• Journal of Digital Convergence
• /
• v.12 no.10
• /
• pp.299-308
• /
• 2014

Today, a number of users using smartphone is very rapidly increasing by development of smartphone performance and providing various services. Also, they are using it for enjoying various services(cloud service, game, banking service, mobile office, etc.). today's mobile security solution is simply to detect malicious code or stay on the level of mobile device management. In particular, the services which use sensitive information, such as certificate, corporation document, personal credit card number, need the technology which are prevented from hacking and leaking it. Recently, interest of these mobile security problems are increasing, as the damage cases been occurred. To solve the problem, there is various security research such as mobile virtualization, ARM trustzone, GlobalPlatform for mobile device. Therefore, in this paper, I suggested efficient method that uses the mobile virtualization techniques of certification, security policy and access control, password/key management, safe storage, etc. and Trustzone of ARM for preventing information leakage and hacking.

• The Journal of the Korea Contents Association
• /
• v.19 no.12
• /
• pp.407-415
• /
• 2019

As the IT environment changes with cloud computing and smart work, the existing perimeter security model is showing its limitations and Software Defined Perimeter is being discussed as an alternative. However, SDP Spec 1.0 does not specify the device registration procedure, policy distribution process and authentication key generation and sharing process.In this paper, we propose a method to solve the problem of SDP access control by improving the operation procedure of Single Packet Authentication. This paper suggests that the proposed method can implement a consistent and automated integrated access control policy compared to the existing access control methods.

• Journal of Internet Computing and Services
• /
• v.14 no.3
• /
• pp.23-33
• /
• 2013

Recently in the field of IT, cloud computing technology has been deployed rapidly in the current society because of its flexibility, efficiency and cost savings features. However, cloud computing system has a big problem of vulnerability in security. In order to solve the vulnerability of cloud computing systems security in this study, impact types of virtual machine about the vulnerability were determined and the priorities were determined according to the risk evaluation of virtual machine's vulnerability. For analyzing the vulnerability, risk measurement standards about the vulnerability were defined based on CVSS2.0, which is an open frame work; and the risk measurement was systematized by scoring for relevant vulnerabilities. Vulnerability risk standards are considered to suggest fundamental characteristics of vulnerability and to provide the degree of risks and consequently to be applicable to technical guides to minimize the vulnerability. Additionally, suggested risk standard of vulnerability is meaningful as the study content itself and could be used in technology policy project which is to be conducted in the future.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.27-34
• /
• 2020

Recently, the fourth industrial revolution technology has not only changed everyday life greatly through technological development, but has also become a major keyword in the establishment of defense policy. In particular, Internet of Things, cloud, big data, mobile and cybersecurity technologies, called ICBMS, were selected as core leading technologies in defense information policy along with artificial intelligence. Amid the growing importance of the fourth industrial revolution technology, research is being carried out to develop the C4I system, which is currently operated separately by the Joint Chiefs of Staff and each military, including the KJCCS, ATCIS, KNCCS and AFCCS, into an integrated system in preparation for future warfare. This is to solve the problem of reduced interoperability for joint operations, such as information exchange, by operating the C4I system for each domain. In addition, systems such as the establishment of an integrated C4I system and the U.S. military's Risk Management Framework (RMF) are essential for efficient control and safe operation of weapons systems as they are being developed into super-connected and super-intelligent systems. Therefore, in this paper, the intelligent cyber threat detection, management of users' access to information, and intelligent management and visualization of cyber threat are presented in the future C4I system based on big data/cloud.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.05a
• /
• pp.781-782
• /
• 2015

As growth engines such as cloud, social networks, big data that can affect the security market have been grown, the information security industry has has also rapidly evolved. Reviewing information security policies carried out in USA, UK and Japan, this paper examines trends on the IoT-related information protection law and regulations that are at issue around the major developed countries. Through this research, we can get the implication that measures be taken as soon as possible to apply the existing data protection laws in the Internet of Things.

• Smart Media Journal
• /
• v.12 no.5
• /
• pp.46-57
• /
• 2023

As the COVID-19 pandemic and the development of IT technology have led to the gradual popularization of remote and telecommuting, cloud computing technology is advancing, and cyber attack techniques are becoming more sophisticated and advanced. In response to these trends, companies are increasingly moving away from traditional perimeter-based security and adopting Zero Trust to strengthen their security. Zero Trust, based on the core principle of doubting and not trusting everything, identifies all traffic and grants access permissions through a strict authentication process to enhance security. In this paper, we analyze the background of Zero Trust adoption and the adoption policies and trends of countries that are proactively promoting its implementation. Additionally, we propose necessary efforts from governments and organizations to strengthen corporate security and considerations for companies when applying Zero Trust.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.479-485
• /
• 2013

Virtualization is a promising approach to consolidating multiple online services onto a smaller number of computing resources. A virtualized server environment allows computing resources to be shared among multiple performance isolated platforms called virtual machines. Through server virtualization software, applications servers are encapsulated into VMs, and deployed with APIs on top generalized pools of CPU and memory resources. Networking and security have been moved to a software abstraction layer that transformed computing, network virtualization. And it paves the way for enterprise to rapidly deploy networking and security for any application by creating the virtual network. Stochastic reward net (SRN) is an extension of stochastic Petri nets which provides compact modeling facilities for system analysis. In this paper, we develop SRN model of network virtualization based on virtual switch. Measures of interest such as switching delay and throughput are considered. These measures are expressed in terms of the expected values of reward rate functions for SRNs. Numerical results are obtained according to the virtual switch capacity and number of active VMs.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.7 no.5
• /
• pp.1041-1051
• /
• 2012

Attack on Cloud Computing, an intensive service solution using network infrastructure recently released, generates service breakdown or intrusive incidents incapacitating developmental platforms, web-based software, or resource services. Therefore, it is needed to conduct research on security for the operational information of three kinds of services (3S': laaS, PaaS, SaaS) supported by the Cloud Computing system and also generated data from the illegal attack on service blocking. This paper aims to build a system providing optimal services as a 4-stage defensive method through the test on the attack and defense of Cloud Computing services. It is a defense policy that conducts 4-stage, orderly and phased access control as follows: controlling the initial access to the network, controlling virtualization services, classifying services for support, and selecting multiple routes. By dispersing the attacks and also monitoring and analyzing to control the access by stage, this study performs defense policy realization and analysis and tests defenses by the types of attack. The research findings will be provided as practical foundational data to realize Cloud Computing service-based defense policy.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.8
• /
• pp.1797-1804
• /
• 2015

Integrated log management system can help to predict the risk of security and contributes to improve the security level of the organization, and leads to prepare an appropriate security policy. In this paper, we have designed and implemented a Hadoop-based log analysis system by using distributed database model which can store large amount of data and reduce analysis time by automating log collecting procedure. In the proposed system, we use the HBase in order to store a large amount of data efficiently in the scale-out fashion and propose an easy data storing scheme for analysing data using a Hadoop-based normal expression, which results in improving data processing speed compared to the existing system.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.5
• /
• pp.841-850
• /
• 2015

XaaS (Everything as a Service) provides re-usable, fine-grained software components like software, platform, infra across a network. Then users usually pay a fee to get access to the software components. It is a subset of cloud computing. Since XaaS is provided by centralized service providers, it can be a target of various security attacks. Specially, if XaaS becomes the target of APT (Advanced Persistent Threat) attack, many users utilizing XaaS as well as XaaS system can be exposed to serious danger. So various solutions against APT attack are proposed. However, they do not consider all aspects of security control, synthetically. In this paper, we propose overall security checkup considering technical aspect and policy aspect to securely operate XaaS.