• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.10
• /
• pp.3935-3941
• /
• 2010

With the advent of high-speed communications networks, many authentication and access control systems are being introduced to combat network security issues like system hacking. But the fact is that the security systems for protecting information used in these networks are themselves weak. In response to the mounting demands of existing users, there is a clear need for a new authentication system that provides both safety and reliability. This research presents an authentication method with excellent access authorization (explicit and implicit authentication) and safety performance, demonstrated through its use in online networks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1225-1231
• /
• 2018

FPGA-based system development is being developed as a form of outsourcing that shortens the development time and reduces the cost. Through the process, the risk of letting the hardware Trojan, which causes malfunctions, seep into the system also increases. Various detection methods are proposed for the issue; however, such type of hardware Trojans is inserted by modifying a bitstream directly and therefore, it is hard to detect with the suggested methods. To detect the type of hardware Trojans, it is essential to reverse-engineer the electric circuit implemented by bitstream to a distinguishable level. Specifically, it is important to reverse-engineer the routing information of the circuit that can identify the input-output flow of the signal. In this paper, we analyze the BIL bitstream reverse-engineering tool-chain that uses the algorithm, which retrieves the routing information from FPGA bitstream, and suggest the method to improve the tool-chain.

• Journal of Industrial Technology
• /
• v.21 no.B
• /
• pp.107-116
• /
• 2001

The speech includes various kinds of information : language information, speaker's information, affectivity, hygienic condition, utterance environment etc. when a person communicates with others. All technologies to utilize in real life processing this speech are called the speech technology. The speech technology contains speaker's information that among them and it includes a speech which is known as a speaker recognition. DTW(Dynamic Time Warping) is the speaker recognition technology that seeks the pattern of standard speech signal and the similarity degree in an inputted speech signal using dynamic programming. ln this study, using TMS320C32 DSP processor, we are to embody this DTW and to construct a security system.

• 한국경영정보학회:학술대회논문집
• /
• 2007.06a
• /
• pp.646-651
• /
• 2007

Secure digital payment is critical in the successful shaping of global digital business. Digital payments are increasingly being used as a substitute to traditional payments, contributing markedly to the efficiency of the economy. The focus of every digital business transaction is to minimize risks arising from transactions. It is essential to ensure the security of digital payment whether used in internal networks or over wireless Internet. This paper analyses secure digital payment methods from the viewpoint of systemic security and transaction security. According to comparative analysis of digital payment models, this paper proposes a comparative analysis framework to investigate and evaluate secure digital payment. In conclusion, the comparative analysis framework, comparison of digital payment models and mobile payment models proposes a useful academic and practical foundation to enhance the understanding of secure digital payment methods. It also provides academic background and practical guidelines for the development of secure digital payment systems.

• Convergence Security Journal
• /
• v.13 no.4
• /
• pp.53-59
• /
• 2013

As the hacking technology for cyber-terror and financial fraud evolves, the research and development for advanced and standardized information security technology is growing to be more and more important. In this paper, the domestic level of technology and standardization for information security as compared to advanced country is diagnosed, and future policy is presented by analyzing the influence effect for market and technology. The information security is classified into information security-based & user protection, network & system security, and application security & evaluation validation with details of OTP-based validation, smart-phone app security, and mobile electronic finance, etc. The analytic results indicate that domestic level is some poor for advanced country, the technological development and standardization capability for smart-phone app security and mobile electronic finance is needed, and finally the government's supporting policy for the future Internet is urgently needed.

• Journal of Aerospace System Engineering
• /
• v.14 no.6
• /
• pp.26-35
• /
• 2020

The national satellite operation network, which supports multiple satellites, was designated as a Critical Information Infrastructure (CII) in 2017. The network was designed independently from the control network and the information network to enhance physical security. Planning is underway to establish a bidirectional data interface between networks. The data transmission system allows data flow only to the physical layer and the data link layer; hence, only one file can be transferred at any one time. This means that when large amounts of data are being transmitted, no other data can be sent simultaneously in urgent situations. Thus, this paper discusses the design of flexible packets for the transmission of data between networks in an environment where physical security has been enhanced through network separation and based on this, presents a method for transmitting data effectively.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.2
• /
• pp.374-379
• /
• 2005

In the most of medical institution medical information is totally stored in a database and many number of researchers and staffs of the hospital access these information anytime. This can be caused patient's privacy to be violated. Introducing a tool for security should be considered as one of the most important requirement especially in the case that today's medical information service expands into an integrated one. In this paper we review the matters of security threat on a medical information system and propose a secure medical information service model equipped on mobile device such as PDA. Also we propose a security architecture employing a digital signature mechanism to protect the personal information on the model. Proposed architecture can lead the doctor to diagnose with high responsibility, help to build a reliable medical information system. and through the signed data, we can get some useful information against medical strife.

• Korean Security Journal
• /
• no.16
• /
• pp.47-64
• /
• 2008

The purpose of this study is to develop the measurement of security needs satisfaction from users of electronic security system, to verify its validity and reliability, and by applying them, to examine the effects between the communities using this system. In 2008, the users of electronic security system in big cities in Seoul(Yong-San, Jong-Lo) and Gyung-Gi Do(Su-Won) for their convenience stores, jewelry shops, communication services, banks, government and public offices, etc. were arranged for a population and 262 of them were used for the final analysis by purposive sampling. This study yields following results. First, the validity of security need satisfaction from users of electronic security system is very high, which means the explanatory adequacy of environmental security need is the highest. Second, the reliability of security need satisfaction from users of electronic security system is very high, in which the reliability value(Cronbach's $\alpha$) of internal consistency is over .765. Third, the security need of electronic security system has the most effects on the group of bank workers. That is, through a close cooperative system between the bank and the service of electronic security system, the more keeping satisfied the environmental, bodily, physical security needs are, the less the in security of this group has. Informational security need has the most effects on convenient store group. It means the service companies of electronic security system offer more services at dawn time and make or supply all sorts of visual information system, which reduces insecurity of the convenient store group.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.4
• /
• pp.655-667
• /
• 2014

A disaster is the time-excess case that computerized service can tolerate a failure and financial industry is being set up the disaster recovery system based on the disaster recovery plan and the business continuity plan for preparing these disasters. However, existing system can not guarantee the business continuity when it comes to cyber terror. This paper analyzes the building type and building technology of disaster recovery system for the financial fields. Also this paper explain the type of data backup using online redo log and type of archive log backup using WORM storage. And this paper proposes the model of improved data recovery combining above two types. Lastly this paper confirm the effectiveness and reliability for proposal rocovery model through the implementation of the test environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.71-79
• /
• 2009

Currently much research is being done on host based intrusion detection using system calls which is a portion of kernel based data. Sequence based and frequency based preprocessing methods are mostly used in research for intrusion detection using system calls. Due to the large amount of data and system call types, it requires a significant amount of preprocessing time. Therefore, it is difficult to implement real-time intrusion detection systems. Despite this disadvantage, the frequency based method which requires a relatively small amount of preprocessing time is usually used. This paper proposes an effective method for detecting denial of service attacks using the frequency based method. Principal Component Analysis(PCA) will be used to select the principle system calls and a bayesian network will be composed and the bayesian classifier will be used for the classification.