• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.371-372
• /
• 2017

The United States has built a missile defense system from the Cold War era, but since the end of the Cold War era, there have been many changes in international situation and threats. The forces of power divided between the United States and the Soviet Union have become increasingly threatened by China's willingness to expand its external influence, declaration of strong Russia and North Korea and Iran's nuclear armament and advanced ballistic missile technology. In response to this threat change, the Missile Defense Agency(MDA) has established strategies and policies, but its parent law has not been revised. United States changed to the FY2017 National Defense Authorization Act (FY2017 NDAA) including changed missile defense strategy. In this paper, I check US ballistic missile defense strategies included in the FY2017 NDAA and compare what changes have been made in existing strategies.

• Annual Conference of KIPS
• /
• 2014.11a
• /
• pp.516-519
• /
• 2014

Cloud computing is an up-and-coming paradigm shift transforming computing models from a technology to a utility. However, security concerns related to privacy, confidentiality and trust are among the issues that threaten the wide deployment of cloud computing. With the advancement of ubiquitous mobile-based clients, the ubiquity of the model suggests a higher integration in our day to day life and this leads to a rise in security issues. To strengthen the access control of cloud resources, most organizations are acquiring Identity Management Systems (IDM). This paper presents one of the most popular IDM systems, specifically OAuth, working in the scope of Mobile Cloud Computing which has many weaknesses in its protocol flow. OAuth is a Delegated Authorization protocol, and not an Authentication protocol and this is where the problem lies. This could lead to very poor security decisions around authentication when the basic OAuth flow is adhered to. OAuth provides an access token to a client, so that it can access a protected resource, based on the permission of the resource owner. Many researchers have opted to implement OpenlD alongside OAuth so as to solve this problem. But OpenlD similarly has several security flows. This paper presents scenarios of how insecure implementations of OAuth can be abused maliciously. We incorporate an authentication protocol to verify the identities before authorization is carried out.

• Journal of KIISE:Computer Systems and Theory
• /
• v.29 no.4
• /
• pp.213-219
• /
• 2002

A secret sharing scheme is a kind of cryptographic protocol to maintain secret information by splitting it to many small pieces of shares and sharing between shareholders. In case of shareholders having different authorization to reconstruct the original secret, it is required a new secret sharing scheme to reflect any hierarchical structure between shareholders. In this paper, we propose a new weighted secret sharing scheme, that is, each shareholder has a weight according to the authorization of reconstructing the secret and an access set which is a subset of shareholders can reconstruct the secret if the sum of weights is equal or greater than a predefined threshold.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.2
• /
• pp.107-114
• /
• 2003

In this paper, we propose an efficient mutual authentication and key distribution protocol for cdma2000 packet data service which uses Mobile U access method with DIAMETER AAA(Authentication, Authorization and Accounting) infrastructure. The proposed scheme provides an efficient mutual authentication between MN(Mobile Node) and AAAH(home AAA server), and a secure session-key distribution among Mobile If entities. The proposed protocol improves the efficiency of DIAMETER AAA and satisfies the security requirements for authentication and key distribution protocol. Also, the key distributed by the proposed scheme can be used to generate keys for packet data security over 1xEV-DO wireless interface, in order to avoid a session hijacking attack for 1xEV-DO packet data service.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.137-144
• /
• 2004

3GPP(3rd Generation Project Partnership)-WLAN(Wireless Local Area Network) interworking refers to the utilization of resources and access to services within the 3GPP system by the WLAN UE(User Equipment) and user respectively. The intent of 3GPP-WLAN Interworking is to extend 3GPP services and functionality to the WALN access environment. We propose an efficient mechanism for the setup of UE-initiated tunnels in 3GPP-WLAN interworking. The proposed mechanism is based on a secret key which is pre-distributed in the process of authentication and key agreement between UE and 3GPP AAA(Authentication, Authorization Accounting) server. Therefore it can avoid modular exponentiation and public key signature which need a large amount of computation in UE. Also the proposed scheme provides mutual authentication and session key establishment between UE and PDGW(Packet Data Gateway).

• Biomedical Science Letters
• /
• v.28 no.2
• /
• pp.67-82
• /
• 2022

The prevalence of SARS-CoV-2 led to inconsistent public health policies that resulted in COVID-19 containment failure. These factors resulted in increased hospitalization and death. To prevent viral spread and achieve herd immunity, the only safe and effective measure is to provide to vaccinates. Ever since the release of the SARS-CoV-2 nucleotide sequence in January of 2020, research centers and pharmaceutical companies from many countries have developed different types of vaccines including mRNA, recombinant protein, and viral vector vaccines. Prior to initiating vaccinations, phase 3 clinical trials are necessary. However, no vaccine has yet to complete a phase 3 clinical trial. Many products obtained "emergency use authorization" from governmental agencies such as WHO, FDA etc. The Korean government authorized the use of five different vaccines. The viral vector vaccine of Oxford/AstraZeneca and the Janssen showed effectiveness of 76% and 66.9%, respectively. The mRNA vaccine of Pfizer-BioNTech and Moderna showed effectiveness of 95% and 94.1%, respectively. The protein recombinant vaccine of Novavax showed an effectiveness of 90.4%. In this review, we compared the characteristics, production platform, synthesis principles, authorization, protective effects, immune responses, clinical trials and adverse effects of five different vaccines currently used in Korea. Through this review, we conceptualize the importance of selecting the optimal vaccine to prevent the COVID-19 pandemic.

• Journal of Internet Computing and Services
• /
• v.16 no.1
• /
• pp.21-28
• /
• 2015

Currently there are wide variety of web services and applications available for users. Such services restrict access to only authorized users, and therefore its users often need to go through the inconvenience of getting an authentication from each service every time. To resolve of such inconvenience, a third party application with OAuth(Open Authorization) protocol that can provide restricted access to different web services has appeared. OAuth protocol provides applicable and flexible services to its users, but is exposed to reply attack, phishing attack, impersonation attack. Therefore we propose method that after authentication Access Token can be issued by using the E-mail authentication. In proposed method, regular user authentication success rate is high when value is 5 minutes. However, in the case of the attacker, the probability which can be gotten certificated is not more than the user contrast 0.3% within 5 minutes.

• Journal of The Korean Association For Science Education
• /
• v.42 no.5
• /
• pp.525-542
• /
• 2022

The purpose of this study is to comparatively analyze the internal and external frameworks of elementary science textbooks, which first appeared as the authorization system of elementary science textbooks changed from the national government system. In order to confirm the purpose of the authorization system to support the development of diverse and creative textbooks, this study compared 7 authorized textbooks with the national textbook developed as the 'Use of Magnets' unit of the 2015 revised science curriculum. In this study, the textbook's framework was largely divided into an external framework and an internal framework for the 'Use of Magnets' unit of elementary science textbooks, and quantitative and qualitative analyses were conducted in parallel according to each subcategory. According to the research results, in the external framework of textbook units, all textbooks had the same structure: unit introduction, scientific inquiry, creative convergence, unit arrangement, and scientific reading materials. The framework in the 'Use of Magnets' unit of the 7 types of authorized textbooks was found to have some differences according to the textbook development team's interpretation of the curriculum achievement standards and many commonalities that maintained the framework in the national textbooks. In addition, the characteristics of each textbook were clearly revealed in some areas not specified in curriculum such as unit introduction activities and science reading materials, a meaningful change was also found in that the level of inquiry activity was classified and operated in response to the uniform inquiry activity operation of the existing government textbooks.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.59-63
• /
• 2002

본 논문에서는 DIA.METER AAA(Authentication, Authorization and Accounting) 하부 구조를 가지고 Mobile IP 액세스 기법을 사용하는 cdma2000 패킷 데이터 서비스에서 MN(mobile node)와 AAAH(home AAA server)간의 상호 인증과 Mobile IP 개체들간에 안전한 세션키 분배를 위한 방법을 제안한다. 제안된 프로토콜은 DIAMETER AAA 하부 구조론 가정하며 DIAMETER AAA의 비효율성을 개선하고, 인증과 키 분배 프로토콜의 시큐리티 요구 사항들을 모두 만족한다.

• Journal of Environmental Impact Assessment
• /
• v.20 no.6
• /
• pp.927-936
• /
• 2011

환경영향평가(Environmental Impact Assessment : EIA)는 대규모 개발사업에 관련된 의사결정의 효과성을 향상시킬 수 있는 제도이다. 알제리와 한국의 EIA 제도를 비교분석하여 특징 및 장단점을 파악하여 다른 계획관련 정부기관과 환경관련 기관과의 조정 및 협조 수준의 차이점을 연구하였다. 알제리와 한국의 EIA 제도는 의사결정 절차에 관련된 규정에서는 유사하지만 주민참여 수준에서는 한국이 발달되어 있다. 스크리닝 제도에서는 프랑스의 영향을 받은 알제리의 제도가 비교적 잘 발달되어 있다.