• Journal of the Korean Institute of Intelligent Systems
• /
• v.14 no.6
• /
• pp.678-686
• /
• 2004

This paper presents a new method to securely conduct online sealed-bid auctions with a single auctioneer server The sealed-bid auctions have several vulnerable security problems when they are performed on the Internet. One of such problems is the trust establishment between an auctioneer and bidders who participate in an auction. Several online sealed-bid auction methods have been developed to address this trust problem. The proposed method solves the security problems that would happen in the sealed-bid auction using a blind signature scheme and a contract signature protocol. It prevents the auctioneer from illegally manipulating the bidders' bidding information, repudiating the reception of some bid, manipulating the auction period, and illegally adding or deleting bids. In addition, it keeps the bidders from modifying the bidding information after issuing their bid and doing intentional mistake to invalidate their own bid. The method can be easily implemented using the multiagent architecture.

• Journal of Cadastre & Land InformatiX
• /
• v.46 no.2
• /
• pp.211-224
• /
• 2016

Based on the 'Government 3.0', the government opens the public data and encourages the active use in the private sector. Recently, the spatial and statistical information that is one of the public data is being widely used in the various web business as a high value-added information. In this study, we propose an architecture of high-availability, high-reliability and high-performance open platform which can provide a variety of services such as searching, analysis, data mining, and thematic mapping. In particular, we present two different system architectures for the government and the public services, by reflecting the importance of the information security and the respective utilization in the private and public sectors. We also compared a variety of server architecture configurations such as a clustered server configuration, a cloud-based virtual server configuration, and a CDN server configuration, in order to design a cost- and performance-effective spatial-statistical information open platform.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.1 no.2
• /
• pp.73-81
• /
• 2006

The home network is generally separated from the Internet, as it is made up of a private network due to security issues and the lack of IPv4 addresses space. Also, a user may want to move from a terminal to another terminal connected in the home network during communicating with people outside the home. In this case, people connected in the Internet, or another home network could not communicate the user at the home. These limitations prevent a SIP-capable device connected in the home network from communicating with another SIP-capable device connected in the Internet or the outside of the home network. To overcome the limitations, This paper proposes the Adaptive SIP Application Server System as a software architecture that a user inside of the home can communicate with people outside of the home when the home is composed of a private IP-based network. Moreover, the proposed architecture provides the session mobility that allows the user to maintain a media session even if changing the terminal inside of the home during the session established. The proposed system was implemented over a home server device which acts functionality as a connection point for transmitting IP packets between a home network and the Internet.

• Convergence Security Journal
• /
• v.7 no.2
• /
• pp.135-143
• /
• 2007

This study proposes a DRM system for VOD streaming services in a mobile environment. The proposed system consists of DRM client manager (Consumer), in which core components for client services are independently constructed to be used in a mobile environment, and DRM server, which provides DRM services. Consumer independently exists in the client to maximize efficiency and processing capacity in such a mobile environment, and consists of license service, content service, access service, and tracking service. DRM server consists of streaming server for VOD streaming, distributor, license server, and provider. The proposed system has an architecture suitable for a mobile environment that is difficult to process in the existing DRM system and can solves the super-distribution using license manager in client manager.

• The KIPS Transactions:PartD
• /
• v.15D no.5
• /
• pp.699-704
• /
• 2008

By the dependence on Web from popularization of internet and increasing number of users, web services capability and security problem of communication is becoming a great issue. Existing web services technology decrease the capability of web application server by limiting the number of synchronous client, decreasing the processing load and increasing average response time. The encryption process to secure communication and the early expense of handshake decrease transmission speed and server capability by increasing the calculation time for connecting. Accordingly, this paper executes an encryption procedure by elliptical encryption algorithm to satisfy secure demands, improve the overload of server for web services and get reliability and security of web server architecture and proposes an improved mobile web sever which provides better ability and the techniques for deferred processing.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.2
• /
• pp.343-350
• /
• 2010

In the existing design of web server architecture, data encryption technique is used to keep the reliability, stability, and safety of web service. But the use of data encryption technique wastes the work of cpu while decreasing throughput of web server and increasing average response time so that it shows negative effect on the capacity of web application server. Also, the latest web applications require security and safety for the safe internet communication. Therefore, this paper suggests the improved web server which uses thread pool and Non-blocking I/O adding new web service modules to the existing web server for the safe web service, provides reliability and safety to show the safe web service capacity. And we compare and evaluate the safety and capacity through experiment on the existing traditional Tomcat based web server and the proposed system to evaluate the safety and capacity of the proposed web server system.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.4C
• /
• pp.559-569
• /
• 2004

It has become more difficult to correspond an cyber attack quickly as a pattern of attack becomes various and complex. And, current security mechanisms just have passive defense functionalities. In this paper, we propose new network security architecture to respond various cyber attacks rapidly and to chase and isolate the attackers through cooperation between security zones. The proposed architecture make possible to deal effectively with cyber attacks such as IP spoofing or DDoS(Distributed Denial of Service) using active packet technology including a mobile sensor on active network. Active Security Management System based on proposed security architecture consists of active security node and active security server in a security zone, and is designed to have more active correspondent than that of existing mechanisms. We implemented these mechanisms in Linux routers and experimented on a testbed to verify realization possibility of Active Security Management System. The experimentation results are analyzed.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.4
• /
• pp.87-97
• /
• 2009

Internet network routing system is used to prevent spread and distribution of malicious data traffic. This study is based on analysis of diagnostic weakness structure in the network security domain. We propose an improved integrated multi-level protection domain for in the internal route of groupware. This paper's protection domain is designed to handle the malicious data traffic in the groupware and finally leads to lighten the load of data traffic and improve network security in the groupware. Infrastructure of protection domain is transformed into five-stage blocking domain from two or three-stage blocking. Filtering and protections are executed for the entire server at the gateway level and internet traffic route ensures differentiated protection by dividing into five-stage. Five-stage multi-level network security domain's malicious data traffic protection performance is better than former one. In this paper, we use a trust evaluation metric for measuring the security domain's performance and suggested algorithm.

• Convergence Security Journal
• /
• v.10 no.3
• /
• pp.9-14
• /
• 2010

The network architecture and analysis model for evaluating the information security are presented to distribute the reliable and secure multimedia digital contents. Using the firewall and IDS, the function of the proposed model includes the security range, related data collection/analysis, level evaluation and strategy proposal. To develop efficient automatic analysis tool, the inter-distribution algorithm and network design based on the traffic analysis between web-server and user are needed. Furthermore, the efficient algorithm and design of DRM/PKI also should be presented before the development of the automatic information security model.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.1
• /
• pp.41-49
• /
• 2011

We designed a security improved document DRM for protecting document based military information which is transmitted in the military information system environment. The user should be could not access document which not related to his/her role and duty, and must view the only document appropriate for his/her role and security level according to the security level of document. We improved the security of document DRM by adding to the access control module in DRM server. Our system allows operation mode authorizations for the document, considering the user's role & security level and the security level of document. And it prevents indiscriminate access to the document and damage the confidentiality and integrity of information.