• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.443-444
• /
• 2021

Security threats to information services are increasingly being developed, and the frequency and damage caused by security threats are also increasing. In particular, security threats occurring inside the organization are increasing significantly, and the size of the damage is also large. A zero trust model has been proposed as a way to improve such a security environment. In the zero trust model, a subject who has access to information resources is regarded as a malicious attacker. Subjects can access information resources after verification through identification and authentication processes. However, the initially proposed zero trust model basically focuses on the network and does not consider the security environment for systems or data. In this study, we proposed a zero trust-based access control mechanism that extends the existing zero trust model to the file system. As a result of the study, it was confirmed that the proposed file access control mechanism can be applied to implement the zero trust model.

• Journal of Industrial Convergence
• /
• v.21 no.12
• /
• pp.37-43
• /
• 2023

In today's business landscape, collaboration and interoperability are crucial for organizational success and profitability. However, integrating operations across multiple organizations is challenging due to differing roles and policies in Identity and Access Management (IAM). User-centric identity (UCI) adopts a personalized approach to digital identity management, centering on the end-user for authentication and access control. It provides a decentralized system that ensures secure and customized access for each user. UCI aims to address complex security challenges by aligning access privileges with individual user requirements. This research delves into UCI's ability to streamline resource access amidst conflicting IAM roles and protocols across various organizations. The study presents a UCI-based multi-domain access control (MDAC) framework, which encompasses an ontology, a unified method for articulating access roles and policies across domains, and software services melding with UCI infrastructure. The goal is to enhance organizational resource management and decision-making by offering clear guidelines on access roles and policy management across diverse domains, ultimately boosting companies' return on investment.

• Journal of Advanced Technology Convergence
• /
• v.3 no.2
• /
• pp.9-15
• /
• 2024

Due to the high inflation rate of dining out, along with changes in group meals or cafeteria services, office workers are increasingly using workplace cafeterias to reduce their meal expenses even slightly. With the recent development of ICT technology, various fields are realizing that not only are smartphones becoming more popular, but they are also becoming an integration of the latest technologies. In this paper, we analyze the current status of cafeterias with a large number of customers and propose ways to improve problems or difficulties. Since most people always carry their smartphones for urgent communication or work tasks, we aim to develop a cafeteria management system that utilizes the NFC function of smartphones. By presenting the process from customer entry to menu selection, it will enable more efficient use of the cafeteria.

• Journal of the Korea society of information convergence
• /
• v.7 no.1
• /
• pp.25-46
• /
• 2014

After examining the current situations of financial frauds and the reasons for their occurrence in the financial institutions through examples of financial frauds in domestic and abroad, this study presents ways to prevent such financial scams. The preventive measures consist of activities before and after the occurrence of financial frauds and during normal financial operations. The activities are as follows: 1. Preventive activity should be strengthened before the occurrence of financial frauds. That is, first, the enforcement of consistent internal control is needed. Second, in order to block the probability of financial frauds involved with employees, ethics education and a reward program for inside tippers need to be run. Third, financial institutions need to apply for comprehensive insurance policy to minimize the lost in case. 2. Preventive activity should be strengthened during normal financial operations. First, self authentication system for customers needs to be introduced. Second, dealings of day, week, and month need to be thoroughly checked and the system of audit needs to be expanded. Third, message service for the information on financial frauds and their preventive measures needs to be expanded. Fourth, public notification system against examples of financial frauds needs to be expanded. 3. Preventive activity after the occurrence of financial frauds should be strengthened. First, awareness for preventive measures such as imposing penalty on the manager needs to be enhanced. Second, strict restrictions on financial frauders such as a criminal charge needs to be strengthened. Third, there should be legal devices and resolutions in order to retrieve all the money deceived by financial frauds.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.11
• /
• pp.2442-2450
• /
• 2010

Using sensor devices applied to various objects will be needed wireless network that it is easy to install in them. Tiny devices configured to processor that bas comparatively low computing ability are inappropriate to use devices that are wireless LAN, etc. In result, network devices needed to not only have simple communication protocol, but have Plug and Play function that it works as soon as it connects without installing any device driver. it also will industrially have both low power and low cost because of mobility of it. From IEEE 802.11 standard, WPAN(Wireless Personal Area Network) included in LAN is being developed by WPAN WG(Working Group) on area with low power consumption and low complexity. In addition to, it is standardizing MAC and PRY of the standard that is expected to wirelessly communicate within 10m. WPAN will be used generally in the more near future because of both low power and low cost of Zigbee. In this paper we designed zigbee based user authentication module for a automotive smart-key system.

• Journal of Korean Society of Transportation
• /
• v.25 no.3
• /
• pp.65-74
• /
• 2007

Vehicle inspection is a system to help all vehicles function safely through periodic maintenance. Vehicle inspections have been performed since 1962 in Korea by the government in order to reduce traffic accidents due to vehicle defects. Also, vehicle inspections may help protect citizens against uninsured vehicles and illegal vehicle remodeling by discovering and disclosing those vehicles. The prime objective of vehicle inspection is to guarantee all vehicles drive safely on the road by inspecting and fixing items which can affect traffic accidents. In addition, vehicle inspections may help to improve the public order related to vehicle operations and prevent crime through the confirmation of vehicle identity and authentication of ownership. Although there are many benefits of vehicle inspection. there are some negative opinions of the system. In this study, a methodology to analyze the effectiveness of the vehicle inspection system quantitatively in terms of traffic safety was developed. According to the developed methodology. accidents were reduced by 23.735, which is 11% of the total number of accidents in 2005.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.643-645
• /
• 2010

The Internet-based multimedia services such as IPTV is being expanded with the development of technology to support the convergence of broadcasting and telecommunications technology for the control seems to be growing larger. Especially for the real-time TV broadcast multicast control technology to support the authentication and resource control, in addition to the technology services that enhance the value of technology for a variety of services in both directions seems to be developed. And, Internet-based transmission system transmit the video content for the video content delivery using RTP(Real Time Transport Protocol). Standardization body, IETF(Internet Engineering Task Force) within the RTP, according to a variety of audio and video formats only transmission format(RTP Payload Format) Establish a separate standard and scalable video content "RTP Payload Format for SVC(Switched Virtual Connection) Video" the standardization is currently processing. In this paper we are improving the quality of broadcasting and telecommunication systems, so that the upper layer by the application can react adaptively to the existing MPEG2-TS and RTP who are provided by a variety of content applied to a variety of devices consumers ETE(End- to-End) QoS(Quality of Service) for enhance the system who was designed and implemented.

• Journal of the Institute of Electronics Engineers of Korea SC
• /
• v.48 no.2
• /
• pp.40-46
• /
• 2011

This paper proposes a real-time face detection and tracking system that uses neural oscillators which can be applied to access regulation system or control systems of user authentication as well as a new algorithm. We study a way to track faces using the neural oscillatory network which imitates the artificial neural net of information handing ability of human and animals, and biological movement characteristic of a singular neuron. The system that is suggested in this paper can broadly be broken into two stages of process. The first stage is the process of face extraction, which involves the acquisition of real-time RGB24bit color video delivering with the use of a cheap webcam. LEGION(Locally Excitatory Globally Inhibitory)algorithm is suggested as the face extraction method to be preceded for face tracking. The second stage is a method for face tracking by discovering the leader neuron that has the greatest connection strength amongst neighbor neuron of extracted face area. Along with the suggested method, the necessary element of face track such as stability as well as scale problem can be resolved.

• Journal of Digital Convergence
• /
• v.14 no.12
• /
• pp.133-140
• /
• 2016

The study has been implemented for finding out a revitalization of the social enterprise to be continuously developed. In this research, social enterprise employees residing in JeollaNamdo were selected as the research members. The polled papers had 210 copies of total and 180 copies of recovery. The response results were written as a rule of their own way with advanced visit to them explaining how to write down. The collected data were analysed with T-test and ANOVA. As a result of the research, the system effectiveness of social enterprise is shown to influence the satisfaction of employees. Therefore, it is shown that the certification system and priority purchase system of local government can be effective. Second, it is shown that the satisfaction of employees of the social enterprise influences the satisfaction of employees. Therefore, it is shown that the need of finding out a new business item for a social enterprise to grow influences positively on the satisfaction of employees. Third, operation difficulty of the social enterprise is not shown to influence the satisfaction of employees. In other words, the satisfaction of employees is not influenced by a difficulty arising from not receiving the official recognition from local government on the social enterprise.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.93-98
• /
• 2022

Information service technology continues to develop, and information service continues to expand based on the IT convergence trend. The premeter-based security model chosen by many organizations can increase the effectiveness of security technologies. However, in the premeter-based security model, it is very difficult to deny security threats that occur from within. To solve this problem, a zero trust model has been proposed. The zero trust model requires authentication for user and terminal environments, device security environment verification, and real-time monitoring and control functions. The operating environment of the information service may vary. Information security management should be able to response effectively when security threats occur in various systems at the same time. In this study, we proposed a security policy distribution system in the object reference method that can effectively distribute security policies to many systems. It was confirmed that the object reference type security policy distribution system proposed in this study can support all of the operating environments of the system constituting the information service. Since the policy distribution performance was confirmed to be similar to that of other security systems, it was verified that it was sufficiently effective. However, since this study assumed that the security threat target was predefined, additional research is needed on the identification method of the breach target for each security threat.