• Journal of Platform Technology
• /
• v.12 no.3
• /
• pp.55-61
• /
• 2024

As the digital environment becomes more complex and cyber attacks become more sophisticated, the importance of data protection is emerging. As various security threats such as data leakage, system intrusion, and authentication bypass increase, secure key management is emerging. Key Management System (KMS) manages the entire encryption key life cycle procedure and is used in various industries. There is a need for a key management system that considers requirements suitable for the environment of various industries including public and finance. The purpose of this paper is to derive the characteristics of the key management system for each industry by comparing and analyzing key management systems used in representative industries. As for the research method, information was collected through literature and technical document analysis and case analysis, and comparative analysis was conducted by industry sector. The results of this paper will be able to provide a practical guide when introducing or developing a key management system suitable for the industrial environment. The limitations are that the analyzed industrial field was insufficient and experimental verification was insufficient. Therefore, in future studies, we intend to conduct specific performance tests through experiments, including key management systems in various fields.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.261-269
• /
• 2014

There are many researches on fast exponentiation algorithm which is used to implement a public key cryptosystem such as RSA. On the other hand, the malicious attacker has tried various side-channel attacks to extract the secret key. In these attacks, an attacker uses the power consumption or electromagnetic radiation of cryptographic devices which is measured during computation of exponentiation algorithm. In this paper, we propose a novel simple power analysis attack on m-ary exponentiation implementation. The core idea of our attack on m-ary exponentiation with pre-computation process is that an attacker controls the input message to identify the power consumption patterns which are related with secret key. Furthermore, we implement the m-ary exponentiation on evaluation board and apply our simple power analysis attack to it. As a result, we verify that the secret key can be revealed in experimental environment.

• Journal of the Society of Disaster Information
• /
• v.14 no.1
• /
• pp.65-71
• /
• 2018

In this study, it is aimed to prevent the spread of pollutants in the event of a major disaster caused by CBRNE accidents and attacks and build up system to provide optimal transport environment for each patient condition By identifying characteristics of existing products and make them immediately applicable in the field. The purpose of this study is suggesting essential consideration in both functional and performance in the development of the isolation unit. As a result of the study, it suggests (1) basic function, (2) efficient field utilization, (3) isolation unit interface and combination of modules in development of isolation unit.

• Journal of Electrical Engineering and Technology
• /
• v.6 no.6
• /
• pp.806-816
• /
• 2011

Interest about social security has recently increased in favor of safety for infrastructure. In addition, advances in computer vision and pattern recognition research are leading to video-based surveillance systems with improved scene analysis capabilities. However, such video surveillance systems, which are controlled by human operators, cannot actively cope with dynamic and anomalous events, such as having an invader in the corporate, commercial, or public sectors. For this reason, intelligent surveillance systems are increasingly needed to provide active social security services. In this study, we propose a core technique for intelligent surveillance system that is based on swarm robot technology. We present techniques for invader enclosing using swarm robots based on multiple distributed object environment. The proposed methods are composed of three main stages: location estimation of the object, specified object tracking, and decision of the cooperative behavior of the swarm robots. By using particle filter, object tracking and location estimation procedures are performed and a specified enclosing point for the swarm robots is located on the interactive positions in their coordinate system. Furthermore, the cooperative behaviors of the swarm robots are determined via the result of path navigation based on the combination of potential field and wall-following methods. The results of each stage are combined into the swarm robot-based invader-enclosing technique on multiple distributed object environments. Finally, several simulation results are provided to further discuss and verify the accuracy and effectiveness of the proposed techniques.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.4B
• /
• pp.419-427
• /
• 2009

This paper propose DA-UDC(Double Authentication User, Device, Cross) Module which solves the cost problem and the appropriation of Certificate using User Authentication, Device Authentication and Cross Authentication with OTA(One Time Authentication) Key, and which is designed not to subscribe to the service of Home network business. Home Server transmits its public key which is needed to create OTA to the user which passed the first step of authentication which verifies User ID, Device ID and Session Key. And it performs the second step of authentication process which verifies the OTA key created by a user. Whenever the OTA key of DA-UDC module is generated, the key is designed to be changed. Therefore, DA-UDC Module prevents the exposure of User and Device ID by performing the two steps of authentication and enhances the authentication security of Home Network from malicious user with OTA key. Also, DA-UDC Module is faster than the existing authentication system in processing speed because it performs authentication calculation only once. Though DA-UDC Module increases data traffic slightly because of the extra authentication key, it enhances the security more than the existing technique.

• Journal of the Korea Convergence Society
• /
• v.9 no.7
• /
• pp.69-75
• /
• 2018

The key technology of Industry 4.0, Smart factory is evaluated as the driving force of our economic development hereafter and a lot of researches have been established. Various entities including devices, products and managers exist in smart factory, but roles of these entities may be continuous or variable and can become extinct not long after. Existing methods for access control are not suitable to adapt to the variable environment. If we don't consider certain security level, important industrial data can be the targets of attacks. We need a new access control method satisfying desired level of efficiency and security without excessive system loads. In this paper, we propose a new RBAC-PAC which extend AC defined for PKC to the authority attribute of roles. We distribute PACs for roles through block chain method to provide the efficient access control. We verified that RBAC-PAC is more efficient in the smart factory with large number of entities which need a frequent permission update.

• The Korean Journal of Air & Space Law and Policy
• /
• v.9
• /
• pp.435-443
• /
• 1997

Passing 26 years from 1970 when the first satellite was launched into the orbit, Japan developed and successfully launched H-II from Tanegashima Space Center in 1994. During those period, Japanese space policy has experienced a big shake from independent development to technology import from the US, and back again to independent development. In general, the H-II rocket which was manufactured by 100% domestic technology, brings Japan from the old era (experimental stage) to the new era (practical use stage). Fundamental Policy of Japan's Space Activities, which decides such policy as mentioned, was revised in January, 1996 this year after an interval of 7 years. This revised outline confirms the result of Japanese space technology until present and identifies the future direction and framework of her space activities for a period of coming ten years on the basis of a ong-term perspective towards the 21st century. However, when comparing with the last Fundamental Policy in 1989, there seems no big change in it, and a long-term perspective is also not seen there. The description varies on some important points in international space law, like international cooperation, protection of environment, commercial use, etc. In addition, the immaturity as well as the necessity of broader discussion are felt because neither this Fundamental Policy nor The National Defense Program Outline treated any national and international security matters concerning outer space. Considering the present time when Japan enters into the practical use of outer space, such as application, commercial use and launching service, etc, it is doubtful whether new Fundamental Policy was properly planned or not. It seems necessary to use several measures by which the public opinion, opinions from industry and debate on the security are reflected in the policy making.

• Journal of Korean Society of Disaster and Security
• /
• v.6 no.1
• /
• pp.73-78
• /
• 2013

This study aims to develop Drowning Management Index (DMI) to evaluate the effectiveness of drowning management in a region. In order to develop practical index to evaluate drowning management, downing contributors are examined. Drowning exposure rate is collected by survey. DMI is generated from South Korea and Australia for comparison. South Korea and Australia indicate similar number of drowning per 100 thousand people (1.7 South Korea, 1.4 Australia) but in DMI it turned out 9 times difference between two countries (15.5 South Korea, 1.67 Australia).

• Korean Security Journal
• /
• no.23
• /
• pp.1-19
• /
• 2010

As the world becomes more global, entry simplification measure increases many foreigners' entry and international marriage around the low income countries of southeast Asia. Those are adding multicultural phenomena to Korean society, which has a bad influence on public order environment and leads to side effect in society. Since the 9/11 terror attacks, a sudden increase in the threat of terror has been worldwide. Besides, the threat tends toward New Terrorism and contributes to factor to social malaise in Korea. Therefore, this study examines all the possibilities of hometown terrorism by multiculturalism and suggests measures for it. To achieve this, it is required to lead the people's understanding and national participation for multiculturalism. The mature civic awareness should be given priority over any others, which means the understanding and consideration of various countries' cultures and traditions. It is also necessary to inspect the dangers of hometown terrorism. Furthermore, there should be an urgent need for an institutional device to prevent and suppress terror through a close examination of countermeasures system of terror.

• Journal of Internet Computing and Services
• /
• v.14 no.3
• /
• pp.35-46
• /
• 2013

As mobile terminal environment gets matured, the use of Android platform based mobile terminals has been growing high. Recently, the number of attacks by malicious application is also increasing as Android platform is vulnerable to private information leakage in nature. Most of these malicious applications are easily distributed to general users through open market or internet and an attacker inserts malicious code into malicious app which could be harmful tool to steal private data and banking data such as SMS, contacts list, and public key certificate to a remote server. To cope with these security threats more actively, it is necessary to develop countermeasure system that enables to detect security vulnerability existing in mobile device and take an appropriate action to protect the system against malicious attacks. In this sense, this paper aggregates diverse system events from multiple mobile devices and also implements a system to detect attacks by malicious application.