• Journal of the Korea Society of Computer and Information
• /
• v.11 no.4 s.42
• /
• pp.155-164
• /
• 2006

VoIP technology is Eight New Services among Ubiquitous-IT839 strategies. This paper tested wiretapping or VoIP service in connected a soft phone and LAN and WAN sections, Internet telephones and a device. IP PBX, a banner operator network to have been connected to VoIP Internet network. As a result of having experimented on wiretapping of VoIP networks, Vulnerability was found. and a wiretapping by attacks of a hacker was succeeded in a terminal and proxy and attachment points of a VoIP network like a hub to follow a CVE list. Currently applied a security plan of an each wiretapping section in viewpoints of 6 security function of Access Control. Confidentiality, Authentication. Availability, Integrity. Non-repudiation in VoIP networks named to 070. Prevented wiretapping of contents by the results, the AES encryption that executed wiretapping experiment about a packet after application of a security plan. Prevented wiretapping, and kept security and audit log. and were able to accomplish VoIP information protection to network monitoring and audit log by an access interception and qualification and message hash functions and use of an incoming refusal.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.959-972
• /
• 2021

Decentralized Identity is based on the concept of self-sovereign identity, in which holders manage and provide their own credentials. However, a procedure is required to obtain credentials from issuers, and there is a risk of mess personal information leaking due to negligence of the issuers. In this paper, we propose a peer decentralized identity system based on Peer DID technology that allows only participants to verify their identity in 1:1 or 1:N small groups by matching the holder with the issuer. It is directly connected to a mobile device using short-range wireless communications such as bluetooth, and the holders create and provide their own credentials in person to the other party, thus fully realizing the self-sovereignty identity. The proposed system can simplify the identification process, improve security and privacy, and reduce costs. Furthermore, an extended architecture is possible to connect the proposed system and the distributed ledger to identify users in other domains. In the future, based on various technologies, it is also necessary to expand research on identity systems that can be utilized for human-to-thing and things-to-things authentication.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.229-237
• /
• 2021

Cloud of things (CoTs) is a newer idea which combines cloud computing (CC) with the Internet of Things (IoT). IoT capable of comprehensively producing data, and cloud computing can be presented pathways that allow for the progression towards specific destinations. Integrating these technologies leads to the formation of a separate element referred to as the Cloud of Things (CoTs). It helps implement ideas that make businesses more efficient. This technology is useful for monitoring a device or a machine and managing or connecting them. Since there are a substantial amount of machines that can run the IoT, there is now more data available from the IoT that would have to be stored on a local basis for a provisional period, and this is impossible. CoTs is used to help manage and analyze data to additionally create usable information by permitting and applying the development of advanced technology. However, combining these elements has a few drawbacks in terms of how secure the process is. This investigation aims to recent study literature from the past 3 years that talk about how secure the technology is in terms of protecting by authentication, reliability, availability, confidentiality, and access control. Additionally, this investigation includes a discussion regarding some kinds of potential attacks when using Cloud of Things. It will also cover what the various authors recommend and conclude with as well as how the situation can be approached to prevent an attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.5
• /
• pp.81-90
• /
• 2003

Existing web-based system management software solutions show some limitations in time and space. Moreover, they possess such as shortcomings unreliable error message announcements and difficulties with real-time assistance suppers and emergency measures. In order to solve these deficiencies, Wireless Remote Control System was designed and implemented. Wireless Remote Control System is able to manage and monitor remote systems by using mobile communication devices for instantaneous control. The implementation of Wireless Remote Control System leads to these security Problems as well as solutions to aforementioned issues with existing web-based system management software solutions. Therefore, this paper has focused on the security matters related to Wireless Remote Control System. The designed security functions include mobile device user authentication and target system access control. For security verification of these security functions introduced CPN(Coloured Petri Nets) which is capable of expressing every possible state for each stage. And then in this paper was verified its security through PI(Place Invariant) based on CPN(Coloured Petri Nets). The CPN expression and analysis method of the proposed security function can also be a useful method for analyzing other services in the future.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1243-1252
• /
• 2012

Due to the widespread use of smart devices, threats of direct observation attacks such as shoulder surfing and recording attacks, by which user secrets can be stolen at user interfaces, are increasing greatly. Although formal security models are necessary to evaluate the possibility of and security against those attacks, such a model does not exist. In this paper, based on the previous work in which a HCI cognitive model was firstly utilized for analyzing security, we propose STM-GOMS model as an improvement of GOMS-based model with regard to memory limitations. We then apply STM-GOMS model for analyzing usability and security of a password entry scheme commonly used in smart devices and show the scheme is vulnerable to the shoulder-surfing attack. We finally conduct user experiments to show the results that support the validity of STM-GOMS modeling and analysis.

• Journal of Digital Policy
• /
• v.1 no.1
• /
• pp.15-20
• /
• 2022

Recently, the healthcare field is trying to develop a model that can improve service quality by reflecting the requirements of various industrial fields. In this paper, we propose an Internet of Behavior (IoB) environment model that can process users' healthcare information in real time in a 5G environment to improve healthcare services. The purpose of the proposed model is to analyze the user's healthcare information through deep learning and then check the health status in real time. In this case, the biometric information of the user is transmitted through communication equipment attached to the portable medical equipment, and user authentication is performed through information previously input to the attached IoB device. The difference from the existing IoT healthcare service is that it analyzes the user's habits and behavior patterns and converts them into digital data, and it can induce user-specific behaviors to improve the user's healthcare service based on the collected data.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.6
• /
• pp.33-40
• /
• 2009

In this thesis, for the assessment of software development process for project complexity and project size : one of digital watermarking algorithm is selected and examined. Digital watermarking provides a solution to illegal copying of digital contents and has many other useful applications, including web broadcast monitoring, transaction tracking, authentication, copy control and device control. This thesis focused on the method for customizing software development path, considering the project environments and characteristics. The selection standard of software development path is composed of process items, based on the ISO/IEC 15721 Information Technology Guide for ISO/IEC 12207 (Software Life Cycle Process) and ISO/IEC 15504 Information technology - Process assessment. To evaluate the algorithm, a system for selecting development path, which reflected algorithm, was examined.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.6 no.2
• /
• pp.81-88
• /
• 2016

Machine-to-Machine (M2M) communication provides each component (machine) with access to Internet, evolving into the IoT technology. IoT is a trend where numbers of devices provide the communication service, using the Internet protocol. As spreading the concept of IoT(Internet of Things), various objects become home information sources. According to the wide spread of various devices, it is difficult to access data on the devices with unified manners. Under this environment, security is a critical element to create various types of application and service. In this paper propose the inter-device authentication and Centralized Remote Security Provisioning framework in Open M2M environment. The results of previous studies in this task is carried out by protecting it with the latest information on M2M / IoT and designed to provide the ultimate goal of future M2M / IoT optimized platform that can be integrated M2M / IoT service security and security model presents the information.

• Journal of Korea Entertainment Industry Association
• /
• v.13 no.6
• /
• pp.69-77
• /
• 2019

Among the many factors that threaten the improvement of public health and quality of life, the proportion of fine dust is not so small, and the kinds and causes of the dust are also diversified. However, the domestic measuring instrument is in the initial stage and the certification system is insignificant. Recognizing the threat of fine dust for a long time, the United States has established a protocol of measurement standards and measurement methods and applied the developed fine dust measuring device authentication system. Through this system, the United States is leading the world's fine dust industry, technology and market. The EPA, FRM and FEM of the fine dust-related protocol were analyzed to reduce the harmful effects of repeated fine dust every year. In addition, light scattering method and spectroscopy method which can measure in real time by measuring method were examined, and the types and characteristics of fine dust measuring instrument of international certification level were analyzed. Finally, development and service plan of the domestic fine dust measuring instrument are presented.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.5
• /
• pp.67-74
• /
• 2024

As the number of coffee shops increases, many people are studying or working at coffee shops. Coffee shop operators have been required to analyze customer visits due to customer turnover and profit problems. Methods such as image analysis, QR code authentication, and Bluetooth beacon have been proposed for these statistics and analysis. However, it is difficult to use due to problems such as invasion of privacy and low accuracy. Therefore, in this study, to solve these problem and provide more accurate in-store congestion information, we propose a crowding measurement method of coffee shop using high frequency signal. There is an advantage in that a high frequency signal replaces the Bluetooth signal, and the transmission range of the signal is limited to the store, thereby increasing the accuracy of the method. To verify the performance of the proposed system, we conducted a comparative experiment with a Bluetooth based system, and as a result, the proposed method showed lower misrecognition rate. Thus, the proposed method will be an effective useful service for providing information on crowding at coffee shops and processing statistics.