• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1998.12a
• /
• pp.33-48
• /
• 1998

이 논문에서는 소프트웨어의 저작권을 보호하기 위한 방법으로서 공개키 기반 구조(Public Key Infrastructure, PKI)와 사용자 의존적인 소프트웨어(User Dependent Software, UDS)의 개념을 이용하는 새로운 방법을 제안한다. 공개키 인증서(Certificate)는 개인의 ID와 개인이 사용할 공개키를 묶어서 인증기관이 서명한 문서로서 개인의 사회적 신분을 나타내는 문서라고 볼 수 있다. 사용자 의존적인 소프트웨어란 사용자의 공개키로 암호화한 정보를 포함하여 컴파일되는 사용자 고유의 소프트웨어 컴포넌트이다. 사용자가 소프트웨어를 이용하기 위해서는 개인키를 제시하여 암호화된 정보를 복호화 할 수 있음을 증명해야 한다. 공개키 기반 구조를 이용하는 이러한 구조의 소프트웨어를 이용하면 사용자는 자신의 공개키 인증서와 개인키에 대한 사회적 책임하에 소프트웨어를 정당하게 사용하게 됨으로써 불법 복제가 어렵게 되고 소프트웨어의 저작권을 근본적으로 보호할 수 있게 된다. 이러한 조건에서라면 소프트웨어의 온라인 판매에 이은 온라인 배달도 가능해져서 사회적으로 많은 물류 비용을 절감할 수 있을 것으로 기대된다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2001.04a
• /
• pp.399-402
• /
• 2001

최근 초고속 통신망을 이용한 인터넷의 대중화와 더불어 인터넷을 기반으로 하는 전자상거래가 활발해지고 있다. 특히 인터넷을 통한 전자 소프트웨어 유통(ESD:Electronic Software Distribution)은 많은 연구의 대상이 되고 있다[1]. 하지만 기존의 모델들은 실질적인 불법복제방지와 저작권보호에 미흡하고 익명성의 보장이 어려운 단점이 있다. 따라서 본 논문에서는 효율적으로 저작권을 보호하고 구매자의 익명성을 보장하기 위한 ESD 서버를 설계하였다. 제안된 기법은 익명을 원하는 구매자에 대한 정보를 판매자에게 제공하지 않으면서도 불법적인 복제와 유통을 억제한다. 또한 기존의 시리얼넘버(Serial Number)입력방식과 별도의 사용권 설치방식을 지양함으로써 사용자에게 보다 편리한 환경을 제공한다.

• KIPS Transactions on Software and Data Engineering
• /
• v.7 no.12
• /
• pp.451-460
• /
• 2018

Open source software is used in various ways when developing new softwares all around the world. It requires rights and responsibilities as a form of an open source software license. Because the license is a contract between original software developers of the open source software and users, we must follow it and extremely cautious to avoid copyright infringement. In particular, we must verify license compatibility when we develop new software using the existing open source softwares. However, license violation issues always occur and lead to lawsuits so that they are having an adverse effect on the open source software ecosystem. Thus, in this paper, we propose a method, OSLC-Vid, to identify license violations whether compatibility issues exist between open source softwares. The proposed method is verified by the experiments to detect actual license violation cases.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.2
• /
• pp.205-214
• /
• 2012

IDPF, which builds formats and copyright protection standards of eBooks, has announced ePUB 3.0 as a technical standard of eBooks in October, 2011. This standard includes methods how to represent eBooks and technical specifications to protect eBook content. While technical specifications for content protection describe how to represent encryption and digital signature techniques, they do not identify any technical standards for rights expression but just file names for storages of rights information. It does not provide any unification of copyright information representation and formats used by eBook service companies. When copyright protection techniques for eBooks are used, comparability among eBook readers cannot be expected, even though there is a standard of ePUB. This study suggests a method to maintain compatibility toward eBook DRM by using unified rights information process under circumstances where different eBook service companies use diverse methods. The standard reference software of the model proposed in this study, together with other results of this study, will be offered as a registered open software.

• Journal of Digital Convergence
• /
• v.11 no.5
• /
• pp.1-11
• /
• 2013

To make the DRM technology protect adequately the copy right of digital contents, DRM software should have high quality and no defects when DRM is added to digital contents. It can be a basis for the effective protection of the copyright of digital contents to develop a quality evaluation model of DRM SW. First of all, the security of DRM SW is the most critical quality characteristic that DRM software must have. In this paper, we conducted research on how to measure the quality of security of DRM SW.

• Journal of the Korea Convergence Society
• /
• v.9 no.4
• /
• pp.31-45
• /
• 2018

Recent dramatical development of computer technology related to internet technology intensifies the dispute over software of computer or smart device. Research on software has been flourished with political issuing of fierce competition among nations for software development. Particularly industrial growth in ethernet based big data and IoT (Internet of Things) has promoted to build and develop open source programs based on java, xcode and C. On these circumstances, issue on software piracy has been confronted despite the basic security policy protecting intellectual property rights of software and thus it is of substantial importance to protect the rights of originality of source program license. However, the other issue on source technology protection of developer is the possibility of hindrance to advancement in industry and culture by developing programs. This study discuss the way of enhancing legal stability of IoT application program development and reinforcing precision in inspection of program plagiarism by analyzing the source programs with newly introducing text mining technique, thus suggests an alternative protective way of infringement of personal information due to duplicating program.

• Journal of Software Assessment and Valuation
• /
• v.17 no.1
• /
• pp.11-16
• /
• 2021

The importance of software is increasing due to the development of information and communication, and software copyright disputes are also increasing. In this paper, the source of the submitted programs and the files necessary for the execution of the program were taken as the scope of analysis. The large-capacity file transfer solution program to be analyzed provides additional functions such as confidentiality, integrity, user authentication, and non-repudiation functions through digital signature and encryption of data.In this paper, we analyze the program A, program B, and the program C. In order to calculate the program similarity rate, the following contents are analyzed. Analyze the similarity of the package structure, package name, source file name in each package, variable name in source file, function name, function implementation source code, and product environment variable information. It also calculates the overall similarity rate of the program. In order to check the degree of agreement between the package structure and the package name, the similarity was determined by comparing the folder structure. It also analyzes the extent to which the package structure and package name match and the extent to which the source file (class) name within each package matches.

• Journal of Software Assessment and Valuation
• /
• v.17 no.2
• /
• pp.11-17
• /
• 2021

In this study, problems of software completeness appraisal are pointed out and their solutions are presented by analyzing appraisal cases and judicial precedents. Completeness appraisal, ready-made appraisal, defect appraisal, and cost appraisal have been classified as and have been evaluated with extant software completeness appraisals. From a legal point of view, and in judicial precedents, however, there is a big difference between the definition of completeness and the completion rate. This is because the degree of completeness is evaluated under the premise that the software's development is complete, whereas the ready-made appraisal inspects the development progress of unfinished software. Often, in cases involving software completion rate, the total completion level is calculated by weighting each step of the software development process. However, completeness evaluations use the software's realization-operation as its sole criterion. In addition, another issue not addressed in existing software completeness appraisal cases is that there is no mention of who is responsible for software defects, whereas in case law, the responsible party is determined by finding who caused the dispute. In this paper, we systematically classify these problems, and present a novel evaluation method that separates software completeness evaluations from software completion evaluations.

• Journal of Software Assessment and Valuation
• /
• v.15 no.1
• /
• pp.25-35
• /
• 2019

In Korea, the calculation of quantitative similarity is commonly used to gauge the substantial similarity of computer programs. Substantial similarity should be assessed by considering the quantity and quality of areas that show similarity, but in practice, qualitative aspects are reflected by multiplying the weighted value in the calculation of quantitative similarity. However, such a practical method cannot be deemed adequate, considering the fundamental characteristic of the judgment on substantial similarity, which holds that the quantitative and qualitative aspects of similar areas should be considered on an equal footing. Thus, this study pointed out the issue regarding the use of weighted value and sought appropriate ways to take into account qualitative aspects when assessing the substantial similarity of computer programs.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.366-381
• /
• 2020

Steganography has been successfully employed in various applications, e.g., copyright control of materials, smart identity cards, video error correction during transmission, etc. Deep learning-based steganography models can hide information adaptively through network learning, and they draw much more attention. However, the capacity, security, and robustness of the existing deep learning-based steganography models are still not fully satisfactory. In this paper, three models for different cases, i.e., a basic model, a secure model, a secure and robust model, have been proposed for different cases. In the basic model, the functions of high-capacity secret information hiding and extraction have been realized through an encoding network and a decoding network respectively. The high-capacity steganography is implemented by hiding a secret image into a carrier image having the same resolution with the help of concat operations, InceptionBlock and convolutional layers. Moreover, the secret image is hidden into the channel B of carrier image only to resolve the problem of color distortion. In the secure model, to enhance the security of the basic model, a steganalysis network has been added into the basic model to form an adversarial network. In the secure and robust model, an attack network has been inserted into the secure model to improve its robustness further. The experimental results have demonstrated that the proposed secure model and the secure and robust model have an overall better performance than some existing high-capacity deep learning-based steganography models. The secure model performs best in invisibility and security. The secure and robust model is the most robust against some attacks.