• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37C no.11
• /
• pp.1027-1035
• /
• 2012

Recently, the smart phone including web and mobile service based on the reliability and extendability of cloud computing is receiving huge attention. However, most of current cloud services provide just an application service for synchronizing data between mobile entity and server. Business model developed by communication companies have problems with interoperability. This paper proposes a new service security authentication model to efficiently manage smart phone users using different business models between smartphones and to keep the reliability and extendability of cloud computing. Proposed model authenticates for smart phone users to stay with in the unified communication with smart phone user's identity and access control to effectively use the current cloud computing system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.10 no.4
• /
• pp.13-19
• /
• 2000

With the rapid development of the information communication technology, more and more distribution multimedia data and electronic publishing in the web, has created a need for the copyright protection with authentication of digital information. In this paper, we propose a multi-watermarking adding and adaptive spectral watermark algorithm well adaptive frequency domain of each hierarchical using orthogonal forward wavelet transform(FWT. Numerical test results, created watermarking image robustness not only image transform such as low-pass filtering, bluring, sharpen filtering, wavelet compression but also brightness, contrast gamma correction, histogram equalization, cropping.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.3B
• /
• pp.503-516
• /
• 2010

In this paper, we propose the converged profile and authentication scheme for supporting converged media services of broadcasting & communications convergence in fixed mobile convergence networks. The proposed scheme supports the management of access, service, mobility and IPTV profiles on subscriber and a function of open API(Application Program Interface) for providing the subscriber profile for the third party service provider with the PUSH/PULL method. The open API is based on a web service and a REST(Representational State Transfer) and provides various services for the third party service provider with ease. In addition, the proposed scheme supports a function of SSO(Single Sign-on). After user succeeded in establishing an access connection, user can sustain the same authentication state with this function although connected access network is changed or IMS(IP Multimedia Subsystem) service network is attached. We evaluate and analyze the performance of the proposed scheme through the implementation of CUPS(Converged User Profile Server) system test-bed.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.8
• /
• pp.95-104
• /
• 2013

DDoS attacks have became as a social threat since 2009 7.7 DDoS turmoil. Even though defence techniques have been developing to provide against those threats, they become much more sophisticate. In recent years, the attack form of DDoS is changing from high amount of traffic attack of network layers to highly sophisticate small amount of application layers. To make matters worse, attack agent for the attack has became very intelligent so that it is difficult to be blocked since it can't be distinguished from normal PCs. In the user authentication system(such as CAPTCHA) User intervention is required to distinguish normal PCs and intelligent attack agents and in particular, in a NAT environment, IP-based blocking method can be cut off the normal users traffic at the same time. This research examined defense techniques which are able to distinguish between agent and normal PC and effectively block ways the HTTP DDoS offense applying one-time session key based authentication method using Cookie which is used in HTTP protocol to protect web sever from sophisticate application layer of DDoS.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.143-152
• /
• 2008

The incredible progress of information and communication technology has allowed various information and communication services to emerge in the Web environment. Such a service is initiated when the user provides his/her personal information to the service provider and is then given an identifier and authentication data. A series of the processes is inconvenient as it requires authentication by the service provider each time that the user requests the service. Furthermore, as the user subscribes to more services, the volume of ID and authentication information increases. This compels the users to use an ID that is easy to remember or to register the same ID over and over, increasing the risk of ID hacking. It is clear that such threats will become more serious as our lives become more dependent upon the Internet and as the Internet service environment advances. With the introduction of different services, the need to efficiently manage ID has been raised. In this paper, a Internet Identity Management Service that enables the control of the flow of the user’s personal information, which is used and stored for the Internet service, is proposed from the user's perspective.

• The Journal of the Korea Contents Association
• /
• v.8 no.4
• /
• pp.10-16
• /
• 2008

Quantity of encrypted data that transmitted through the network are increasing by development of encipherment technology. We have many problems; it is caused by technical development and service increase of user requests. It is necessary that create a many encryption key in one web application system. As a result, service quality comes to be low because of increased network traffic and system overload. There must be a system. That should be improved in secure service quality to process data. This paper describes a new approach for design and implementation of distributed encryption key processing for web application system. In this paper, it is based on distributed encipherment key, for the purpose of confidentially, integrity and authentication. It can prevent system degradation from server's data bottleneck and can improve service quality. For distributed encipherment system, we use java object activation technology. It can service while some distributed server are fail.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.241-244
• /
• 2011

Recently, Due to development of Internet techniques, user suddenly increased that Used of Web services and with out constraints of place and time has been provided. typically, Web services used ID/Password authentication. User confirmed personal data Stored on Web servers after user authorized. web service provider is to provide variety security techniques for the protection personal information. However, recently accident has happened is the malicious attackers may capture user information such as users entered personal information through new keyboard hooking. In this paper, we propose a keyboard hooking protected password input method using CAPTCHA. The proposed password input method is based on entering the password using mouse click or touch pad on the CAPTCHA image. The mapping of CAPTCHA image pixels is random.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1037-1047
• /
• 2013

As damages from phishing have been increased, many anti-phishing solutions and related researches have been studied. Anti-phishing solutions are often built in web-browsers or provided as security toolbars. Other types of solutions are also developed such as email-filtering and solutions strengthening server authentication via secret image sharing. At the same time, researchers have tried to see the reasons why phishing works and how effective anti-phishing solutions are. In this paper, we review relevant anti-phishing solutions, their techniques and other phishing-related researches. Based on these, we summarize recommended ways to improve anti-phishing solutions and suggest the future directions to study to protect users from phishing attacks.

• Journal of the Institute of Electronics Engineers of Korea TE
• /
• v.42 no.1
• /
• pp.69-76
• /
• 2005

The most important issue in a asynchronous distance education system for multimedia surrounding is depend on the design of user interface that decide the interaction and easily using. The remarkable properties of this asynchronous distance education system that differed from traditional system are three folds: 1)it maded by using realistic metaphoe multimediately. 2)it designed interactively that students can get feed-back effect immediately. 3)it designed considered in its Performaces aspects and it based principal design of interfaces of education technology.

• Journal of Korea Multimedia Society
• /
• v.7 no.7
• /
• pp.934-943
• /
• 2004

In this paper, we propose cookie protection-key management system for cookie protection and maintain separate cookie protection-key of each user. We provide integrity, confidentiality, and user authentication of cookie by using registered cookie protection-key and applying encryption techniques. And, we use the technique for hiding the URL of an internal document to a user to minimize the problem of its exposure. When this system is applied to the intranet of an enterprise, it will be able to provide a security to cookie and minimize the problem of internal document exposure by an internal user.