• Journal of KIISE:Information Networking
• /
• v.30 no.1
• /
• pp.82-96
• /
• 2003

The Internet has evolved into the global computer network due to the openness of its protocol, but such evolution brings about new risks and threats. To protect computer networks safely, it is the best way that preventing an attacher from intruding beforehand. However, to provision against all attacks causes the degradation of network performance as well as to prevent unknown attacks is very hard. Secure Combination, the framework which establishes a mutual collaboration and cooperation between the trusted zones, could protect systems from the potential attacks. This frameworks can predict attacks by exchanging security information and cooperating with each zone. It is a dynamic and powerful security architecture that rapidly enables updating security policy and deploying response modules.

• Convergence Security Journal
• /
• v.20 no.5
• /
• pp.41-52
• /
• 2020

This paper implements a priority algorithm for active response to security event risk, and implements an event scheduler that performs efficient event processing based on this. According to the standards that have global standards such as CVE and CVSS, standards for scoring when security events are executed are prepared and standardized so that priorities can be more objectively set. So, based on this, we build a security event database and use it to perform scheduling. In addition, by developing and applying the security event scheduling priority algorithm according to the situation of security events in Korea, it will contribute to securing the reliability of information protection and industrial development of domestic or ganizations and companies.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.577-589
• /
• 2023

Ministry of National Defense plans to harness AI as a key technology to bolster overall defense capability for cultivation of an advanced strong military based on science and technology based on Defense Innovation 4.0 Plan. However, security threats due to the characteristics of AI can be a real threat to AI-based defense information system. In order to solve them, systematic security activities must be carried out from the development stage. This paper proposes security activities and considerations that must be carried out at each stage of AI-based defense information system. Through this, It is expected to contribute to preventing security threats caused by the application of AI technology to the defense field and securing the safety and reliability of defense information system.

• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.141-146
• /
• 2022

The iris, a biometric information, is safe, unique, and reliable, such as fingerprints, and is personal information that can significantly lower the misrecognition rate than other biometric authentication. However, due to the nature of biometric authentication, it is impossible to replace it if it is stolen. There is a case in which an actual iris photo is taken and 3d printed so that the eyes work as if they were in front of the camera. As such, there is a possibility of iris leakage through high-definition images and photos. In this paper, we propose to improve iris masking performance by supplementing iris region masking research based on existing blurring techniques. Based on the results derived in this study, it is expected that it can be used for the security of video conference programs and electronic devices.

• Convergence Security Journal
• /
• v.21 no.4
• /
• pp.101-107
• /
• 2021

Recently, only trusted functionality has been emphasized due to the nature of the weapon system, which is a closed network. We are responding to new cyber warfare threats by monitoring cyber warfare threats by establishing a security control system for weapons systems that are closed networks centered on the United States and Israel. Therefore, in this study, the security control monitoring method that minimizes the load through the layered weapon system gateway by analyzing the technology of the domestic and foreign weapon system security control system, the weapon system device forgery, change, update method, and the detection of new cyber warfare threats through the use of artificial intelligence method was proposed.

• Convergence Security Journal
• /
• v.22 no.2
• /
• pp.51-57
• /
• 2022

Recently, the concept of zero trust has been introduced, and it is necessary to strengthen the security elements required for the next-generation security control system. Also, the security paradigm in the era of the 4th industrial revolution is changing. Cloud computing and the cybersecurity problems caused by the dramatic changes in the work environment due to the corona 19 virus continue to occur. And at the same time, new cyber attack techniques are becoming more intelligent and advanced, so a future security control system is needed to strengthen security. Based on the core concept of doubting and trusting everything, Zero Trust Security increases security by monitoring all communications and allowing strict authentication and minimal access rights for access requesters. In this paper, we propose a security enhancement plan in the security control field through a zero trust security model that can understand the problems of the existing security control system and solve them.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.13-25
• /
• 2020

The most important responsibility of a government is to protect citizen lives and its own territory from outside threats. Especially recent political changes surrounding the Korea Peninsula seriously threaten the korean national security. To copy the situation, perception of national security based on citizen's trust in the army is needed. Accordingly survey analysis on effect of trust in the army on perception of national security had been conducted on students of a university located in Ulsan. Result of the statistical analysis as follows. First, while social contribution and military abilities among trust in the army are highly evaluated, integrity and characteristics of organizational culture are low evaluated. Second, all the correlation coefficients among studying variables are significantly positive. But correlation coefficient between social contribution and perception of national security is relatively low. Third, integrity, characteristics, and military abilities has a significant and positive effect on perception of national security, but social contribution has no significant effect.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.10b
• /
• pp.33-37
• /
• 2007

최근 디지털 컴퓨터와 정보처리기술의 발전과 더불어 원자력 발전소의 계측제어시스템과 같은 안전-필수 시스템에서도 디지털 기술을 채택하기 시작했다. 안전-필수 시스템에 사용되는 소프트웨어는 높은 신뢰도(dependability)가 요구된다. 소프트웨어의 신뢰도는 신뢰성(reliability), 안전성, 보안 등 다양한 속성들로 설명될 수 있다. 소프트웨어의 신뢰도 향상을 위한 프로세스는 결함예방프로세스, 결함허용프로세스, 결함제거프로세스 그리고 결함예측프로세스가 있으며 이들 프로세스는 소프트웨어 수명주기 초반부터 수행되어야 한다. 본 논문에서는 소프트웨어 신뢰도향상을 위한 신뢰도 프로세스 모델과 개발 단계별로 수행되어야 할 신뢰도 태스크를 제시한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.214-216
• /
• 2021

It proposes a plan to strengthen the limitations of existing corporate security systems based on Zero-Trust. With the advent of the era of the Fourth Industrial Revolution, the paradigm of security is also changing. As remote work becomes more active due to cloud computing and COVID-19, security issues arising from the changed IT environment are raised. At the same time, in the current situation where attack techniques are becoming intelligent and advanced, companies should further strengthen their current security systems by utilizing zero trust security. Zero-trust security increases security by monitoring all data communications based on the concept of doubting and trusting everything, and allowing strict authentication and minimal access to access requestors. Therefore, this paper introduces a zero trust security solution that strengthens the existing security system and presents the direction and validity that companies should introduce.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.10
• /
• pp.3935-3941
• /
• 2010

With the advent of high-speed communications networks, many authentication and access control systems are being introduced to combat network security issues like system hacking. But the fact is that the security systems for protecting information used in these networks are themselves weak. In response to the mounting demands of existing users, there is a clear need for a new authentication system that provides both safety and reliability. This research presents an authentication method with excellent access authorization (explicit and implicit authentication) and safety performance, demonstrated through its use in online networks.