• The KIPS Transactions:PartC
• /
• v.9C no.1
• /
• pp.9-16
• /
• 2002

As existing analog video surveillance systems could save and retrieve data only in a limited space within short distance, it had many constraints in developing into various application systems. However, on the back of development of the Internet and computer technologies, digital video surveillance systems can be controlled from a remote location by web browser without space limits. Moreover, data compression and management technologies with Index Search algorithm make it possible to efficiently handling, storing, and retrieving a large amount of data and further motion detection algorithm enhances a recording speed and efficiency for a practical application, that is, a practical remote recordable video surveillance system using our efficient algorithms as mentioned, called WebCam. The WebCam server system can intelligently record and save video images digitized through efficient database management, monitor and control cameras in a remote place through user authentication, and search logs.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.11
• /
• pp.2067-2072
• /
• 2016

Recently, due to the development of attack techniques that can circumvent existing information protection systems, continuous threats in a form unrecognized by the user have threatened information assets. Therefore, it is necessary to support the prompt responses to anticipated attempts of APT attacks, bypass access attacks, and encryption packet attacks, which the existing systems have difficulty defending against through a single response, and to continuously monitor information protection systems with a defense strategy based on Indicators of Attack (IOA). In this paper, I suggest a centralized intelligent information protection system to support the intelligent response to a violation by discerning important assets through prevention control in a performance impact assessment about information properties in order to block the attack routes of APT; establishing information control policies through weakness/risk analyses in order to remove the risks in advance; establishing detection control by restricting interior/exterior bypass networks to server access and monitoring encrypted communications; and lastly, performing related corrective control through backup/restoration.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.111-114
• /
• 2017

As digital contents are widely used and require increasingly high quality, the data storage services over Internet also become more and more important. One of popular services, web-hard, provides lots of users with web-based functions for data storage, management and sharing but such storage utilization requires quite high cost compared to using portable storage devices. Moreover, some users may avoid putting their important data into open Internet area. On the other hand, portable storage devices are cheaper but can be used only when they are physically connected to host devices such as PC. Also additional management and security functions should be equipped to support data sharing among users. In this paper, we propose a web-based data storage system combining those advantages of aforementioned two approaches. The proposed system immediately provides web-based services for data management and sharing when a portable device such as SDD is connected to the server.

• Journal of KIISE:Computing Practices and Letters
• /
• v.5 no.5
• /
• pp.564-573
• /
• 1999

Recently, as the development and use of distributed multimedia services are growing explosively in every aspects of our lives, administrators of multimedia services are very concerned with providing users with reliable and efficient services. However, the management of distributed multimedia services is a very complex and troublesome work such that a flexible but powerful management system is necessary. This paper proposes a management system for managing CORBA-based distributed multimedia services. We have developed an architecture for the management system and defined a set of management services needed to monitor and control distributed multimedia services. The architecture consists of several objects, which perform configuration management, fault management, security management and event management. A generic distributed multimedia service (DMS) MIB has been defined for the management of various multimedia services and applications. In addition, as a proof of concept, we have developed a Web-based management system for a CORBA-based distributed multimedia system called MAESTRO. The prototype management system uses OrbixWeb to interface with the management server which is implemented as a set of CORBA objects. Though our management system has been developed for distributed multimedia services, it can easily manage other CORBA-based services and applications.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.10
• /
• pp.251-258
• /
• 2018

Ransomware, a malicious software that requires a ransom by encrypting a file, is becoming more threatening with its rapid propagation and intelligence. Rapid detection and risk analysis are required, but real-time analysis and reporting are lacking. In this paper, we propose a ransomware infection detection system using social big data mining technology to enable real-time analysis. The system analyzes the twitter stream in real time and crawls tweets with keywords related to ransomware. It also extracts keywords related to ransomware by crawling the news server through the news feed parser and extracts news or statistical data on the servers of the security company or search engine. The collected data is analyzed by data mining algorithms. By comparing the number of related tweets, google trends (statistical information), and articles related wannacry and locky ransomware infection spreading in 2017, we show that our system has the possibility of ransomware infection detection using tweets. Moreover, the performance of proposed system is shown through entropy and chi-square analysis.

• Journal of Advanced Navigation Technology
• /
• v.17 no.6
• /
• pp.736-748
• /
• 2013

In this paper, we analyse the vulnerabilities of KL scheme which is an ID-based authentication scheme for AMI network, and propose two kinds of authentication schemes which satisfy forward secrecy as well as security requirements introduced in the previous works. In the first scheme, we use MDMS which is the supervising system located in an electrical company for a time-synchronizing server, in order to synchronize smart grid devices in home, and we process device authentication with a new secret value generated by OTP function every session. In the second scheme, we use a secret hash-chain mechanism for authentication process, so we can use a new secret value every session. The proposed two schemes have strong points and weak points respectively and those depend on the services area and its environment, so we can select one of them efficiently considering real aspects of AMI environment.

• The KIPS Transactions:PartC
• /
• v.17C no.2
• /
• pp.173-180
• /
• 2010

Information technology is being applied to the development of ubiquitous healthcare system, which provides both efficient patient care and convenient treatment regardless of patient's location. However, the increasing number of users and medical information give rise to the problem of user management and the infringement of privacy. In order to address this problem we propose a user access scheme based on the RBAC (Role Based Access Control) model. The preceding trust management model for Grid security, FAS(Federation Agent Server), was analyzed and extended to provide supplementary functions for role-based access control in u-Healthcare system. The RBAC model provides efficient user management and access control, but very vulnerable in case when one with valid role tries to leak confidential inner medical information. In order to resolve this problem, a RBAC-WS (Work Status with RBAC) model has been additionally developed which allows only qualified staffs to access the system while on duty. Th proposed RBAC and RBAC-WS model have been merged together and applied to the PACS (Picture Archiving and Communication System).

• Journal of Broadcast Engineering
• /
• v.24 no.5
• /
• pp.813-826
• /
• 2019

This paper is a study on the implementation of MAM(Media Asset Management) to utilize UHD contents as high quality broadcast material. The implementation method of this paper is to separate MAM roles with content management functions and transmission workflow functions from workflow, metadata and system interface related work, which are divided into core MAM and MAM-Ex structure. Through the method proposed in this paper, we improved the content management method by applying the page menu method to the material metadata modification and applying the template method to the material structure API. In addition, the storage of UHD material and the configuration of the component server are pooled without any distinction of channels, thereby enhancing the security of UHD transmission assets by minimizing the movement of contents together with broadcasting material protection.

• Journal of Convergence for Information Technology
• /
• v.8 no.6
• /
• pp.143-148
• /
• 2018

In this paper, we propose a personalized user authentication system (PUAS) that can be used in multiple stages in user authentication by customizing the password keyword to be used in user authentication. The proposal concept is that the user oneself defines the password keyword to be used in user authentication so as to cope with a passive retransmission attack which reuses the password obtained when the server system is accessed in user authentication. The authentication phase is also designed so that it can be expanded in multiple stages in a single step. Also, it is designed to store user-defined password related information in an arbitrary encrypted place in the system, thereby designing to disable the illegal access of the network. Therefore, even if an intruder accesses the system using the proposed system, it is possible to generate personal authentication information by generating a password keyword through unique personal information possessed only by an individual and not know the place where the generated authentication information is stored, It has a strong security characteristic.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.8
• /
• pp.1071-1076
• /
• 2020

The importance of network separation is due to the use of the Internet with existing business PCs, resulting in an internal information leakage event, and an environment configured to allow servers to access the Internet, which causes service failures with malicious code. In order to overcome this problem, it is necessary to use network virtualization to separate networks and network interconnection systems. Therefore, in this study, the construction area was constructed into the network area for the Internet and the server farm area for the virtualization system, and then classified and constructed into the security system area and the data link system area between networks. In order to prove the excellence of the proposed method, a network separation construction study using network virtualization was conducted based on the basis of VM Density's conservative estimates of program loads and LOBs.