• Journal of KIISE:Information Networking
• /
• v.33 no.3
• /
• pp.193-200
• /
• 2006

The security feature is essential in wireless sensor network such as intrusion detection or obstacle observation. Sensor nodes must have shared secret between nodes to support security such as privacy. Many methods which provide key pre-distribution need too many keys or support poor security. To solve this problem, probabilistic key pre-distribution is proposed. This method needs a few keys and use probabilistic method to share keys. However, this method does not guarantee key sharing between nodes, and neighbor nodes nay not communicate each other. It leads to waste of network resource such as inefficient routing, extra routing protocol. In this paper, we propose new key distribution method using quorum system which needs a few keys and guarantee key sharing between nodes. We also propose extension of the method which needs fewer keys and guarantee key sharing when node deployment knowledge is well known.

• Journal of the Korean Society of Industry Convergence
• /
• v.24 no.4_2
• /
• pp.421-434
• /
• 2021

The expansion of information sharing activities using online can increase the threat of information exposure by increasing the diversity of approaches to information within an organization. The purpose of this study is to present conditions for improving the information security compliance intention of insiders to improve the level of information security within the organization. In detail, the study applies the theory of planned behavior that clearly explains the cause of an individual's behavior and proposes a way to increase the compliance intention by integrating the social control theory and goal-setting theory. The study presented research models and hypotheses based on previous studies, collected samples by applying a questionnaire technique, and tested hypotheses through structural equation modeling. As a result, information security attitude, subjective norms, and self-efficacy had a positive influence on the intention to comply. Also, attachment, commitment, and involvement, which are the factors of social control theory, formed a positive attitude toward information security. Goal difficulty and goal specificity, which are the factors of goal setting theory, formed a positive self-efficacy. The study presents academic and practical implications in terms of suggesting a method of improving the information security compliance intention of employees.

• Journal of National Security and Military Science
• /
• s.2
• /
• pp.261-283
• /
• 2004

To build up the military strength based on information oriented armed forces, the Korean ministry of national defense (MND) promotes the defense CALS (Continuous Acquisition and Life cycle Support) initiative for the reductions of acquisition times, improvements of system qualities, and reductions of costs. These defense CALS activities are the major component of the underlying mid and long term defense digitization program and the ultimate goal of program is to bring a quick victory by providing real-time battlefield intelligence and the economical operations of the military. The concept of defense CALS is to automate the acquisition and disposition of defense systems throughout their life cycle. For implementing defense CALS, the technology for exchange and sharing CALS standard data that is created once and used many times should be considered. In order to develop an efficient CALS information exchange and sharing system, it is required to integrate distributed and heterogeneous data sources and provide systematic search tools for those data. In this study, we developed a content based search engine technology which is essential for the construction of integrated data environments. The developed technology provides the environment of sharing the CALS standard data such as SGML(Standard Generalized Markup Language) and STEP(Standard for The Exchange of Product model data). Utilizing this technology, users can find and access distributed and heterogeneous data sources without knowing its actual location.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.10
• /
• pp.73-80
• /
• 2018

The shared economy began with the concept of sharing the physical and intellectual assets of individuals with others. Nowadays, the concept of shared economy is becoming one of the industries as an enterprise type. Especially, with the development of the Internet and smart devices, various forms of shared economy have been developed in accordance with the need of sharing of individual income. Digital content is also a shareable commodity and it is seeking to utilize it as an item of shared economy. Accordingly, when digital contents are used as a shared economy, there are various possible threats -security threats that may arise in the course of transactions, potential for theft, alteration and hacking of contents. In this paper, we propose transaction method and content protection method using block chain-ethereum technology to reduce security threats and transparent transactions that can occur in digital contents transactions. Through the proposed method, the trust of the consumer and the supplier can be measured and the encryption can be performed considering the characteristics of the data to be traded. Through this paper, it is possible to increase the transparency of smart transaction of digital contents and to reduce the risk of content distortion, hacking, etc.

• Journal of KIISE:Databases
• /
• v.29 no.6
• /
• pp.417-428
• /
• 2002

XML(extensible Markup Language) is effective to information retrieval and sharing but has defects related to the data security. And, as a solution of this problem, the current XML security researches such as XML digital signature, XML data encryption, and XML access control exclude the validation property of XML document. The validation of XML should be considered for the secure information sharing in the XML-based environment. In this paper, we design and implement the system to support both security and validation to XML document. Our system performs data encryption and maintenance of valid status of XML document by referencing new XML schema namespace. In addition, it also provides the XML schema security function through the XML schema digital signature. During generating XML schema digital signature, DOMHash method which has the advantage of the faster speed than canonical XML method is applied to XML schema. In conclusion, our system shows the improved functions in flexibility, scalability, and reliability compared with the existing XML security researches.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.155-167
• /
• 2012

Cloud computing service is a next generation IT service which has pay-per-use billing model and supports elastically provisioning IT infra according to user demand. However it has many potential threats originating from outsourcing/supporting service structure that customers 'outsource' their own data and provider 'supports' infra, platform, application services, the complexity of applied technology, resource sharing and compliance with a law, etc. In activation of Cloud service, we need objective assessment standard to ensure safety and reliability which is one of the biggest obstacles to adopt cloud service. So far information security management system has been used as a security standard for a security management and IT operation within an organization. As for Cloud computing service it needs new security management and assessment different from those of the existing in-house IT environment. In this paper, to make a Information Security Management System considering cloud characteristics key components from threat management system are drawn and all control domain of existing information security management system as a control components are included. Especially we designed service security management to support service usage in an on-line self service environment and service contract and business status.

• Proceedings of the Korean Radioactive Waste Society Conference
• /
• 2017.05a
• /
• pp.27-28
• /
• 2017

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.705-715
• /
• 2017

Today, the world is evolving into a huge community that can communicate with real-time information sharing and communication based on the rapid advancement of scientific technology and information. Behind this information, the adverse effects of information assets, such as hacking, viruses, information assets, and unauthorized disclosure of information assets, are continually increasing as a serious social problem. Each time an infringement of the invasion and personal information leaks occur, many regulatory policies have been announced, including stricter regulations for protecting the privacy of the government and establishing comprehensive countermeasures. Also, companies are making various efforts to increase awareness of the importance of information security. Nevertheless, information security accidents like the leaks of industrial secrets are continuously occurring and the frequency is not lessening. In this thesis, I proposed a customized security policy methodology that supports users with various business circumstances and service and also enables them to respond to the security threats more confidently and effectively through not a monotonous and technical but user-centered security policy.

• The Journal of Information Systems
• /
• v.27 no.2
• /
• pp.197-219
• /
• 2018

Purpose The purpose of this study is to examine what motivates users to adopt one of the emerging applications for collaborative consumption of sharing economy. Using the self-determination theory, motivation theory and TAM(Technology Acceptance Model) as the theoretical framework, this study illustrates important factors that influence adoption of collaborative consumption service. We develops the ICTs(Information and Communications Technologies) initiatives and motivation model to collaborative consumption. Design/methodology/approach This paper makes use of a quantitative methodology using survey questionnaire that allows for the measurement of the eight constructs(System Availability, Contents Quality, Design & Personalization, Security & Privacy, Emotional & Social Value, Economic Value, Attitude, Adoption & Consumption) contained in the hypothesized theoretical model on the basis of the prior literatures. Data collected from a sample of 227 respondents who have used the collaborative consumption services and provided the foundation for the examination of the proposed relationships in the model. Findings This study has the following implications for the users and providers of CC platforms and services. The ICTs initiatives (System Availability, Contents Quality, Design & Personalization, Security & Privacy) are the influential factors that motivate the emotional and social value to CC. On the other hand, The ICTs initiatives (System Availability, Contents Quality) are not very significant factors of economic value to CC. The empirical analysis result indicate that there are significant causal effect among emotional & social value, economic value, and adoption to CC. This study provides important theoretical implications for innovation adoption research through an empirical examination of the relationship between ICTs initiatives, motivation factors to collaborative consumption in the sharing economy.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.6
• /
• pp.1599-1618
• /
• 2024

Access control has always been one of the effective methods to protect data security. However, in new computing environments such as big data, data resources have the characteristics of distributed cross-domain sharing, massive and dynamic. Traditional access control mechanisms are difficult to meet the security needs. This paper proposes CACM-MMSR to solve distributed cross-domain access control problem for massive resources. The method uses blockchain and smart contracts as a link between different security domains. A permission decision model migration method based on access control logs is designed. It can realize the migration of historical policy to solve the problems of access control heterogeneity among different security domains and the updating of the old and new policies in the same security domain. Meanwhile, a semantic reasoning-based permission decision method for unstructured text data is designed. It can achieve a flexible permission decision by similarity thresholding. Experimental results show that the proposed method can reduce the decision time cost of distributed access control to less than 28.7% of a single node. The permission decision model migration method has a high decision accuracy of 97.4%. The semantic reasoning-based permission decision method is optimal to other reference methods in vectorization and index time cost.