• Journal of the Semiconductor & Display Technology
• /
• v.18 no.1
• /
• pp.74-78
• /
• 2019

As software becomes larger and network technology develops, the management of distributed data becomes more popular. Therefore, it is becoming increasingly important to use blockchain technology that can guarantee the integrity of data in various fields by utilizing existing infrastructure. Blockchain is a distributed computing technology that ensures that servers participating in a network maintain and manage data according to specific agreement algorithms and rules to ensure integrity. As smart contracts are applied, not only passwords but also various services to be applied to the code. In order to reinforce existing research on smart contract applied to the blockchain, we proposed a dynamic conditional rule of smart contract that can formalize rules of smart contract by introducing ontology and SWRL and manage rules dynamically in various situations. In the previous research, there is a module that receives the upper rule in the blockchain network, and the rule layer is formed according to this module. However, for every transaction request, it is a lot of resources to check the top rule in a blockchain network, or to provide it to every blockchain network by a reputable organization every time the rule is updated. To solve this problem, we propose to separate the module responsible for the upper rule into an independent server. Since the module responsible for the above rules is separated into servers, the rules underlying the service may be transformed or attacked in the middleware. Therefore, the security mechanism using TLS and PKI is added as an agent in consideration of the security factor. In this way, the benefits of computing resource management and security can be achieved at the same time.

• Journal of Korea Multimedia Society
• /
• v.5 no.6
• /
• pp.674-682
• /
• 2002

Nowadays economic and commercial businesses have been increased because of the Internet. As a result of this, electronic commerce is becoming one of the most Interesting topic of discussion. Electronic commerce is equal to a real market, only the place of business is the imaginary space supported by the Internet. There are a few conditions to consider, making electronic commerce work safely. The electronic commerce should be connected by a substantial system and an on-line Protocol. There are some conditions needed for information security, authentication, and payment by electronic currency etc. Although there are many kinds of existing systems, which create services successfully, further research for security is required. Therefore, this paper suggests an authenticated Agent management, which offers more convenience and security than before. Also, this paper shows many authenticated methods for a management system. An Agent that is one of interesting things to study can handle information problems and works related to electronic commerce.

• Journal of the Korea Society for Simulation
• /
• v.17 no.3
• /
• pp.9-18
• /
• 2008

Unlike conventional researches, we are able to i) compare the fuzzy logic based BBA with non-fuzzy BBA for verifying the effective performance of the proposed fuzzy logic application ii) dynamically respond to the intrusion using BBA whereas the previous IDS was responding statically and iii) expect that this would be a cornerstone for more practical application researches (analyzing vulnerability and examining countermeasures, etc.) of security simulation. Several simulation tests performed on the targer network will illustrate our techniques. And this paper applies fuzzy logic to reduce the false negative that is one of the main problems of IDS. Intrusion detection is complicated decision-making process, which generally involves enormous factors about the monitored system. Fuzzy evaluation component model, which is a decision agent in the distributed IDS, can consider various factors based on fuzzy logic when an intrusion behavior is detected. The performance obtained from the coordination of intrusion detection agent with fuzzy logic is compared against the corresponding non fuzzy type intrusion detection agent. The results of these comparisons allow us to evaluate a relevant improvement on the fuzzy logic based BBA.

• Smart Media Journal
• /
• v.12 no.9
• /
• pp.60-71
• /
• 2023

A microservice architecture that accommodates the heterogeneity of various development environments and enables flexible maintenance can secure business agility to manage services in line with rapidly changing requirements. Due to the nature of MSA, where communication between microservices within a service is frequent, the boundary security that has been used in the past is not sufficient in terms of security, and a Zerotrust system is required. In addition, as the size of microservices increases, definition of access control policies according to the API format of each service is required, and difficulties in policy management increase, such as unnecessary governance overhead in the process of redistributing services. In this paper, we propose a microservice architecture that centrally manages policies by separating access control decision and enforcement with a general-purpose policy engine called OPA (Open Policy Agent) for collective and flexible policy management in Zerotrust security-applied environments.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.10a
• /
• pp.628-630
• /
• 2001

무선통신 기술의 발달로 최근 이동 통신 사용자들은 언제, 어디서나 누구와도 통신이 가능하게 되었다. 하지만, 이동 통신은 무선채널을 사용하기 때문에 통신 당사자는 심각한 보안 위험에 노출된다. 그래서, 안전한 통신채널을 제공하기 위한 방법으로, 이동통신망에서 필수라 하겠다. 본 논문에서 이러한 안전한 통신채널을 제공하기 위한 방법으로, 종단간 보안을 지원하는 새로운 WAP 모델인 WAP Agent를 제안한다. 새로운 WAP Agent는 WAP gateway를 두는 컨텐츠 제공자의 부담을 줄이면서, 안전한 보안을 제공하기 때문에 종단간 보안을 지원하는 새로운 WAP 모델로서 활용되리라 기대한다.

• The KIPS Transactions:PartC
• /
• v.9C no.3
• /
• pp.367-374
• /
• 2002

IPsec offers not odd Internet security service such as Internet secure communication and authentication but also the safe key exchange and anti-replay attack mechanism. Recently IPsec is implemented on the various operating systems. But there is no existing tool that checks the servers, which provide IPsec services, work properly and provide their network security services well. In this paper, we design and implement the rule based security evaluation system for IPsec engine. This system operated on Windows and UNX platform. We developed the system using Java and C language.

• Journal of KIISE:Information Networking
• /
• v.28 no.3
• /
• pp.309-320
• /
• 2001

This paper deals with security issues in a mobile agent system, especially protecting agent data from malicious agent servers. For this purpose, one-time key generation system, OKGS in short, is proposed. In OKGS, we integrate notions of a one-way hash function and a coupler. One-way function plays a major role in ensuring confidentiality and integrity of agent data. And the notion of a coupler is used to establish inter-relationship among consecutive encryption keys for agent data, i.e. all agent keys form a unidirectional chain. With these two features of OKGS, therefore, only the agent owner, who creates the agent bearing data, can decrypt and protect all the agent data which are gathered in the itinerary.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2001.06a
• /
• pp.492-495
• /
• 2001

다양한 네트워크 시스템이 구축됨에 따라 시스템 해킹 사례도 비례해서 증가하고 있다. 점차 분산화, 자동화, 에이전트화되고 있는 공격 기법에 대하여, 본 논문에서는 최근 네트워크를 통하여 이루어지는 시스템 공격 기법을 살펴보고 그 동향을 분석한다. 그리고, 이를 효과적으로 대응하고 방어할 수 있는 새로운 개념인 능동 보안(Active Security)의 개념을 살펴보고, 핵심 기술인 이동 에이전트의 도입 및 적용에 대하여 논의한다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.56-59
• /
• 2001

본 논문에서는 이동 에이전트 시스템의 특징을 살펴보고, 현재 다양한 네트워크 기술에 응용되고 있는 Java 기술을 적용한 이동 에이전트 시스템을 비교·분석하였다. 이를 기반으로 안전한 이동 에이전트 시스템 구현을 위한 이동 에이전트 시스템 구현 스택(MASIS)을 제안하고 각 계층별 시큐리티 요구사항에 대하여 논의한다.

• Convergence Security Journal
• /
• v.7 no.4
• /
• pp.115-121
• /
• 2007

Due on failures of communication nodes for the wireless and wired networks, mobile agents may be blocked even if there is available service in the networks. To solve it, we propose migration policy with reordering of the paths to guarantee the migration of mobile agents and the paper will provide the extension with the autonomous migration of mobile agents.