• Journal of the HCI Society of Korea
• /
• v.12 no.2
• /
• pp.13-19
• /
• 2017

Various life-logging based on cloud service have developed social network according to the advanced technology of smartphone and wearable device. Daily digital life on social networks has been shared information and emotion and developed new social relationships. Recent life-logging has required social relationships beyond extension of personal memory and anonymity for privacy protection. This study is to determine social network group by using life-logging data obtained in daily lives and to categorize emotion behavior with anonymity guarantee. Social network group was defined by grouping similar representative emotional behavior. The public's patterns and trends was able to be inferred by analyzing representative emotion and behavior of the social groups network.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.7
• /
• pp.1393-1400
• /
• 2017

As the number of smartphone users increases, vulnerability to privacy protection is increasing. This is because personal information is stored on various servers connected to the Internet and the user is authenticated using the same ID and password. Authentication methods such as OTP, FIDO, and PIN codes have been introduced to solve traditional authentication methods, but their use is limited for authentication that requires sharing with other users. In this paper, we propose the authentication method that is needed for the management of shared information such as hospitals and corporations. The proposed algorithm is an algorithm that can authenticate users in the same place in real time using smart phone IMEI, QR code, BLE, push message. We propose an authentication algorithm that can perform user authentication through mutual cooperation using a smart phone and can cancel realtime authentication. And we designed and implemented a mutual authentication system using proposed algorithm.

• Journal of the Korea Convergence Society
• /
• v.11 no.3
• /
• pp.77-83
• /
• 2020

Recently, intelligent predictive surveillance system has emerged. It is a system that can probabilistically predict the future situation and event based on the existing data beyond the scope of the current object or object motion and situation recognition. Since such intelligent predictive monitoring system has a high possibility of handling personal information, security consideration is essential for protecting personal information. The existing video surveillance framework has limitations in terms of privacy. In this paper, we proposed a security framework for intelligent predictive surveillance system. In the proposed method, detailed components for each unit are specified by dividing them into terminals, transmission, monitoring, and monitoring layers. In particular, it supports active personal information protection in the video surveillance process by supporting detailed access control and de-identification.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.581-583
• /
• 2017

Elliptic curve cyptography is relatively a current cryptography based on point arithmetic on elliptic curves and the Elliptic Curve Discrete Logarithm Problem (ECDLP). This discrete logarithm problems enables perfect forward secrecy which helps to easily generate key and almost impossible to revert the generation which is a great feature for privacy and protection. In this paper, we provide a lightweight Elliptic Curve Diffie-Hellman (ECDH) Key exchange generator that creates a 163 bit long shared key that can be used in an Elliptic Curve Integrated Encryption Scheme (ECIES) as well as for key agreement. The algorithm uses a fast multiplication algorithm that is small in size and also implements the extended euclidean algorithm. This proposed architecture was designed using verilog HDL, synthesized with the vivado ISE 2016.3 and was implemented on the virtex-7 FPGA board.

• The Korean Journal of Archival Studies
• /
• no.20
• /
• pp.3-32
• /
• 2009

When the record management faces to the information environment, the practices based on self-judgment needs more open and considerate policies. New viewpoint that treat records as information and treat information as records will produce new mutual-conscious behavior that create records based on the value of information usage and maintain information data based on the reliability as an record. As the internal aspect how to create records well, how to transfer them well, and how to archives them well used to be the focus of record management, existing legislation, guidelines, and training seem to be mainly related to this front steps. We should also address issues according to the succeeding information services, including opening to the relevant, sharing, duplicating, information security, privacy protection, and constructing collections with continual supplement. This paper observe the confusion of the viewpoints in the recent reports, explain the need of fusion viewpoint, and suggest interconnecting feedback cycle between record management system and general information system.

• Journal of Platform Technology
• /
• v.8 no.3
• /
• pp.3-9
• /
• 2020

As the need for sharing for research purposes in the medical field increases, the use of a Common Data Model (CDM) is increasing. However, when sharing CDM data, there are some problems in that access control and personal information in the data are not protected. In this paper, in order to solve this problem, access to CDM data is controlled by using an encryption method in a blockchain network, and information of CDM data is recorded to enable tracking. In addition, IPFS was used to share a large amount of CDM data, and Celery was used to automate the sharing process. In other words, we propose a multi-channel automation system in which the information required for CDM data sharing is shared by a trust-based technology, a distributed file system, and a message queue for automation. This aims to solve the problem of access control and personal information protection in the data that occur in the process of sharing CDM data.

• Journal of the Society of Disaster Information
• /
• v.17 no.3
• /
• pp.640-654
• /
• 2021

Purpose: Normal education operation was difficult in the national disaster situation of Coronavirus Infection-19. Non-face-to-face education can be an alternative to face to face education, but it is not easy to provide the same level of education. In this study, the professor of disaster management field will identify problems that can occur in the overall operation and progress of non-face-to-face education and seek ways to improve non-face-to-face education. Method: Non-face-to-face real-time education was largely categorized into pre-class, in-class, post-class, and evaluation, and case studies were conducted through the professor's case studies. Result&Conclusion: The results of the survey are as follows: First, pre-class, it was worth considering providing a non-face-to-face educational place for professors, and the need for prior education on non-face-to-face educational equipment and systems was required. In addition, it seems necessary to make sure that education is operated smoothly by giving enough notice on classes and to make efforts to develop non-face-to-face education programs for practical class. Second, communication between professor and learner, and among learners can be an important factor in non-face-to-face mid classes. To this end, it is necessary to actively utilize debate-type classes to lead learners to participate in education and enhance the educational effect through constant interaction. Third, non-face-to-face post classes, policies on the protection of privacy due to video records should be prepared to protect the privacy of professors in advance, and copyright infringement on educational materials should also be considered. In addition, it is necessary to devise various methods for fair and objective evaluation. According to the results of the interview, in the contents, which are components of non-face-to-face education, non-face-to-face education requires detailed plans on the number of students, contents, and curriculum suitable for non-face-to-face education from the design of the education. In the system, it is necessary to give the professor enough time to fully learn and familiarize with the function of the program through pre-education on the program before the professor gives non-face-to-face classes, and to operate the helpdesk, which can thoroughly check the pre-examination before non-face-to-face education and quickly resolve the problem in case of a problem.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.479-490
• /
• 2013

Recently, the number of attacks by malicious application has significantly increased, targeting Android-platform mobile terminal such as Samsung Galaxy Note and Galaxy Tab 10.1. The malicious application can be distributed to currently used mobile devices through open market masquerading as an normal application. An attacker inserts malicious code into an application, which might threaten privacy by rooting attack. Once the rooting attack is successful, malicious code can collect and steal private data stored in mobile terminal, for example, SMS messages, contacts list, and public key certificate for banking. To protect the private information from the malicious attack, malicious code detection, rooting attack detection and countermeasure method are required. To meet this end, this paper investigates rooting attack mechanism for Android-platform mobile terminal. Based on that, this paper proposes countermeasure system that enables to extract and collect events related to attacks occurring from mobile terminal, which contributes to active protection from malicious attacks.

• Journal of Korea Multimedia Society
• /
• v.16 no.8
• /
• pp.954-961
• /
• 2013

To enhance the efficiency of network, content-centric networking (CCN), one of future Internet architectures, allows network nodes to temporally cache transmitted contents and then to directly respond to request messages which are relevant to previously cached contents. Also, since CCN uses a hierarchical content-name, not a host identity like source/destination IP address, for request/response packet routing and CCN request message does not include requester's information for privacy protection, contents-providers/ network nodes can not identify practical requesters sending request messages. So to send back relevant contents, network nodes in CCN records both a request message and its incoming interfaces on Pending Interest Table (PIT). Then the devices refer PIT to return back a response message. If PIT is exhausted, the device can not normally handle request/response messages anymore. Hence, it is needed to detect/react attack to exhaust PIT. Hence, in this paper, we propose improved detection/reaction schemes against attacks to exhaust PIT. In practice, for fine-grained control, this proposal is applied to each incoming interface. Also, we propose the message framework to control attack traffic and evaluate the performance of our proposal.

• The KIPS Transactions:PartC
• /
• v.16C no.5
• /
• pp.589-596
• /
• 2009

Until now, some protocols have been presented to provide vehicle's anonymity and unlinkability in VANET by means of issuing multiple anonymous certificates to each vehicle from the trust authority, or shot-time anonymous certificate to a vehicle after mutual authentication between a Roadside Unit (RSU) and the vehicle. However, these protocols have high overheads of the trust authority, RSUs and vehicles for generating anonymous certificate. In this paper, we propose an efficient anonymous authentication protocol, in which RSUs can issue multiple shot-time anonymous certificates to a vehicle to alleviate system overheads for mutual authentication between vehicles and RSUs. Several simulations are conducted to verify the efficiency of the proposed protocol in terms of RSU valid serve ratio and vehicle's computational costs. Moreover, the proposed protocol provides unlinkability and traceability when multiple RSUs are compromised, whereas previous protocols do not provide unlinkability and traceability.