Browse > Article
http://dx.doi.org/10.15683/kosdi.2021.12.31.897

A Study on Creation of Secure Storage Area and Access Control to Protect Data from Unspecified Threats  

Kim, Seungyong (Department of Management Information System, Korea National University of Transportation)
Hwang, Incheol (Secuware Inc.)
Kim, Dongsik (KCC Corporation)
Publication Information
Journal of the Society of Disaster Information / v.17, no.4, 2021 , pp. 897-903 More about this Journal
Abstract
Purpose: Recently, ransomware damage that encrypts victim's data through hacking and demands money in exchange for releasing it is increasing domestically and internationally. Accordingly, research and development on various response technologies and solutions are in progress. Method: A secure storage area and a general storage area were created in the same virtual environment, and the sample data was saved by registering the access process. In order to check whether the stored sample data is infringed, the ransomware sample was executed and the hash function of the sample data was checked to see if it was infringed. The access control performance checked whether the sample data was accessed through the same name and storage location as the registered access process. Result: As a result of the experiment, the sample data in the secure storage area maintained data integrity from ransomware and unauthorized processes. Conclusion: Through this study, the creation of a secure storage area and the whitelist-based access control method are evaluated as suitable as a method to protect important data, and it is possible to provide a more secure computing environment through future technology scalability and convergence with existing solutions.
Keywords
Data Protection; Ransomware; Storage; Secure Area; Access Control;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Lee, J.S., Lee, K.H. (2014). "A study on security container to prevent data leaks." Journal of The Korea Institute of Information Security & Cryptology, Vol. 24, No. 6, pp. 1225-1241.   DOI
2 Hong, D.Y., Ko, W.S., Im, S.S. (2014). "Virtualization techniques for secure and reliable computing." Journal of The Korea Institute of Information Scientists and Engineers, Vol. 26, No. 10, pp. 50-57.
3 Ju, J.H., Ma, S.Y., Moon, J.S., (2014). "Proposal of security requirements for storage virtualization system against clouding computing security threats." Journal of Security Engineering, Vol. 11, No. 6, pp. 469-478.   DOI
4 Kim, J.G., Kim, T.E., Choi, J.W., Kim, W.G., Lee, J.S. (2007). "Vulnerability analysis and research on digital contents storage system." Journal of Information and Security, Vol. 7, No. 4, pp. 36-41.
5 Kim, C., Choi. D., Yi. J., Kim. J. (2014). "A study of program execution control based on Whitelist." Proceedings of the Korea Institute of Information and Communication Science Conference, KIICE, Korea, pp. 346-349.
6 Kim, S.Y., Kim, G.Y., Hwang, I.C., Kim, D.S. (2017). "e-forensic tool research for obtaining legal evidence ability of digital evidence by intelligence inspection." 2017, Vol. 13, No. 2, pp. 267-275.
7 Kim, S.Y., Hwang, I.C., Kim, D.S. (2021). "A study on next-generation data protection based on non file system for spreading smart factory." Journal of the Society of Disaster Information, Vol. 17, No. 1, pp. 176-183.   DOI