• Journal of the Korea Society of Computer and Information
• /
• 제25권11호
• /
• pp.195-200
• /
• 2020

Korea enacted the Protection of Public Interest Reporters Act in March 2011 to protect whistleblowers from acts of infringement of public interest in the private sector. Most acts of infringement of the public interest are carried out secretly within the organization, which is known to the outside world by reports from members of the organization who are well aware of the problems within the organization. However, whistleblowers are at a disadvantage due to reporting and are reluctant to report. In addition, measures are needed to strengthen institutional mechanisms such as confidentiality, protection of personal information, responsibility, and prohibition of disadvantageous measures to effectively protect reporters due to lack of practical protective measures. Therefore, practical protection measures for whistleblowers are needed in line with the purpose of protecting whistleblowers, and measures to expand the corresponding compensation system will also be needed. Therefore, in this study, we would like to review the main contents of the current system for protecting whistleblowers in Korea and suggest reasonable improvement measures for protecting whistleblowers.

• Journal of KIISE:Computing Practices and Letters
• /
• 제10권4호
• /
• pp.337-350
• /
• 2004

Because of a security problem and not enough IPv4 address space, the home network has been made up of private network, and it has been separated from Internet. This fact prevents people in Internet from controlling and monitoring home appliances. So, this paper designs and Implements the UPnP Proxy System which offers functions for users to control and monitor home appliances. When users are in the outside of the home network, they do not know which devices were connected in the home network because the advertisement messages of UPnP devices would not be delivered to the outside of the home network. Also, users cannot access devices directly, and their control messages are not delivered into the home network. So, this paper designs and implements the UPnP Proxy System to solve these problems. The merit of the system is that users can control and monitor home appliances in realtime using presentation web documents with the HTTP push technology.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• 제26권7호
• /
• pp.1060-1070
• /
• 2022

With the development of information technology, the size of the system has become larger and diversified, and the existing role-based access control has faced limitations. Blockchain technology is being used in various fields by presenting new solutions to existing security vulnerabilities. This paper suggests efficient role-based access control in a blockchain where the required gas and processing time vary depending on the access frequency and capacity of the storage. The proposed method redefines the role of reusable units, introduces a hierarchical structure that can efficiently reflect dynamic states to enhance efficiency and scalability, and includes user-centered authentication functions to enable cryptocurrency linkage. The proposed model was theoretically verified using Markov chain, implemented in Ethereum private network, and compared experiments on representative functions were conducted to verify the time and gas efficiency required for user addition and transaction registration. Based on this in the future, structural expansion and experiments are required in consideration of exception situations.

• The KIPS Transactions:PartC
• /
• 제11C권5호
• /
• pp.683-688
• /
• 2004

NAT is a very useful IP address translation technique that allows two connected networks using different and incompatible IP address schemes. But it is impractical to use NAT for an application which uses the encrypted IP packet, embedding IP addresses inside of data payloads, to guarantee End-to-End Security such as IPSec. In addition to rewriting the source/destination IP addresses in the packet, NAT must modify IP checksum every time, which could lead to considerable performance decrease of the overall system in the process of the address translation. RSIP is an alternative to solve these disadvantages of NAT and the address shortage problems. Both NAT and RSIP divide networks into inside and outside addressing realms. NAT translates addresses between internal network and external network, but RSIP uses a borrowed external address for outside communications. RSIP server assigns a routable public address to a RSIP client temporarily to communicate with public net-work outside of the private network. In this paper, RSIP gateway for intranet environment is designed and its performance is evaluated. From the results of performance evaluation, we knew that RSIP is operated less sensitive to the data traffic. Also, the experiment shows that RSIP performs better than NAT when the transmission data grows larger.

• The Journal of Society for e-Business Studies
• /
• 제25권2호
• /
• pp.109-126
• /
• 2020

This study attempts to find out the characteristics of digital currency and currency transformation through the analytical descriptions of the literature. In the early days of the emergence of new currency, market-oriented autonomous monetary adjustment was made along with various attempts by the private sector, and then government-centered central currency management and coordination were made for the national monopoly of profits and power. Digital currency can be seen as the emergence of a new form of money that will bring about paradigm changes. CBDC can be divided into direct and indirect types. CBDC is expected to require a strategic approach by the government or firm as it will bring about changes in the ecosystem of related industries. Libra is a stablecoin designed to minimize price fluctuations, and if it succeeds in commercializing it, it is expected to bring about revolutionary changes in the financial industry around the world.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• 제27권7C호
• /
• pp.653-663
• /
• 2002

The signature-then-encryption based on RSA scheme provides forward secrecy, but requires 4 modulo exponentiation operations in total, and the signcryption scheme proposed by Zheng simultaneously fulfills both the functions of digital signature and symmetric key encryption in a logically single step, and with a computational cost significantly smaller than that required by the current standard signature-then-encryption, but it can not provide forward secrecy. In this paper, we propose an enhanced signcryption scheme which can provide forward secrecy with lower computational cost and lower communication overhead comparing with those of the signature-then-encryption based on RSA, and with a similar communication overhead of Zheng's scheme. The proposed scheme can be also easily modified to the direct signature verification scheme by the recipient without using the recipient's private key. Additionally, we suggest a new design protocol with server-supported signatures which solves the CRLs(Certificate Revocation Lists) burden and provides non-repudiation of origin. This protocol with server-supported signatures also can be applied to the original signcryption scheme proposed by Zheng in order to improve security.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• 제12권6호
• /
• pp.1026-1031
• /
• 2008

Nowdays, homes and small businesses rely more and more PON(Passive Optical Networks) for financial transactions, private communications and even telemedicine. Thus, encryption for these data transactions is very essential due to the multicast nature of the PON In this parer, we presented our implementation of a counter mode AES based on Virtex4 FPGA. Our design exploits three advanced features; 1) Composite field arithmetic SubByte, 2) efficient MixColumn transformation 3) and on-the-fly key-scheduling for fully pipelined architecture. By pipeling the composite field implementation of the S-box, the area cost is reduced to average 17 percent. By designing the on-the-fly key-scheduling, we implemented an efficient key-expander module which is specialized for a pipelined architecture.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• 제29권5C호
• /
• pp.737-749
• /
• 2004

Kerberos authenticates clients using symmetric-key cryptography, and supposed to Oust other systems of the realm in distributed network environment. But, authentication and authorization are essential elements for the security. In this paper, we design an efficient and secure authentication/authorization mechanism by introducing the public/private-key and installing the proxy privilege server to Kerberos. In the proposed mechanism, to make a system more secure, the value of the session key is changed everytime using MAC(message authentication code) algorithm with the long-term key for user-authentication and a random number exchanged through the public key. Also, we reduce the number of keys by simplifying authentication steps. Proxy privilege server certifies privilege request of client and issues a privilege attribute certificate. Application server executes privilege request of client which is included a privilege attribute certificate. Also, a privilege attribute certificate is used in delegation. We design an efficient and secure authentication/authorization algorithm with Kerberos.

• Journal of Digital Convergence
• /
• 제14권7호
• /
• pp.21-27
• /
• 2016

Big Data is gathering all the attention from every business community. Pervasive use of machine-to-machine (M2M) applications and mobile devices bring an explosion of data. By analyzing this data, the private and public sectors can benefit in the areas of cost reduction and productivity. The Korean government is actively pursuing Big Data initiatives to promote its usage. This paper aims to select industries which fit for the development of Big Data with a verification of the experts. The analytic hierarchy process (AHP) is applied to systematically derive the opinion of more than 50 professionals. Medical / welfare, transportation / warehousing, information and communications / information security, energy, the financial sector have been identified as promising industries. The results can be utilized in developing Big Data best practices thus contributing industrial development.

• Journal of Aerospace System Engineering
• /
• 제13권2호
• /
• pp.60-65
• /
• 2019

TerraSAR-X, launched in June 2007, and TanDEM-X, June 2010, are remote-sensing satellites with 1M resolution that are capable of observing the ground even during the nighttime and poor weather conditions. The two satellites had been developed under a public-private partnership between the German Aerospace Centre and Airbus in the interest of the commercial marketing for German satellite data. However, the data of high-grade earth remote-sensing system, such as those of the satellites, has been produced by a military satellite and thus used under limited circumstances in Germany. Therefore, a legislation to commercialize the German satellite data and to protect its national security is needed. For this, SatDSiG was enacted in December 2007. Thus this article will contain the main contents of SatDSiG and its implication for Korea, which stared to export data of Kompsat 3, 3A and 5 in 2018.