• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.6
• /
• pp.267-273
• /
• 2011

The importance of networking capability is gaining more weight for enterprise business and high-speed Internet access with guaranteed security management is essential to companies. This paper presents a unified network security management solution to support high-speed Internet access, active security management, traffic classification and control. The presented system provides firewall, VPN, intrusion detection, contents filtering, traffic management, QoS management, and history log functions in unified manner implemented in a single appliance device located at the edge of enterprise networks. This will enable cost effective unified network security solution to companies.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.9 no.2
• /
• pp.267-271
• /
• 2014

Nuclear power plant data networks and their associated safety systems are being modernized to include many information technology (IT) networks and applications. Along with the advancement of plant data networks (PDN), instrumentation and control systems are being upgraded with modern digital, microprocessor-based systems. However, nuclear PDN is confronted significant side-effects, which PDN is exposed to prevalent cyber threats typically found in IT environments. Therefore, cyber security vulnerabilities and possibilities of cyber incidents are dramatically increased in nuclear PDN. Consequently, it should be designed fully ensuring the PDN meet all reliability, performance and security requirements in order to overcome the disadvantages raised from adaption of IT technology. In this paper, we provide technical security criteria should be used in design and evaluation of secure PDN. It is believed PDN, which is designed and operated along with these technical security critera, effectively protect against possible outside cyber threats.

• Convergence Security Journal
• /
• v.6 no.1
• /
• pp.75-82
• /
• 2006

This paper proposes CPR(Computer-based patient record) system that is utilized in Ubiquitous environment, establish security policy by analyzing security limitation of system and design suitable security system in CPR system. The present study designed a CPR system and, for the development of a security system, established security policies for the CPR system through analyzing the operating environment and vulnerability in security and designed a security system implementing the policies. The security system supporting CPR system is composed of authentication system, XML documentation and encryption of medical information and network security system.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.04a
• /
• pp.59-62
• /
• 2002

최근 네트워크 구성이 복잡해짐에 따라 정책기반의 네트워크 관리기술에 대한 필요성이 증가하고 있으며, 특히 네트워크 보안관리를 위한 새로운 패러다임으로 정책기반의 네트워크 관리 기술이 도입되고 있다. 보안정책 서버는 새로운 정책을 입력하거나 기존의 정책을 수정, 삭제하는 기능과 보안정책 결정 요구 발생시 정책결정을 수행하여야 하는데 이를 위해서는 보안정책 실행시스템에서 보내온 경보 메시지에 대한 분석 및 관리가 필요하다. 따라서 이 논문에서는 정책기반 네트워크 보안관리 프레임워크의 구조 중에서 보안정책 서버의 효율적인 보안정책 수림 및 수행을 지원하기 위한 경보데이터 관리기를 설계하고 구현한다. 그리고 경보 데이터 저장과 분석을 위해서 데이터베이스 스키마를 설계하고 저장된 경보데이터를 분석하는 모듈을 구현한다. 또한 불량사용자나 호스트의 관리를 위하여 블랙 리스트 매니져를 구현하며 블랙리스트 매니져는 위험한 불량사용자와 호스트를 탐지하여 관리하는 기능을 제공한다 구현된 경보 관리기나 고수준 분석기는 효율적인 보안정책관리를 지원하게 된다.

• Convergence Security Journal
• /
• v.5 no.2
• /
• pp.9-17
• /
• 2005

Recently It's difficult to deal with about variety of attack. And Simple Security management have a problem. It is that they don't develop system measuring their system envoirment and have efficient attack detector, countermeasure organization about large network. Therefore, need model about enterprise management of various security system and intrusion detection of each systems and response. In this paper, improve PBNM structure that manage wide network resources and presented suitable model in intrusion detection and response of security system. Also, designed policy-based enterprise security management system for effective intrusion detection and response by applying presented model to enterprise security management system.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.884-887
• /
• 2012

전력시스템은 외부 망과 독립적으로 운영되는 폐쇄 망에서 점차 외부 망과의 연계됨으로써 외부 요소에 의한 위협, 다차원적인 시스템 취약성에 노출되고 있다. 서비스 거부 공격은 전력시스템에 매우 치명적이기 때문에 가장 중요한 가용성을 확실히 보장하기 위한 시스템과 네트워크의 운영 및 관리를 통한 보안 대책이 필요하게 되었다. 기존의 네트워크 트래픽만으로 분석하여 이상징후를 탐지하는 방식에 한계가 있기 때문에 본 논문에서는 전력시스템의 네트워크 상태와 엔드 시스템 상태 특성을 실시간 모니터링하고 분석하여 비정상 네트워크 접근을 탐지할 수 있는 시스템을 설계하였다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2006.06c
• /
• pp.262-264
• /
• 2006

오늘날 빠른 정보화로 인한 역기능의 발생으로 인하여 침입탐지, 침입차단 및 방지 시스템들의 다양한 보안 솔루션을 도입하여 사용하고 있다. 하지만 제로 데이 공격과 같이 빠르게 확산될 경우 보안 장비에 빠르게 정책을 적용해야 하지만 보안 장비마다 각기 다른 접근 및 제어 형식으로 인하여 빠르게 대처하고 있지 못하다. 본 논문에서는 이러한 문제점을 보완하기 위해 한번의 정책 주입으로 대규모 네트워크에 설치되어 있는 보안 장비 및 네트워크 장비에 보안정책을 주입 시킬 수 있는 일괄 보안정책 관리 시스템에 대한 설계 및 구현에 대하여 논하고자 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1197-1213
• /
• 2014

Due to the increase in size of the computer network, the network security systems such as a firewall, IDS, IPS generate much more vast amount of information related to network security. So detecting signs of hidden security threats has become more difficult. Security personnels' 'Network Security Situational Awareness(NSSA)' is effectively determining the security situation of overall computer network on the basis of the relation between the security events that occur in the several views. The process of situational awareness is divided into three stages of the 'identification,' 'understanding' and 'prediction'. And 'identification' and 'understanding' are prerequisites for 'predicting' and the following appropriate responses. But 'identification' and 'understanding' in the vast amount of information became more difficult. In this paper, we propose Honeycomb security situational awareness visualization system that is designed to help NSSA in large-scale networks by using visualization techniques known effective to the 'identification' and 'understanding' stages. And we identified the empirical effects of this system on the basis of the 'VAST Challenge 2012' data.

• Convergence Security Journal
• /
• v.11 no.4
• /
• pp.3-9
• /
• 2011

On health information network architecture, traffic along the path of traffic and security, blocking malicious code penetration is performed. The medical information system network security infrastructure study, which was whether to be designed based on the structure and methodology is designed to develop the security features. Health informati on system's functionality and capabilities framework for infrastructure is the backbone and structure. The design fea tures a framework for the overall network structure formation of the skeleton and forms the basic structure of the security methodology. Infrastructure capabilities to build the framework and the application functionality is being implemented. Differentiated in accordance with security zones to perform security functions and security mechanisms that operate through this study is to present. u-Healthcare future advent of cloud computing and a new health information environment, the medical information on the preparation of this study is expected to be utilized for security.

• Convergence Security Journal
• /
• v.3 no.2
• /
• pp.85-97
• /
• 2003

At the end of last January, 2003, a domestic top-level domain name server (DNS) shut down the server and it caused the wired and wireless internet services to be completely paralyzed in the aftermath of a virus attack incurring a various range of losses nationwide. The main reason of this event is the lack of our awareness of cyber security. In particular, in the small-scale network, there are few security administrators and no operating devices to protect information as well. Under this circumstance, using ESM center to service real-time security supervision and correspondence for network, it can be one option. However, due to the economic efficiency, most of security systems have been being developed focusing on the large-scale network first. Therefore, ESM centers which inspect security state of network concentrate on IDC or large-scale network services. This dissertation studies economical ESM service by designing exclusive SnSA for small-scale network for widespread use. Firstly, network invasion feeler function N_SnSA and host invasion feeler function H_SnSA are embodied to collect more informations in the small-scale network. Secondarily, the existing vulnerability is studied to find the solutions linked with a low cost to a Public center such as Kyonggi Univ ESM center.