• The Journal of the Korea institute of electronic communication sciences
• /
• v.15 no.1
• /
• pp.45-52
• /
• 2020

This paper proposes a solution for storage and retrieval problems for Resource Description Framework (RDF) data utilizing a key-value Solid State Device (SSD), considering storage, retrieval performance, and security. We propose a two-step compression algorithm to separate logical relationship and true values from RDF data-sets using the key-value SSD. This improves not only compression and storage efficiency but also storage security. We also propose a hybrid retrieval structure based on R∗-tree to enhance retrieval efficiency and implement a sort-merge join algorithm, and discuss factors affecting R∗-tree retrieval efficiency. Finally, we show the proposed approach is superior to current compression, storage, and retrieval approaches, obtaining target results faster while requiring less space, and competitive in terms of versatility, flexibility and security.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.2
• /
• pp.382-389
• /
• 2018

Recently cyber attacks can cause serious damage on various information systems. Log data analysis would be able to resolve this problem. Security log analysis system allows to cope with security risk properly by collecting, storing, and analyzing log data information. In this paper, a security log analysis system is designed and implemented in order to analyze security log data using the Logstash in the Elasticsearch, a distributed search engine which enables to collect and process various types of log data. The Kibana, an open source data visualization plugin for Elasticsearch, is used to generate log statistics and search report, and visualize the results. The performance of Elasticsearch-based security log analysis system is compared to the existing log analysis system which uses the Flume log collector, Flume HDFS sink and HBase. The experimental results show that the proposed system tremendously reduces both database query processing time and log data analysis time compared to the existing Hadoop-based log analysis system.

• Proceedings of the Korean Information Science Society Conference
• /
• 2000.04b
• /
• pp.63-65
• /
• 2000

최근 컴퓨터 기술 발달과 데이터 통신의 발전으로 여러 사용자가 데이터와 정보를 공유하게 되고 데이터의 전송, 수집, 검색, 수정 등의 업무가 많아짐에 따라 데이터베이스에 대한 보안의 중요성이 더욱 증대되고 있다. 따라서, 본 논문에서는 패스워드를 이용한 인터페이스 보안과 보안 요소들을 계층별로 나누고 사용자 등급을 이용한 내적 보안을 혼용하여 기존의 패스워드 데이터베이스 보안 시스템의 문제점을 보안하는 난수를 이용한 데이터베이스 보안 시스템을 설계하고 구현하였다.

• Korean Security Journal
• /
• no.32
• /
• pp.205-225
• /
• 2012

This study is to present an improvement of facility security through the evaluation of facility security operation level. To fulfill the purpose of the study, a survey of some facilities was conducted and the result was analyzed as follows; First, although security personnels were deployed in the facilities, the level of security personnel operation was relatively low. Second, job education training level was relatively proper, that is relevant to the result that show the level of service mind and the working mind of security personnel were proper, also relevant to the relatively good work shift system. Third, although situation room was operated well, the level of restricted area set-up and access control of visitor were low, and the level of article inspection and vehicle access control were very low. Forth, the level of security manual application that include detailed security method and procedure was proper. But accident prevention and response manual application was lower than security manual application, that show preparation for fire and negligent-accident is passive. For the improvement of facility security, the high level part and low level part in the survey result could be merged. For example, we could specify factors that show low level in the survey such as security personnel operation, access control of visitor and vehicle, article inspection, accident prevention and response in the security manual and promote education circumstance that show high level.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.9 no.1
• /
• pp.19-24
• /
• 2009

In these days, security threat is ever increasing as computer systems and networking is everywhere. This paper is on the development of security scanner using search engine, with which site managers can easily check security vulnerability on their systems. Our security server automatically collects security-related information on the Internet, and indexes them in the database. To check the vulnerability of a customer server, the client system collects various system-specific information, and sends necessary queries to our security server for vulnerability checking. Up-to-date and site-specific vulnerability information is retrieved through the viewer, which allows the customer effectively to check and respond to security threat on client systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.973-983
• /
• 2019

The importance of information security has been increasingly emphasized at the national, organizational, and individual levels due to the widespread adoption of software applications. High-safety software, which includes embedded software, should run without errors, similar to software used in the airline and nuclear energy sectors. Software development techniques in the above sectors are now being used to improve software security in other fields. Secure coding, in particular, is a concept encompassing defensive programming and is capable of improving software security. In this paper, we propose a software security vulnerability detection method using an improved coding standard searching technique. Public static analysis tools were used to assess software security and to classify the commands that induce vulnerability. Software security can be enhanced by detecting Application Programming Interfaces (APIs) and patterns that can induce vulnerability.

• Electronics and Telecommunications Trends
• /
• v.11 no.4 s.42
• /
• pp.37-48
• /
• 1996

정보 검색에 주로 이용되던 웹이 편리함과 효용성이 알려지면서 전자메일, BBS, 전자상거래 등 광범위한 분야로 이용이 확대됨에 따라 보안성 문제가 제기되기 시작하였다. 본 고에서는 먼저 기존의 웹 보안 기법을 살펴보고 새롭게 요구되는 보안 서비스를 바탕으로 보안 요구사항을 도출한다. 또한 IETF(Internet Engineering Task Force) 보안그룹들, W3C(World Wide Web Consortium), 그리고 각 업체 등에서 연구되고 있는 주요 보안기법과 연구동향에 대해 기술한다.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.7 no.4
• /
• pp.811-819
• /
• 2012

In this paper, we design searchable image encryption system to provide the privacy and authentication on streaming media based on cloud computing. The searchable encryption system is the matrix of searchable image encryption system by extending the streaming search from text search, the search of the streaming service is available, and supports personal privacy and authentication using encryption/decryption and CBIR technique. In simple simulation of post-cut and image keyword creation, we can verify the possibilities of the searchable image encryption system based on streaming service.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.11a
• /
• pp.1031-1034
• /
• 2008

현재 ODS(Object Directory Service) 검색 서비스는 글로벌한 모바일 RFID 환경에 적합하지만, 지역적인 로컬 네트워크 및 정보보안이 필요한 사설 네트워크에서는 불필요한 검색시간이 요구되고 효율성이 떨어지는 서비스 시스템이다. 따라서 본 논문에서는 기존의 ODS 검색 서비스 알고리즘을 개선하여 새롭게 로컬 환경에 적합한 ODS 검색 서비스 알고리즘을 제안하고, 개선된 ODS 검색 서비스 시스템의 성능평가 결과를 제시한다..

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.04a
• /
• pp.787-789
• /
• 2001

인터넷은 전세계를 대상으로 구축된 네트워크로서 개방형 구조의 프로토콜을 사용하므로 대부분의 호스트 컴퓨터 시스템들은 정보보안에 취약한 상태이다. 이와 같은 보안 취약성으로 인해 상용화 서비스에 대한 교환 정보의 수정, 검색, 파괴 등의 역기능이 발생하고 있다. 이 논문에서는 기존의 보안 방식 정책으로는 인터넷 보안의 역기능에 대한 완벽한 대책이 될 수 없으므로 이에 따른 보안정책 크로스 연동 메커니즘을 설계하여, 기존의 방식과 비교 분석해서 앞으로의 차세대 인터넷에 적합한 연동메커니즘을 제안하고자 한다.