• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.10
• /
• pp.2862-2882
• /
• 2023

With the development of networking technology, it has become common to use various types of network services to replace physical ones. Among all such services, electronic voting is one example that tends to be popularized in many countries. However, due to certain concerns regarding information security, traditional paper voting mechanisms are still widely adopted in large-scale elections. This study utilizes blockchain technology to design a novel electronic voting mechanism. Relying on the transparency, decentralization, and verifiability of the blockchain, it becomes possible to remove the reliance on trusted third parties and also to enhance the level of trust of voters in the mechanism. Besides, the mechanism of blind signature with its complexity as difficult as solving an elliptic curve discrete logarithmic problem is adopted to strengthen the features related to the security of electronic voting. Last but not least, the mechanism of self-certification is incorporated to substitute the centralized certificate authority. Therefore, the voters can generate the public/private keys by themselves to mitigate the possible risks of impersonation by the certificate authority (i.e., a trusted third party). The BAN logic analysis and the investigation for several key security features are conducted to verify that such a design is sufficiently secure. Since it is expected to raise the level of trust of voters in electronic voting, extra costs for re-verifying the results due to distrust will therefore be reduced.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.1
• /
• pp.11-20
• /
• 2002

In 1998, A. Young and M. Yung proposed the auto-recovery auto-certificate cryptosystem in public key infrastructure. We propose the new recoverable cryptosystem in public key infrastructure which is designed with the concept of A. Young et al's auto-recovery auto-certificate cryptosystem. It has the private/public key pairs of the user and the master private/public key pairs of the escrow authority. It is based on RSA cryptosystem and has efficiency and security.

• Journal of the Society of Disaster Information
• /
• v.19 no.4
• /
• pp.936-949
• /
• 2023

On August 3, 2023, a brutal incident of unprovoked violence, termed as "Abnormal motivated crime," occurred in a multi-use facility, where retail and transportation facilities converge, near Seohyeon Station. The assailant drove onto the sidewalk, hitting pedestrians, and then entered a department store where a knife rampage ensued, resulting in a total of 14 victims. In the aftermath of this incident, numerous murder threats were posted on social media, causing widespread anxiety among the public. This fear was further exacerbated by the emergence of a "Terrorless.01ab.net" service. Purpose: This research aims to explore necessary institutional improvements for private security personnel who protect customers and employees in multi-use facilities, to enable them to perform their duties more effectively. Method: To assess the risk of Abnormal motivated crime, a time series analysis using the ARIMA model was conducted to analyze the domestic trends of such crimes. Additionally, Result: the study presents suggestions for improvements in the domestic security service law and emergency manuals for multi-use facilities. Conclusion: This is informed by a legal analysis of the indemnity rights for weapon use by private security guards abroad and their operational authority beyond weapon usage.

• Korean Security Journal
• /
• no.11
• /
• pp.159-181
• /
• 2006

This study is concerned on Why The Certified Security certification is needed and How to control the security quality to get better service to the clients. Theses days are required The Certified Certificate in all the industry. And in this point of view, the certified certificate is a kind of confirmation by an authority to the person who has how much special knowledge and practice in a certain field. Moreover, in the functionalism society the certified certificate system would be very positive effect to the related industry and society as official measurement by an authority. The security is freedom from fear and anxiety. Which means the security can not be operated in isolation from citizen's safe-living expectation, and which is also dealing with valuable human being's life. For getting the better purpose the security industry employees should have more organized special training and education. As my understanding the certified certificate exam system is the confirmation by an authority, the certified certificate is only neutral evidence to get the confidence and credit from the clients. In this point of view the core point is How to control The Certified Certificate by a credied authority.

• Korean Security Journal
• /
• no.46
• /
• pp.63-86
• /
• 2016

The object of this study is to propose a study on the Private Investigator usage for Cyber Crime. The latest trend of cyber crime is being evolve in sophisticated and complex way over the global, like internet fraud, cyber gambling, hacking and etc. Hence national investigative authority mobilize high specialized skills and method of criminal investigation by each nation. But it is hard to respond in rapid and effective way because of propoor, distribution of group and insufficient of related legal system. Already in other countries, not considerable amount of services are given to private investigators in detection and tracking part which is inefficient by nation. So it has significantly meaningful to compensate the defect and study about private investigator usage as companion of cooperation policing for effectively respond to cyber-crime. The way to effectively deal with the cyber-crime is reevaluate meaning of partnership policing and need of private investigator usage. Also it is to analyze the main issue about introduction of a system and suggest the effective way of introduction. First, legislation of private investigator usage which is based upon partnership policing should be made up. Moreover, to establish the range of private investigator's business and enhance the reliability, it is to propose introduction of leading professional global certificate and license system with sufficient education and test. We are expecting introduction of private investigator usage can improve efficiency of investigation and promote effective countermeasures of cyber-crime.

• Korean Security Journal
• /
• no.61
• /
• pp.87-107
• /
• 2019

With the government policy on converting contract workers to full-time employees, there have been significant changes about the security personnel at the nation's critical facilities, including the National Assembly Building and airports. Moreover, the scheduled disbandment of the conscripted police force in 2023 has raised concerns about security management at different government agencies. To examine the college students' perceptions on the possible alternatives to fill the expected security gap, 234 undergraduate students of security management and protection in the Seoul metropolitan region were surveyed. Particularly, a comparative analysis was conducted on the legal bases and supervision, the employment types and salaries, and the scopes of responsibility and authority of suggested alternatives were compared. The results showed that utilization of private police forces was thought to be the most effective option. Based on the research findings, the university departments should develop and maintain a quality curriculum to educate their students to be prepared security professionals with a focus on emergency response capabilities and martial arts, including the courses on private police law and emergency rescue and cardiopulmonary resuscitation (CPR).

• Journal of the Society of Disaster Information
• /
• v.15 no.1
• /
• pp.153-164
• /
• 2019

Purpose: This paper aims to derive improvement measures, in terms of legal and technical aspects, which can reduce effectively the casualties caused by drowing accidents. Method: Firstly, we checked the status of drowing accident management and carried out the interview of field private safety guards. field private safety guards. In addition, surveys were conducted on safety personnel and managers. Based on survey results, we are lastly analyzed the specific problems and reviews the improvement measures from technical and legal aspects. Result: As an analytical result, it was considered that supplementary supporting tools such as CCTV, monitoring devices using IoT and artificial intelligence technologies were necessary to prevent drowning accident, and qualification with limited authority should be added to the private safety guard because of the lack of regulation. Conclusion: In order to manage water safety effectively, a comprehensive water safety management system should be established that integrates people and equipment through systemic education of security personnel, authorization of enforcement, and introduction of surveillance equipment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.12
• /
• pp.3352-3365
• /
• 2012

Group key agreement (GKA) is a cryptographic primitive allowing two or more users to negotiate a shared session key over public networks. Wu et al. recently introduced the concept of asymmetric GKA that allows a group of users to negotiate a common public key, while each user only needs to hold his/her respective private key. However, Wu et al.'s protocol can not resist active attacks, such as fabrication. To solve this problem, Zhang et al. proposed an authenticated asymmetric GKA protocol, where each user is authenticated during the negotiation process, so it can resist active attacks. Whereas, Zhang et al.'s protocol needs a partially trusted certificate authority to issue certificates, which brings a heavy certificate management burden. To eliminate such cost, Zhang et al. constructed another protocol in identity-based setting. Unfortunately, it suffers from the so-called key escrow problem. In this paper, we propose the certificateless authenticated asymmetric group key agreement protocol which does not have certificate management burden and key escrow problem. Besides, our protocol achieves known-key security, unknown key-share security, key-compromise impersonation security, and key control security. Our simulation based on the pairing-based cryptography (PBC) library shows that this protocol is efficient and practical.

• Korean Security Journal
• /
• no.12
• /
• pp.291-308
• /
• 2006

A regular aperture occurs between persons controlled and a person governing the society according to national formation and development. A ruler is subdivided into a king, the President, or the highest controller who can feel the uncertainty of ruler's position. To protect those people, it is called guard that used all possible means and ways to protect those people or remove the danger. An opening of guard was related to enhancement of royal authority or centralism. Firstly a military organization had acted for this, but the organization gradually became independent according to it's subdivision and systematization. During the period of the Three States and Unified Silla, the guard was needed new management system by enhancement of royal authority, expansion of the territory, and establishment of centralism. The new management system that organized the group of vassal and Siweebu take charge of guarding the king or serving as private soldiers. In the end of Silla, as a wide range of reformation of government organization, the organization of vassal like Jungsasung and Sunkyosung that developed as not only guard the king and prince but also hold the business writing.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.913-921
• /
• 2012

On the strength of the rapid development and propagation of U-healthcare service, the service technologies are full of important changes. However, U-healthcare service has security problem that patient's biometric information can be easily exposed to the third party without service users' consent. This paper proposes a distributed model according authority and access level of hospital officials in order to safely access patients' private information in u-Healthcare Environment. Proposed model can both limit the access to patients' biometric information and keep safe system from DoS attack using time stamp. Also, it can prevent patients' data spill and privacy intrusion because the main server simultaneously controls hospital officials and the access by the access range of officials from each hospital.