• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.3
• /
• pp.162-168
• /
• 2014

Cross-Site Request Forgery is one of the attack techniques occurring in today's Web Applications. It allows an unauthorized attacker to send authorized requests to Web Server through end-users' browsers. These requests are approved by the Web Server as normal requests therefore unexpected results arise. The problem is that the Web Server verifies an end-user using his Cookie information. In this paper, we propose an enhanced CSRF defense scheme which uses Page Identifier and user password's hash value in addition to the Cookie value which is used to verify the normal requests. Our solution is simple to implement and solves the problem of the token disclosure when only a random token is used for normal request verification.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.1
• /
• pp.5-23
• /
• 2012

Nowadays, most researchers and manufacturers always pay attention on wireless sensor networks (WSNs) due to its potential applications in many regions such as military, industrial and civilian areas. WSNs are the basic components of Internet of Things (IoT) and the key to machine-to-machine communications and the future Internet. Also, the security is an essential element for deploying WSNs. Recently the concept of trust-based mechanism was proposed in WSNs such as traditional cryptographic and authentication mechanisms. However, there is lack a survey on trust management for WSNs, IoT even future Internet. In this paper, we discuss the concept and potential application areas of trust management for WSNs and IoT worlds. Furthermore, we survey different trust management issues (i.e., cluster, aggregation, reputation). Finally, future research directions with respect to trust management in WSNs and future IoT world are provided. We give not only simple WSNs for IoT environments but also a simulated bootstrap platform to provide the discussion of open challenges and solutions for deploying IoT in Future Internet.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.10a
• /
• pp.700-702
• /
• 2001

As computers and networks become popular, distributing information on the Interment is common in our daily life. Also, the explosion of the Internet, of wireless digital communication and data exchange on Internet has rapidly changed the way we connect with other people. But secure mall is gamins popularity abroad and domestically because of their nature of prodding security. That is. it has been used a variety of fields such as general mail and e-mail for advertisement But, As the data transmitted on network can be easily opened or forged with simple operations. Most of existing e-mall system don't have any security on the transmitted information. Thus, security mail system need to provide security including message encryption, content integrity, message origin authentication, and non-repudiation. In this paper, we design implement secure mall system with non-repudiation service and encryption capability to provide services for certification of delivery and certification of content as well as the basic security services.

• Proceedings of Korean Society of Archives and Records Management
• /
• 2019.05a
• /
• pp.61-67
• /
• 2019

Recently, the central government organizations have changed their Business Management System to the cloud-based On-nara Document 2.0. According to this, the National Archives of Korea is spreading a cloud-based records management system. With the development of digital technology, including cloud computing, preservation and utilization of records must be redesigned continuously to be effective and efficient. It is needed that the process and method of the electronic records management will change from simple digitization of paper-based recording to digital technology. This article offers opinions related to the logical transfer, storage and redundancy elimination of digital objects, machine-readable format, big-data analysis, templates of official documents, and authenticity authentication system based on universally unique identifiers (UUID) and hash value.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.177-186
• /
• 2003

DRM(Digital Rights Management) is a technology that manages secure distributions and copyrights of digital contents on the Internet. It is general giving the rights to use the encrypted contents that are downloaded by a simple authorization process in the existing DRM system. Once this is done you are allowed to access. In this paper, we use RTP(Real-time Transport Protocol) for end-to-end real-time data transmission. And the system is designed to make it Possible to Protect copyrights and to distribute contents with safety through periodic authentication. We implemented DRM system to stand this basis. The proposed system vests only authorized users with authority to access the license. Hence it prevents contents to be distributed and copied illegally on networks.

• Journal of Internet Computing and Services
• /
• v.13 no.2
• /
• pp.59-71
• /
• 2012

PKI-based public key scheme is outstanding in terms of authenticity and privacy. Nevertheless its application brings big burden due to the certificate/key management. It is difficult to apply it to limited computing devices in WSN because of its high encryption complexity. The Bilinear Pairing emerged from the original IBE to eliminate the certificate, is a future significant cryptosystem as based on the DDH(Decisional DH) algorithm which is significant in terms of computation and secure enough for authentication, as well as secure and faster. The practical EC Weil Pairing presents that its encryption algorithm is simple and it satisfies IND/NM security constraints against CCA. The Random Oracle Model based IBE PKG is appropriate to the structure of our target system with one secret file server in the operational perspective. Our work proposes modification of the Weil Pairing as proper to the closed network for secret file distribution[2]. First we proposed the improved one computing both encryption and message/user authentication as fast as O(DES) level, in which our scheme satisfies privacy, authenticity and integrity. Secondly as using the public key ID as effective as PKI, our improved IBE variant reduces the key exposure risk.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.8
• /
• pp.1735-1742
• /
• 2011

Now a days, as a mass-storage USB becomes comfortable to carry, function of USB is being developed fast. However, there is a problem that the personal information which is stored in USB could be exposed being used with negative purpose without other certification process. This paper suggests OTP(One-Time Password)-based certification protocol of USB to securely protect personal information stored in USB without additional certification information. The proposed OTP based certification protocol of USB not only demands low calculations but also prevents physical approach of USB of other network and does not allow unnecessary service access of user because it conducts simple action and uses one-way hash function. Therefore, communication overhead and service delay is improved. In the experiment, the proposed protocol compares and evaluates throughput of certification server according to the numbers of USB and delay time of packet certification with a device(USB driver) which simply save device and a device(USB Token) which can calculate by oneself. As a result, it is improved as the number of 12.5% in the certification delay time on average and is improved as the number of 10.8% in the throughput of certification server according to the numbers of USB.

• Journal of Plant Biotechnology
• /
• v.43 no.4
• /
• pp.457-465
• /
• 2016

Microsatellites are one of the most suitable markers for identification of variety, as they have the capability to discriminate between narrow genetic variations. The polymorphism level between 120 microsatellite primer pairs and 148 soybean varieties was investigated through the fluorescence based automatic detection system. A set of 16 primer pairs showed highly reproducible polymorphism in these varieties. A total of 204 alleles were detected using the 16 microsatellite markers. The number of alleles per locus ranged from 6 to 28, with an average of 12.75 alleles per locus. The average polymorphism information content (PIC) was 0.86, ranging from 0.75 to 0.95. The unweighted pair group method using the arithmetic averages (UPGMA) cluster analysis for 148 varieties were divided into five distinctive groups, reflecting the varietal types and pedigree information. All the varieties were perfectly discriminated by marker genotypes. These markers may be useful to complement a morphological assessment of candidate varieties in the DUS (distinctness, uniformity and stability) test, intervening of seed disputes relating to variety authentication, and testing of genetic purity in soybean varieties.

• Korean Journal of Medicinal Crop Science
• /
• v.23 no.6
• /
• pp.439-445
• /
• 2015

Background : Correct identification of Panax species is important to ensure food quality, safety, authenticity and health for consumers. This paper describes a high resolution melting (HRM) analysis based method using internal transcribed spacer (ITS) and 5.8S ribosomal DNA barcoding regions as target (Bar-HRM) to obtain barcoding information for the major Panax species and to identify the origin of ginseng plant. Methods and Results : A PCR-based approach, Bar-HRM was developed to discriminate among Panax species. In this study, the ITS1, ITS2, and 5.8S rDNA genes were targeted for testing, since these have been identified as suitable genes for use in the identification of Panax species. The HRM analysis generated cluster patterns that were specific and sensitive enough to detect small sequence differences among the tested Panax species. Conclusion : The results of this study show that the HRM curve analysis of the ITS regions and 5.8S rDNA sequences is a simple, quick, and reproducible method. It can simultaneously identify three Panax species and screen for variants. Thus, ITS1HRM and 5.8SHRM primer sets can be used to distinguish among Panax species.

• Journal of Korea Multimedia Society
• /
• v.12 no.4
• /
• pp.550-558
• /
• 2009

In ubiquitous environment, more small, lightweight, cheap and movable device is used than one device used in wired network environment. Multimedia service which is anytime, anywhere, is provided by device. However, it does not ensure the fair use of multimedia contents and causes damage to the contents providers because of illegal copy and distribution and indiscriminate use of digital contents. For solving this problems, DRM is applied to wired network but it has the problems does not protect stored license and manage license completely because of depending on simple protection such as device authentication and cryptographic algorithm. This paper proposes the license management model using digital forensic and DRM that prevents contents and licenses from distributing illegally and also enables the creation of evidence for legal countermeasure and the protection of license in whole life cycle.