• Journal of the Korea Society of Computer and Information
• /
• v.28 no.10
• /
• pp.93-101
• /
• 2023

In this paper, as a result of analyzing the TMIS authentication protocol using ECC and biometric information proposed by Chen-Chen in 2023, there were security problems such as user impersonation attack, man-in-the-middle attack, and user anonymity. Therefore, this paper proposes an improved authentication protocol that provides user anonymity to solve these problems. As a result of analyzing the security of the protocol proposed in this paper, it was analyzed to be secure for various attacks such as offline password guessing attack, user impersonation attack, smart-card loss attack, insider attack, perfect forward attack. It has also been shown to provided user privacy by guaranteeing user anonymity and untraceability, which must be guaranteed in TMIS. In addition, there was no significant increase in computational complexity, so the efficiency of execution time was achieved. Therefore, the proposed protocol in this paper is a suitable user authentication protocol for TMIS.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.9
• /
• pp.79-89
• /
• 2013

Recently, the need for outsourcing sensitive data has grown due to the wide spreading of cost-effective and flexible cloud service. However, there is a fundamental concern in using such service since users have to trust external servers. Therefore, searchable encryption can be a very valuable tool to meet the security requirements of data outsourcing. However, most of work on searchable encryption focus only on privacy preserving search function and relatively lacks research on encryption mechanism used to actually encrypt data. Without a suitable latter mechanism, searchable encryption cannot be deployed in real world cloud services. In this paper, we analyze previously used and possible data encryption mechanisms for multi-user searchable encryption system and discuss their pros and cons. Our results show that readily available tools such as broadcast encryption, attribute-based encryption, and proxy re-encryption do not provide suitable solutions. The main problem with existing tools is that they may require separate fully trusted servers and the difficulty in preventing collusion attacks between outsiders and semi-trusted servers.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.6
• /
• pp.159-166
• /
• 2013

Recently, because the interest and needs in privacy protection are growing, smartcard-based remote user authentication schemes have been actively studied to provide the user anonymity. In 2008, Kim et al. first proposed an authentication scheme in order to ensure the user anonymity against both external attackers and the remote server and track malicious users with the help of a trusted trace sever. However, in 2010, Lee et al. showed that Kim et al.'s scheme cannot provide the user anonymity against remote server, which is because the server can trace users without any help of the trace server, and then proposed a improved scheme. On the other hand, in 2010, Horng et al. proposed an authentication scheme with non-tamper resistant smart cards, in which the non-tamper resistant smart card means that an attacker may find out secret information stored in the smart card through special data analysis techniques such as monitoring power consumption, to be secure against a variety of attacks and to provide the user anonymity against external attackers. In this paper, we will propose a remote user authentication scheme with non-tamper resistant smart cards not only to ensure the user anonymity against both external attackers and the remote server but also to track malicious users with only the help of a trusted trace sever.

• KIPS Transactions on Software and Data Engineering
• /
• v.4 no.5
• /
• pp.231-240
• /
• 2015

Medical imagery require to protect the privacy with preserving the quality of the original contents. Therefore, reversible watermarking is a solution for this purpose. Previous researches have focused on general imagery and achieved high capacity and high quality. However, they raise a distortion over entire image and hence are not applicable to medical imagery which require to preserve the quality of the objects. In this paper, we propose a novel reversible watermarking for medical imagery, which preserve the quality of the objects and achieves high capacity. First, object and background region is segmented and then predicted error histogram-based reversible watermarking is applied for each region. For the efficient watermark embedding with small distortion in the object region, the embedding level at object region is set as low while the embedding level at background region is set as high. In experiments, the proposed algorithm is compared with the previous predicted error histogram-based algorithm in aspects of embedding capacity and perceptual quality. Results support that the proposed algorithm performs well over the previous algorithm.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.2
• /
• pp.71-85
• /
• 2016

The purpose of this research is to study technical and policy improvements of carrier billing services, which are a developing and growing industry, by adopting a meta-analysis method. Implications were derived from studying 15 years-worth of academic research papers (from 2001 to 2015), by analyzing the trends over a total of 109 such research papers on carrier billing services. First, looking at the characteristics of the main studies of the papers from 2008 to 2009, it papers appeared that dealt with preventing fraudulent transactions and preserving consumer protection. Privacy, policy proposals and studies for new systems were researched from 2010-2012. Service, success factors, damage prevention systems research, law, and institutions were discussed in 2013-2015 mainly. Second, the research showed that the number of carrier billing service studies increased due to social issues(telecommunications billing services deregulation, the emergence smartphones, fraud). Third, in sectorial research results, technology was the focus area of 47 papers (43.1%), the service sector was the focus of 39 pieces (35.8%) and law and policy improvement accounted for 23 pieces (21.1%). The study of technology and service areas was the most active and according to changes in the environment, law and policy improvement were second to most active. This study will contribute to improving relevant institutions and research directions about study trends in carrier billing services.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.41-52
• /
• 2010

Message authentication is an essential security element in vehicular ad-hoc network(VANET). For a secure message authentication, integrity, availability, privacy preserving skill, and also efficiency in various environment should be provided. RAISE scheme has been proposed to provide efficient message authentication in the environment crowded with lots of vehicles and generally considered to be hard to provide efficiency. However, as the number of vehicles communicating in the area increases, the overhead is also incurred in proportion to the number of vehicles so that it still needs to be reduced, and the scheme is vulnerable to some attacks. In this paper, to make up for the vulnerabilities in dense vehicular communication network, we propose a more secure and efficient scheme using a process that RSU(Road Side Unit) transmits the messages of neighbor vehicles at once with Bloom Filter, and timestamp to protect against replay attack. Moreover, by adding a handover function to the scheme, we simplify the authentication process as omitting the unnecessary key-exchange process when a vehicle moves to other area. And we confirm the safety and efficiency of the scheme by simulating the false positive probability and calculating the traffic.

• Journal of Korean Academic Society of Home Health Care Nursing
• /
• v.10 no.1
• /
• pp.58-72
• /
• 2003

The purpose of this study was to describe the perceived burden of the terminally III patients's caregiver and to analyze relationship between the perceived burden and the various demographics, illness characteristics, family relationships, and economic factor of the family & patients. The sample of 132 caregivers who care for the terminally III patients Kyung-Gi province, Seoul, Korea. The period of this study was from August to September, 2002. The perceived burden of the family caregiver was measured by the burden scale(20 items, 4 point scale) developed by Montgomery et al. (1985). The Data was analyzed using SAS-program by t-test and ANOVA. The results were as follows; 1. The mean of the family caregiver's burden score was 3.02. The score showed that caregivers perceive severe the level of burden. The hight items of the family caregiver's burden were' I feel it is painful to watch patient's diseases'(3.77). 'I feel afraid for what the future holds for my patients'(3.66), 'I feel it reduced to amount of privacy time'(3.64). 2. The caregiver's burden was significantly related to patient's gender(F=3.17, p= 0.0020), patient's job(F=2.49, p=0.0476), caregiver's age(F=4.29, p=0.0030), and caregiver's job(F=2.49, p=0.0476). 3. The caregiver's burden according to illness characteristics showed no significant difference. 4. The caregiver's burden was significantly associated with patient's family relationship (F=4.05, p=0.0041), patient's care mean period in a day(F=47.18,

• Journal of Korean Society of Archives and Records Management
• /
• v.3 no.1
• /
• pp.129-140
• /
• 2003

The ultimate goal of preserving and maintaining the records is to use them practically. The effective use of records should be supported by the reasonable recordskeeping systems and access standards. In this report, I examined the Korean laws and administrative systems related to the public records access issues. After I pointed out major problems of the access laws, the Government Information Opening Act (GOIA), and the problems in practices, I suggested some alternatives for the betterment of the access system. The GIOA established "eight standards of exemption to access" not to open some information to protect national interests and privacy. The Public Records Management Act (PRMA) applies to the archives transferred to "professional archives." The two laws show fundamental differences in the ways to open the public records to public. First, the GIOA deals with the whole information (the records) that public institutions keep and maintain, while the PRMA deals with the records that were transferred to the Government Archives. Second, the GIOA provides with a legal procedure to open public records and the standards to open or not to open them, while the PRMA allows the Government Archives to decide whether the transferred records should be opened or not. Third, the GIOA applies to record producing agencies, while the PRMA applies to public archival institutions. One of the most critical inadequacies of the PRMA is that there are no standards to judge to open the archives through reclassification procedure. The GIOA also suggests only the type of information that is not accessible. It does not specify how long the records can be closed. The GARS does not include the records less than 30 years old as its objects of the reclassification. To facilitate the opening of the archives, we need to revise the GIOA and the PRMA. It is necessary to clearly divide the realms between the GIOA and the PRMA on the access of the archives. The PRMA should clarify the principles of the reclassification as well as reclassifying method and exceptions. The exemption standards of the GIOA should be revised to restrict the abuse of the exemption clauses, and they should not be applied to the archives in the GARS indiscreetly and unconditionally.