• Title/Summary/Keyword: 기밀 파일

Search Result 50, Processing Time 0.032 seconds

A USB DLP Scheme for Preventing Loss of Internal Confidential Files (내부 기밀파일 유출 방지를 위한 USB DLP 기법)

  • Shin, Gyu Jin;Jung, Gu Hyun;Yang, Dong Min;Lee, Bong Hwan
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.21 no.12
    • /
    • pp.2333-2340
    • /
    • 2017
  • Recently industry is suffering severe losses of important internal information, and most of the leaks result from the insiders. Thus, various technological counter measures are being studied in order to protect private organization information. In this paper, among various internal information leakage path protection mechanisms, we propose a technique for preventing files which are defined as confidential from being copied or moved through USB. The implemented confidential file loss prevention system is composed of both signature insert manager and confidential file detect manager. The signature insert manager allows a system administrator to insert a special pattern specifying a classified confidential file, while the confidential file detect manager protects confidential file leakage when a user attempts to move or copy a confidential file to the USB memory. This results would be contributed to reducing the damage caused by leakage of confidential files outside of the company via USB.

A Signature Inserting Scheme for Defining Confidential File (기밀 파일 정의를 위한 시그니처 삽입 기법)

  • Shin, Gyu-jin;Jung, Ku-hyun;Lee, Tae-ryong;Yang, Dongmin;Lee, Bong-hwan
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2017.10a
    • /
    • pp.556-558
    • /
    • 2017
  • Recently internal confidential file leakage of industry is substantially increasing, which results in serious damage to enterprises. Most of these outbreaks are caused by internal employees. In this paper, we proposed and implemented a signature insertion scheme for defining confidential file in order to detect the outflow of internal confidential files with various file formats.

  • PDF

A Digital Secret File Leakage Prevention System via Hadoop-based User Behavior Analysis (하둡 기반의 사용자 행위 분석을 통한 기밀파일 유출 방지 시스템)

  • Yoo, Hye-Rim;Shin, Gyu-Jin;Yang, Dong-Min;Lee, Bong-Hwan
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.22 no.11
    • /
    • pp.1544-1553
    • /
    • 2018
  • Recently internal information leakage in industries is severely increasing in spite of industry security policy. Thus, it is essential to prepare an information leakage prevention measure by industries. Most of the leaks result from the insiders, not from external attacks. In this paper, a real-time internal information leakage prevention system via both storage and network is implemented in order to protect confidential file leakage. In addition, a Hadoop-based user behavior analysis and statistics system is designed and implemented for storing and analyzing information log data in industries. The proposed system stores a large volume of data in HDFS and improves data processing capability using RHive, consequently helps the administrator recognize and prepare the confidential file leak trials. The implemented audit system would be contributed to reducing the damage caused by leakage of confidential files inside of the industries via both portable data media and networks.

An Analysis of Crypto-File System for Protecting Sensitive Data (데이터 보호를 위한 암호화 파일시스템의 분석)

  • Lim, J.D.;Un, S.K.;Kim, J.N.
    • Electronics and Telecommunications Trends
    • /
    • v.16 no.4 s.70
    • /
    • pp.54-66
    • /
    • 2001
  • 본 논문은 지금까지 제안 및 개발되어 온 암호화 파일시스템에 대하여 살펴본다. 암호화 파일시스템은 사용자 개개인 혹은 조직 등에서 기밀을 유지하여야 하는 중요한 데이터에 대한 안전한 저장을 목적으로 개발되었다. 암호화 파일시스템의 기능으로는 침입자 혹은 원하지 않는 타인의 접근에 대해 데이터의 기밀성 및 안정성을 보장하고, 암호화 기능의 투명화를 통해 사용의 편리성을 제공하며, 암호화 기능의 수행으로 인해 시스템의 성능이 저하되는 것을 방지하는 것 등이 있다. 현재까지 개발되어 온 대표적인 암호화 파일시스템으로는 Cryptographic File System(CFS), Transparent Cryptographic File System(TCFS), Cryptfs, 그리고 Steganographic File System(StegFS) 등이 있다. 차후에는 분석된 암호화 파일시스템을 통해 좀 더 효율적인 보안성과 이식성을 제공하고, 사용자에 대해 편리성을 제공하는 파일시스템 구조의 설계 및 개발이 필요하다.

A Study on Data Security of Web Local Storage (웹 로컬스토리지 데이터 보안을 위한 연구)

  • Kim, Ji-soo;Moon, Jong-sub
    • Journal of Internet Computing and Services
    • /
    • v.17 no.3
    • /
    • pp.55-66
    • /
    • 2016
  • A local storage of HTML5 is a Web Storage, which is stored permanently on a local computer in the form of files. The contents of the storage can be easily accessed and modified because it is stored as plaintext. Moreover, because the internet browser classifies the local storages of each domain using file names, the malicious attacker can abuse victim's local storage files by changing file names. In the paper, we propose a scheme to maintain the integrity and the confidentiality of the local storage's source domain and source device. The key idea is that the client encrypts the data stored in the local storage with cipher key, which is managed by the web server. On the step of requesting the cipher key, the web server authenticates whether the client is legal source of local storage or not. Finally, we showed that our method can detect an abnormal access to the local storage through experiments according to the proposed method.

Insider Threat Detection Technology against Confidential Information Loss using Email (이메일을 통한 기밀정보 유출 유형의 내부자 위협 탐지 기술)

  • Youngjae Lee;Seongwon Kang;Kyungmi Kim;Kyungroul Lee
    • Proceedings of the Korean Society of Computer Information Conference
    • /
    • 2023.07a
    • /
    • pp.217-218
    • /
    • 2023
  • 내부자 위협이란, 조직의 보안 및 데이터, 시스템에 대한 내부 정보에 접근하는 현 임직원 및 전 임직원, 계약자와 같이, 동일한 조직 내부의 사람들로부터 발생하는 위협을 의미한다. 일반적으로 내부자들은 업무를 위하여, 시스템에 대한 합법적인 접근 권한을 가지며, 만약 이러한 권한이 오남용되는 경우에는 조직에 매우 심각한 피해를 입힐 수 있다. 이러한 내부자 위협은 외부로부터의 위협보다 방어 및 탐지가 훨씬 어려운 한계점이 있으며, 그 피해 규모가 매우 방대하다는 문제점도 존재한다. 이에 따라, 본 논문에서는 내부자 위협을 탐지하기 위하여, 이메일을 통한 기밀정보를 유출하는 유형의 위협에 대응하는 방안을 제안한다. 제안하는 방안은 조직 내에서 이메일을 발신하는 경우를 대상으로, 파일이 포함된 이메일에 발신자를 식별하기 위하여, 파일에 키 값 및 서명을 삽입하며, 발신되는 이메일을 모니터링하여 첨부된 파일의 유형을 파악함으로써, 동적 그래프를 통하여 시각화한다. 내부 시스템 및 네트워크에서의 보안관제 담당자 및 관리자는 시각화된 그래프를 확인함으로써, 직관적으로 정보 유출을 파악하고 대응할 수 있을 것으로 판단된다. 본 논문에서 제안하는 방안을 통하여, 조직 내의 내부자 위협을 탐지할 수 있으며, 데이터 유출 사고가 발생하는 경우, 유출자를 빠르게 식별하고 초기에 대응할 수 있을 것으로 판단된다.

  • PDF

Crystal : Cryptographic File System Based On Cluster ins Environment (Crystal : 클러스터 기반의 암호화 파일 시스템)

  • 황보준형;서대화
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2001.10a
    • /
    • pp.802-804
    • /
    • 2001
  • 하드웨어의 발달과 인터넷의 보편화로 점차 정보의 보안의 필요성이 대두되었다. 암호화 파일 시스템은 사용자의 기밀성을 요구하는 파일의 안전한 저장을 위해 제안되었다. 이 암호화 파일 시스템은 사용자에게 투명성을 제공하여 사용의 편리성을 제공한다. 또한 기존의 암호화 시스템이 사용자 영역에서 이루어져 문맥교환의 횟수가 많아 시스템의 성능이 떨어지는데 반해 암호화 파일 시스템은 커널레벨에서 암호화 서비스가 이루어지므로 시스템의 성능이 저하되는 것을 방지해준다. 하지만 암호화 서비스 자체가 큰 과부하가 되어 일반 파일 시스템에 비해 성능이 많이 떨어진다는 단점이 있다. 따라서 본 논문에서는 클러스터 기반의 파일 시스템을 통해 암호화 파일 시스템의 부하를 분산시켜 성능을 개선함과 동시에 암호화된 파일을 분산 저장하므로 보안성을 높여준다. 제안된 암호화 파일 시스템은 시스템이 확장되었을 경우 그와 비례해서 시스템의 성능이 개선됨을 알 수 있다.

  • PDF

Development of Win32 API Message Authorization System for Windows based Application Provision Service (윈도우 기반 응용프로그램 제공 서비스를 위한 Win32 API 메시지 인가 시스템의 개발)

  • Kim, Young-Ho;Jung, Mi-Na;Won, Yong-Gwan
    • The KIPS Transactions:PartC
    • /
    • v.11C no.1
    • /
    • pp.47-54
    • /
    • 2004
  • The growth of computer resource and network speed has increased requests for the use of remotely located computer systems by connecting through computer networks. This phenomenon has hoisted research activities for application service provision that uses server-based remote computing paradigm. The server-based remote computing paradigm has been developed as the ASP (Application Service Provision) model, which provides remote users through application sharing protocol to application programs. Security requirement such as confidentiality, availability, integrity should be satisfied to provide ASP service using centralized computing system. Existing Telnet or FTP service for a remote computing systems have satisfied security requirement by a simple access control to files and/or data. But windows-based centralized computing system is vulnerable to confidentiality, availability, integrity where many users use the same application program installed in the same computer. In other words, the computing system needs detailed security level for each user different from others, such that only authorized user or group of users can run some specific functional commands for the program. In this paper, we propose windows based centralized computing system that sets security policies for each user for the use of instructions of the application programs, and performs access control to the instructions based on the security policies. The system monitors all user messages which are executed through graphical user interface by the users connecting to the system. Ail Instructions, i.e. messages, for the application program are now passed to authorization process that decides if an Instruction is delivered to the application program based on the pre-defined security polices. This system can be used as security clearance for each user for the shared computing resource as well as shared application programs.

Study of Document Distribution System Architecture for Digital Secret Document Leakage Prevention (전자기밀문서 유출봉쇄 유통시스템 구조 연구)

  • Choi, Cheong-Hyeon
    • Journal of Internet Computing and Services
    • /
    • v.11 no.4
    • /
    • pp.143-158
    • /
    • 2010
  • The illegal leakage of enterprise digital confidential information will threaten the enterprise with bankruptcy. Today since most small-and-medium companies have no capability to fight against illegally compromising their critically confidential documents in spite of knowing the leakage of them, strongly safe distribution system of the digital confidential documents should be designed so in secure as to prevent any malicious intent of embezzlement from accessing the critical information. Current DRM-based protection system is not always perfect to protect the digital secrets, even seems to leave the secrets open. Therefore our study has analyzed the illegal leakage paths that hackers attack against and the vulnerability of the current protection systems. As result, we study the group communication based system architecture satisfying the security conditions to make even legitimate working employee keep out of the confidential documents, without performance degradation. The main idea of this architecture is to stay every secrets in encrypted form; to isolate the encrypted documents from the crypto-key; to associate every entity with one activity and to authenticate every entity with DSA-based public key system; multiple authentication method make hackers too busy to get a privilege to access the secrets with too many puzzle pieces. This paper deal with the basic architectural structure for the above issues.

Measures to Prevent the Leakage of Military Internal Information through the Analysis of Military Secret Leakage Cases: Focusing on Insider Behaviors (군사기밀 유출 사례 분석을 통한 군 내부정보 유출 방지 방안 : 내부자 행위 중심으로)

  • Eom, Jung-Ho;Kim, Nam-Uk
    • Convergence Security Journal
    • /
    • v.20 no.1
    • /
    • pp.85-92
    • /
    • 2020
  • None of the recent cases of military secret leakages have leaked internal information using networks. This is because the Internet and the Intranet are physically separated, and has a difficult process when transmitting and receiving data through the Internet. Therefore, most of the leaked paths are to copy and hand over secrets, shoot and send them with a smartphone, or disclose after remembering them. So, the technology of blocking and detecting military secret leakages through the network is not effective. The purpose of this research is to propose a method to prevent information leakage by focusing on the insider behaviors, the subject of leakage, rather than the military secret. The first is a preventive measure to prevent the leakage behavior of military secrets, the second is to block suspicious access to the military secret data, and the last is to detect the leakage behavior by insiders.