• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.1001-1020
• /
• 2023

As massive increase in remote work since COVID-19, the boundaries between the inside and outside of corporate networks have become blurred. As a result, traditional perimeter security has stagnated business productivity and made it difficult to manage risks such as information leakage. The zero trust architecture model has emerged, but it is difficult to apply to IT environments composed of various companies. Therefore, using the remote work system configuration as an example, we presented a configuration and methodology that can apply zero trust models even in various network environments such as on-premise, cloud, and network separation. Through this, we aim to contribute to the creation of a safe and convenient cyber environment by providing guidance to companies that want to apply zero trust architecture, an intelligent system that actively responds to cyber threats.

• Convergence Security Journal
• /
• v.22 no.2
• /
• pp.131-141
• /
• 2022

Future battlefield domains are expanding to ground, sea, air, space, and cyber, so future military operations are expected to be carried out simultaneously and complexly in various battlefield domains. In addition, the application of convergence technologies that create innovations in all fields of economy, society, and defense, such as artificial intelligence, IoT, and big data, is being promoted. However, since the current Korean military C4I system manages warfighting function DBs in one DB server, the efficiency of combat performance is reduced utilization and distribution speed of data and operation response time. To solve this problem, research is needed on how to apply the 4th industrial revolution technologies such as AI, IoT, 5G, big data, and cloud to the Korean military C4I system, but research on this is insufficient. Therefore, this paper analyzes the problems of the current Korean military C4I system and proposes to apply the 4th industrial revolution technology in terms of operational mission, network and data link, computing environment, cyber operation, interoperability and interlocking capabilities.

• The Journal of the Korea Contents Association
• /
• v.21 no.11
• /
• pp.333-349
• /
• 2021

As information is recognized as an important asset of an organization, organizations are increasing their resource input for knowledge management. In particular, the enterprise content management system(ECMS) is a solution for organization-oriented content management, and it has high utility by helping to achieve business performance through systematic utilization of content and improve the level of internal information security. The purpose of this study is to suggest a plan to improve the intention to use organizational employee's ECMS and to suggest the effect of the relationships between information system quality characteristics and work environment characteristics on intention to use. In this study, a research hypothesis was presented based on previous studies, a questionnaire was conducted on workers of organizations that adopted an ECMS, and the hypothesis was verified by applying structural equation modeling. As a result of the analysis, information and service quality of the ECMS and task interdependence increased the intention to use, but task conflict decreased the intention to use. In addition, task interdependence and task conflict moderated the positive relationship between the quality factors of the ECMS and the intention to use it. This study has implications in terms of suggesting the direction of the organization's behavior through factors that increase the use of ECMS.

• Journal of Internet of Things and Convergence
• /
• v.8 no.5
• /
• pp.1-9
• /
• 2022

As various services are linked to IoT(Internet of Things) and portable communication terminals, cyber attacks that exploit security vulnerabilities of the devices are rapidly increasing. In particular, cyber attacks targeting heterogeneous devices in large-scale network environments through advanced persistent threat (APT) attacks are on the rise. Therefore, in order to improve the effectiveness of the response system in the event of a breach, it is necessary to apply a data enrichment mechanism for the collected artifact data to improve threat analysis and detection performance. Therefore, in this study, by analyzing the data supplementation common elements performed in the existing incident management framework for the artifacts collected for the analysis of intrusion accidents, characteristic elements applicable to the actual system were derived, and based on this, an improved accident analysis framework The prototype structure was presented and the suitability of the derived data supplementary extension elements was verified. Through this, it is expected to improve the detection performance when analyzing cyber incidents targeting artifacts collected from heterogeneous devices.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.28 no.4
• /
• pp.515-524
• /
• 2022

To effectively collect, manage, and share the maritime traffic information, it is necessary to identify the technology trends concerning this particular information and analyze its current status and problems. Therefore, this study observes the domestic and foreign technology trends involving maritime traffic information while analyzing and summarizing the current status and problems in collecting, managing, and sharing it. According to the data analysis, the problems in the collecting stage are difficulties in collecting visual information from long-distance radars, CCTVs, and cameras in areas outside the LTE network coverage. Notably, this explains the challenges in detecting smuggling ships entering the territorial waters through the exclusive economic zone (EEZ) in the early stage. The problems in the management stage include difficult reductions and expansions of maritime traffic information caused by the lack of flexibility in storage spaces mostly constructed by the maritime transportation system. Additionally, it is challenging to deal with system failure with system redundancy and backup as a countermeasure. Furthermore, the problems in the sharing stage show that it is difficult to share information with external operating organizations since the internal network is mainly used to share maritime transportation information. If at all through the government cloud via platforms such as LRIT and SASS, it often fails to effectively provide various S/W applications that help use maritime big data. Therefore, it is suggested that collecting equipment such as unmanned aerial vehicles and satellites should be constructed to expand collecting areas in the collecting stage. In the management and sharing stages, the introduction and construction of private clouds are suggested, considering the operational administration and information disclosure of each maritime transportation system. Through these efforts, an enhancement of the expertise and security of clouds is expected.

• Convergence Security Journal
• /
• v.6 no.1
• /
• pp.1-11
• /
• 2006

The exponential increase of malicious and criminal activities in cyber space is posing serious threat which could destabilize the foundation of modem information society. In particular, unexpected network paralysis or break-down created by the spread of malicious traffic could cause confusion and disorder in a nationwide scale, and unless effective countermeasures against such unexpected attacks are formulated in time, this could develop into a catastrophic condition. As a result, there has been vigorous effort and search to develop a functional state-level cyber-threat early-warning system however, the efforts have not yielded satisfying results or created plausible alternatives to date, due to the insufficiency of the existing system and technical difficulties. The existing cyber-threat forecasting and early-warning depend on the individual experience and ability of security manager whose decision is based on the limited security data collected from ESM (Enterprise Security Management) and TMS (Threat Management System). Consequently, this could result in a disastrous warning failure against a variety of unknown and unpredictable attacks. It is, therefore, the aim of this research to offer a conceptual design for "Knowledge-based Real-Time Cyber-Threat Early-Warning System" in order to counter increasinf threat of malicious and criminal activities in cyber suace, and promote further academic researches into developing a comprehensive real-time cyber-threat early-warning system to counter a variety of potential present and future cyber-attacks.

• KIPS Transactions on Computer and Communication Systems
• /
• v.3 no.10
• /
• pp.323-328
• /
• 2014

ZigBee based on the most vulnerable part of u-Healthcare system that uses the ZigBee communication is the wireless section. ZigBee communication sectors to identify vulnerabilities in this paper, we propose to compensate. ZigBee has been raised from the existing vulnerabilities organize and ZigBee also uses the 64bit address that uniquely identifies a vulnerability that was defined as exposure. And to prevent the exposure of a unique identifying address was used to address a temporary identification. ZigBee security services, the proposed system during the Network Key for encryption only use one mechanism of Residential Mode is used. Residential Mode on all nodes of the entire network because they use a common key, the key is stolen, your network's security system at a time are at risk of collapse. Therefore, in order to guard against these risks to the security policy Network Key updated periodically depending on the method used to. The proposed evaluation and comparative analysis of the system were exposed in the existing system can hide the address that uniquely identifies a public key Network Key also updated periodically, so that leaks can occur due to reduced risk.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.7
• /
• pp.303-310
• /
• 2013

As the role of software increases in computing environments, issues in software security become more important problems. Dynamic taint analysis is a technique to trace and manage tainted data originated from unreliable sources during the execution of a program. This analysis can be applied to software security verification as well as software behavior understanding, testing unexpected errors, or debugging. In the previous researches, they focussed only to show the analysis results of dynamic taint analysis, and they did not logically describe propagation process of tainted data and analysis procedures. So, there were difficulties in understanding the analysis procedures or applying to other analysis. In this paper, by theoretically describing the analysis procedure, we logically show how the propagation process of tainted data can be traced, and present a theoretical model for dynamic taint analysis. In addition, we verify the correctness of the proposed model by implementing an analyser, and show that propagation of tainted data can be traced by the model. The proposed model can be applied to understand the analysis procedures of data flows in dynamic taint analysis, and can be used as an base knowledge for designing and implementing analysis method, which applies such analysis method.

• Journal of the Korean Society for information Management
• /
• v.41 no.1
• /
• pp.465-486
• /
• 2024

The purpose of this study is to identify the current status of infrastructure and services for analyzing research data for research data managers at government-funded research institutions under the National Research Council for Science and Technology (NST) who will actually use the Korea Research Data Commons (KRDC), which is being developed by the Korea Institute of Science and Technology Information (KISTI) and to investigate the perceptions of research data managers related to the establishment of KRDC system. For the study, we conducted a survey targeting 24 government-funded research institutes, excluding KISTI, and interviewed research data managers from 9 of the 15 institutions surveyed who agreed to follow-up interviews. As a result of the survey, most institutions were providing related services, and their willingness to introduce an integrated analysis framework for the use of research data and provide a system for using externally released analysis software was also high. Meanwhile, when we investigated the external disclosure status of each institution's analysis services through follow-up interviews, only a minimal number of institutions were disclosing them to the outside world. The findings reveal that there is a demand to utilize analysis infrastructure and services when provided through the framework. However, it is difficult to disclose and share the analysis resources held by each organization. In order to establish the KRDC system, it is essential to share research sites' analysis infrastructure and services, and in addition, changes in the perception of research sites and institutional changes are necessary. Furthermore, there is a need to establish policies that consider the system's convenience, security, and compensation system raised in the follow-up interviews.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.8
• /
• pp.357-368
• /
• 2013

Our society has evolved into a fully connected society in a mixed reality environment enabling various knowledge sharing / management / control / creation due to the expansion of broadband ICT infrastructure, smart devices, cloud services and social media services. Therefore cyber threats have increased with the convenience. The society of the future can cause more complex and subtle problems, if you do not have an effective response to cyber threats, due to fusion of logical space and physical space, organic connection of the smart object and the universalization of fully connected society. In this paper, we propose the strategy to build knowledge-base as the basis to actively respond to new cyber threats caused by future various environmental changes and the universalization of fully connected society.