• The KIPS Transactions:PartC
• /
• v.8C no.3
• /
• pp.245-252
• /
• 2001

인터넷의 이용증가와 전자상거래의 활성화 등으로 인해 급속도로 발전하는 공개키 기반구조에 능동적으로 대처하기 위해서는 확정성과 상호 운용성, 관리용이성, 나 공개키 기반구조 기관의 수용 등 여러 가지 문제를 고려한 인증 모델이 제시되어야 한다. 이 논문에서는 인터넷에서 이기종의 컴퓨터들이 서로 연결되어 자료를 공유하고 분산되어 실행할 수 있는 개방 분산 시스템인 CORBA 기반의 상호인증 모델을 설계한다. 공개케 기반 시스템(PKI)을 도입하되 CCCA(Cross Certification CA)를 이용하여 효율적으로 상호인증 할 수 있는 모듈과 인터페이스를 설계하고 기존 모델과 비교 분석하여 우수성을 증명한다.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.111-117
• /
• 2004

In distributed-computing environments, there is a strong demand for the authentication and the access control of distributed-shared resources. I have presented role-based access control (RBAC) concept that is in the spotlight recently. RBAC model shows the standardized access control of complicated organization's resources. In RBAC, senior role has junior role's permission by virtue of role hierarchy. But, junior role cannot perform the permission, which is granted to the senior or other role groups. Inheritances of permissions in role hierarchies are static. In order to tackle this problem, I propose a dynamic role assignment, which classified into passive role assignment and active role assignment, and design dynamic role assignment protocol and implement role assignment server.

• Convergence Security Journal
• /
• v.22 no.5
• /
• pp.135-143
• /
• 2022

The defense environment is rapidly changing, such as nuclear and missile threats of North Korea, changes in war patterns, and a decrease in military service resources due to low birth rate. In order to actively respond to these changes, the Korean military is promoting Defense Innovation 4.0 and is trying to foster an army armed with high technology such as artificial intelligence (AI), big data analysis, etc. In this regard, we analyze the effectiveness of the radar-based AI scientific guard system applied by high technology for guard operations using Analytic Hierarchy Process (AHP). We first select evaluation factors that can assess the effectiveness of the scientific guard system, and analyze its relative importance. Each evaluation factor was selected by deriving a significant concept from operating principle and how they work, and by consulting experts on the correlation between each factor and effectiveness of the scientific guard system. We examine the relative effects of the radar-based AI scientific guard system and existing scientific guard system based on the importance of the evaluation factors.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.53 no.4
• /
• pp.159-166
• /
• 2016

In this paper, an active object tracking system basing on the pan/tilt-embedded stereo camera system is suggested and implemented. In the proposed system, once the face area of a target is detected from the input stereo image by using a YCbCr color model and phase-type correlation scheme and then, using this data as well as the geometric information of the tracking system, the distance and 3D information of the target are effectively extracted in real-time. Basing on these extracted data the pan/tilted-embedded stereo camera system is adaptively controlled and as a result, the proposed system can track the target adaptively under the various circumstance of the target. From some experiments using 480 frames of the test input stereo image, it is analyzed that a standard variation between the measured and computed the estimated target's height and an error ratio between the measured and computed 3D coordinate values of the target is also kept to be very low value of 1.03 and 1.18% on average, respectively. From these good experimental results a possibility of implementing a new real-time intelligent stereo target tracking and surveillance system using the proposed scheme is finally suggested.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.4
• /
• pp.149-157
• /
• 2011

Passive tags are inferior to active tags in processing efficiency, so they have difficulty in largevolume processing. The proposed protocol reduces the volume of computation in passive tags and, at the same time, improves authentication for enhanced safety and security. That is, different from existing RFID protocols that return the same value even if an error happens when the reader reads a tag, the improved RFID security protocol returns a new value using a re-counter and processes the computation part of a tag in the reader or in a back.end system. Even if the information of a tag is acquired by an malicious way, it is not actual information but encrypted information that is not usable. In addition, even if tag information is read in sequence, it is changed in each read, so the protocol is safe from Location Tracking.

• The KIPS Transactions:PartC
• /
• v.15C no.5
• /
• pp.359-366
• /
• 2008

As the use of Internet and information communication technology is being generalized, the SSL protocol is essential in Internet because the important data should be transferred securely. While the SSL protocol is designed to defend from active attack such as message forgery and message alteration, the cipher suite setting can be easily modified. If the attacker draw on a malfunction of the client system and modify the cipher suite setting to the symmetric key algorithm which has short key length, he should eavesdrop and cryptanalysis the encrypt data. In this paper, we examine the domestic web site whether they generate the security session through the symmetric key algorithm which has short key length and propose the solution of the cipher suite setting problem.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.11b
• /
• pp.1123-1126
• /
• 2002

연구와 군사 목적으로 발전한 인터넷은 현재 많은 기업들과 일반인들이 사용하는 현대 사회의 중요한 기반 시설로 자리잡게 되었으며, 아울러 인터넷이 사회에 끼치는 영향이 커짐에 따라 여러 가지 목적으로 자신의 접속 위치를 우회하여 숨기고 인터넷 보안 모델의 취약점을 공격하는 침입자가 증가하고 있다. 따라서, 침입에 사용되는 기술과 그에 대한 대응 기법 또한 보다 복잡하고 정교해 지고 있으나 근본적으로 악의적 침입을 근절하는 능동적인 대응은 미약한 현실이다. 본 논문에서는 인터넷 환경에서 여러 가지 우회 경로를 통해 접근한 침입자의 실제 접속 위치를 효율적으로 추적하기 위해 기존 역추적 연구의 유형과 문제점을 살펴보고 차세대 인터넷 환경에서 활용 가능한 역추적 기법의 모델을 제시한다. 따라서, 기존 역추적 기법의 현실적으로 적용이 어려운 구성과 침입자의 보안 설정에 따른 추적 제한 등의 문제점을 살펴보고 그 해결 방안이 되는 새로운 역추적 시스템의 모델을 제시한다. 그리고, 본 연구에서 제시하는 모델은 기존의 연결 경로를 거슬러 추적하는 기법과 달리 프록시 등 우회 경로를 통해 접근한 침입자에 대해 직접 연결되는 프로토콜을 자동 실행 되도록 구성하여 접근한 침입자의 위치를 파악하는 모델이나. 이 모델을 적용할 경우 실제 적용 가능한 구성과 효율적인 추적 특성을 가지게 되며 구성 비용의 손실 또한 줄일 수 있게 되는 장점을 가지게 된다.

• Convergence Security Journal
• /
• v.8 no.4
• /
• pp.167-179
• /
• 2008

As ubiquitous technology develops, there are many studies to provide various contents proper to users through a mobile device. However, there is a limit of information provision due to a small user interface of a mobile device. This study proposes a system that can solve a problem and provide an intelligent agent model appropriate to a mobile environment and job information positively that an individual user is interested. It is composed of a personalization engine to monitor users' behavior patterns and a learning algorithm to provide information to a mobile device. Analysis shows that preferred job items are different by sex, age and education, while a region affects job searching significantly.

• Convergence Security Journal
• /
• v.13 no.6
• /
• pp.3-9
• /
• 2013

With the rapidly changing information communication environment and development of technologies, the informati on networks are evolved from traditional fixed form to an active variable network that flexible large variety of data can be transferred. To reflect the needs of users, the next generation using DWDM (Dense Wavelength Division M ultiplexing) transmission system and OXC (Optical Cross Connect) form a dynamic network. After that GMPLS (Ge neralized Multi-Protocol Label Switching) can be introduced to dynamically manage and control the Reconfigurable Optical Add-drop Multiplexer (ROADM)/Photonic Cross Connect (PXC) based network. This paper propose a softw are architecture of Path Computation Element (PCE) protocol that has proposed by Internet Engineering Task Force (IETF) to path computation. The functional blocks and Application Programming Interface (API) of the PCE protoco l implementation are also presented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.6
• /
• pp.67-81
• /
• 2011

In recently years, there are cyber-weapon aim to national infrastructure such as 'stuxnet'. Security experts of the world are paying attention to this phenomenon. The networks which controls traffic, subway, waterworks of the city are safe from threats such as computer virus, malware, because the networks were built on closed-networks. However, it's about time to develop countermeasure for the cyber-weapon. In this paper, we review status-quo of the control systems for metropolitan infrastructure and analyze the risk of industrial control system in SCADA(Supervisory Control And Data Acquisition) network. Finally, we propose a security model for control systems of metropolitan infrastructure.