• Journal of KIISE:Databases
• /
• v.36 no.5
• /
• pp.352-365
• /
• 2009

Recently, data access control policies have not been applied for authorized or unauthorized persons properly and information leakage incidents have occurred due to database security vulnerabilities. In the traditional database access control methods, administrators grant permissions for accessing database objects to users. However, these methods couldn't be applied for diverse access control policies to the database. In addition, another database security method which uses data encryption is difficult to utilize data indexing. Thus, this paper proposes an enhanced database access control system via a packet analysis method between client and database server in network to apply diverse security policies. The proposed security system can be applied the applications with access control policies related to specific factors such as date, time, SQL string, the number of result data and etc. And it also assures integrity via a public key certificate and MAC (Message Authentication Code) to prevent modification of user information and query sentences.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.479-490
• /
• 2013

Recently, the number of attacks by malicious application has significantly increased, targeting Android-platform mobile terminal such as Samsung Galaxy Note and Galaxy Tab 10.1. The malicious application can be distributed to currently used mobile devices through open market masquerading as an normal application. An attacker inserts malicious code into an application, which might threaten privacy by rooting attack. Once the rooting attack is successful, malicious code can collect and steal private data stored in mobile terminal, for example, SMS messages, contacts list, and public key certificate for banking. To protect the private information from the malicious attack, malicious code detection, rooting attack detection and countermeasure method are required. To meet this end, this paper investigates rooting attack mechanism for Android-platform mobile terminal. Based on that, this paper proposes countermeasure system that enables to extract and collect events related to attacks occurring from mobile terminal, which contributes to active protection from malicious attacks.

• Journal of the Korean Institute of Navigation
• /
• v.14 no.3
• /
• pp.63-73
• /
• 1990

Students of the Mogpo Merchant Marine College must complete one year's shipboard training course according to IMO(International Maritime Organization) regulations as an obtaining matter of Certificate of Competency. The purpose of this shipboard training course lies int he student's acquiring practical knowledge and sill as a part of a course of study and, in the future, fostering essential adaptability and leadership, especially in bad circumstances on the sea. The shipboard training course has two kind that the students can be trained either on the training ship or on a merchant ship of the shipping company. In this paper, I only thought over the legal status of apprentice officers on the merchant ship and analyzed the problems practicably during shipboard training. This paper is made up of five chapters. The first chapter contains the purpose contents and method of this study, in the second, the meaning of shipboard practice education and training, in the third, the legal status of apprentice officers on merchant ship, in the fourth, the analysis of the provisions of the seamen act applied to apprentice officers on a merchant ship. And in the last chapter 5, the contents mentioned is summarized and directions are presented to amend the provisions of the seamen act applied to apprentice officers. The conclusions are as follows. 1.In case of shipboard training on overseas employment ship, the seamen act applied to the manning agent employing the apprentice officers should be reinforced. 2. The provisions of disembarkation in mid course by discipline of the seamen acts Article 24 should be relaxed. And the provisions in relations to seamen's duty to be a reason of discipline applied to apprentice officer among the provisions for ship's public order maintenance should be abolished. 3. The provision of repartriation completely should be applied to apprentice officers and the provisions of a journey expenditure during their embarkation or disembarkation have to be established. 4. The apprentice officers in shipboard training also need securing a basic wages provision to be criterion of an accident compensation. 5. The apprentice officers in shipboard training should not be in charge of third officer's or third engineer' study.

• The KIPS Transactions:PartC
• /
• v.9C no.3
• /
• pp.313-322
• /
• 2002

In this paper, proposes Kerberos certification mechanism that improve certification service of PKINIT base that announce in IETF CAT Working Ggroup. Did to certificate other realm because search position of outside realm through DNS and apply X.509 directory certification system, acquire public key from DNS server by chain (CertPath) between realms by certification and Key exchange way that provide service between realms applying X.509, DS/BNS of PKINIT base. In order to provide regional services, Certification and key exchange between realms use Kerberos' symmetric method and Session connection used Directory service to connection X.509 is designed using an asymmetric method. Excluded random number ($K_{rand}$) generation and duplex encryption progress to confirm Client. A Design of Kerberos system that have effect and simplification of certification formality that reduce Overload on communication.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.4B
• /
• pp.419-427
• /
• 2009

This paper propose DA-UDC(Double Authentication User, Device, Cross) Module which solves the cost problem and the appropriation of Certificate using User Authentication, Device Authentication and Cross Authentication with OTA(One Time Authentication) Key, and which is designed not to subscribe to the service of Home network business. Home Server transmits its public key which is needed to create OTA to the user which passed the first step of authentication which verifies User ID, Device ID and Session Key. And it performs the second step of authentication process which verifies the OTA key created by a user. Whenever the OTA key of DA-UDC module is generated, the key is designed to be changed. Therefore, DA-UDC Module prevents the exposure of User and Device ID by performing the two steps of authentication and enhances the authentication security of Home Network from malicious user with OTA key. Also, DA-UDC Module is faster than the existing authentication system in processing speed because it performs authentication calculation only once. Though DA-UDC Module increases data traffic slightly because of the extra authentication key, it enhances the security more than the existing technique.

• Proceedings of the Korean Institute Of Construction Engineering and Management
• /
• 2004.11a
• /
• pp.414-418
• /
• 2004

Quality system of construction industry in Korea was a means to prevent unqualified construction work. But lately, it has became an essential requirement. So, lots of construction companies acquire ISO quality management system which provides fundamental management criteria. Now, most of the Korean construction companies have got IS0 quality management system. So, getting ISO quality management system doesn't mean advantage in public competition of construction bidding and that causes increase in the maintenance cost. That's why some construction companies abandon the 150 certificate. Therefore, the authors need to check the effect of ISO quality management system. For this, the authors provide the performance measurement index of ISO quality management system.

• Journal of Preventive Medicine and Public Health
• /
• v.41 no.1
• /
• pp.17-22
• /
• 2008

Objectives : Period analysis estimates up-to-date survival rates of cancer patients. In this approach, analysis is restricted to recent time period by left-truncating all observations at the beginning of the period and right-censoring at its end. Here, we applied period analysis to examine changes in 5-year relative survival (RS) by age group for 1997 and for 2002. Methods : Using the National Cancer Incidence Database, 5-year RS was estimated for 1997 and 2002 in four age groups (15-54, 55-64, 65-74, and 75 years old and over) using period analysis. After excluding death certificate-only cases, patients with an unknown date of diagnosis or follow-up length, a total of 813,889 patients diagnosed with a first primary invasive cancer during 1992 2002 were included for analysis. Followup for vital status was included until 31 December 2002. Results : Five-year RS increased from 41.7% for 1997 to 46.7% for 2002. Increases in survival occurred in all age groups except in the 75 and over group. Conclusions : The age gradient in cancer prognosis seems to have widened between 1997 and 2002, a finding that requires further study of prognostic factors, including stage at diagnosis. Period analysis accurately estimates survival rates, especially for cancers with better prognosis.

• Convergence Security Journal
• /
• v.14 no.4
• /
• pp.3-8
• /
• 2014

Wireless Ad hoc Network is threatened from many types of attacks because of its open structure, dynamic topology and the absence of infrastructure. Attacks by malicious nodes inside the network destroy communication path and discard packet. The damage is quite large and detecting attacks are difficult. In this paper, we proposed attack detection technique using secure authentication infrastructure for efficient detection and prevention of internal attack nodes. Cluster structure is used in the proposed method so that each nodes act as a certificate authority and the public key is issued in cluster head through trust evaluation of nodes. Symmetric Key is shared for integrity of data between the nodes and the structure which adds authentication message to the RREQ packet is used. ns-2 simulator is used to evaluate performance of proposed method and excellent performance can be performed through the experiment.

• Journal of the Korean Society of Costume
• /
• v.58 no.5
• /
• pp.1-12
• /
• 2008

Although the curator system of South Korea officially started in 2001, it has not taken root yet. Because most active curators do not have a certificate, concerned scholars are making efforts to complement and establish the curator system. Although there are currently numerous museums and art galleries that own a number of costumes and textiles in Korea, the number of curators who majored in the history of costume is very low. Despite the growing importance and the increase in costume-related exhibition than any other fields, this shortage of qualified curators resulted in the lack of specialty for the management and exhibition of past costumes. To solve this problem, there needs to be more hire for curators, in proportion to the possession and exhibition of costumes, who major in the history of costume. The history of costume must also be part of the curator test and be required even for the internship. And there must be education for curators who currently deal with costumes without having majored in the study of costume, history of costume students who want to become a costume-related curator in the future, and the general public. The contents for education must include the knowledge of artifacts, theories to enhance the management capacity, and practice in the museum.

• The Journal of the Korea Contents Association
• /
• v.5 no.5
• /
• pp.43-50
• /
• 2005

POS system that become that is supply net administration and computerization fetters of customer management that become point in istribution network constructed database and use XML-Encryption that is certificate techniques of PKI and standard of security for security that is XML's shortcoming and design distributed processing POS system using XML for data integration by introduction of Ubiquitous concept. This POS system has four advantages. First, Because there is no server, need not to attempt authentication and data transmission every time. Second, can integrate data base by XML and improve portability of program itself. Third, XML data in data transmission because transmit data after encryption data safe .Fourth, After encode whenever process data for data breakup anger of POS system client program and elevation of the processing speed, transmit at because gathering data at data transmission.