• Journal of Korea Multimedia Society
• /
• v.10 no.12
• /
• pp.1655-1662
• /
• 2007

Although the PKl-based user authentication solution has been widely used, the security of it can be deteriorated by a simple password. This is because a long and random private key may be protected by a short and easy-to-remember password. To handle this problem, many biometric-based user authentication solutions have been proposed. However, protecting biometric data is another research issue because the compromise of the biometric data will be permanent. In this paper, we present an implementation to improve the security of the typical PKI-based authentication by protecting the private key with a fingerprint. Compared to the unilateral authentication provided by the typical biometric-based authentication, the proposed solution can provide the mutual authentication. In addition to the increased security, this solution can alleviate the privacy issue of the fingerprint data by conglomerating the fingerprint data with the private key and storing the conglomerated data in a user-carry device such as a smart card. With a 32-bit ARM7-based smart card and a Pentium 4 PC, the proposed fingerprint-based PKI authentication can be executed within 1.3second.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.6
• /
• pp.1223-1228
• /
• 2012

The use of a mobile agent in hospital environment offers an opportunity to deliver better services for patients and staffs. Furthermore, medical errors will be reduced because M-health system helps to verify the medical process. Optimized security protocols and mechanisms are employed for the high performance and security. Finally, a challenge in the near future will be converge the integration of Ubiquitous Sensor Network (USN) with security protocols for applying the hospital environment. We proposed secure authentication and protocol with Mobile Agent for ubiquitous sensor network under healthcare system surroundings.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.736-739
• /
• 2012

Cloud Computing is attracting attention are activated and rapidly spread to companies and public institutions, etc. have been introduced are getting. Spotlighted these effects due to the utilization and integration of information system using cloud computing technology resources, and the resulting data security issue has been. In this paper, the side lights on due to the introduction of a cloud computing system, the resources of information systems, data security, and knowledge to provide the foundation for cloud computing infrastructure.

• International Journal of Computer Science & Network Security
• /
• v.22 no.12
• /
• pp.107-115
• /
• 2022

Recently, big data applications need another database different from the Relation database. NoSQL databases are used to save and handle massive amounts of data. NoSQL databases have many advantages over traditional databases like flexibility, efficiently processing data, scalability, and dynamic schemas. Most of the current applications are based on the web, and the size of data is in increasing. NoSQL databases are expected to be used on a more and large scale in the future. However, NoSQL suffers from many security issues, and one of them is access control. Many recent applications need Fine-Grained Access control (FGAC). The integration of the NoSQL databases with FGAC will increase their usability in various fields. It will offer customized data protection levels and enhance security in NoSQL databases. There are different NoSQL database models, and a document-based database is one type of them. In this research, we choose the CouchDB NoSQL document database and develop an access control mechanism that works at a fain-grained level. The proposed mechanism uses role-based access control of CouchDB and restricts read access to work at the document level. The experiment shows that our mechanism effectively works at the document level in CouchDB with good execution time.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.316-322
• /
• 2021

The problem of corruption and the spread of corruption crime today is not only one of the main social problems, but also an obstacle to the implementation of reforms in Ukraine. Given the complexity, scale and diversity of the impact of corruption, it is an undisputed threat to national security. At the state level, corruption threatens, firstly, state security as a result of its spread in public authorities and the combination of political and business spheres; secondly, in the domestic political sphere as a result of non-compliance and violation by officials of public authorities and local governments of the laws of Ukraine; thirdly, in the economic sphere as a result of the dominance of personal interests of civil servants over national ones; fourthly, in other spheres, namely, military, social, ecological, informational, foreign policy, etc. The origins of corruption are diverse and are formed not only in the country but also abroad. The current corruption threat is the result of the country's ineffective domestic and foreign anticorruption policies. Acceleration of the spread and manifestation of external corruption threats is associated with a number of unresolved foreign policy issues against the background of the development of globalization and integration processes, in particular: economic and financial dependence of the country on international financial institutions and organizations; as well as from foreign countries that pose a potential threat due to their ambitious plans to expand our country; unresolved issues regarding the international legal consolidation of borders, etc. It is noted that the current conditions for the development of state security, due to new challenges and threats, need to improve and implement new measures to prevent corruption as a negative impact of the main threats to national economic security. As a result of the study, the main measures to counter the main threats to the economic security of the state were identified.

• Journal of Korea Trade
• /
• v.27 no.3
• /
• pp.65-86
• /
• 2023

Purpose - As globalization progresses, complexity also increases, and various factors that threaten port functions are emerging. Accordingly, the demand for port security to prevent the crisis and resilience that quickly recovers its original function after the crisis is also increasing in port operations. However, few studies have examined how to ensure the port security and how the resilience affects operation performance of port and sustainability performance as well. So the study aims to find out how port security affects port resilience and port operational performance, and consequently, this two factors affect socioeconomic and environmental sustainability performance respectively and synthetically. Design/methodology - Confirmatory Factor Analysis (CFA) was first performed to determine the validity of the factors of model and hypothesis test was performed using Structural Equation Model (SEM) to analyze the Port Performance Model, which show the perception logic among port security level, port resilience, operation performance, and sustainability performance. In order to empirically analyze this model, total 264 respondents from port security operators, shipping companies in South Korea were surveyed. Findings - As result of SEM, First, port security level positively affected the resilience (H1) and cargo operational performance (H2) but not in both of the sustainability performances (H3, H4). Second, resilience positively affected only cargo operational performance (H5) and socio-economic sustainability performance (H7). Last, cargo operation performance positively affects the both of sustainability performances (H8, H9). Originality/value - It was confirmed that port security could improve cargo operational performance through ensuring port resilience and eventually increase the socio-economic sustainability. Therefore the study implies that careful integration and management of port security, port resilience, and sustainability are required, along with compromise on sustainable development goals in the social, economic, and environmental area among all stakeholders.

• Korean Security Journal
• /
• no.42
• /
• pp.449-468
• /
• 2015

It is important to identify and discuss what the most vial contributions of criminological theories. In the field of criminology, most significant contributions or advancement have been made on the various issues such as age, the integration of structural and procedural level theories, other theoretical integration debates. However, it is hard to find ant systematic study exploring such a contribution in criminological theories. This study, therefore, has a purpose to discuss three most significant contributions to our theoretical understanding of criminal behavior made since 1985. To accomplish the study purpose, this study choose the followed three theoretical contributions; the emergence of life course theory, the revision of social disorganization theory, and the introduction of social structure and social Learning (SSSL) model. The three theoretical works will be introduced and discussed regarding other theoretical integration trends in the body of this study. The conclusion, contribution of this current study has been discussed in the last conclusion and discussion section.

• International Journal of Computer Science & Network Security
• /
• v.22 no.8
• /
• pp.328-342
• /
• 2022

The Internet of Things (IoT) is a technology that offers lucrative services in various industries to facilitate human communities. Important information on people and their surroundings has been gathered to ensure the availability of these services. This data is vulnerable to cybersecurity since it is sent over the internet and kept in third-party databases. Implementation of data encryption is an integral approach for IoT device designers to protect IoT data. For a variety of reasons, IoT device designers have been unable to discover appropriate encryption to use. The static support provided by research and concerned organizations to assist designers in picking appropriate encryption costs a significant amount of time and effort. IoTES is a web app that uses machine language to address a lack of support from researchers and organizations, as ML has been shown to improve data-driven human decision-making. IoTES still has some weaknesses, which are highlighted in this research. To improve the support, these shortcomings must be addressed. This study proposes the "IoTES with Security" model by adding support for the security level provided by the encryption algorithm to the traditional IoTES model. We evaluated our technique for encryption algorithms with available security levels and compared the accuracy of our model with traditional IoTES. Our model improves IoTES by helping users make security-oriented decisions while choosing the appropriate algorithm for their IoT data.

• International Journal of Computer Science & Network Security
• /
• v.22 no.1
• /
• pp.69-76
• /
• 2022

At the current stage of globalization and European integration of Ukraine, the aspects related to the effective fight against corruption in the system of economic security of our country are receiving more and more attention, as they become a prerequisite for continuing reforms based on international funding. In order to consider this issue and solve this problem, the necessary step is to develop and implement real mechanisms of the system for detecting and preventing corrupt behavior, which are based on international anti-corruption standards. The leading component of this system is the management of corruption risks in the system of economic security in order to identify them and implement measures to reduce them. This study analyzes the corruption perception index in Ukraine in recent years, which showed a positive, albeit somewhat slow dynamics of its growth, indicating a gradual increase in overcoming corruption through the introduction of a number of anti-corruption measures and changes. It is proved that the current stage of socio-economic development of the country contributes to strengthening the processes of combating corruption and preventing corruption risks, creating an effective and efficient anti-corruption system of the state. The concept of "corruption" was studied, it was found that in the field of public administration it is considered from different positions and is closely related to the concept of "corruption risks". The essence and features of corruption risks are studied, the preconditions of their occurrence are formulated, the relationship between the causes of corruption risks and economic security in the field of public authority has been established. The system of corruption risk management is considered and its components are characterized. It is proposed to increase the effectiveness of anticorruption policy through the implementation of measures aimed at investigating the causes of corruption risks, as well as developed effective and effective means of reducing corruption risks within the system of economic security

• Journal of Korea Multimedia Society
• /
• v.11 no.4
• /
• pp.504-515
• /
• 2008

Fast transmission speeds and various wired network services have been combined with the convenience and mobility of wireless services. The combination of wired/wireless technologies is spreading rapidly since it enables the creation of new services and provides new features to both users and service providers. In such wired/wireless integrated services, network integration is very important because such systems are integrated by a linkage between heterogeneous networks and they involve an integration of transmission technologies across networks. In this situation, existing security and communication technologies are unsuitable since the network are integrated with heterogeneous networks. The network may also have several security flaws. In existing homogeneous networks, user authentication and key management between heterogeneous networks are required for these new technologies. The establishment of security technologies for heterogeneous devices is a very important task between homogeneous networks. In this paper, we propose a secure and efficient key management system for a heterogeneous network environment. Our system provides secure communications between heterogeneous network devices.