• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.9
• /
• pp.1684-1697
• /
• 2011

We show that two protocols for RFID mutual authentication in pervasive computing environments, recently proposed by Kang et al, are vulnerable to several attacks. First, we show these protocols do not preserve the privacy of users' location. Once a tag is authenticated successfully, we show several scenarios where legitimate or illegitimate readers can trace the location of that tag without any further information about the tag's identifier or initial private key. Second, since the communication between readers and the database takes place over an insecure communication channel and in the plaintext form, we show scenarios where a compromised tag can gain access to confidential information that the tag is not supposed get access to. Finally, we show that these protocols are also vulnerable to the replay and denial-of-service attacks. While some of these attacks are due to simple flaws and can be easily fixed, others are more fundamental and are due to relaxing widely accepted assumptions in the literature. We examine this issue, apply countermeasures, and re-evaluate the protocols overhead after taking these countermeasures into account and compare them to other work in the literature.

• International Journal of Computer Science & Network Security
• /
• v.22 no.11
• /
• pp.284-290
• /
• 2022

The study considers trends and prospects for developing virtual (augmented) reality and civil transactions in relation to digital property. In jurisprudence, there is a need to determine the legal status of virtual and augmented reality to regulate legal relations in the digital environment. Legal relations using new digital technologies require the creation of new legislative approaches and rules of their legal regulation. The article dwells on the legal status of virtual (augmented) reality and determines the methods of regulating legal relations in the sphere of digital property. The study utilized methods for collecting single and multiple facts in order to identify the main trends in the civil circulation of digital assets, as well as private law methods. The methods of generalization, concreteness, induction and deduction reveal the legal nature and main features of virtual (augmented) reality and digital property. The paper highlights the specifics of virtual reality and civil transactions in relation to digital assets. The research has concluded that the sale, exchange and other actions with digital objects in virtual reality have distinctive features, while digital property has also unique characteristics since it is involved in civil circulation and legal relations.

• The Journal of the Korea Contents Association
• /
• v.13 no.12
• /
• pp.568-574
• /
• 2013

In recent years, IT companies offer various cloud services using hardware-based technologies or software-based technologies. User can access these cloud services without the constraints of location or devices. The technologies are virtualization, provisioning, and big data processing. However, security incidents are constantly occurring even with these techniques. Thus, many companies build and operate private cloud service to prevent the leak of critical data. If virtual environment are different according to user permission, many system are needed, and user should login several virtual system to execute an program. In this paper, I suggest the access control method for application software on virtual operating system using the Open Authentication protocol in the Cloud system.

• The Journal of the Korea Contents Association
• /
• v.12 no.5
• /
• pp.380-392
• /
• 2012

The study of security personnel and psychological empowerment and organizational commitment to investigate the relationship between prosocial behavior in 2011 in Seoul, served in the private security companies after being selected as a security guard purposive sampling method using a 300 extracted samples, but the number of cases used in the study a total of 282 people. This study SPSSWIN 18.0 using factor analysis, reliability analysis, multiple regression analysis, path analysis, the following conclusions were obtained. First, psychological empowerment on organizational commitment affects. In other words, self-determination, job performance, impact, meaning a higher level of calculation ever higher levels of commitment and affective commitment. Second, the psychological empowerment influences prosocial behavior. In other words, self-determination, meaningfulness, influence job performance higher level of customer service and increases coordination Third, organizational commitment affects the prosocial behavior. In other words, the calculation ever commitment, emotional commitment, the higher the customer service, increases the level of coordination. Fourth, psychological empowerment and organizational commitment prosocial behavior direct and indirect impacts.

• Journal of Internet Computing and Services
• /
• v.16 no.3
• /
• pp.79-93
• /
• 2015

With the rapid development of information technology, the ways of usage have changed drastically. The ways and efficiency of traditional service application to data processing already could not satisfy the requirements of modern users. Nowadays, users have already understood the importance of data. Therefore, the processing and saving of big data have become the main research of the Internet service company. In China, with the rise and explosion of 115 Cloud leads to other technology companies have began to join the battle of cloud services market. Although currently Chinese cloud services are still mainly dominated by cloud storage service, the series of service contents based on cloud storage service have been affirmed by users, and users willing to try these new ways of services. Thus, how to let users to keep using cloud services has become a topic that worth for exploring and researching. The academia often uses the TAM model with statistical analysis to analyze and check the attitude of users in using the system. However, the basic TAM model obviously already could not satisfy the increasing scale of system. Therefore, the appropriate expansion and adjustment to the TAM model (i. e. TAM2 or TAM3) are very necessary. This study has used the status of Chinese internet users and the related researches in other areas in order to expand and improve the TAM model by adding the brand influence, hardware environment and external environments to fulfill the purpose of this study. Based on the research model, the questionnaires were developed and online survey was conducted targeting the cloud services users of four Chinese main cities. Data were obtained from 210 respondents were used for analysis to validate the research model. The analysis results show that the external factors which are service contents, and brand influence have a positive influence to perceived usefulness and perceived ease of use. However, the external factor hardware environment only has a positive influence to the factor of perceived ease of use. Furthermore, the perceived security factor that is influenced by brand influence has a positive influence persistent intention to use. Persistent intention to use also was influenced by the perceived usefulness and persistent intention to use was influenced by the perceived ease of use. Finally, this research analyzed external variables' attributes using other perspective and tried to explain the attributes. It presents Chinese cloud service users are more interested in fundamental cloud services than extended services. In private cloud services, both of increased user size and cooperation among companies are important in the study. This study presents useful opinions for the purpose of strengthening attitude for private cloud service users can use this service persistently. Overall, it can be summarized by considering the all three external factors could make Chinese users keep using the personal could services. In addition, the results of this study can provide strong references to technology companies including cloud service provider, internet service provider, and smart phone service provider which are main clients are Chinese users.

• 제어로봇시스템학회:학술대회논문집
• /
• 2005.06a
• /
• pp.767-772
• /
• 2005

The Internet is a packet switched network which offers best-effort service, but current IP network provide enhanced services such Quality of Services, Virtual Private Network (VPN) services, Distribute Firewall and IP Security Gateways. All such services need packet classification for determining the flow. The problem is performing scalable packet classification at wire speeds even as rule databases increase in size. Therefore, this research offer packet classification algorithm that increase classifier performance when working with enlarge rules database by rearrange rule structure into Bitmap Intersection Lookup (BIL) tables. It will use packet's header field for looking up BIL tables and take the result with intersection operation by logical AND. This approach will use simple algorithm and rule structure, it make classifier have high search speed and fast updates.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.951-959
• /
• 2014

In the past few years, data leakage of information assets has become a prominent issue. According to the National Intelligence Service in South Korea, they found 375 cases of data leakage from 2003 to 2013, especially 49 of cases have been uncovered in 2013 alone. These criminals are increasing as time passes. Thus, it constitutes a reason for establishment and operation of ISMS (Information Security Management System) even for private enterprises. But to be ISMS certified, there are many exposed or unexposed barriers, moreover, sufficient amount of studies has not been conducted on the barriers of ISMS Certification. In this study, we analyse empirically through exploratory factor analysis (EFA) to find the obstacle factors of ISMS Certification. The result shows that there are six obstacle factors in ISMS Certification; Auditing difficulty and period, Consulting firm related, Certification precedence case and consulting qualification, Internal factor, CA reliability and auditing cost, Certification benefit.

• Journal of the Korean Home Economics Association
• /
• v.45 no.8
• /
• pp.127-142
• /
• 2007

The objective of this study was to discuss child privacy issues at Web sites targeting children, Specifically, the study examined l)types of information required for join the membership, 2)whether privacy policies at Web sites for children abide by privacy guideline, and 3)specific examples of recommendable privacy policy and problematic privacy policy from Web sites, Total of 305 Web sites targeting children were used for content analysis, Selected Web sites included recommended sites by Korea Council of Children's Organizations and food business Web sites, The results showed that more than 70% of Web sites required private information when children join the membership. Most of these Web sites provided mailing service for children. Generally, Web sites showed problems in parents' approval procedures. Also, privacy policies at Web sites frequently omitted purpose specification principle and the security safeguard principle. Regulating online service provides and marketers targeting children would be necessary for protecting child privacy. Further, education program targeting parents and children could help them make right choices to protect children's online privacy.

• The Korean Journal of Health Service Management
• /
• v.14 no.1
• /
• pp.67-78
• /
• 2020

Objectives: Using data from the 1styear of the 7th National Health and Nutrition Survey, this study administered a questionnaire to patients with oral damage and examined the type of medical care used based on the nature of the injury, further characterized by age group and sex. Methods: Of the 8,150 respondents, this study selected those who participated in the health survey and oral exam survey, excluding surveys with missing values, and set 7,681 people as the research participants. This study used SPSS Windows version 23.0(SPSS Inc. IL, USA) as the statistics program and applied the chi-square test (p) based on a complex sample and logistic regression analysis. Results: In the analysis of the type of tooth damage, there was a significant difference (p<.001) in the number of male patients who were injured due to exercise, violence, and safety accidents compared to females. However, there was no significant difference in their type of medical security and whether or not they visited a dental clinic. The patients with private insurance showed relatively high use for tooth extraction and oral surgery (p<.001). Conclusions: The best way to prevent tooth damage is to prevent the accident. For sports or exercises which may cause tooth damage, protective gear, such as a mouthpiece, should be used to prevent tooth damage.

• Korean Security Journal
• /
• no.39
• /
• pp.319-353
• /
• 2014

Cyber-based technologies are now ubiquitous around the glob and are emerging as an "instrument of power" in societies, and are becoming more available to a country's opponents, who may use it to attack, degrade, and disrupt communications and the flow of information. The globe-spanning range of cyberspace and no national borders will challenge legal systems and complicate a nation's ability to deter threats and respond to contingencies. Through cyberspace, competitive powers will target industry, academia, government, as well as the military in the air, land, maritime, and space domains of our nations. Enemies in cyberspace will include both states and non-states and will range from the unsophisticated amateur to highly trained professional hackers. In much the same way that airpower transformed the battlefield of World War II, cyberspace has fractured the physical barriers that shield a nation from attacks on its commerce and communication. Cyberthreats to the infrastructure and other assets are a growing concern to policymakers. In 2013 Cyberwarfare was, for the first time, considered a larger threat than Al Qaeda or terrorism, by many U.S. intelligence officials. The new United States military strategy makes explicit that a cyberattack is casus belli just as a traditional act of war. The Economist describes cyberspace as "the fifth domain of warfare and writes that China, Russia, Israel and North Korea. Iran are boasting of having the world's second-largest cyber-army. Entities posing a significant threat to the cybersecurity of critical infrastructure assets include cyberterrorists, cyberspies, cyberthieves, cyberwarriors, and cyberhacktivists. These malefactors may access cyber-based technologies in order to deny service, steal or manipulate data, or use a device to launch an attack against itself or another piece of equipment. However because the Internet offers near-total anonymity, it is difficult to discern the identity, the motives, and the location of an intruder. The scope and enormity of the threats are not just focused to private industry but also to the country's heavily networked critical infrastructure. There are many ongoing efforts in government and industry that focus on making computers, the Internet, and related technologies more secure. As the national intelligence institution's effort, cyber counter-intelligence is measures to identify, penetrate, or neutralize foreign operations that use cyber means as the primary tradecraft methodology, as well as foreign intelligence service collection efforts that use traditional methods to gauge cyber capabilities and intentions. However one of the hardest issues in cyber counterintelligence is the problem of "Attribution". Unlike conventional warfare, figuring out who is behind an attack can be very difficult, even though the Defense Secretary Leon Panetta has claimed that the United States has the capability to trace attacks back to their sources and hold the attackers "accountable". Considering all these cyber security problems, this paper examines closely cyber security issues through the lessons from that of U.S experience. For that purpose I review the arising cyber security issues considering changing global security environments in the 21st century and their implications to the reshaping the government system. For that purpose this study mainly deals with and emphasis the cyber security issues as one of the growing national security threats. This article also reviews what our intelligence and security Agencies should do among the transforming cyber space. At any rate, despite of all hot debates about the various legality and human rights issues derived from the cyber space and intelligence service activity, the national security should be secured. Therefore, this paper suggests that one of the most important and immediate step is to understanding the legal ideology of national security and national intelligence.