• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.1C
• /
• pp.74-79
• /
• 2006

When DRM systems are built on a specific computing platform and a coding algorithm, the interoperability among them will be improbable. For enhanced compatibility, MOSES has been developed such that it has a structure that can be decomposed into independent modules for interoperability with other DRM systems with IPMP functionality. In MOSES, security in contents transaction is provided by JPWallet which controls licenses with key management. In this paper, we present the structure of JPWallet and how the keys are handled between contents servers and contents-consuming clients. The PDA-based codes from the prototype MOSES system have been ported into PC-based codes and tested for compatibility. Analysis of JPWallet, which is the core of MOSES, will contribute to the standardization of domestic IPMP systems compatible with global standards.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.161-164
• /
• 2012

Location-Based Services(LBS) are a general class of computer program-level services used to include specific controls for location data as control features in computer programs. In recent years, the number of smart device(Smart Phone, Tablet PC etc.) users growth was exponential. For that reason, using rate of LBS has drastically increased. The most important thing of LBS is security. Personal information, especially private information likes illness, should not be disclosed. In this paper shows how to attack LBS and how to defense it.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.9
• /
• pp.2052-2072
• /
• 2012

Access control is an essential security component in protecting sensitive data and services from unauthorized access to the resources in mission-critical Cyber-Physical Systems (CPSs). CPSs are different from conventional information processing systems in such that they involve interactions between the cyber world and the physical world. Therefore, existing access control models cannot be used directly and even become disabled in an emergency situation. This paper proposes an adaptive Access Control model for Emergences (AC4E) for mission-critical CPSs. The principal aim of AC4E is to control the criticalities in these systems by executing corresponding responsive actions. AC4E not only provides the ability to control access to data and services in normal situations, but also grants the correct set of access privileges, at the correct time, to the correct set of subjects in emergency situations. It can facilitate adaptively responsive actions altering the privileges to specific subjects in a proactive manner without the need for any explicit access requests. A semiformal validation of the AC4E model is presented, with respect to responsiveness, correctness, safety, non-repudiation and concurrency, respectively. Then a case study is given to demonstrate how the AC4E model detects, responds, and controls the emergency events for a typical CPS adaptively in a proactive manner. Eventually, a wide set of simulations and performance comparisons of the proposed AC4E model are presented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.6 no.1
• /
• pp.15-24
• /
• 1996

In this paper, we propose a new kind of signature scheme, called 'nominative signatures&, which is the dual scheme of undeniable signatures. Also we construct a zero-knowledge protocol that implements it. The new technique called 'nominative signatures' achieves these objectives: only nominee can verity the nominator(signer)'s signature and if necessary, only nominee can prove to the third party that the signature is issued to him(her) and is valid. Contraty to the undeniable signature scheme, nominative signatures are confirmed via a protocol between the nominee and the third party, so the cooperation of the nominee is necessary. That is, not a signer(nominator) but a verifier(nominee) can control the abuse of signatures - undeniable signature cannot be verified without the cooperation of the signer, so the signer controls the abuse of signatures. Our nominative signatures are very valuable for the case in which the content of signature is concerned with the verifier's privacy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.10 no.4
• /
• pp.3-11
• /
• 2000

In this paper, we design modular multiplication systolic array and exponentiation processor having n bits message black. This processor uses Montgomery algorithm and LR binary square and multiply algorithm. This processor consists of 3 divisions, which are control unit that controls computation sequence, 5 shift registers that save input and output values, and modular exponentiation unit. To verify the designed exponetion processor, we model and simulate it using VHDL and MAX+PLUS II. Consider a message block length of n=512, the time needed for encrypting or decrypting such a block is 59.5ms. This modular exponentiation unit is used to RSA cryptosystem.

• International Journal of Computer Science & Network Security
• /
• v.22 no.2
• /
• pp.199-208
• /
• 2022

The world health organization classified the emerging coronavirus (known as Covid-19) as a pandemic after confirming the extent of spread and scale. As a matter of fact, outbreaks of similar scale or even worse have been witnessed throughout history. Thus, the development of prevention strategies exists to protect against such calamaties. One of the widely proven measures that controls the spread of any contagious diseases is social distancing. As a result, this paper will demonstrate the concept of an application "Be Aware" on enabling the implementation of this preventive measure. In particular "Be aware" evaluates the extent of congestion in public places using current time data. The proposed project will use Global Positioning System (GPS), and Application Programming Interface (API), to ensure information accuracy, and the API use Crowdsourcing to collect Real-Time Data (RTD) from the selected places. One line

• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.1-8
• /
• 2023

The artificial intelligence of robot is the weakness of digital intelligence of a person who able to train, self-realize and to develop competences, creative, professional and behavioral skills. A new methodology proposed for managing robots inside the mines using an electronic system designed for driving robots to injured people in seas, mines or wells who can not be reached by human force. This paper also explains the concept of managing and remote-controlling the process of searching and helping the injured. The user controls the robot through an application that receives all the reports that the robot sends from the injured person. The robot's tasks are to take a sample of the blood of the injured person, examine it, and measure the percentage of oxygen underground and send it to the user who directs the robot to pump a specific percentage of oxygen to the injured person. The user can also communicate with the person The patient and determine his condition through the camera connected to the robot equipped with headphones to communicate with the injured and the user can direct the camera of the robot and take x-rays from the injured.

• The Journal of the Korea Contents Association
• /
• v.15 no.5
• /
• pp.27-35
• /
• 2015

Depending on the smart device user growth and development of communication technology, the area about working environment was extended without constraints of time and places. It is introducing to work using user's devices and this environment is called 'BYOD(Bring Your On Device)'. But it is vulnerable to security threat that happened in existing wireless environment and its security threat issue which is caused by inside information leak by an inside job and lost or stolen terminal which is caused by careless user is getting heated. So we studied about access control protocol by user rights under the BYOD situation make a session key based on the user information. We make a session key based on the user information and user device information, after that we design an access control protocol. The protocol we suggest can protect from attack under the BYOD situation and wireless communication situation and also safety and security requirement from inside information leak because it controls user rights.

• The KIPS Transactions:PartC
• /
• v.19C no.2
• /
• pp.83-90
• /
• 2012

MANET(Mobile Ad-Hoc Network) has a weakness from a security aspect because it operates where no wired network is built, which causes the exposed media, dynamic topology, and the lack of both central monitoring and management. It is especially difficult to detect and mitigate a malicious node because there is not a mediator which controls the network. This kind of malicious node is closely connected to the routing in the field of study of Ad-Hoc security. Accordingly this paper proposes the method on how to enhance the security for the safe and effective routing by detecting the malicious node. We propose MBC(Identification technition of Malicious Behavior node based on Collaboration in MANET) that can effectively cope with malicious behavior though double detecting the node executing the malicious behavior by the collaboration between individual node and the neighbor, and also managing the individual nodes in accordance with the trust level obtained. The simulation test results show that MBC can find the malicious nodes more accurately and promptly that leads to the more effectively secure routing than the existing method.

• KIPS Transactions on Computer and Communication Systems
• /
• v.3 no.2
• /
• pp.31-42
• /
• 2014

Debugger systems are necessary to apply dynamic program analysis when evaluating security properties of embedded system software. It may be possible to make the use of software-based debugger and/or DBI framework if target devices support general purpose operating systems, however, constraints on applicability as well as environmental transparency might be incurred thereby hindering overall analyzability. Analysis with JTAG (IEEE 1149.1) debugging devices can overcome these difficulties in that no change would be involved in terms of internal software environment. In that sense, JTAG API can facilitate to practically perform dynamic program analysis for evaluating security properties of target device software. In this paper, we introduce an implementation of JTAG API to enable analysis of ARM core based embedded systems. The API function set includes the categories of debugger and target device controls: debugging environment and operation. To verify API applicability, we also provide example analysis tool implementations: our JTAG API could be used to build kernel function fuzzing and live memory forensics modules.