• Journal of Internet Computing and Services
• /
• v.14 no.4
• /
• pp.43-51
• /
• 2013

User authentication and access control are two important components in high security applications. Recently, Chen and Yeh proposed a method to integrate both of them seamlessly. However, Chen-Yeh's scheme is vulnerable to a stolen verifier attack, since it maintains a smart card identifier table in a remote server. Therefore, this paper modifies Chen-Yeh's scheme and propose a new integrated authentication and access control scheme that is resilient to the stolen verifier attack while inheriting all the merits of Chen-Yeh's scheme. Security analysis shows that the proposed scheme withstands well-known security attacks and exhibits many good features.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.4
• /
• pp.45-54
• /
• 2001

It is necessary to control security management consistently and respond to an intrusion automatically in order to use the network securely in the single administrative domain. This paper presents a Shadowing Mechanism supporting a dynamic extension of security scheme and proposes an ARTEMIS(Advanced Realtime Emergency Management and Intruder Identification System), which is designed and implemented based on the suggested technique. It is possible for security management system developed on the basis of the Shadowing Mechanism to make all network components working under the same security scheme. It enhances the accuracy of intrusion tracing and automatic response through dynamic extension of space and time for security management.

• Journal of KIISE:Computer Systems and Theory
• /
• v.32 no.10
• /
• pp.512-519
• /
• 2005

E-BLP security model considers the reliability of the processes that are real subjects in systems. This paper deals with the implementation of the E-BLP model for secure embedded systems. Implemented EBSM(E-BLP Based Security Module) consists of three components: identification and authentication, access control and BRC(Dynamic Reliability Check) that checks the process behavior dynamically. Access Control of EBSM ensures unreliable processes not to access the sensitive objects and the DRC detects the buffer overflow attack by normal user. Besides, the performance overhead of the embedded system applying the EBSM is introduced.

• International Journal of Computer Science & Network Security
• /
• v.24 no.5
• /
• pp.40-52
• /
• 2024

Cyber-Physical Systems (CPS) are introduced as complex, interconnected systems that combine physical components with computational elements and networking capabilities. They bridge the gap between the physical world and the digital world, enabling the monitoring and control of physical processes through embedded computing systems and networked communication. These systems introduce several security challenges. These challenges, if not addressed, can lead to vulnerabilities that may result in substantial losses. Therefore, it is crucial to thoroughly examine and address the security concerns associated with CPS to guarantee the safe and reliable operation of these systems. To handle these security concerns, different existing security requirements methods are considered but they were unable to produce required results because they were originally developed for software systems not for CPS and they are obsolete methods for CPS. In this paper, a Security Requirements Engineering Methodology for CPS (CPS-SREM) is proposed. A comparison of state-of-the-art methods (UMLSec, CLASP, SQUARE, SREP) and the proposed method is done and it has demonstrated that the proposed method performs better than existing SRE methods and enabling experts to uncover a broader spectrum of security requirements specific to CPS. Conclusion: The proposed method is also validated using a case study of the healthcare system and the results are promising. The proposed model will provide substantial advantages to both practitioners and researcher, assisting them in identifying the security requirements for CPS in Industry 4.0.

• Convergence Security Journal
• /
• v.11 no.4
• /
• pp.37-42
• /
• 2011

In this paper, the design methodology of information security is analyzed to implement the ubiquitous city (u-City). The definition, concept, and main u-services of u-City are presented. The main components, functio ns and offering services of u-City management center are presented, and the laws and network security requirements related to protect the personal information in collecting, processing, and exchanging are also analyzed. Three step security levels of Router/Switch, Firewall/VPN, and IPS are applied where main functions of in terception of abnormal packets($1^{st}$ level), access control for each service($2^{nd}$ level), and real-time network monitoring($3^{rd}$ level) are performed. Finally, application cases are presented to validate the security of personal information in providing the u-City services.

• Proceedings of the IEEK Conference
• /
• 2001.06c
• /
• pp.221-224
• /
• 2001

Role-Based Access Control(RBAC) is a flexible and policy-neutral access control technology. But, for large systems, managing roles, users, permissions and their interrelationships is a formidable task that cannot be centralized in a small team of security administrators. Using RBAC to manage RBAC provides addition히 administrative convenience. In this paper we demonstrate the implementation of one of the components of ARBAC99 which deals with permission-role assignment and is called PRA99. We implement it by using EJB component and use Oracle stored procedures to implement it.

• The KIPS Transactions:PartC
• /
• v.8C no.5
• /
• pp.573-584
• /
• 2001

Policy-Based Network Management (PBNM) architecture is to meet various needs of network users and to provide effective management facilities in distributed and large scale networks to network managers. In PBNM, network managers perform network management operations by stipulating a set of rules rather than control each network component. On the other hand, providing security services such as authentication, privacy of messages as well as a new flexible and extensible administration framework, SNMPv3 enables network managers to monitor and control the operation of network components more secure way than ever before. Despite of its enhanced security services, SNMPv3 has difficulties in managing distributed, large-scaled network because it does not provide centralized security management facilities. In this paper, we propose a new security model called Role-based Security Management model (RSM) with security management policy to support scalable and centralized security management for SNMP-based networks. Also, the structure and the operation of the security system as well as the efficiency analysis of RSM in terms of security management are also described.

• International Journal of Computer Science & Network Security
• /
• v.21 no.5
• /
• pp.35-38
• /
• 2021

The article discusses approaches to the definition and understanding of artificial intelligence, research directions in the field of artificial intelligence; artificial intelligence in the anthropological dimension; the importance of the systems approach as a methodological basis for the design of intelligent systems; structural and functional components of intelligent systems; intelligent systems in the technological aspect; problems and prospects of relations in the system "man - intellectual system".

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.1
• /
• pp.123-140
• /
• 2022

Recently, research on solving problems that have introduced the concept of smart city in countries and companies around the world is in progress due to various urban problems. A smart city converges the city's ICT, connects all the city's components with a network, collects and delivers data, and consists of a supply chain composed of various IoT products and services. The increase in various cyber security threats and supply chain threats in smart cities is inevitable, in addition to establishing a framework such as supply chain security policy, authentication of each data provider and service according to data linkage and appropriate access control are required in a Zero-Trust point of view. To this end, a smart city security model has been developed for smart city security threats in Korea, but security requirements related to supply chain security and zero trust are insufficient. This paper examines overseas smart city security trends, presents international standard security requirements related to ISMS-P and supply chain security, as well as security requirements for applying zero trust related technologies to domestic smart city security models.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.63-66
• /
• 2022

The article discusses the application of the IoT concept in the sensitive field of medical devices on the example of a developed prototype of a mechanotherapeutic simulator. Mechanotherapy is a complex of therapeutic, preventive, and restorative exercises conducted using simulators, specially designed for developing movements in individual joints. Mechanotherapy is used for the early and painless restoration of joint mobility, to prevent complications associated with prolonged immobilization of the injured area of extremities. Using the mechanotherapy simulator allows developing the joint painlessly, which accelerates the metabolism in the injured area, and soft tissues are restored to normal. The article provides information about the electronic components that ensure the wireless operation of the device and describes in detail the applied software as well as the client application for a mobile device.