• Convergence Security Journal
• /
• v.24 no.3
• /
• pp.95-104
• /
• 2024

The performance capability of the future battlefield depends on whether the next-generation technology of the Fourth Industrial Revolution, called ABCMS (AI, Bigdata, Cloud, Mobile, Security), can be applied to secure innovative defense capabilities It is no exaggeration to say. In addition, the future military operation environment is rapidly changing into a net work-oriented war (NCW) in which all weapon systems mutually share battlefield information and operate in real-time within a single integrated information and communication network based on the network and is expanding to the scope of operation of the manned and unmanned complex combat system. In particular, communication networks responsible for high-speed and hyperconnectivity require high viability and efficiency in power operation based on multi-tier (defense mobile, satellite, M/W, wired) networks for the connection of multiple combat elements and smooth distribution of information. From this point of view, this study is different from conventional single-media, single-path transmission with fixed specifications, It is an artificial intelligence-based transmission technology using RNN (Recurrent Neural Networks) algorithm and load distribution during traffic congestion using available communication wired and wireless infrastructure multimedia simultaneously and It is the development of MMMP-Multi-Media Multi-Path adaptive network technology.

• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.12
• /
• pp.307-314
• /
• 2020

The video surveillance service is being widely deployed around our lives and the service stores sensitive data such as video streams in the cloud over the Internet or the centralized data store in an on-premise environment. The main concerning of these services is that the user should trust the service provider how secure the video or data is stored and handled without any concrete evidence. In this paper, we proposed the approach to protecting video by PKI (public key infrastructure) with a blockchain network. The video is encrypted by a symmetric key, then the key is shared through a blockchain network with taking advantage of the PKI mechanism. Therefore, the user can ensure the sensitive data is always kept secure and traceable in its lifecycle.

• Journal of Internet of Things and Convergence
• /
• v.9 no.3
• /
• pp.21-26
• /
• 2023

The development and distribution approach of applications is transitioning from a monolithic architecture to microservices and containerization, a lightweight virtualization technology, is becoming a core IT technology. However, unlike traditional virtual machines based on hypervisors, container technology does not provide concrete security boundaries as it shares the same kernel. According to various preceding studies, there are many security vulnerabilities in most container images that are currently shared. Accordingly, attackers may attempt exploitation by using security vulnerabilities, which may seriously affect the system environment. Therefore, in this study, we propose an efficient automated deployment pipeline design to prevent the distribution of container images with security vulnerabilities, aiming to provide a secure container environment. Through this approach, we can ensure a safe container environment.

• Convergence Security Journal
• /
• v.24 no.1
• /
• pp.35-42
• /
• 2024

Multi-tenancy architecture plays a crucial role in cloud-based services and applications, and data isolation within such environments has emerged as a significant security challenge. This paper investigates various data isolation methods including schema-based isolation, logical isolation, and physical isolation, and compares their respective advantages and disadvantages. It evaluates the practical application and effectiveness of these data isolation methods, proposing security considerations and selection criteria for data isolation in the development of multi-tenant websites. This paper offers important guidance for developers, architects, and system administrators aiming to enhance data security in multi-tenancy environments. It suggests a foundational framework for the design and implementation of efficient and secure multi-tenant websites. Additionally, it provides insights into how the choice of data isolation methods impacts system performance, scalability, maintenance ease, and overall security, exploring ways to improve the security and stability of multi-tenant systems.

• Journal of Cadastre & Land InformatiX
• /
• v.47 no.2
• /
• pp.145-157
• /
• 2017

Currently, the height of ships that can pass under Busan Harbor Bridge is limited to 60m or shorter, so that large-sized ships of 60m or taller cannot use Busan Harbor international passenger terminal. Accordingly, this study has developed a service which measures continuously the change of bridge height by water level changes and provides such in real-time for safe bridge passage of large-sized ships of 60m or taller. The measurement system comprised of high-precision laser distance measurement device, GPS sensor, optical module, and damping structure is used to measure the bridge height change according to tide level changes, and the measured information is provided in real-time through cloud-based mobile app. Also, in order to secure objective bridge height data for changes to height limits and navigation supports, the observation data was analyzed and forecast model was drawn. As a result, it became an objective evidence to revise the passage height rules of the Busan Port Bridge from 60 meters to 63 meters.

• KIPS Transactions on Computer and Communication Systems
• /
• v.10 no.9
• /
• pp.243-250
• /
• 2021

Recently, with the development of cloud computing, interest in database outsourcing is increasing. However, when the database is outsourced, there is a problem in that the information of the data owner is exposed to internal and external attackers. Therefore, in this paper, we propose a parallel range query processing algorithm that supports privacy protection. The proposed algorithm uses the Paillier encryption system to support data protection, query protection, and access pattern protection. To reduce the operation cost of a checking protocol (SRO) for overlapping regions in the existing algorithm, the efficiency of the SRO protocol is improved through a garbled circuit. The proposed parallel range query processing algorithm is largely composed of two steps. It consists of a parallel kd-tree search step that searches the kd-tree in parallel and safely extracts the data of the leaf node including the query, and a parallel data search step through multiple threads for retrieving the data included in the query area. On the other hand, the proposed algorithm provides high query processing performance through parallelization of secure protocols and index search. We show that the performance of the proposed parallel range query processing algorithm increases in proportion to the number of threads and the proposed algorithm shows performance improvement by about 5 times compared with the existing algorithm.

• Tunnel and Underground Space
• /
• v.31 no.1
• /
• pp.10-24
• /
• 2021

Rock mass classification for construction of underground facilities is essential to secure their stabilities. Therefore, the reliable values for rock mass classification from the precise information on rock discontinuities are most important factors, because rock mass discontinuities can affect exclusively on the physical and mechanical properties of rock mass. The conventional classification operation for rock mass has been usually performed by hand mapping. However, there have been many issues for its precision and reliability; for instance, in large-scale survey area for regional geological survey, or rock mass classification operation by non-professional engineers. For these reasons, automated rock mass classification using LiDAR becomes popular for obtaining the quick and precise information. But there are several suggested algorithms for analyzing the rock mass discontinuities from point cloud data by LiDAR scanning, and it is known that the different algorithm gives usually different solution. Also, it is not simple to obtain the exact same value to hand mapping. In this paper, several discontinuity extract algorithms have been explained, and their processes for extracting rock mass discontinuities have been simulated for real rock bench. The application process for several algorithms is anticipated to be a good reference for future researches on extracting rock mass discontinuities from digital point cloud data by laser scanner, such as LiDAR.

• Journal of Internet Computing and Services
• /
• v.24 no.6
• /
• pp.161-169
• /
• 2023

Due to the Fourth Industrial Revolution, innovation in various technologies such as artificial intelligence (AI), big data (Big Data), and cloud (Cloud) is accelerating, and data is considered an important asset. With the innovation of these technologies, various efforts are being made to lead technological innovation in the field of defense science and technology. In Korea, the government also announced the "Defense Innovation 4.0 Plan," which consists of five key points and 16 tasks to foster advanced science and technology forces in March 2023. The plan also includes the establishment of a Condition-Based Maintenance system (CBM+) to improve the operability and availability of weapons systems and reduce defense costs. Condition Based Maintenance (CBM) aims to secure the reliability and availability of the weapon system and analyze changes in equipment's state information to identify them as signs of failure and defects, and CBM+ is a concept that adds Remaining Useful Life prediction technology to the existing CBM concept [1]. In order to establish a CBM+ system for the weapon system, sensors are installed and sensor data are required to obtain condition information of the weapon system. In this paper, we propose a sensor data metadata schema to efficiently and effectively manage sensor data collected from sensors installed in various weapons systems.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.2
• /
• pp.786-799
• /
• 2018

Recently, NFV has attracted attention as a next-generation network virtualization technology for hardware -independent and efficient utilization of resources. NFV is a technology that not only virtualize computing, server, storage, network resources based on cloud computing but also connect Multi-Tenant of VNFs, a software network function. Therefore, it is possible to reduce the cost for constructing a physical network and to construct a logical network quickly by using NFV. However, in NFV, when a new VNF is added to a running Tenant, authentication between VNFs is not performed. Because of this problem, it is impossible to identify the presence of Fake-VNF in the tenant. Such a problem can cause an access from malicious attacker to one of VNFs in tenant as well as other VNFs in the tenant, disabling the NFV environment. In this paper, we propose Auto-configurable Security Mechanism in NFV including authentication between tenant-internal VNFs, and enforcement mechanism of security policy for traffic control between VNFs. This proposal not only authenticate identification of VNF when the VNF is registered, but also apply the security policy automatically to prevent malicious behavior in the tenant. Therefore, we can establish an independent communication channel for VNFs and guarantee a secure NFV environment.

• Journal of KIISE:Computing Practices and Letters
• /
• v.16 no.12
• /
• pp.1259-1263
• /
• 2010

SaaS is an emerging paradigm for software development and deployment, expected to able to reduce cost. SaaS is also considered as a crucial technology for implementation of cutting-edge technology, such as distributed computing, green computing, and cloud computing. SaaS is requested to be configurable software to satisfy various customers, therefore it is very important to consider every configurability requirement during requirement elicitation. Our research suggests a classification technique to secure completeness of configuration requirement.