• KIISE Transactions on Computing Practices
• /
• v.21 no.4
• /
• pp.275-282
• /
• 2015

The Musical Instrument Digital Interface (MIDI) file format is a typical format for dynamic music that can be used not only for playing, but also for supporting dynamic music activity, such as musical instrument practice. However, almost all of the existing MIDI applications focus only on the playing features. In this paper, therefore, we implement a MIDI file play application that supports various dynamic features such as part-play repeating certain sections that the user wants, tone and speed control while playing a MIDI file, downloading MIDI files from a server, and lastly Digital Rights Management (DRM). By supporting these features, we are confident that our MIDI application will help users who wish to practice musical instruments to do so conveniently, while effectively protecting the copyright of their purchased MIDI files.

• The Journal of Industrial Distribution & Business
• /
• v.10 no.10
• /
• pp.45-51
• /
• 2019

Purpose - The purpose of this study was to propose a win-win development plan for not only suppliers of delivery applications but also traditional market vendor companies and delivery riders by analyzing existing delivery models and presenting a new delivery model to enhance competitiveness of the traditional market using delivery apps. Research desgin, data, and methodology - Specifically, small retailers, such as traditional markets and supermarkets, presented a compromised delivery model that utilizes the platform of specialized delivery app service providers for order reception, and that the delivery is delivered by delivery systems jointly hired by Vendor companies, such as franchising companies. To validate the significance of the trade-off delivery model, a cost-benefit analysis was conducted by those involved in the delivery application. Results - From the perspective of suppliers of specialized delivery applications, it is analyzed that the use of specialized delivery applications in traditional markets will be a new market opportunity for service providers to achieve increased sales. It is expected that consumer choice and satisfaction will be increased as convenience and accessibility of traditional market businesses that were available only through direct visit from the user side of the delivery application will be expanded. From the standpoint of delivery application franchises, it is analyzed that they can seek to increase sales and increase customer service as well as ease labor cost burden due to joint employment of delivery riders. The delivery rider will be able to seek to improve customer service due to job security, wage stability, risk reduction and overheated competition due to direct employment. Conclusion - In conclusion, the compromised delivery model solved the problems raised in the preceding study conducted on delivery application suppliers, users, franchises, and riders to establish that it could be a strategic alternative to increasing sales and expanding detailed rights for the self-employed in the traditional market, which are experiencing difficulties in management. However, the adoption of a compromise delivery model requires social consensus from those involved in the delivery application and requires legal, institutional and policy support, which will require continued follow-up research on the delivery model in the future.

• Journal of Information Science Theory and Practice
• /
• v.7 no.3
• /
• pp.52-64
• /
• 2019

This research was aimed at studying the situation, problems, and requirements for digital collection lifecycle management of Thai theses and dissertations. The mixed research method used was composed of: (1) Study of the problem and situation in which the qualitative method was applied. The research site covered 10 higher education institutions where the Thailand Digital Collection (TDC) project is operated. The informants were key administrative officers of the TDC project of each institution. In-depth and structured interviews were conducted on an individual basis to obtain the most accurate answers. (2) Study of requirements based on the quantitative research method to survey the requirements for the digital collection management system for Thai theses and dissertations from 84 purposively-selected TDC project officers and 527 end users selected by accidental sampling, totaling 611 samples. Research findings are as follow: (1) The study of the situation and problems of digital collection lifecycle management shows that Thai higher institutions systematically manage their digital collection. The management lifecycle is consistent with the Guidance documents for lifecycle management of ETDs, which included seven steps: program planning, creation, submission, and ingestion, access and retrieval of digital objects, archiving and preservation, evaluation and assessment, interoperation (creation of institutional collaboration), and development of link data. (2) The study of requirements for digital collection management of Thai theses and dissertations shows five system requirements: acquisition and gathering, digitization, metadata standards, management of rights, and storage and retrieval, all of which are at M (mandatory) and D (desirable) levels.

• KIPS Transactions on Software and Data Engineering
• /
• v.7 no.12
• /
• pp.451-460
• /
• 2018

Open source software is used in various ways when developing new softwares all around the world. It requires rights and responsibilities as a form of an open source software license. Because the license is a contract between original software developers of the open source software and users, we must follow it and extremely cautious to avoid copyright infringement. In particular, we must verify license compatibility when we develop new software using the existing open source softwares. However, license violation issues always occur and lead to lawsuits so that they are having an adverse effect on the open source software ecosystem. Thus, in this paper, we propose a method, OSLC-Vid, to identify license violations whether compatibility issues exist between open source softwares. The proposed method is verified by the experiments to detect actual license violation cases.

• Convergence Security Journal
• /
• v.21 no.2
• /
• pp.29-35
• /
• 2021

UART (Universal asynchronous receiver/transmitter) is a hardware device that converts data into serial format and transmits it, and is widely used for system diagnosis and debugging in most embedded systems. Hackers can access system memory or firmware by using the functions of UART, and can take over the system by acquiring administrator rights of the system. In this paper, we studied secure UART to protect against hacker attacks through UART. In the proposed scheme, only authorized users using the promised UART communication protocol are allowed to access UART and unauthorized access is not allowed. In addition, data is encrypted and transmitted to prevent protocol analysis through sniffing. The proposed UART technique was implemented in an embedded Linux system and performance evaluation was performed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.2
• /
• pp.3-13
• /
• 2004

DRM is the ability to brand digital contents with features that ensure copy Protection and affect the way in which digital contents are played back. DRM is a technology that enables the secure distribution, promotion and sale of digital contents on the Internet. The DRM Client System that operates on the untrusted user environments has to meet the requirements of the contents owner, including copyright and contents protection. After the DRM Client System is installed on the untrusted user environments, it verifies and plays digital contents. With these procedures it cuties out user authentication, contents decryption, and license management. During these procedures, the sensitive data, including authentication information, decryption data and license data, must be secured against any illegal access from users. The goal of this thesis is to introduce the implementation of Secure Storage Device which can protect user's authentication key, cryptographic key, and license data in safe where the DRM Client System is running.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.1
• /
• pp.97-101
• /
• 2007

The purpose of DRM is to protect the copyrights of content providers and to enable only designated users to access digital contents. From the consumers' point of view, they have a tendency to go against complex and confusing limitations. Moreover, consumers' rights of use of the content obtained legally were frequently harmed by arbitrary limitations. The concept of Authorized Domain (AD) was presented to remove such problems. However, the previous work on authorized domain has two problems. The first is that it requires a rather expensive revocation mechanism for withdraw process. The second is that the modules still can play contents which are previously obtained even though they are currently out of the authorized domain. On the contrary, our scheme presents the content from being played by modules which are out of the domain for better security. Furthermore our scheme does not need to maintain a revocation list and prevent replay attack.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.2
• /
• pp.107-114
• /
• 2022

Delegation is a powerful mechanism that allocates access rights to users to provide flexible and dynamic access control decisions. It is also particularly useful in a distributed environment. Among the representative delegation models, the RBDM0 and RDM2000 models are role delegation as the user to user delegation. However, In RBAC, the concept of inheritance of the role class is not well harmonized with the management rules of the actual corporate organization. In this paper, we propose an Adding Attributes on Permission-Based Delegation Model (ABDM) that guarantees the permanence of delegated permissions. It does not violate the separation of duty and security principle of least privilege. ABDM based on RBAC model, supports both the role to role and user to user delegation with an attribute. whenever the delegator wants the permission can be withdrawn, and A delegator can give permission to a delegatee.

• Journal of Digital Convergence
• /
• v.19 no.4
• /
• pp.133-139
• /
• 2021

Due to the rapid progress in network technology, many research on content security technologies is also being conducted in the mobile digital content sector. In the meantime, content protection has been immersed in preventing illegal copying, certifying, and issuance/management certificates, but still have many vulnerabilities in managing or authenticating confidential information. This study aims to strengthen confidential information about content based on dual management of content download rights through mobile phone numbers or device numbers. It also protect replay-attack by building a secure mobile DRM system where digital content is safely distributed based on a three-stage user authentication process. In addition, blockchain-based content security enhancements were studied during the primary/secondary process for user authentication for the prevention of piracy and copyright protection. In addition, the client authentication process was further improved through three final stages of authorization in the use of illegal content, considering that legitimate users redistributed their content to third-party.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.5
• /
• pp.67-74
• /
• 2023

In this paper, we analyze the authentication protocol for DRM proposed by Hussain et al. in 2022, and present an improved solution. Hussain et al. argued that their authentication protocol guarantees man-in-the-middle attack, replay attacks, and mutual authentication. However, as a result of analyzing Hussain et al.'s authentication protocol in this paper, Hussain et al.'s authentication protocol still has an insider attack problem, a problem with Yu et al.'s authentication protocol that they pointed out. For this reason, when an inside attacker acquires information on a mobile device, a user impersonation attack was also possible. In addition, there were problems with the user's lack of ID format verification and the problem of the secret key mismatch of the digital contents between the server and the user. Therefore, this paper proposes an improved solution to solve these problems. As a result of analysis in this paper, the improved solution is safe from various attacks such as smart card attack, insider attack, and password guessing attack and can safely authenticate users of DRM.