consent under the Bioethics Act and deliberation by the Institutional Bioethics Committee, and data provision deliberation committee. Therefore, the use of research purposes is recognized as long as procedural validity is secured as it is reviewed by the pseudonym processing and data review committee, the consent of the information subject, and the institutional bioethics review committee. However, the burden on research managers should be reduced by clarifying the pseudonymization or anonymization procedures, the introduction or consent procedures of the comprehensive consent system and the opt-out system should be clearly prepared, and the procedure for re-identifying or securing security that may arise from technological development should be clearly defined.

• Journal of the Korean Society for information Management
• /
• v.38 no.3
• /
• pp.23-39
• /
• 2021

This study aims to explore research trends in Blockchain studies in South Korea using dynamic topic modeling and network analysis. To achieve this goal, we conducted the university & institute collaboration network analysis, the keyword co-occurrence network analysis, and times series topic analysis using dynamic topic modeling. Through the university & institute collaboration network analysis, we found major universities such as Soongsil University, Soonchunhyang University, Korea University, Korea Advanced Institute of Science and Technology (KAIST) and major institutes such as Ministry of National Defense, Korea Railroad Research Institute, Samil PricewaterhouseCoopers, Electronics and Telecommunications Research Institute that led collaborative research. Next, through the analysis of the keyword co-occurrence network, we found major research keywords including virtual assets (Cryptocurrency, Bitcoin, Ethereum, Virtual currency), blockchain technology (Distributed ledger, Distributed ledger technology), finance (Smart contract), and information security (Security, privacy, Personal information). Smart contracts showed the highest scores in all network centrality measures showing its importance in the field. Finally, through the time series topic analysis, we identified five major topics including blockchain technology, blockchain ecosystem, blockchain application 1 (trade, online voting, real estate), blockchain application 2 (food, tourism, distribution, media), and blockchain application 3 (economy, finance). Changes of topics were also investigated by exploring proportions of representative keywords for each topic. The study is the first of its kind to attempt to conduct university & institute collaboration networks analysis and dynamic topic modeling-based times series topic analysis for exploring research trends in Blockchain studies in South Korea. Our results can be used by government agencies, universities, and research institutes to develop effective strategies of promoting university & institutes collaboration and interdisciplinary research in the field.

• The KIPS Transactions:PartB
• /
• v.15B no.4
• /
• pp.275-284
• /
• 2008

With increases in recent security requirements, biometric technology such as fingerprints, faces and iris recognitions have been widely used in many applications including door access control, personal authentication for computers, internet banking, automatic teller machines and border-crossing controls. Finger vein recognition uses the unique patterns of finger veins in order to identify individuals at a high level of accuracy. This paper proposes new device and methods for touchless finger vein recognition. This research presents the following five advantages compared to previous works. First, by using a minimal guiding structure for the finger tip, side and the back of finger, we were able to obtain touchless finger vein images without causing much inconvenience to user. Second, by using a hot mirror, which was slanted at the angle of 45 degrees in front of the camera, we were able to reduce the depth of the capturing device. Consequently, it would be possible to use the device in many applications having size limitations such as mobile phones. Third, we used the holistic texture information of the finger veins based on a LBP (Local Binary Pattern) without needing to extract accurate finger vein regions. By using this method, we were able to reduce the effect of non-uniform illumination including shaded and highly saturated areas. Fourth, we enhanced recognition performance by excluding non-finger vein regions. Fifth, when matching the extracted finger vein code with the enrolled one, by using the bit-shift in both the horizontal and vertical directions, we could reduce the authentic variations caused by the translation and rotation of finger. Experimental results showed that the EER (Equal Error Rate) was 0.07423% and the total processing time was 91.4ms.