• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.55-63
• /
• 2016

SOA(service oriented architecture) based ESB(enterprise service bus) model is widely adopted in many companies for the safe processing of enormous data and the integration of business system. The existing web service technologies for the construction of SOA, however, show unsatisfactory in practical applications though the standardization of web service security technologies is in progress due to their limitations in safe exchange of data. Internal end users using a large business system based on such environment are composed of the variety of organizations and roles. Companies might receive more serious damage from insider threat than that from external one when internal end users get unauthorized information beyond the limits of their authority for private profit and bad purposes. In this paper, we propose a security architecture capable of identifying and coping with the security threats of web service technologies arouse from internal end users.

• Journal of KIISE:Computer Systems and Theory
• /
• v.32 no.7
• /
• pp.333-340
• /
• 2005

One of the most important core technologies required for the design of the ITS (Intrusion Tolerance System) that performs continuously minimal essential services even when the network-based computer system is partially compromised because of the external or internal intrusions is the quantitative dependability analysis of the ITS. In this paper, we applied self-healing mechanism, the core technology of autonomic computing to secure the protection power of the ITS. We analyzed a state transition diagram of the ITS composed of a Primary server and a backup server utilizing two factors of self-healing mechanism (fault model and system response) and calculated the availability of ITS through simulation experiments and also performed studies on two cases of vulnerability attack.

• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.125-137
• /
• 2023

Companies that handle sensitive information, led by public institutions, establish separate networks for work and the Internet and protect important data through strong access control measures to prevent cyber attacks. Therefore, systems that involve the junction where the Intranet(internal LAN for work purposes only) and the Internet network are connected require the establishment of a safe security environment through both administrative and technical measures. Mobile Device Management(MDM) solutions to control mobile devices used by institutions are one such example. As this system operates by handling sensitive information such as mobile device information and user information on the Internet network, stringent security measures are required during operation. In this study, a model was proposed to manage sensitive information data processing in systems that must operate on the Internet network by managing it on the internal work network, and the function design and implementation were centered on an MDM solution based on a network interconnection solution.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2002.06a
• /
• pp.148-155
• /
• 2002

Multithreaded models improve the efficiency of parallel systems by combining inner parallelism, asynchronous data availability and the locality of von Neumann model. This model executes thread code which is generated by compiler and of which quality is given by the method of generation. But multithreaded models have the demerit that execution model is restricted to a specific platform. On the contrary, Java has the platform independency, so if we can translate from threads code to Java bytecode, we can use the advantages of multithreaded models in many platforms. Java executes Java bytecode which is intermediate language format for Java virtual machine. Java bytecode plays a role of an intermediate language in translator and Java virtual machine work as back-end in translator. But, Java bytecode which is translated from multithreaded models have the demerit that it is not secure. This paper, multhithread code whose feature of platform independent can execute in java virtual machine. We design and implement translator which translate from thread code of multithreaded code to Java bytecode and which check secure problems from Java bytecode.

• Korean Journal of Construction Engineering and Management
• /
• v.15 no.5
• /
• pp.40-48
• /
• 2014

As CBR(Chemical, Biological, and Radiological) attack increases, the importance of CBR protective facilities is being emphasized. When CBR warfare emerges, a task force team, who exist outside of CBR protective facility, should enter the CBR protective facility through neutralizing process in CCA(Contamination Control Area) and TFA(Toxic Free Area). If a bottleneck occurs in the process or zones, the task force team cannot enter the CBR protective facility efficiently and may cause inefficiency in its operation performance or result in casualties. The current design criteria of the CBR protective facility is only limited to ventilation system and it does not consider how much time it takes to enter the facility. Therefore, this research aims to propose the entering time estimation model with discrete event simulation. To make the simulation model, the procedure performed through CCA and TFA is defined and segmented. The actual time of the procedure are measured and adapted for the simulation model. After running the simulation model, variables effecting the entering time are selected for alternatives with adjustments. This entering time estimation model for CBR protective facility is expected to help take time into consideration during the designing phase of CBR protective facility and help CBR protective facility managers to plan facility operation in a more realistic approach.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.629-643
• /
• 2019

In the era of the 4th industrial revolution, countries around the world are conducting projects to rapidly expand smart factory to secure competitiveness in manufacturing industries. However, unlike existing factories where the network environment was closed, smart factories can be vulnerable because internal and external objects are interconnected and various ICT technologies are used. And smart factories are likely to be the subject of cyber-attacks that are designed to cause monetary damage to certain targets because economic damage is so serious when an accident occurs. Therefore, it is necessary to study and apply security for smart factories, but there is no specific smart factory system architecture, so there is no establish for smart factory security requirements. In order to solve these problems, this paper derives the smart factory architecture that can extract and reflect the main characteristics of a smart factory based on the domestic and foreign reference model of smart factories. And this paper identifies the security threats based on the derived smart factory architecture and present the security requirements to cope with them for contributing to the improvement of the security of the smart factory.