• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.4
• /
• pp.99-108
• /
• 2009

In the security environments of heterogeneous multidatabase systems, not only the existing local autonomy but also the security autonomy as a new constraint are required. From global aspects, transactions maintain consistent data value when they assure serializability. Also, secure properties must protect these transactions and data values to prevent direct or indirect information effluence. This paper proposes scheduling algorithm for global transactions to ensure multilevel secure one-copy quasi-serializability (MLS/1QSR) in security environments of multidatabase systems with replicated data and proves its correctness. The proposed algorithm does not violate security autonomy and globally guarantees MLS/1QSR without indirect information effluence in multidatabase systems.

• Journal of Computing Science and Engineering
• /
• v.5 no.4
• /
• pp.331-337
• /
• 2011

Recently, Virtual Desktop Infrastructure (VDI) has been widely adopted to ensure secure protection of enterprise data and provide users with a centrally managed execution environment. However, user experiences may be restricted due to the limited functionalities of thin clients in VDI. If thick client devices like laptops are used, then data leakage may be possible due to malicious software installed in thick client mobile devices. In this paper, we present Data Firewall, a security framework to manage and protect security-sensitive data in thick client mobile devices. Data Firewall consists of three components: Virtual Machine (VM) image management, client VM integrity attestation, and key management for Protected Storage. There are two types of execution VMs managed by Data Firewall: Normal VM and Secure VM. In Normal VM, a user can execute any applications installed in the laptop in the same manner as before. A user can access security-sensitive data only in the Secure VM, for which the integrity should be checked prior to access being granted. All the security-sensitive data are stored in the space called Protected Storage for which the access keys are managed by Data Firewall. Key management and exchange between client and server are handled via Trusted Platform Module (TPM) in the framework. We have analyzed the security characteristics and built a prototype to show the performance overhead of the proposed framework.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.467-477
• /
• 2013

The cloud computing has propagated rapidly and thus there is growing interest on the introduction of cloud services in the public institution. Accordingly, domestic public institution are adoption of cloud computing impose and devise a plan. In addition, more specifically, is building a cloud computing system in the public institution. However, solutions to various security threats(e.g., availability invasion of storage, access by unauthorized attacker, data downloaded from uncertain identifier, decrease the reliability of cloud data centers and so on) is required. For the introduction and revitalize of cloud services in the public institution. Therefore, in this paper, we propose a public key based secure data management scheme for the cloud data centers in public institution. Thus, the use of cloud computing in the public institutions, the only authorized users have access to the data center. And setting for importance and level of difficulty of public data management enables by systematic, secure, and efficient. Thus, cloud services for public institution to improve the overall security and convenience.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.4
• /
• pp.115-123
• /
• 2017

The mutual cooperation among nodes is very important because mobile nodes participating in MANET communicate with limited resources and wireless environment. This characteristic is important especially in environment that supports group communication. In order to support the secure multicast environment, it is important enough to affect performance to provide accurate authentication method for multicast group members and increase the integrity of transmitted data. Therefore, we propose a technique to provide the multicast secure communication by providing efficient authentication and group key management for multicast member nodes in this paper. The cluster structure is used for authentication of nodes in the proposed technique. In order to efficient authentication of nodes, the reliability is measured using a combination of local trust information and global trust information measured by neighboring nodes. And issuing process of the group key has two steps. The issued security group key increases the integrity of the transmitted data. The superiority of the proposed technique was confirmed by comparative experiments.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.4
• /
• pp.51-59
• /
• 2009

Many failures are due to incorrectly programmed transactions and data entry errors. System failure causes the loss or corruption of the contents of volatile storage. Although global processing protects data values to detect direct or indirect information effluence, security environments are very important in the recovery management of heterogeneous systems. Although transaction can't control system fault, the restart for the system can cause information effluence by low bandwith. From various faults, it is not easy to maintain the consistency and security of data. This paper proposes recovery management protocols to assure global multilevel secure one-copy quasi-serializability in security environments of heterogeneous systems with replicated data and proves its correctness. The proposed secure protocols guarantee the reliability and security of system when the system fault is happened.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.4
• /
• pp.29-42
• /
• 2020

SCADA (Supervisory Control and Data Acquisition) systems for remote monitoring, data acquisition and control are applied to major industrial infrastructures including power, water and railroad. Recently, there are many researches on key management scheme for secure communication due to change to the open network environment. These systems are located at far distances and are connected to the main control center through various types of communication methods. Due to the nature of these systems, they are becoming the significant targets of cyber attack. We propose an efficient key management scheme which is established on ID-based cryptosystem without an expensive computation on MTU (Master Terminal Unit), Sub-MTU, and RTU (Remote Terminal Unit). The proposed method is secure and effective in key management among multiple legitimate devices.

• Proceedings of the Korean Institute of Building Construction Conference
• /
• 2019.05a
• /
• pp.127-128
• /
• 2019

The cost of procurement in construction projects varies depending on the type of project, but the proportion of the cost component is very large. Therefore, efficient procurement system operation affects the success of the project. However, difficulties arise in procurement management due to problems such as availability of data due to limited information, inaccurate scheduling and integration of costs. Therefore, the purpose of this study is to develop a procurement management system to help efficient communication decision by combining Big Data which can analyze a lot of information and Block Chain technology which can secure information and record reliability to satisfy the above requirements. The results of this study are used to develop a system to develop academically improved procurement management system and practically to develop a system to secure business competitiveness and to facilitate rapid communication among project participants.

• Journal of Information Technology Applications and Management
• /
• v.27 no.6
• /
• pp.89-99
• /
• 2020

Cloud computing is rapidly increasing for achieving comfortable computing. Cloud computing has essentially security vulnerability of software and hardware. For achieving secure cloud computing, the vulnerabilities of cloud computing could be analyzed in a various and systematic approach from perspective of the service designer, service operator, the designer of cloud security and certifiers of cloud systems. The paper investigates the vulnerabilities and security controls from the perspective of administration, and systems. For achieving the secure operation of cloud computing, this paper analyzes technological security vulnerability, operational weakness and the security issues in an enterprise. Based on analysis, the paper suggests secure establishments for cloud computing.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.12
• /
• pp.944-953
• /
• 2013

Recently, a storage media is becoming smaller and storage capacity is also becoming larger than before. However, important data was leaked through a small storage media. To solve these serious problem, many security companies manufacture secure USBs with secure function, such as data encryption, user authentication, not copying data, and management system for secure USB, etc. But various attacks, such as extracting flash memory from USBs, password hacking or memory dump, and bypassing fingerprint authentication, have appeared. Therefore, security techniques related to secure USBs have to concern many threats for them. The basic components for a secure USB are secure authentication and data encryption techniques. Though existing secure USBs applied password based user authentication, it is necessary to develop more secure authentication because many threats have appeared. And encryption chipsets are used for data encryption however we also concern key managements. Therefore, this paper suggests mutual device authentication based on PUF (Physical Unclonable Function) between USBs and the authentication server and key management without storing the secret key. Moreover, secure USB is systematically managed with metadata and authentication information stored in authentication server.

• Proceedings of the KSR Conference
• /
• 2008.11b
• /
• pp.56-60
• /
• 2008

Increasing urban sprawl and climate changes have been causing unexpected high-intensity rainfall events. Thus there are needs to enhance conventional disaster management system for comprehensive actions to secure safety. Therefore long-term and comprehensive flood management plans need to be well established. Recently torrential snowfall are occurring frequently, causing have snow traffic jams on the road. To secure safety and on-time operation of the Bi-modal tram system, well-structured disaster management system capable of analyzing the urban flash flooding and snow pack melt/freezing due to unexpected rainfall event and snowfall are needed. To secure safety of the Bi-modal tram system due to torrential snowfall, the snow melt simulation capability was investigated. The snow accumulation and snow melt were measured to validate the SWMM snow melt component. It showed that there was a good agreement between measured snow melt data and the simulated ones. Therefore, the Bi-modal tram disaster management system will be able to predict snow melt reasonably well to secure safety of the Bi-modal tram system during the winter. The Bi-modal tram disaster management system can be used to identify top priority area for snow removal within the tram route in case of torrential snowfall to secure on-time operation of the tram. Also it can be used for detour route in the tram networks based on the disaster management system predicted data.