• Proceedings of the Korean Information Science Society Conference
• /
• 2007.10b
• /
• pp.393-398
• /
• 2007

데이터의 양이 급격히 커지면서, 그에 따라 요구되는 스토리지의 확장 비용 및 관리의 어려움을 해결하기 위하여 네트워크 스토리지에 대한 관심이 증대되고 있다. 네트워크 스토리지는 다수의 사용자가 접근하여 하기 때문에 보안에 대한 심각한 고려가 필요하다. 보안을 강화하기 위하여 페어 키를 이용한 인증 방식을 사용하고 있는데, 이러한 소프트웨어적인 보안 방식은 시스템 보안의 결함 혹은 취약성에 의하여 키의 외부 유출이 가능하다 [11]. 본 연구에서는 L4 마이크로커널[1]과 하드웨어적 보안 방식인 TPM (Trusted Platform Module)[2]을 사용하여 네트워크 스토리지 보안을 강화 시 방법을 제안하고자 한다. 본 연구를 이용할 경우 authenticated boot 기법[3]을 이용하여 네트워크 스토리지에서 동작할 이미지를 검증하고, 하드웨어적으로 암호화 키 값을 관리함으로써 데이터 패킷의 전송 과정에서 발생할 수 있는 소프트웨어적인 보안 방식의 취약점을 보완할 수 있다.

• Journal of Convergence for Information Technology
• /
• v.9 no.9
• /
• pp.13-19
• /
• 2019

This paper analyzed the SCMS and pilot policy, which is pursued by the U.S. government in connected vehicles. SCMS ensures authentication, integrity, privacy and interoperability. The SCMS Support Committee of U.S. government has established the National Unit SCMS and is responsible for system-wide control. Of course, it introduces security policy, procedures and training programs making. In this paper, the need for SCMS to be applied to C-ITS was discussed. The structure of the SCMS was analyzed and the U.S. government's filot policy for connected vehicles was discussed. The discussion of the need for SCMS highlighted the importance of the role and responsibilities of SCMS between vehicles and vehicles. The security certificate management system looked at the structure and analyzed the type of certificate used in the vehicle or road side unit (RSU). The functions and characteristics of the certificates were reviewed. In addition, the functions of basic safety messages were analyzed with consideration of the detection and warning functions of abnormal behavior in SCMS. Finally, the status of the pilot project for connected vehicles currently being pursued by the U.S. government was analyzed. In addition to the environment used for the test, the relevant messages were also discussed. We also looked at some of the issues that arise in the course of the pilot project.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2004.05b
• /
• pp.739-743
• /
• 2004

The Grid VO(Virtual Organization) is temporary VO where gather indivisual, authority, or system resource, differ from previous VO concept that controled by internal principal and policy set. It have many problems in case of indivisuals, authorities, or system resources that became member of some Grid VO at same time and combination followed changing condition of system resource for building Grid VO. This paper propose lightweighted Grid VO authentication system based on XML security to solve the authentication of the problems occuring in building Grid VO. In this paper, Grid VO authentication system is including Grid VO authentication module that is intermediate management system in PKI to previous authentication service structure and provide effective authentication service to Grid VO.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.05a
• /
• pp.1229-1232
• /
• 2005

국내 공공기관에서는 사이버 행정환경의 기밀성, 무결성, 신원확인, 부인방지등을 보장하기 위하여 행정전자서명인증체계(GPKI:Government Public Key Infrastructure)의 구축과 함께 모든 문서를 XML형태로 표준화하여 공공기관간의 문서를 통합하기 위한 시도를 하고 있다. 하지만 행정전자서명인증체계에서 사용하는 공개키기반(PKI)을 연동한 인증체계는 단순한 사용자 인증만을 제공하여, 공공기관의 응용업무 환경에서 요구되는 다양한 사용자의 직위, 직무, 역할정보 등의 관리가 어려우며 XML형태의 공공문서에 대한 상세한 접근제어를 지원하지 못하는 한계점이 있다. 이러한 한계점을 해결하기 위하여 본 논문에서는 공공기관에서 사용하는 인증 및 접근제어 시스템의 가상시나리오를 통하여 보안문제점을 도출하고 분석한 후에 이를 근거로 공공기관의 보안 문제점을 해결할 수 있는 보안기술인 PMI(Privilege Management Infrastructure)와 XACML(eXtensible Access Control Markup Language)을 연동한 접근제어모델을 제안하였다..

• Smart Media Journal
• /
• v.6 no.3
• /
• pp.29-40
• /
• 2017

Lately weight for smartphone mounted to function for NFC is increasing, rapidly. Because of this, NFC related technology is made by many companies. We developed Gallery-Auction for security enhancements and new services of NFC-based 2 factor electronic payment system. Enhanced security features development of user authentication module through fingerprint recognition to apply FIDO authentication technology and developed electronic contract voice service of Gallery-Auction using TTS(Text to Speech). Therefore we enhanced convenient and simple authentication method and security through NFC mobile electronic payment.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.9 no.10
• /
• pp.1145-1152
• /
• 2014

The RFID (Radio-Frequency Identification) system is a technology to discern things by radio and an epoch-making new method to improve product management such as distribution, transport, mobilization, inventory control. However, RFID, which uses radio, is at risk for information leakage and falsification due to the vulnerability of security of the communication section. We designed the new authentication protocol by applying the tent map, which is the representative complex systems, to the RFID communication system. A more solid and simple authentication system was designed by applying the initial value sensitivity and irregularity, which are the representative characteristics of the complex system, to the reader and tag of RFID. The purpose of this paper is to verify the usability of the RFID authentication protocol design that uses the nonlinear system shown in this thesis by the new system differentiated from the authentication system that depends on the existing hash function or random numbers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.225-235
• /
• 2015

Recently, the administration and supervision of Information Security Certification and Security Inspection has been enforced but information leakage and security accidents by insiders are increasing consistently. The security accidents by insiders ran to 21% in 2010, by the 2011 Cyber Security Watch Survey. The problem is that immediate recognition is difficult and stopgap measure is mostly adopted without company's external notice apprehensive for cost increase or credit drop in case of internal security accidents. In the paper, we conducted the regression study on security access management then proposed the standard process available for other systems and businesses sites. It can be very useful for many companies to investigate, analyze and improve the problem of security management conveniently.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05b
• /
• pp.1385-1388
• /
• 2003

망 차원에서의 보안 기능을 지원하기 위한 IPsec을 도입하기 위해서는 통신에 참여하는 각 호스트들의 인증에 필요한 키 관리 시스템 구축이 선행되어야 한다. 본 논문에서는 이러한 IPsec 키 관리 시스템 구축을 위해 현재 인터넷에 공개되어 있는 관련 오픈 소스 프로그램들을 분석하고 이를 통한 구축 방안을 제시한다.

• Convergence Security Journal
• /
• v.12 no.3
• /
• pp.53-58
• /
• 2012

Network Access Control System that is one of the efforts to protect the information of internal applies to effectively control of insider and automatic network management and security. However, it has some problems : spoofing the authorized PC or mobile devices, connect to the internal network using a system that authorized users are away. In addition, information leakage due to malicious code in the same system. So in this paper, Network 2-Factor Access Control System based on RFID security control system is proposed for safety communication environment that performing a two-factor authentication using authorized user and devices to connect to the internal network.

• Convergence Security Journal
• /
• v.15 no.3_1
• /
• pp.107-114
• /
• 2015

Since 2002, information security management system has been implemented (ISMS) certification scheme whilst providing telecommunications services to enhance the level of enterprise information security was ongoing and Prevent accidents and avoid spread of infringement, such as rapid response and there is a lot of it came true. However, this system is the protection of the country or the investment company, as part of the actual information on how management affects the performance came from or how measures are still lacking for. In this study, the companies have their own privacy ISMS certification measures the level of activity continued to improve information security performance measures and methodology are presented. The government is also based on the validity of the certification system to ensure the overall implementation of the ISMS itself is this a step increase effective information security system is to be certified in advance to prevent security incidents and to improve business performance to help.