• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1455-1459
• /
• 2016

Recently, the frequency of dealing important information regarding financial services like paying through smart device or internet banking on smart device has been increasing. Also, with the development of smart device execution environment towards open software environment, it became easier for users to download and use random application software, and its security aspect appears to be weakening. This study will inspect features of hardware-based smart device security technology. Furthermore, this study will propose a realization method in MTM hardware-based secure smart device execution environment for application software runs that in smart device.

• Journal of KIISE
• /
• v.42 no.5
• /
• pp.551-557
• /
• 2015

The technology using ARM TrustZone draws attention as a new embedded virtualization approach. The ARM TrustZone defines two virtual execution environment, the secure world and the normal world. In such an environment, the inter-world communication is important to extend function of software. However, the current monitor software does not sufficiently support the inter-world communication. This paper presents a new inter guestOS communication scheme, for each world, for the ARM TrustZone virtualization. The proposed communication scheme supports bidirectional inter-world communication for single core and multicore environment. In this paper, It is implemented on a NVIDIA Tegra3 processor based on the ARM Cortex-A9 MPCore and it showed a bandwidth of 30MB/s.

• Journal of Information Processing Systems
• /
• v.3 no.2
• /
• pp.43-53
• /
• 2007

The use of agent paradigm in today's applications is hampered by the security concerns of agents and hosts alike. The agents require the presence of a secure and trusted execution environment; while hosts aim at preventing the execution of potentially malicious code. In general, hosts support the migration of agents through the provision of an agent server and managing the activities of arriving agents on the host. Numerous studies have been conducted to address the security concerns present in the mobile agent paradigm with a strong focus on the theoretical aspect of the problem. Various proposals in Intrusion Detection Systems aim at securing hosts in traditional client-server execution environments. The use of such proposals to address the security of agent hosts is not desirable since migrating agents typically execute on hosts as a separate thread of the agent server process. Agent servers are open to the execution of virtually any migrating agent; thus the intent or tasks of such agents cannot be known a priori. It is also conceivable that migrating agents may wish to hide their intentions from agent servers. In light of these observations, this work attempts to bridge the gap from theory to practice by analyzing the security mechanisms available in Aglet. We lay the foundation for implementation of application specific protocols dotted with access control, secured communication and ability to detect tampering of agent data. As agents exists in a distributed environment, our proposal also introduces a novel security framework to address the security concerns of hosts through collaboration and pattern matching even in the presence of differing views of the system. The introduced framework has been implemented on the Aglet platform and evaluated in terms of accuracy, false positive, and false negative rates along with its performance strain on the system.

• The Journal of the Korea Contents Association
• /
• v.20 no.2
• /
• pp.15-26
• /
• 2020

Secure boot is security technology that verifies the integrity of the computer system in boot stage and controls the boot process accordingly. The computer system can establish a secure execution environment from the threat of various malwares by security boot and also supports the recovery when system in emergency case. Recently, Secure boot has been adopted by various modern computer manufacturers to protect users' information from hacker attacks and to prevent abuse of their products by malicious users. In this paper, we classify security boot developed by various companies and organizations by platform, and analyze the design and development purpose of each security boot and investigate the limitation of design. It can be used as a reference for system security designers in various information of security boot development method and security design of system.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.2
• /
• pp.371-378
• /
• 2004

As an agent is applied into various fields, it is suggested as the paradigm of new application technology in the area of computer communication. However, the mobile agent brines the problem of security on an agent due to mobility. This study proposals the mobile agent protection protocol framework for more effective protection and safety. The designed Framework of protocol uses the public ky, the private key and the digital signature in PKI environment based on JAVA. This is the mechanism accomplishing safely the work of an agent by tracking the pattern of execution and the mobility plan through the VS(verification server). This also secures the suity and the flawlessness of an agent through the VS guaranteeing safety from malicious attacks.

• The KIPS Transactions:PartD
• /
• v.13D no.5 s.108
• /
• pp.691-698
• /
• 2006

The companies need the enterprise-wide support environment to build the competency to gather VOM(Voice of Market) in the process of preparing and implementing the strategy and to help establishing and managing the business process in order to secure the continuous competitive edge The enterprise-wide support environment to establish, operate, improve and evaluate the business process must be carried out. In this paper we define the method to define process and business rule in order to enable accurate execution of the process. Furthermore, collection and refection of accurate data concerning the competency of individuals, the subjects of the process execution, allows prevention of weakness of the process execution result and is the basis for identifying the areas of improvement. Therefore, high visibility can be attained through the work knowledge and processes presented in rules, and it can help firmly establish the process centered work culture (or system) in the organization by process improvement strictly based on data.

• ETRI Journal
• /
• v.43 no.2
• /
• pp.357-370
• /
• 2021

The evolution of blockchain-based systems has enabled researchers to develop nextgeneration e-voting systems. However, the classical consensus method of blockchain, that is, Proof-of-Work, as implemented in Bitcoin, has a significant impact on energy consumption and compromises the scalability, efficiency, and latency of the system. In this paper, we propose a hybrid consensus model (PSC-Bchain) composed of Proof of Credibility and Proof of Stake that work mutually to address the aforementioned problems to secure e-voting systems. Smart contracts are used to provide a trustworthy public bulletin board and a secure computing environment to ensure the accuracy of the ballot outcome. We combine a sharding mechanism with the PSC-Bchain hybrid approach to emphasize security, thus enhancing the scalability and performance of the blockchain-based e-voting system. Furthermore, we compare and discuss the execution of attacks on the classical blockchain and our proposed hybrid blockchain, and analyze the security. Our experiments yielded new observations on the overall security, performance, and scalability of blockchain-based e-voting systems.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.7
• /
• pp.3794-3820
• /
• 2019

In recent years, a cloud environment with the ability to detect illegal behaviours along with a secured data storage capability is much needed. This study presents a cloud storage framework, wherein a 128-bit encryption key has been generated by combining deoxyribonucleic acid (DNA) cryptography and the Hill Cipher algorithm to make the framework unbreakable and ensure a better and secured distributed cloud storage environment. Moreover, the study proposes a DNA-based encryption technique, followed by a 256-bit secure socket layer (SSL) to secure data storage. The 256-bit SSL provides secured connections during data transmission. The data herein are classified based on different qualitative security parameters obtained using a specialized fuzzy-based classification technique. The model also has an additional advantage of being able to decide on selecting suitable storage servers from an existing pool of storage servers. A fuzzy-based technique for order of preference by similarity to ideal solution (TOPSIS) multi-criteria decision-making (MCDM) model has been employed for this, which can decide on the set of suitable storage servers on which the data must be stored and results in a reduction in execution time by keeping up the level of security to an improved grade.

• The Journal of Korean Institute of Next Generation Computing
• /
• v.13 no.4
• /
• pp.7-18
• /
• 2017

Electrical energy is one of the most important energy sources in modern society. Therefore, it is very important to control the supply and demand of electric power. However, the power consumption data needed to predict power demand may include the information about the private behavior of an individual, the analysis of which may raise privacy issues. In this paper, we propose a secure power demand forecasting method where regression analyses on power consumption data are conducted in a trusted execution environment provided by Intel SGX, keeping the power usage pattern of users private. We performed experiments using various regression equations and selected an equation which has the least error rate. We show that the average error rate of the proposed method is lower than those of the previous forecasting methods with privacy protection functionality.

• Journal of Korean Institute of Industrial Engineers
• /
• v.32 no.3
• /
• pp.191-199
• /
• 2006

Effective management of business processes is a crucial issue to every enterprise in e-business environment. What's needed is a new framework of applications that can automatically manage distributed and heterogeneous business processes that span multiple functions of a company. In this paper, we propose technical design of a new enactment model that can coordinate such business process that involves multiple functional units or even multiple companies. In our approach, a process model is decomposed into several structural units, called 'process block', according to their procedural characteristics. Each of them is controlled by autonomous enactment units that can communicate with each other using a mutually agreed coordination protocol. The protocol takes the use of 'associative communication' concept, which allows the autonomy for each unit and secure the correctness of process execution.