• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.4B
• /
• pp.592-598
• /
• 2010

A home network system is made up of subject of cyber attack from a variety factors of threatening, but also have security weakness in cases of hacking, vicious code, worm virus, DoS attack, tapping of communication network, and more. So, the necessity for a security protocol to protect user asset and personal information within a home network is gradually increasing. Thus, this paper designs and suggests a home network security protocol using user authentication and approach-control technology to prevent the threat by unauthorized users towards personal information and user asset in advance by providing the gradual authority to corresponding devices based on authorized information, after authorizing the users with a Public Key Certificate.

• Journal of the Korea Society for Simulation
• /
• v.10 no.4
• /
• pp.51-64
• /
• 2001

It is quite necessary that an organization's information network should be equipped with a proper security system based on its scale and importance. One of the effective methods is to use the simulation model for deciding which security policy and mechanism is appropriate for the complex network. Our goal is to build a foundation of knowledge-based modeling and simulation environment for the network security. With this environment, users can construct the abstracted model of security mechanisms, apply various security policies, and quantitatively analyze their security performance against possible attacks. In this study, we considered security domain from several points of view and implemented the models based on a systematic modeling approach. We enabled the model to include knowledge in modular fashion and provided well-defined guidelines for transforming security policy to concrete rule set.

• International Journal of Computer Science & Network Security
• /
• v.23 no.4
• /
• pp.172-178
• /
• 2023

When the mobile device moves from the coverage of one access point to the radio coverage of another access point it needs to maintain its connection with the current access point before it successfully discovers the new access point, this process is known as handoff. During handoff the acceptable delay a voice over IP application can bear is of 50ms whereas the delay on medium access control layer is high enough that goes up to 350-500ms. This research provides a suitable methodology on medium access control layer of the IEEE 802.11 network. The medium access control layer comprises of three phases, namely discovery, reauthentication and re-association. The discovery phase on medium access control layer takes up to 90% of the total handoff latency. The objective is to effectively reduce the delay for discovery phase to ensure a seamless handoff. The research proposes a scheme that reduces the handoff latency effectively by scanning channels prior to the actual handoff process starts and scans only the neighboring access points. Further, the proposed scheme enables the mobile device to scan first the channel on which it is currently operating so that the mobile device has to perform minimum number of channel switches. The results show that the mobile device finds out the new potential access point prior to the handoff execution hence the delay during discovery of a new access point is minimized effectively.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.11 no.5
• /
• pp.491-498
• /
• 2016

An ACL(: Access List), a list that determines network access, is used for the security of the network. An ACL if applied to a interface of router can filter particular packets. Also it can block or allow the access of certain unauthorized IPs or ports, based on the source address, destination address, and TCP/UDP port. This paper presents a simulation case to verify the effect of a router-based network applying Standard ACL or Extended ACL. The network was created through designing topology and then making a common virtual network using a Packet Tracer.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.6
• /
• pp.267-273
• /
• 2011

The importance of networking capability is gaining more weight for enterprise business and high-speed Internet access with guaranteed security management is essential to companies. This paper presents a unified network security management solution to support high-speed Internet access, active security management, traffic classification and control. The presented system provides firewall, VPN, intrusion detection, contents filtering, traffic management, QoS management, and history log functions in unified manner implemented in a single appliance device located at the edge of enterprise networks. This will enable cost effective unified network security solution to companies.

• Journal of Internet Computing and Services
• /
• v.22 no.6
• /
• pp.91-97
• /
• 2021

The United States is responding to evolving cyberattacks through the Commercial Solutions for Classified Program (CSfC). Authorized safety evaluation and certification are being carried out so that US government agencies can quickly introduce civilian commercial security products into the national pavilion. Commercial security products registered in the CSfC process can be used by defense agencies through a rapid approval process. Defense agencies approve commercial security products without duplicate evaluation. Approved security products can reduce the time, cost, and cost of the approval process required to implement the defense information system. In this study, security control for 4 types of network security architecture MSC (Multi-Site Connectivity), MA (Mobile Access), Campus WLAN, and DAR (Data at Rest) proposed by the US National Security Agency (NSA) for introduction to national defense A detailed analysis was performed on the items.

• The Journal of Information Systems
• /
• v.11 no.1
• /
• pp.175-198
• /
• 2002

This paper is to develop a security module for electronic approval systems. Electronic documents are created, transmitted and saved in the company's intranet computer network. Transmitting electronic documents, however, brings us a security problem. Communications among various computer systems are exposed to many security threats. Those threats are eavesdropping, repudiation, replay back etc. The main purpose of this paper is to develop a module which provides the security of electronic documents while they are passed from one place to another This paper applies Multi-Level security to the electronic approval system that guarantees security of electronic documents from many threats. Multi-Level security controls the access to the documents by granting security level to subject users and object electronic documents. To prevent possible replay back attacks, this paper also uses one time password to the system. The security module is composed of client program and server one. The module was developed using Microsoft Visual Basic 6.0 and Microsoft SQL Server 7.0. The code uses Richard Bondi's WCCO(Wiley CryptoAPI COM Objects) library functions which enables Visual Basic to access Microsoft CryptoAPI.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.14 no.2
• /
• pp.19-25
• /
• 2018

With the development of IT technology, various services such as artificial intelligence and autonomous vehicles are being introduced, and many changes are taking place in our lives. However, if secure security is not provided, it will cause many risks, so the information security becomes more important. In this paper, we analyzed the research trends of main themes of information security over time. In order to conduct the research, 'Information Security' was searched in the Web of Science database. Using the abstracts of theses published from 1991 to 2016, we derived main research topics through topic modeling and time series regression analysis. The topic modeling results showed that the research topics were Information technology, system access, attack, threat, risk management, network type, security management, security awareness, certification level, information protection organization, security policy, access control, personal information, security investment, computing environment, investment cost, system structure, authentication method, user behavior, encryption. The time series regression results indicated that all the topics were hot topics.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.21 no.2
• /
• pp.15-26
• /
• 2021

Recently, as the introduction of cloud, mobile, and IoT has become active, there is a growing need for technology development that can supplement the limitations of traditional security solutions based on fixed perimeters such as firewalls and Network Access Control (NAC). In response to this, SDP (Software Defined Perimeter) has recently emerged as a new base technology. Unlike existing security technologies, SDP can sets security boundaries (install Gateway S/W) regardless of the location of the protected resources (servers, IoT gateways, etc.) and neutralize most of the network-based hacking attacks that are becoming increasingly sofiscated. In particular, SDP is regarded as a security technology suitable for the cloud and IoT fields. In this study, a new access control system was proposed by combining SDP and hash tree-based large-scale data high-speed signature technology. Through the process authentication function using large-scale data high-speed signature technology, it prevents the threat of unknown malware intruding into the endpoint in advance, and implements a kernel-level security technology that makes it impossible for user-level attacks during the backup and recovery of major data. As a result, endpoint security, which is a weak part of SDP, has been strengthened. The proposed system was developed as a prototype, and the performance test was completed through a test of an authorized testing agency (TTA V&V Test). The SDP-based access control solution is a technology with high potential that can be used in smart car security.

• The Journal of Korean Association of Computer Education
• /
• v.5 no.1
• /
• pp.27-34
• /
• 2002

Internet has being grown explosively in recent years, hence it becomes easy to search and access information. But it is happening frequently to access illegally into the systems and data, there are many damage caused by them. So, it is very important that we construct security plan for the systems and data. It is not exception on school network being diffused to all schools. But, we have weakness about security to manage server and network safely. So it is causing much anxieties. In this paper, we searched security points make sure of safety of school network, and developed security audit agent helping management of security. Through simple registration process, this agent is able to audit basic and important security problems about not only server systems but also pc systems, and notify to administrator automatically. It is expected to provide efficiency in managing school network.