• Proceedings of the International Microelectronics And Packaging Society Conference
• /
• 2001.04a
• /
• pp.1-7
• /
• 2001

This paper presents product level considerations for multichip packaging as a cost effective alternative to single chip packaging in the design and manufacture of mobile telephony products. Important aspects include component functionality and complexity, acquisition and logistics costs, product modularity and integration. Multichip packaging offers unique solutions and significant system level cost savings in many applications including RF modules, digital matrix functions and product options such as security, data storage, voice recognition, etc.

• Proceedings of the KAIS Fall Conference
• /
• 2011.12b
• /
• pp.565-568
• /
• 2011

Google Android framework consists of an operating system and software platform for mobile devices. Using a general-purpose Linux operating system in mobile device has some advantages but also security risks. Security-Enhanced Linux (SELinux) is a kernel-based protection approach which can help to reduce potential damage from successful attacks. However, there are some challenges to integrate SELinux in Android. In this research, we do a study on how to do the integration and find out four challenges. The first one is that the Android file system (yaff2) does not support security namespace for extended attribute (xattr) which is required by SELinux. The second one is that it's difficult to apply SELinux policy to Dalvik process on which an Android application runs on. The third one is that Android lacks methods, tools and libraries to interact with SELinux. The last one is how to update the SELinux policy automatically when installing or removing an application. In this paper, we propose solutions for the above limitations that make the SELinux more adaptive and suitable for Android framework.

• The Journal of Asian Finance, Economics and Business
• /
• v.7 no.10
• /
• pp.295-302
• /
• 2020

The study examines an empirical case that explores the key constructs of the Unified Theory of Acceptance and Use of Technology (UTAUT) (Venkatesh, Morris, Davis & Davis, 2003) and the relationship between security and privacy of the Theory of Perceived Risk (TPR) (Bauer, 1960). This study employs survey data of 200 young Internet users aged 18 to 25. The study was conducted through two steps: preliminary research by qualitative research method to form the official research scale then formal research by quantitative research method using CFA and SEM to test the research model. The research results show that performance expectancy and social influence significantly predict behavioral intention to use e-wallets in payment. In contrast, the factors, namely, security and privacy, and effort expectancy, are statistically insignificant on behavioral intention. Nevertheless, the facilitating conditions factor still affects the behavior of using e-wallets. The study proposes a model to generalize the online payment environment through the integration of UTAUT and TPR models that are important for online payment management and researchers in the technology environment. The findings of this study suggest that social influence significantly affects the intention of young people to use e-wallets instead of security and privacy.

• International Journal of Computer Science & Network Security
• /
• v.23 no.9
• /
• pp.29-36
• /
• 2023

Blockchain is an emerging technology that is used to address ownership, centrality, and security issues in different fields. The blockchain technology has converted centralized applications into decentralized and distributed ones. In existing sharing economy applications, there are issues related to low efficiency and high complexity of services. However, blockchain technology can be adopted to overcome these issues by effectively opening up secure information channels of the sharing economy industry and other related parties, encouraging industry integration and improving the ability of sharing economy organizations to readily gain required information. This paper discusses blockchain technology to enhance the development of insurance services by proposing a five-layer decentralized model. The Najm for Insurance Services Company in Saudi Arabia was employed in a case study for applying the proposed model to effectively solve the issue of online underwriting, and to securely and efficiently enhance the verification and validation of transactions. The paper concludes with a review of the lessons learned and provides suggestions for blockchain application development process.

• International Journal of Computer Science & Network Security
• /
• v.23 no.3
• /
• pp.31-48
• /
• 2023

The popularization of smart devices and subsequent optimization of their sensing capacity has resulted in a novel mobile crowdsensing (MCS) pattern, which employs smart devices as sensing nodes by recruiting users to develop a sensing network for multiple-task performance. This technique has garnered much scholarly interest in terms of sensing range, cost, and integration. The MCS is prevalent in various fields, including environmental monitoring, noise monitoring, and road monitoring. A complete MCS life cycle entails task allocation, data collection, and data aggregation. Regardless, specific drawbacks remain unresolved in this study despite extensive research on this life cycle. This article mainly summarizes single-task, multi-task allocation, and space-time multi-task allocation at the task allocation stage. Meanwhile, the quality, safety, and efficiency of data collection are discussed at the data collection stage. Edge computing, which provides a novel development idea to derive data from the MCS system, is also highlighted. Furthermore, data aggregation security and quality are summarized at the data aggregation stage. The novel development of multi-modal data aggregation is also outlined following the diversity of data obtained from MCS. Overall, this article summarizes the three aspects of the MCS life cycle, analyzes the issues underlying this study, and offers developmental directions for future scholars' reference.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.19 no.1
• /
• pp.23-30
• /
• 2023

According to the government's plan for cloud conversion and integration of information resources for administrative and public institutions, work is underway to convert administrative and public institutions to the cloud by 2025. In addition, in the private sector, companies in many fields, including finance, are already using cloud services, and the usage is expected to expand more and more. As a result, changes have occurred in security control activities using security systems, it is required to secure visibility for encrypted traffic when building a cloud control environment. In this paper, an analysis was conducted on the way to provide visibility in the cloud service environment. Ways to provide visibility in the cloud service environment include methods of using load balancer, methods of using security systems, and methods of using equipment dedicated to SSL/TLS decryption. For these methods, Performance comparison was performed in terms of confidentiality, functionality (performance), cost. Through this, the pros and cons of each visibility provision method were presented.

• International Journal of Computer Science & Network Security
• /
• v.23 no.6
• /
• pp.107-114
• /
• 2023

Successful implementations of DevOps practices significantly improvise software efficiency, collaboration and security. Most of the organizations are adopting DevOps for faster and quality software delivery. DevOps brings development and operation teams together to overcome all kind of communication gaps responsible for software failures. It relies on different sets of alternative tools to automate the tasks of continuous integration, testing, delivery, deployment and monitoring. Although DevOps is followed for being very reliable and responsible environment for quality software delivery yet it lacks many quantifiable aspects to prove it on the top of other traditional and agile development methods. This research evaluates quantitative performance of DevOps and traditional/ agile development methods based on software metrics. This research includes three sample projects or code repositories to quantify the results and for DevOps integrated selective tool chain; current research considers our earlier proposed and implemented DevOps hybrid model of integrated automation tools. For result discussion and validation, tabular and graphical comparisons have also been included to retrieve best performer model. This comparative and evaluative research will be of much advantage to our young researchers/ students to get well versed with automotive environment of DevOps, latest emerging buzzword of development industries.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.9
• /
• pp.92-99
• /
• 2013

As a recent cyber attack has a characteristic that is intellectual, advanced, and complicated attack against precise purpose and specified object, it becomes extremely hard to recognize or respond when accidents happen. Since a scale of damage is very large, a corresponding system about this situation is urgent in national aspect. Existing data center or integration security framework of computer lab is evaluated to be a behind system when it corresponds to cyber attack. Therefore, this study suggests a better sophisticated next generation convergence security framework in order to prevent from attacks based on advanced persistent threat. Suggested next generation convergence security framework is designed to have preemptive responses possibly against APT attack consisting of five hierarchical steps in domain security layer, domain connection layer, action visibility layer, action control layer and convergence correspondence layer. In domain connection layer suggests security instruction and direction in domain of administration, physical and technical security. Domain security layer have consistency of status information among security domain. A visibility layer of Intellectual attack action consists of data gathering, comparison, decision, lifespan cycle. Action visibility layer is a layer to control visibility action. Lastly, convergence correspond layer suggests a corresponding system of before and after APT attack. An introduction of suggested next generation convergence security framework will execute a better improved security control about continuous, intellectual security threat.

• Journal of Digital Convergence
• /
• v.12 no.9
• /
• pp.201-207
• /
• 2014

In the cloud environment, the company needs data integration and analysis to make decision and policy. If new system is added to this environment, a lot of time and cost is needed due to disparate properties among systems when data is integrated. Therefore, in this paper, we propose a DBaaS hub system for multi-database service. The DBaaS may require a different database and need data integration for relevant service. Using the ontology, we propose a metadata query to resolve the interoperability issues between data of DBaaS. The meta-query is not a query to access the real data, but the query for the upper level. This method provides data integration by accessing the data with the converted query through an ontology when we access the actual database.We also constructs a document-oriented database system using the metadata.

• Convergence Security Journal
• /
• v.12 no.4
• /
• pp.3-8
• /
• 2012

Smartphones have all the recent technology integration and NFC (Near Field Communication) Technology is one of them and become an essential these days. Despite using smartphones with NFC technology widely, not many security vulnerabilities have been discovered. This paper attempts to identify characteristics and various services in NFC technology, and to present a wide range of security vulnerabilities, prevention, and policies especially in NFC Contactless technology. We describe a security vulnerability and an possible threat based on human vulnerability and traditional malware distribution technic using Peer-to-Peer network on NFC-Enabled smartphones. The vulnerability is as follows: An attacker creates a NFC tag for distributing his or her malicious code to unspecified individuals and apply to hidden spot near by NFC reader in public transport like subway system. The tag will direct smartphone users to a certain website and automatically downloads malicious codes into their smartphones. The infected devices actually help to spread malicious code using P2P mode and finally as traditional DDoS attack, a certain target will be attacked by them at scheduled time.