• Journal of Information Processing Systems
• /
• v.7 no.4
• /
• pp.561-580
• /
• 2011

This paper describes different aspects of a typical RFID implementation. Section 1 provides a brief overview of the concept of Automatic Identification and compares the use of different technologies while Section 2 describes the basic components of a typical RFID system. Section 3 and Section 4 deal with the detailed specifications of RFID transponders and RFID interrogators respectively. Section 5 highlights different RFID standards and protocols and Section 6 enumerates the wide variety of applications where RFID systems are known to have made a positive improvement. Section 7 deals with privacy issues concerning the use of RFIDs and Section 8 describes common RFID system vulnerabilities. Section 9 covers a variety of RFID security issues, followed by a detailed listing of countermeasures and precautions in Section 10.

• The Journal of Economics, Marketing and Management
• /
• v.10 no.6
• /
• pp.17-26
• /
• 2022

Purpose: This study analyzes advanced cases of overseas smart cities and examines policy implications related to the creation of smart cities in Korea. Research design, data, and methodology: Analysis standards were established through the analysis of best practices. Analysis criteria include Technology, Privacy, Security, and Governance. Results: In terms of technology, U-City construction experience and communication infrastructure are strengths. Korea's ICT technology is inferior to major countries. On the other hand, mobile communication, IoT, Internet, and public data are at the highest level. The privacy section created six principles: legality, purpose limitation, transparency, safety, control, and accountability. Security issues enable urban crime, disaster and catastrophe prediction and security through the establishment of an integrated platform. Governance issues are handled by the Smart Special Committee, which serves as policy advisory to the central government for legal system, standardization, and external cooperation in the district. Conclusions: Private technology improvement and participation are necessary for privacy and urban security. Citizens should participate in smart city governance.

• International Journal of Computer Science & Network Security
• /
• v.23 no.4
• /
• pp.25-31
• /
• 2023

Fog computing diversifies cloud computing by using edge devices to provide computing, data storage, communication, management, and control services. As it has a decentralised infrastructure that is capable of amalgamating with cloud computing as well as providing real-time data analysis, it is an emerging method of using multidisciplinary domains for a variety of applications; such as the IoT, Big Data, and smart cities. This present study provides an overview of the security and privacy concerns of fog computing. It also examines its fundamentals and architecture as well as the current trends, challenges, and potential methods of overcoming issues in fog computing.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.2
• /
• pp.498-514
• /
• 2012

Machine to machine (M2M) communications is the hottest issue in the standardization and industry area, it is also defined as machine-type communication (MTC) in release 10 of the 3rd Generation Partnership Project (3GPP). Recently, most research have focused on congestion control, sensing, computing, and controlling technologies and resource management etc., but there are few studies on security aspects. In this paper, we first introduce the threats that exist in M2M system and corresponding solutions according to 3GPP. In addition, we present several new security issues including group access authentication, multiparty authentication and data authentication, and propose corresponding solutions through modifying existing authentication protocols and cryptographic algorithms, such as group authentication and key agreement protocol used to solve group access authentication of M2M, proxy signature for M2M system to tackle authentication issue among multiple entities and aggregate signature used to resolve security of small data transmission in M2M communications.

• Journal of Electrical Engineering and Technology
• /
• v.7 no.3
• /
• pp.443-450
• /
• 2012

As power grids are integrated into one big umbrella (i.e., Smart Grid), communication network plays a key role in reliable and stable operation of power grids. For successful operation of smart grid, interoperability and security issues must be resolved. Security means providing network system integrity, authentication, and confidentiality service. For a cyber-attack to a power grid system, which may jeopardize the national security, vulnerability of communication infrastructure has a serious impact on the power grid network. While security aspects of power grid network have been studied much, security mechanisms are rarely adopted in power gird communication network. For security issues, strict timing requirements are defined in IEC 61850 for mission critical messages (i.e., GOOSE). In this paper, we apply security algorithms (i.e., MD-5, SHA-1, and RSA) and measure their processing time and transmission delay of secured mission critical messages. The results show the algorithms satisfying the timing requirements defined in IEC 61850 and we observer the algorithm that is optimal for secure communication of mission critical messages. Numerical analysis shows that SHA-1 is preferable for secure GOOSE message sending.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.11
• /
• pp.4331-4354
• /
• 2020

Nepal is a sensitive and disaster-prone country where safety and security risk are of high concern for travelers. Digital technologies can play a vital role in addressing safety and security issues in the country. This research work proposes a Digital tourism security system design for addressing the safety and security issues in tourism industry of Nepal. The study uses Design science research methodology to identify artifacts, interactions, information flow and dependencies between them which are then mapped with existing prevalent technology to provide design solutions. Data is obtained from interview of tourist and experts as a primary source and technical documents/draft, software documentations, surveys as secondary source. Generalized information model, Use cases model, Network architecture model, Layered taxonomy model and Digital tourism technology reference model are the outcomes of the study. The work is very important as it talks specifically about implementation and integration of digital technologies in tourism security governance at federal, provincial, municipal and rural level. The research supplements as a knowledge document for design and implementation of digital tourism security system in practice. As there is very less work on digital systems in tourism security of Nepal, this work is a pioneer and first of its kind.

• International Journal of Computer Science & Network Security
• /
• v.24 no.1
• /
• pp.140-150
• /
• 2024

Database-as-a-Service is one of the prime services provided by Cloud Computing. It provides data storage and management services to individuals, enterprises and organizations on pay and uses basis. In which any enterprise or organization can outsource its databases to the Cloud Service Provider (CSP) and query the data whenever and wherever required through any devices connected to the internet. The advantage of this service is that enterprises or organizations can reduce the cost of establishing and maintaining infrastructure locally. However, there exist some database security, privacychallenges and query performance issues to access data, to overcome these issues, in our recent research, developed a database security model using a deterministic encryption scheme, which improved query execution performance and database security level.As this model is implemented using a deterministic encryption scheme, it may suffer from chosen plain text attack, to overcome this issue. In this paper, we proposed a new model for cloud database security using nondeterministic encryption, order preserving encryption, homomorphic encryptionand database distribution schemes, andour proposed model supports execution of queries with equality check, range condition and aggregate operations on encrypted cloud database without decryption. This model is more secure with optimal query execution performance.

• The Journal of Society for e-Business Studies
• /
• v.4 no.2
• /
• pp.197-208
• /
• 1999

With developing computer and communication technologies, the concept of CALS system has been popular not only to military but also to commercial industries. The security problem is one of the most critical issues to construct CALS infrastructure. The CALS system needs some security functions such that data confidentiality, integrity, authenticity, availability, and non-repudiation. This paper proposes a security architecture model in CALS. The security architecture model is composed of 5 submodels such that network security model, authentication and key management model, operation and audit model, integrated database security model, and risk analysis model.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.303-310
• /
• 2010

Today, about 98% of the international trade which leads the global economy is conducted at seas. This situation shows that maritime security is a key component for the stable development not only for international economy but also for the international security. Further, it suggests that the international society have reached to the stage that needs to fundamentally evaluate issues of the international maritime security cooperation and make further development. However, the international cooperation might not be an easy task to achieve because each nation faces different maritime security issues and maritime security cooperations require massive manpower and budgets due to diverse types of threats. Therefore, this paper analyzes status and issues of maritime security cooperation in vicinity of Malacca Strait and Somalian seas as key SLOCs for international economy. Based on this analysis, this paper aims to contribute to improve stability for the international economy by suggesting directions for the further development.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39C no.4
• /
• pp.326-333
• /
• 2014

Internet Services have security issues. To prepare proper security measures for these security issues, security level setting is positively necessary. Until now, we use a security level with CIA (Confidentiality, Integrity, and Availability) Security Levels. However, CIA Security Levels has problems with ambiguous measures for the middle level of security setting. Moreover, security level overlap occurs, in some cases, when user authentications are not done. Additionally, there exist some levels among CIA Security Levels which cannot be applied to Internet services. In this paper, new security level model, CIAA Security Levels with deletion of ambiguous middle level of security setting and addition of authentication to one of security level setting factors, is proposed. The CIAA Security Levels model can be applied to more concrete security measures than CIA Security Levels. The proposed Security Levels model is applicable to almost any on-line services and it can be applied to new online services.