• The Transactions of the Korea Information Processing Society
• /
• v.7 no.3
• /
• pp.879-890
• /
• 2000

Designing a multilevel database application is a complex process, and the entities and their associated security levels must be represented using an appropriate model unambiguously. It is also important to capture the semantics of a multilevel databse application as accurate and complete as possible. Owing to the focus of the IDEA Methodology for designing the non-secure database applications on the data-intensive systems, the Object Model describes the static structure of the objects in an application and their relationships. That is, the Object Model in the IDEA Methodology is an extended Entity-Relationship model giving a static description of objects. The IDEA Methodology has not been developed the multilevel secure database applications, but by using an existing methodology we could take advantage of the various techniques that have already been developed for that methodology. That is, this way is easier to design the multilevel secure schema than to develop a new model from scratch. This paper adds the security features 새？ Object Model in the IDEA Methodology, and presents the transformation from this model to a multilevel secure object oriented schema. This schema will be the preliminary work which can be the general scheme for the automatic mapping to the various commercial multilevel secure database management system such as Informix-Online/Secure, Trusted ORACLE, and Sybase Secure SQL Server.

• Journal of Industrial Convergence
• /
• v.6 no.1
• /
• pp.57-72
• /
• 2008

In this study, general outline of P2P(peer to peer) application was analyzed dealing with security attacks and threats on the P2P environment. Information security service was studied to provide secure P2P service under the information threats. This study proposes two methods to provide secure information security service. One is a method to use personal firewall software on the peer. The other is a method to use key distribution protocol for confidentiality and integrity.

• Journal of Korea Multimedia Society
• /
• v.13 no.6
• /
• pp.865-874
• /
• 2010

Recently, Hao et al. proposed a privacy preservation protocol based on group signature scheme for secure vehicular communications to overcome a well-recognized problems of secure VANETs based on PKI. However, although efficient group signature schemes have been proposed in cryptographic literatures, group signature itself is still a rather much time consuming operation. In this paper, we propose a more efficient privacy preservation protocol than that of Hao et al. In order to design a more efficient anonymous authentication protocol, we consider a key-insulated signature scheme as our cryptographic building block. We demonstrate experimental results to confirm that the proposed protocol is more efficient than the previous scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.4
• /
• pp.33-43
• /
• 2001

This paper presents a secure Linux OS in which multi-level security functions are implemented at the kernel level. Current security efforts such as firewall or intrusion detection system provided in application-space without security features of the secure OS suffer from many vulnerabilities. However the development of the secure OS in Korea lies in just an initial state, and NSA has implemented a prototype of the secure Linux but published just some parts of the technologies. Thus our commercialized secure Linux OS with multi-level security kernel functions meets the minimum requirements for TCSEC B1 level as well kernel-mode encryption, real-time audit trail with DB, and restricted use of root privileges.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10c
• /
• pp.439-441
• /
• 2002

Real-time Transport Protocol (RTP) is widely used in VoIP stacks charging the multimedia data delivery. Concerning with payload protection of RTP packets, Secure RTP has been discussed in IETF AVT group to provide confidentiality and authentication features using block ciphering and message authentication coding. However, Secure RTP only concentrates on payload protection. Signcryption is a good candidate for key agreement. This paper proposes a key establishment protocol using Signcryption and shows example implementation of a secure VoIP application based on Secure RTP with the proposed scheme.

• Journal of Korea Multimedia Society
• /
• v.19 no.12
• /
• pp.1981-1991
• /
• 2016

In recent, the advancement of wearable devices and wireless body area networking technologies motivate researchers to pay attention to remote healthcare system for monitoring patients health and disease progression effectively. However, in order to implement a practical remote healthcare system, we must consider the security and privacy of patient's personal health information transmitted to healthcare servers through the network. Hence, in this paper, we propose a secure health data transmission protocol in remote healthcare monitoring system to protect patient's health information and prevent privacy from eavesdropping on the network. To achieve our security goals, we design an efficient secure protocol based on the identity-based cryptography with key evolution technique, and then confirm the superiority and the efficiency of the proposed protocol as compared with the existing protocol of Yang et al.

• Journal of Digital Convergence
• /
• v.13 no.3
• /
• pp.201-208
• /
• 2015

Recently computer, smart phone, medical devices, etc has become used in a variety of environments as the application fields of IT products have become diversification. Attack case of abuse of software security vulnerabilities is on the increase as the application fields of software have become diversification. Accordingly, secure coding program is of a varied but history management, updating, API module to be vulnerable to attack. Thus, this paper proposed a materialization of CMS linked system to enable check the vulnerability of the source code to content unit for secure software development, configuration management system that interwork on the transmission module. Implemented an efficient coding system secure way that departmentalized by the function of the program and by analyzing and applying secure coding standards.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.12
• /
• pp.6139-6160
• /
• 2018

For ease of use and access, web browsers are now being used to access and modify sensitive data and systems including critical control systems. Due to their computational capabilities and network connectivity, browsers are vulnerable to several types of attacks, even when fully updated. Browsers are also the main target of phishing attacks. Many browser attacks, including phishing, could be prevented or mitigated by using site-, user-, and device-specific security configurations. However, we discovered that all major browsers expose disparate security configuration procedures, option names, values, and semantics. This results in an extremely hard to secure web browsing ecosystem. We analyzed more than a 1000 browser security configuration options in three major browsers and found that only 13 configuration options had syntactic and semantic similarity, while 4 configuration options had semantic similarity, but not syntactic similarity. We: a) describe the results of our in-depth analysis of browser security configuration options; b) demonstrate the complexity of policy-based configuration of web browsers; c) describe a knowledge-based solution that would enable organizations to implement highly-granular and policy-level secure configurations for their information and operational technology browsing infrastructures at the enterprise scale; and d) argue for necessity of developing a common language and semantics for web browser configurations.

• Convergence Security Journal
• /
• v.12 no.6
• /
• pp.93-99
• /
• 2012

As the most common application development of software development time, error-free quality, adaptability to frequent maintenance, such as the need for large and complex software challenges have been raised. When developing web applications to respond to software reusability, reliability, scalability, simplicity, these quality issues do not take into account such aspects traditionally. In this situation, the traditional development methodology to solve the same quality because it has limited development of new methodologies is needed. Quality of applications the application logic, data, and architecture in the entire area as a separate methodology can achieve your goals if you do not respond. In this study secure coding, the big issue, web application factors to deal with security vulnerabilities, web application architecture, design procedure is proposed. This proposal is based on a series of ISO/IEC9000, a web application architecture design process.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.154-156
• /
• 2012

This paper presents a user authentication scheme for healthcare application using wireless medical sensor networks, where wireless medical sensors are used for patients monitoring. These medical sensors' sense the patient body data and transmit it to the professionals (e.g., doctors, nurses, and surgeons). Since, the data of an individual are highly vulnerable; it must ensures that patients medical vital signs are secure, and are not exposed to an unauthorized person. In this regards, we have proposed a user1 authentication scheme for healthcare application using medical sensor networks. The proposed scheme includes: a novel two-factor professionals authentication (user authentication), where the healthcare professionals are authenticated before access the patient's body data; a secure session key is establish between the patient sensor node and the professional at the end of user authentication. Furthermore, the analysis shows that the proposed scheme is safeguard to various practical attacks and achieves efficiency at low computation cost.