• Title/Summary/Keyword: Security

Search Result 25,883, Processing Time 0.051 seconds

Analysis of Al-Saggaf et al's Three-factor User Authentication Scheme for TMIS

  • Park, Mi-Og
    • Journal of the Korea Society of Computer and Information
    • /
    • v.26 no.9
    • /
    • pp.89-96
    • /
    • 2021
  • In this paper, we analyzed that the user authentication scheme for TMIS(Telecare Medicine Information System) proposed by Al-Saggaf et al. In 2019, Al-Saggaf et al. proposed authentication scheme using biometric information, Al-Saggaf et al. claimed that their authentication scheme provides high security against various attacks along with very low computational cost. However in this paper after analyzing Al-Saggaf et al's authentication scheme, the Al-Saggaf et al's one are missing random number s from the DB to calculate the identity of the user from the server, and there is a design error in the authentication scheme due to the lack of delivery method. Al-Saggaf et al also claimed that their authentication scheme were safe against a variety of attacks, but were vulnerable to password guessing attack using login request messages and smart cards, session key exposure and insider attack. An attacker could also use a password to decrypt the stored user's biometric information by encrypting the DB with a password. Exposure of biometric information is a very serious breach of the user's privacy, which could allow an attacker to succeed in the user impersonation. Furthermore, Al-Saggaf et al's authentication schemes are vulnerable to identity guessing attack, which, unlike what they claimed, do not provide significant user anonymity in TMIS.

Influence of Multidimensional Deprivation on the Latent Class of Changing Trajectories: Comparison by Gender Differences (다차원적 박탈이 문제음주 변화궤적의 잠재집단에 미치는 영향: 성별 차이 비교)

  • Lee, SooBi;Lee, Suyoung
    • The Journal of the Korea Contents Association
    • /
    • v.21 no.4
    • /
    • pp.278-291
    • /
    • 2021
  • This study performed a longitudinal research on the causal relationship between multidimensionality of problem drinking and poverty, and multidimensional deprivation meaning the inequality, focusing on gender difference. For this, this study examined the latent group of problem drinking change trajectory through the latent class growth analysis targeting total 3,770 men and 5,632 women by using the 6th-year Korea Welfare Panel Study data from 2013 to 2018, and then conducted the multinominal logistic regression analysis to verify the influence of multidimensional deprivation factors on this latent group. The main results of this study are as follows. First, the latent group of problem drinking change trajectory according to gender was classified into three latent groups in both men and women while the development aspect was different from each other. The male latent group with 'moderate level' or higher showed higher level of problem drinking than women. However, in case of 'drinking group with high level' according to gender, as time passed, the men tended to maintain it while the women tended to increase it. Second, in the results of examining the effects of multidimensional deprivation on the latent group of problem drinking change trajectory, the men with more experiences of social deprivation and the women with more experiences of social security deprivation showed the higher possibility to belong to the 'drinking group with high level' compared to the 'drinking group with low level'. Based on such results above, this study discussed the preventive/intervention measures for problem drinking according to gender.

An Approach to Conceal Hangul Secret Message using Modified Pixel Value Decomposition (수정된 화소 값 분해를 사용하여 한글 비밀 메시지를 숨기는 방법)

  • Ji, Seon-su
    • The Journal of Korea Institute of Information, Electronics, and Communication Technology
    • /
    • v.14 no.4
    • /
    • pp.269-274
    • /
    • 2021
  • In secret communication, steganography is the sending and receiving of secret messages without being recognized by a third party. In the spatial domain method bitwise information is inserted into the virtual bit plane of the decomposed pixel values of the image. That is, the bitwise secret message is sequentially inserted into the least significant bit(LSB) of the image, which is a cover medium. In terms of application, the LSB is simple, but has a drawback that can be easily detected by a third party. If the upper bit plane is used to increase security, the image quality may deteriorate. In this paper, I present a method for concealing Hangul secret messages in image steganography based on the lo-th bit plane and the decomposition of modified pixel intensity values. After decomposing the Hangeul message to be hidden into choseong, jungseong and jongseong, then a shuffling process is applied to increase confidentiality and robustness. PSNR was used to confirm the efficiency of the proposed method. It was confirmed that the proposed technique has a smaller effect in terms of image quality than the method applying BCD and Fibonacci when inserting a secret message in the upper bit plane. When compared with the reference value, it was confirmed that the PSNR value of the proposed method was appropriate.

An Analysis of the Characteristics of China's Naval Strategy to Become a Maritime Power: Focusing on analyzing the "goals, methods, and means" of strategy (해양강국 달성을 위한 중국 해군전략의 성격 분석: 전략의 "목표·방법·수단"을 이용한 분석을 중심으로)

  • Kim, nam-su
    • Maritime Security
    • /
    • v.2 no.1
    • /
    • pp.1-42
    • /
    • 2021
  • Controversy continues over the offensive nature of China's naval strategy to become a maritime power. Therefore, the purpose of this study is to identify the characteristics of China's naval strategy to become a maritime power by using the three elements of strategy and predict China's military actions in the future. For this purpose, research was conducted by considering the three elements of strategy and the distinct characteristics of naval strategy, and it was found that China's naval strategy was overall aggressive, but there was an imbalance in the pursuit of aggression between each strategic element. Offensive nature was prominent in terms of the methods, but there were limitations in the goals and means, such as the need to cooperate with neighboring countries to become a maritime power and the lack of military technology and operational continuity. The prospects for China's future military actions derived from the imbalance between these strategic elements are as follows. ① The risk of all-out military conflict with the US is low for now. ② China may use its naval power to force or cause limited military clashes against neighboring countries within the first island chain. ③ Accidental military conflicts with the US and neighboring countries may occur over naval confrontation over territorial disputes.

  • PDF

Development of an open source-based APT attack prevention Chrome extension (오픈소스 기반 APT 공격 예방 Chrome extension 개발)

  • Kim, Heeeun;Shon, Taeshik;Kim, Duwon;Han, Gwangseok;Seong, JiHoon
    • Journal of Platform Technology
    • /
    • v.9 no.3
    • /
    • pp.3-17
    • /
    • 2021
  • Advanced persistent threat (APT) attacks are attacks aimed at a particular entity as a set of latent and persistent computer hacking processes. These APT attacks are usually carried out through various methods, including spam mail and disguised banner advertising. The same name is also used for files, since most of them are distributed via spam mail disguised as invoices, shipment documents, and purchase orders. In addition, such Infostealer attacks were the most frequently discovered malicious code in the first week of February 2021. CDR is a 'Content Disarm & Reconstruction' technology that can prevent the risk of malware infection by removing potential security threats from files and recombining them into safe files. Gartner, a global IT advisory organization, recommends CDR as a solution to attacks in the form of attachments. There is a program using CDR techniques released as open source is called 'Dangerzone'. The program supports the extension of most document files, but does not support the extension of HWP files that are widely used in Korea. In addition, Gmail blocks malicious URLs first, but it does not block malicious URLs in mail systems such as Naver and Daum, so malicious URLs can be easily distributed. Based on this problem, we developed a 'Dangerzone' program that supports the HWP extension to prevent APT attacks, and a Chrome extension that performs URL checking in Naver and Daum mail and blocking banner ads.

A Study on the Trend of Digital Content Industry (디지털 콘텐츠 산업동향에 관한 연구)

  • BAE, Sung-Pil
    • Industry Promotion Research
    • /
    • v.6 no.2
    • /
    • pp.1-10
    • /
    • 2021
  • The content of the information age does not simply convey content but includes all the transactions that arise from its interaction. The types and forms of information being traded through this interaction are recognized differently from the contents that have been passed on to mankind so far by creating new meaningful content. Because the distribution of interactive content transcending the concept of time-to-time in the network environment is an important component of access to added value in the new world, unlike the content of simple concepts seen in the products of communication so far. In this study, the purpose of this study is to recognize the current status and problems of the Korean digital content industry and to seek ways to revitalize the Korean digital content industry to lead the global market in the future. Specifically, first, we want to learn about the concept of digital content. Second, we would like to look at the industrial trends of digital content at home and abroad. Third, we present a plan to streamline digital content. Fourth, derive research results and implications. In this work, the following results are derived: First, in order for Korea to enter a digital content powerhouse, each government department must first break away from the selfishness of the ministry and actively cooperate to efficiently establish and implement various policies. Second, e-books should be introduced just as current paper and CD-ROM titles are exempt from VAT, and security solutions, related technology development, and copyright issues should be urgently addressed to revitalize the market. Third, the demand for high-quality content should increase as information infrastructure such as high-speed information and communication networks and satellite broadcasting is established.

A Study on the Improvement of the Safety and Safe Living Standards of Apartment Houses through AHP Analysis (AHP 분석을 통한 공동주택 안전 및 안심생활 수준 향상에 관한 연구)

  • Ji, Yung il;Shin, Seung Ha;Choi, Byong Jeong
    • Journal of the Society of Disaster Information
    • /
    • v.17 no.2
    • /
    • pp.289-305
    • /
    • 2021
  • Purpose: The purpose of this study is to check the importance of higher level, sub higher level and lower alternative factor and the factor for relieved life and also check the comprehensive priority in executed "Safety and relieved life level improvement of apartment house residents by AHP analysis". Method: The safety management evaluation elements and alternatives have been arranged as hierarchical structure based on the preceding studies and the advice of experts for the maintenance and system of apartment house in this study. Study model is used for the survey of pair wise comparison composition targeting experts and AHP analysis method is used for alternative plan ranking, etc. Result: The response result of survey secured the consistency and it is confirmed that safety inspection for apartment house electricity facility is most important for higher level, safety inspection, detailed inspection and diagnosis evaluation are most important for sub higher level and plumbing equipments is most important for alternatives based on the analysis result of relative weight comparison for sub higher level and alternatives for final goal attainment of the study. Conclusion: Plumbing equipments, crime prevention safety and electrical safety are shown as top priority alternatives when observe it with expert manager's point of view for apartment house. It shows that securing the importance of living safety accident and deciding the level of relieved life can be improved are the alternatives of pre-prevention and management strengthening.

Secure Training Support Vector Machine with Partial Sensitive Part

  • Park, Saerom
    • Journal of the Korea Society of Computer and Information
    • /
    • v.26 no.4
    • /
    • pp.1-9
    • /
    • 2021
  • In this paper, we propose a training algorithm of support vector machine (SVM) with a sensitive variable. Although machine learning models enable automatic decision making in the real world applications, regulations prohibit sensitive information from being used to protect privacy. In particular, the privacy protection of the legally protected attributes such as race, gender, and disability is compulsory. We present an efficient least square SVM (LSSVM) training algorithm using a fully homomorphic encryption (FHE) to protect a partial sensitive attribute. Our framework posits that data owner has both non-sensitive attributes and a sensitive attribute while machine learning service provider (MLSP) can get non-sensitive attributes and an encrypted sensitive attribute. As a result, data owner can obtain the encrypted model parameters without exposing their sensitive information to MLSP. In the inference phase, both non-sensitive attributes and a sensitive attribute are encrypted, and all computations should be conducted on encrypted domain. Through the experiments on real data, we identify that our proposed method enables to implement privacy-preserving sensitive LSSVM with FHE that has comparable performance with the original LSSVM algorithm. In addition, we demonstrate that the efficient sensitive LSSVM with FHE significantly improves the computational cost with a small degradation of performance.

A Study on Developing Korean Naval Forces by Examining How Japan built their Maritime Self-Defense Force: Focusing on the 'eight (艦)-eight (機) fleet system' (일본 해상자위대 전력건설 재조명을 통한 한국 해군력 건설논리 발전방향 연구: '8함(艦) 8기(機) 체제'를 중심으로)

  • Ryu, Jae-hak
    • Maritime Security
    • /
    • v.2 no.1
    • /
    • pp.43-70
    • /
    • 2021
  • This study started from questioning our general view that the Japan Maritime Self-Defense Force (JMSDF) is a natural result of Japan being a prosperous and island country. Japan's naval power collapsed after World War II. The initial power of the JMSDF, founded in 1954, was very small and not different from the Republic of Korea Navy (ROKN), mostly consisting of ships given by or borrowed from the US. Although growing into the world's second-largest economy and the geographical characteristics of an island nation acted as an opportunity to increase naval forces, there were also difficulties in the early stage, such as a temporary severance with the Japanese Navy, strategic thinking centered on land forces, and an economic crisis caused by the oil crisis. As a result, the JMSDF has become a world-class naval power and is developing into a four helicopter carrier operating system, which may change the basic concept of exclusive defense. There are various factors behind the growth of Japan's naval power, but this study explores how to develop Korean naval forces by analyzing how Japan developed their escort fleet, the core of the JMSDF, focusing on the eight (艦)-eight (機) fleet system, which was the basic logic behind building the JMSDF.

  • PDF

Critique of the Revitalization Trajectory of Bilbao (스페인 빌바오의 지역발전 재생 경로)

  • Kim, Kyoung-Hwan;Moon, Seung-Hee;Jung, Hye-Yoon;Hong, Jin-Ki
    • Journal of the Economic Geographical Society of Korea
    • /
    • v.22 no.3
    • /
    • pp.258-273
    • /
    • 2019
  • Bilbao, Spain, made a mark as a example of the regional revitalization by culture and tourism. Korean Government have a perspective that culture and tourism could be an alternative to the regional crisis of manufacturing in 2018. The main purpose of this study is to analyze the locational specificity and the revival strategies for the regional development of Bilbao in a structural context. This could provide implications to the regional crisis of Korea. The main results are summarized as follows. Firstly, the local government of Bilbao has taken an active role, using not only its political and financial autonomy but also its locational advantage as an important nodal region of transnational trade networks in Europe. Secondly, Bilbao was able to sustain its regional revitalization initiatives for a long period by facilitating public-private partnership system. Finally, despite the effectiveness of the mega project and place marketing, low job security and the polarization of the service sector have emerged as a problem at the same time. Still, the deindustrialization of Bilbao could be possible due to the various services including knowledge-based services and financial services as well as culture and tourism.