• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.17 no.4
• /
• pp.27-34
• /
• 2017

In recent years, major security data such as research data and confidential documents have been leaked to the outside due to the carelessness of the companies and research institutes performing IT related services such as information technology projects and research and development of financial institutions, companies and public institutions is. Leakage cases are caused by leakage of personal information due to lack of security management of information system maintenance companies, such as unauthorized leakage or storage of related materials in outsourcing service process. In this paper, we analyzed the types and management status of service business through the environmental survey of corporate informatization business and analyzed the problems in development and maintenance using external service companies. Furthermore, in this paper, we provide an information system service that focuses on the business activities based on the items considered, and at the same time, it provides the informatization service for companies that can prevent infiltration of viruses and hacking from the outside. This paper presents a methodology for enhancing security for the system construction.

• Journal of Digital Convergence
• /
• v.16 no.10
• /
• pp.235-241
• /
• 2018

The printout management system should analyze the pattern of existence of personal information (resident number, card number) in the output log and users should be provided with functions such as warning message pop-up, forced printing termination, mailing to administrator, independently logs management. Authentication management can also be performed only by registered users by installing an agent on a user PC, and it should have a restriction function to permit or deny work according to user information. In addition, when printing/copying/scanning using this equipment, it is possible to use document printing and multifunction copier after ID card authentication and ID/PW should be input to device when ID card is not used. In this study, we developed these interfaces with WOWSOFT co., Ltd, a security company that has better technology than the existing printout security methods, to construct the printout management system. Also we designed the interface of basic functions necessary for printout management and contributed to the establishment of printout management system.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.05a
• /
• pp.1165-1168
• /
• 2005

기업에서 적용하고 있는 문서보안 DRM 시스템에서 상이한 라이센스 정책을 사용하는, 다양한 기술기반의 DRM Client 간에 컨텐츠를 공유하기 위해서는 DRM 기술에 대한 호환성이 보장되어야 한다. 여러 DRM 기술들이 시장에 공존하는 현재와 같은 상황에서는 DRM Client 간의 호환이 어려워 다양한 기술이 적용된 DRM Client가 사용자 라이센스 정보를 교환하여 컨텐츠를 공유하기란 어려운 일이다. 본 논문에서는 사용자 공인 인증 방식과 라이센스 공유 방식을 통해 DRM Client간 컨텐츠를 호환하는 모델을 제안한다.

• The Optical Journal
• /
• s.116
• /
• pp.30-33
• /
• 2008

기술의 발전은 새로운 변화를 주도하는 가운데, 단순한 종이 문서를 복사 또는 출력하는 디지털 복합기도 많은 기술의 진보를 통해 획기적인 변화를 거치고 있다. '주변기기'라는 명칭에서 보듯이 단순히 종이에 인쇄만 하는 수동적인 기기에서 네트웍을 통해 통제되거나 입출력 데이타를 생성, 전송, 보관, 폐기할 수 있는 능동적인 지능형 복합기로 진보하게 되었다. 이러한 지능형 복합기는 네트웍을 통해 실기간으로 모든 상황을 바로 확인할 수 있으며 고장이나 소모품 부족 발생이 일어나기도 전에 먼저 감지하여 대응할 수 있는 기회를 제공한다. 또한 기존 사용중인 기간계 시스템과 능동적으로 연동하여 업무 프로세스의 혁신 등 상상할 수 없는 업무의 변화를 주도한다. 이런 지능형 복합기가 제공하는 "SDK J"는 JAVA 기반의 개발 플랫폼을 제공하여 고객 맞춤형 솔루션을 개발, 적용할 수 있게 되었다. 현재 각 복합기 제조사에서는 다양한 고객 환경에 맞는 솔루션 제공을 위해 솔루션 개발 지원에 주력하고 있다.

• KSCI Review
• /
• v.15 no.1
• /
• pp.131-139
• /
• 2007

다양한 사용자 및 응용 프로그램들이 XML을 기반으로 정보의 분산과 공유를 요구함에 따라 안전하고 효율적으로 XML 데이터를 접근하려는 요구가 중요한 이슈로 관심을 모으고 있다. 특히, 접근제어 규칙을 XPath로 표현함으로써 문서 단위 접근 범위의 한계를 극복하고 문서의 일부분 단위의 접근을 해결하면서 접근제어를 수행할 때 발생될 수 있는 충돌에 대한 해결책을 마련하는 안전성에 초점을 둔 연구들은 많았으나 접근제어를 수행할 때의 효율성에 초점을 둔 연구는 미비하다. 본 논문은 XML 데이터 스트림의 특성을 고려하여 롤 프라임넘버 레이블링 기법을 이용한 세분화된 접근제어 방법을 제안한다. 본 논문에서 제안한 방법은 기존 시스템과 비교하여 구현의 용이성, 낮은 실행시간, 그리고 안전하고 정확한 질의응답을 보장한다. 또한, 이와 같은 장점들을 실험을 통해 분석한다.

• Convergence Security Journal
• /
• v.2 no.1
• /
• pp.87-97
• /
• 2002

Many firms are utilizing the Internet and various information technologies to effectively manage their business operations with a goal of gaining a competitive advantage in the rapidly changing business environments. Today, the business is characterized as digital economy where information freely flows and business processes are improved with the use of information technologies. Internet technology is playing a key role in transforming the organization and creating new business models. It has become the infrastructure of choice for electronic commerce because it provides process efficiency, cost reduction, and open standards that can easily be adopted by different organizations. Here, the vast amount of data and information slow among the related parties and security issues are very critical matter of research interests by academicians and practitioners. In this research, we address the importance of security framework in managing the data shared among the related parties in the e-business and suggest the security architecture for effectively supporting the needs of e-business in an organization. This research provides valuable contributions both in academics and industry in terms of how security framework and architecture should be set in order to provide the necessary e-business.

• Convergence Security Journal
• /
• v.7 no.3
• /
• pp.79-86
• /
• 2007

B2B e-business is an economic transaction formed between companies through various networks including internet. At present, e-business between companies partly applies information distribution between companies, but many enterprises expect that a corporate basic system will be gradually changed into XML basis if web service is earnestly materialized, so they are competing with each other in developing XML DBMS. Existing XML DBMS studies used XML DTD in order to represent the structure of XML document. Such XML DTD defines the expression of a simple type, so there are many difficulties in defining the structure of XML document. To cope with this, in this paper, the author will develop database schema generator utilizing relational database generally used in storing contents of data, on the basis of XML schema selected as a standard of W3C. Also, to store XML data, the author proposed the automatic conversion method of relational database schema that used XML schema.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.6
• /
• pp.115-125
• /
• 2001

Authentication and access control are essential requirements for the information security of distributed environment. Delegation is process whereby an initiator principal in a distributed environment authorizes another principal to carry out some functions on behalf of the former. Delegation of access rights also increases the availability of services offer safety in distributed environments. A delegation easily provides principal to grant privileges in the single domain with Role-Based Access Control(RBAC). But in the multi-domain, initiators who request delegation may require to limit the access right of their delegates with restrictions that are called delegate restriction to protect the abuse of privilege. In this paper, we propose the delegation view as function of delegation restrictions. Proposed delegation view model not only prevent over-exposure of documents from granting multiple step delegation to document sharing in multi-domain with RBAC infrastructure but also reduce overload of security administrator and communication.

• The Transactions of the Korea Information Processing Society
• /
• v.4 no.3
• /
• pp.754-766
• /
• 1997

In this paper,we implement the Audit Trail Service Sydtem for the EDI Security.It has solved a law dispute between enterprises by informations that have generated by the EDI serice systrm.The audit trail service sys-tem implemented for EDI security satisfied the requirements of audit and the protocol of the security serive of X.435 and X.400.The EDI Security Audit System consists of the event discrimiator,the audit recirder,the audit archiver,and the provider of audit services .The event discriminator classified the reansmitted data from the EDI network ot audit sercices.The audit recorder constructs an index that has combined time information wiht audit unformations which are classified by the event discriminator.ZThe audit archiver performas the vacumming of added audit imformations by passing time by passing time.The audit provider is a module that carries out the audit trail servies by using stored audit informations. The audit provider suports audit servies,which are non-requdiation,proof and probe,controller of security,and accesing infrimation.The audit trail service system for EDI security constructs audit information by using index that is combining time imfromation,so it supports especially fast accesing audit information.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.6
• /
• pp.1-9
• /
• 2015

Recently, with smart device proliferation and providing the various services using this, they have interested in mobile and Smart TV security. Smartphone users are enjoying various service, such as cloud, game, banking. But today's mobile security solutions and Study of Smart TV Security simply stays at the level of malicious code detection, mobile device management, security system itself. Accordingly, there is a need for technology for preventing hacking and leakage of sensitive information, such as certificates, legal documents, individual credit card number. To solve this problem, a variety of security technologies(mobile virtualization, ARM TrustZone, GlobalPlatform, MDM) in mobile devices have been studied. In this paper, we propose an efficient method to implement security technology based on TYPE-I virtualization using ARM TrustZone technology.