• Proceedings of the IEEK Conference
• /
• 2003.07a
• /
• pp.113-116
• /
• 2003

Mobile communication network because information through radio channel is passed, information may be eavesdropped and need information security countermeasure in communication network dimension for safe information exchange because there is possibility that is manufactured. This paper used Public Key Cryptography for protection and authentication connected with user authentication. Use public key and private key that is asymmetry encryption key to quote that is used at encryption, decryption of Public key. Encrypt IMSI and authentication message that is transmitted MS, VLR and HLR interval to public key, wish to embody transmitted authentication protocol safety.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.781-799
• /
• 2024

Recently, the US and EU have been institutionally introducing and promoting Coordinated Vulnerability Disclosure(CVD) to strengthen the response to security vulnerabilities in ICT products and services, based on collaboration with white-hat hackers. In response to these changes in cybersecurity, we propose a three-step approach to introduce CVD through the Information and Communications Network Act(ICNA). In the first step, to comprehend the necessity and requirements for legislating CVD, we survey the current situation in Korea and the trends of CVD in the US, EU, and OECD. In the second step, we analyze the necessity for legislating CVD and derive the requirements for its legislation. In this paper, we analyze the necessity for legislating CVD from three perspectives: the need for introducing CVD, the need for institutionalization based on law, and the suitability of the ICNA as the legislation. The derived requirements for CVD legislation include the establishment and publication of Vulnerability Disclosure Policy(VDP), legal protection for white-hat hackers, and designation and role assignments of coordinator. In the third step, we introduce approaches to apply the requirements for CVD legislation to the ICNA, which is the law governing prevention and response to cybersecurity incidents in private sector.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.3
• /
• pp.1557-1569
• /
• 2017

In recent times, the Internet of Things (IoT) has rapidly emerged as one of the most influential information and communication technologies (ICT). The various constituents of the IoT together offer novel technological opportunities by facilitating the so-called "hyper-connected world." The fundamental tasks that need to be performed to provide such a function involve the transceiving, storing, and analyzing of digital data. However, it is challenging to handle voluminous data with IoT devices because such devices generally lack sufficient computational capability. In this study, we examine the IoT from the perspective of security and digital forensics. SQLite is a light-weight database management system (DBMS) used in many IoT applications that stores private information. This information can be used in digital forensics as evidence. However, it is difficult to obtain critical evidence from IoT devices because the digital data stored in these devices is frequently deleted or updated. To address this issue, we propose Schema Pattern-based Recovery (SPaRe), an SQLite recovery scheme that leverages the pattern of a database schema. In particular, SPaRe exhaustively explores an SQLite database file and identifies all schematic patterns of a database record. We implemented SPaRe on an iPhone 6 running iOS 7 in order to test its performance. The results confirmed that SPaRe recovers an SQLite record at a high recovery rate.

• Journal of Information Technology Services
• /
• v.11 no.2
• /
• pp.119-130
• /
• 2012

Nowadays, encryption is core technology widely used in IT industry to protect private information of individuals and important intellectual assets of companies. However, when criminals and terror suspects abuse such technology, national security can be threatened and law enforcement can be disturbed. To prevent such adverse effects of cryptography, some nations have enacted legislations that allow legally obtained encrypted data to be decrypted by certain law enforcement agencies. Hence it is imperative that firms having international presence understand and comply by each nation's regulations on decryption order. This paper explains circumstances under which legislations on decryption order were established, organizes countries with regulations and punishment, explores what global enterprises need to consider in making policies to effectively respond to decryption orders, and suggests that technological methods and managerial guidelines for control of encryption be established.

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.3-8
• /
• 2015

Most mobile cloud computing system use public key cryptography to provide data security and mutual authentication. A variant of traditional public key technologies called Identity-Based Cryptography(IBC) has recently received considerable attention. The certificate-free approach of IBC may well match the dynamic qualities of cloud environment. But, there is a need for a lightweight secure framework that provides security with minimum processing overhead on mobile devices. In this paper, we propose to use hierarchical ID-Based Encryption in mobile cloud computing. It is suitable for a mobile network since it can reduce the workload of root Public Key Generators by delegating the privilege of user authentication and private key generation. The Identity-Based Encryption and Identity-Based Signature are also proposed and an ID-Based Authentication scheme is presented to secure data processing. The proposed scheme is designed by one-way hash functions and XOR operations, thus has low computation costs for mobile users.

• Journal of Smart Tourism
• /
• v.4 no.1
• /
• pp.7-18
• /
• 2024

This study examines Natal in Brazil as a Smart Tourism Destination (STD) based on the perception of public and private managers who are members of the City Tourism Council. The research utilizes a systemic perspective of STD proposed by Ivars-Baidal et al. (2016), consisting of three interconnected levels: Strategic-Relational, Instrumental, and Applied. The findings reveal that Natal faces challenges in terms of infrastructure, accessibility, security, connectivity, and sensoring, which hinder its progress as STD. The study also identifies opportunities in the form of governance structures with smart destinations and the inclusion of smartness guidelines in the City Master Plan. The research aims to contribute to the theoretical understanding of STD and its application in destination development. It highlights the need for innovative planning and management in Natal, emphasizing that adopting the STD from a systemic perspective can enhance competitiveness and elevate the level of smartness in the destination.

• Journal of information and communication convergence engineering
• /
• v.8 no.1
• /
• pp.77-82
• /
• 2010

Residential network is the hybrid technology of wireless, Ethernet, Bluetooth and RF to the internet via broadband connection at home to facilitate the convenient, safe and pleasant daily lives of home user with various home network services regardless of device, time and place. For ubiquitous development more devices will be wireless and most of them will be roaming. Since these roaming devices carry private information of daily life of residential users, the interaction among the roaming devices of residential network must be secure. This paper presents to secure registration of roaming devices using IP Security (IPSec) Protocol Suite without the need to trust foreign agents.

• Journal of the Korea Convergence Society
• /
• v.6 no.4
• /
• pp.139-146
• /
• 2015

WSN has been utilized in various directions from basic infrastructure of environment composition to business models including corporate inventory, production and distribution management. However, as energy organizations' private information, which should be protected safely, has been integrated with ICT such as WSN to be informatization, it is placed at potential risk of leaking out with ease. Accordingly, it is time to need secure sensor node deployment strategies for stable enterprise business. Establishment of fragmentary security enhancement strategies without considering energy organizations' security status has a great effect on energy organizations' business sustainability in the event of a security accident. However, most of the existing security level evaluation models for diagnosing energy organizations' security use technology-centered measurement methods, and there are very insufficient studies on managerial and environmental factors. Therefore, this study would like to diagnose energy organizations' security and to look into how to accordingly establish strategies for planning secure sensor node deployment strategies.

• International Journal of Computer Science & Network Security
• /
• v.21 no.5
• /
• pp.73-83
• /
• 2021

The information space, the main components of which are information resources, means of information interaction, and information infrastructure, is a sphere of modern social life in which information communications play a leading role. The objective process is the gradual but stable entry of the national information space into the European and world information sphere, in the context of which there is a legitimate question of its protection as one of the components of the national security of Ukraine. However, the implementation of this issue in practice immediately faces the need to respect the rights and fundamental freedoms guaranteed by international regulations and the Constitution of Ukraine, especially in the field of cybersecurity. The peculiarity of the modern economy is related to its informational nature, which affects the sharp increase in cyber incidents in the field of information security, which is widespread and threatening and affects a wide range of private, corporate, and public interests. The problem of forming an effective information security system is exacerbated by the spread of cybercrime as a leading threat to information security both in Ukraine and around the world. The purpose of this study is to analyze the state of cybersecurity and on this basis to identify new areas of the fight against cybercrime in Ukraine. Methods: the study is based on an extensive regulatory framework, which primarily consists of regulatory acts of Ukraine. The main methods were inductions and deductions, generalizations, statistical, comparative, and system-structural analysis, grouping, descriptive statistics, interstate comparisons, and graphical methods. Results. It is noted that a very important component of Ukraine's national security is the concept of "information terrorism", which includes cyberterrorism and media terrorism that will require its introduction into the law. An assessment of the state of cybersecurity in Ukraine is given. Based on the trend analysis, further growth of cybercrimes was predicted, and ABC analysis showed the existence of problems in the field of security of payment systems. Insufficient accounting of cybercrime and the absence in the current legislation of all relevant components of cybersecurity does not allow the definition of a holistic system of counteraction. Therefore, the proposed new legal norms in the field of information security take into account modern research in the field of promising areas of information technology development and the latest algorithms for creating media content.

• Korean Security Journal
• /
• no.27
• /
• pp.7-30
• /
• 2011

Shoplifting causes serious losses to not only stores but also to consumers and society as a whole. There need to be effective society-wide measures to control shoplifting due to its characteristic of playing the role as a stepping stone to induce more serious crimes. However, there is a lack of research on shoplifting in Korea, especially the research analyzing situational factors to suggest effective alternative measures for shoplifting prevention. Therefore, the current study surveyed teenagers, the group known to be the most frequent shoplifters, to see their perception of effectiveness of the situational crime prevention methods used in stores. The result showed that the teenagers found only some of the prevention methods effective, including CCTV, Electronic Article Surveillance(EAS), minimization of blind areas, and watchful clerks. However, factors such as the number of doors and their accessibility and presence of security guards were not perceived to be very effective. Using the result of the survey, this study suggests ways to utilize situational crime prevention methods more effectively to deter shoplifting.