• Journal of National Security and Military Science
• /
• s.4
• /
• pp.381-418
• /
• 2006

In present, advanced countries in the world are seen concentring on Military Transformation to create new military capability as there is a shift in Warfare Paradigm. Rapid development of technology enables military system, operational concept and organization innovated. As a result, Revolution in Military Affairs(RMA) that dramatically increased warfighting capability is pursued. Especially, advanced information technology constructs system of systems with abilities of battle visualization, information sharing in battlefield, long-range strike capability that are interoperable and combined. Corresponding to this, engagement methods and organizations are being progressively developed. The purpose of this thesis is overview of newly developing Warfare Paradigm and analysis of tendency of Military Transformation that advanced countries are pursuing preparation to this. Above all, specific aspects and contents of the Warfare Paradigm which emerged by information age were summarized. Subsequently, Military Transformation which provides the basic concepts and principles to the advanced countries in the world for the creation of new military capability was discussed. In conclusion, the tendency of Military Transformation by U.S.A, Japan, China, and Russia surround the Korean peninsular as the major power in military was carefully observed.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.443-446
• /
• 2003

본 논문에서는 P2P(Peer-to-Peer) 환경에서 효율적이고 안전하게 정보를 공유할 수 있는 시스템 구조를 제안한다. 기존의 Server-Client 환경에 비해 P2P 환경이 네트워크를 확장시키고 병목 현상을 줄일 수 있는 방안으로 떠오르게 됨에 따라 그에 따른 보안문제도 필수적으로 고려해야 할 사항이 되었다. 따라서 P2P 환경에서도 안전하게 정보를 공유할 수 있고, 각 Peer들의 정보를 보호해 줄 수 있는 보안 기술이 필요하다. 본 논문에서 제안하는 시스템은 IAA(Intelligent Automation Agent)를 이용한 접근방식을 제공함으로서, 다른 시스템에 응용 가능하고 보안 환경의 변화에 민첩하게 유기적으로 대처할 수 있는 통합된 관리 방법을 제시한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.2
• /
• pp.450-470
• /
• 2023

Traditional cloud computing faces some challenges such as huge energy consumption, network delay and single point of failure. Edge computing is a typical distributed processing platform which includes multiple edge servers closer to the users, thus is more robust and can provide real-time computing services. Although outsourcing data to edge servers can bring great convenience, it also brings serious security threats. In order to provide image retrieval while ensuring users' data privacy, a privacy preserving image retrieval scheme in edge environment is proposed. Considering the distributed characteristics of edge computing environment and the requirement for lightweight computing, we present a privacy-preserving image retrieval scheme in edge computing environment, which two or more "honest but curious" servers retrieve the image quickly and accurately without divulging the image content. Compared with other traditional schemes, the scheme consumes less computing resources and has higher computing efficiency, which is more suitable for resource-constrained edge computing environment. Experimental results show the algorithm has high security, retrieval accuracy and efficiency.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.1
• /
• pp.221-237
• /
• 2016

The wireless body area networks (WBANs) consist of wearable computing devices and can support various healthcare-related applications. There exist two crucial issues when WBANs are utilized for healthcare applications. One is the protection of the sensitive biometric data transmitted over the insecure wireless channels. The other is the design of effective medical management mechanisms. In this paper, a secure medical information management system is proposed and implemented on a TinyOS-based WBAN test bed to simultaneously address these two issues. In this system, the electronic medical record (EMR) is bound to the biometric data with a novel fragile zero-watermarking scheme based on the modified visual secret sharing (MVSS). In this manner, the EMR can be utilized not only for medical management but also for data integrity checking. Additionally, both the biometric data and the EMR are encrypted, and the EMR is further protected by the MVSS. Our analysis and experimental results demonstrate that the proposed system not only protects the confidentialities of both the biometric data and the EMR but also offers reliable patient information authentication, explicit healthcare operation verification and undeniable doctor liability identification for WBANs.

• Management & Information Systems Review
• /
• v.35 no.1
• /
• pp.207-233
• /
• 2016

Currently mobile messenger industry, based on mobile application, is growing. And it has aroused innovative change, offering services in various forms beyond the form simply sharing messengers. Also because messenger securities are becoming personalized and intelligent, the importance of more diverse mobile applications' securities is increasing. This study carries out the empirical study of the causal relationship that the factors of using application services influence on security recognition and security Intention of mobile securities, and consequentially impact upon protection of personal information of users. In order that, we present the research model which prime variables of SDT, which emphasized on natural immanent motivation of human, applied to. To verify the research model of this study empirically, we conducted a survey targeting the public and university students which have ever used mobile messenger applications. With this, we desire to contribute to emphasizing the significance of individual messenger security and playing a positive role to develop security guide for consumers. The path analysis results are as follows. First, perceived autonomy has a positive effect on both security awareness and security intention. Second, perceived competence has a positive effect on security intention. Third, perceived relatedness has a positive effect on both security awareness and security intention. Last, security awareness and security intention. have a positive effect on privacy protection behavior. Through emphasizing the importance of the security of the messenger of individuals and contribute to a positive role for development of the necessary security guidelines to consumers.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.04a
• /
• pp.757-759
• /
• 2002

본 논문에서는 ID 보안 기술에 기반을 둔 디지털서명, 키분배 기법을 이용하여 그룹 비밀키의 분배와 갱신을 위한 효율적인 프로토콜을 제안한다. 제안된 프로토콜의 안전성은 이산대수 문제에 근거하고 있으며 단말기의 저장능력과 처리의 능력이 적을 경우도 적절하게 운영될 수 있고, 그룹 내에서 제외하고자하는 통화자가 동시에 여러 명일 경우에도 적용한 수 있다. 또한 통화자의 변동 없이 그룹 비밀키를 변경하고자 하는 경우에도 용이하게 키를 갱신할 수 있도록 설계되었다.

• Journal of Broadcast Engineering
• /
• v.20 no.1
• /
• pp.92-109
• /
• 2015

Broadcast encryption is a cryptographic primitive that allows a sender to securely broadcast a message to a set of receivers. The most influential broadcast encryption system was proposed in 2001 by Naor, Naor, Lotspiech, based on a pseudo-random generator and the Subset Difference (SD) method. In this paper, we suggest a new broadcast encryption system that is based on secret sharing and SD methods. On an efficiency aspect, our system achieves O(r) transmission cost, O($log^2n$) storage cost, and O(1) computational cost for the number n of users and the number r of revoked users. Compared to O(log n) computational cost in the previous SD method, our system has the advantage that it needs only constant-sized computational cost for decryption, regardless of the number n or r. On a security aspect, our system can achieve tighter security reduction than the previous SD method and the gap of security loss is about O(n log n). Moreover, our result shows that it is possible to give the effect of the SD method while using an information-theoretically secure key distribution technique as in the Complete Subtree method.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2022.06a
• /
• pp.308-309
• /
• 2022

The Ministry of Oceans and Fisheries is providing maritime safety services using combine limited artificial intelligence technologies through the operation of the Korean e-Navigation service, and research is needed to improve reliability and quality to secure the competitiveness of the system. However, linking real-time operating systems requires a separate system configuration that can be linked after processing personal information security with minimal performance impact. To solve this problem, this study will make a basic design of a big-data maritime information gateway system of the Korean e-Navigation service that minimizes the impact of performance and reflects the security of personal information.

• Journal of KIISE:Information Networking
• /
• v.37 no.4
• /
• pp.255-262
• /
• 2010

Recently, automated signature generation systems(ASGSs) have been developed in order to cope with zero-day attacks with malicious codes exploiting vulnerabilities which are not yet publically noticed. To enhance the usefulness of the signatures generated by (ASGSs) it is essential to identify signatures only with the high accuracy of intrusion detection among a number of generated signatures and to provide them to target security systems in a timely manner. This automated signature exchange, distribution, and update operations have to be performed in a secure and universal manner beyond the border of network administrations, and also should be able to eliminate the noise in a signature set which causes performance degradation of the security systems. In this paper, we present a system architecture to support the identification of high quality signatures and to share them among security systems through a scheme which can evaluate the detection accuracy of individual signatures, and also propose a set of algorithms dealing with exchanging, distributing and updating signatures. Though the experiment on a test-bed, we have confirmed that the high quality signatures are automatically saved at the level that the noise rate of a signature set is reduced. The system architecture and the algorithm proposed in the paper can be adopted to a automated signature sharing framework.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.9
• /
• pp.21-29
• /
• 2020

In this paper, we propose quantitative evaluation method that enable security comparison between Security Container Runtimes. security container runtime technologies have been developed to address security issues such as Container escape caused by containers sharing the host kernel. However, most literature provides only a analysis of the security of container technologies using rough metrics such as the number of available system calls, making it difficult to compare the secureness of container runtimes quantitatively. While the proposed model uses a new method of combining the degree of exposure of host system calls with various external vulnerability metrics. With the proposed technique, we measure and compare the security of runC (Docker default Runtime) and two representative Security Container Runtimes, gVisor, and Kata container.