• Proceedings of the KIEE Conference
• /
• 2003.11c
• /
• pp.868-870
• /
• 2003

In this paper, I have implemented the security system using shell script that periodically checking the security elements of unix system for security it transmit to a monitoring server and monitoring many clients. Agent of client executing by crontab scheduler, Environment of server to receive data use restricted TFTP in SunOS. And then, Because of using shell script, apply shell to system with flexible, control performance, and can meet on a sudden situation.

• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.2174-2177
• /
• 2003

Internet is exposed to network attacks as Internet has a security weakness. Network attacks which are virus, system intrusion, and deny of service, put Internet in the risk of hacking, so the damage of public organization and banking facilities are more increased. So, it is necessary that the security technologies about intrusion detection and controlling attacks minimize the damage of hacking. Router is the network device of managing traffic between Internets or Intranets. The damage of router attack causes the problem of the entire network. The security technology about router is necessary to defend Internet against network attacks. Router has the need of access control and security skills that prevent from illegal attacks. We developed integrated security management framework for secure networking and kernel-level security engine that filters the network packets, detects the network intrusion, and reports the network intrusion. The security engine on the router protects router or gateway from the network attacks and provides secure networking environments. It manages the network with security policy and handles the network attacks dynamically.

• Convergence Security Journal
• /
• v.11 no.4
• /
• pp.43-49
• /
• 2011

Web-based health information provides a lot of conveniences, however the security vulnerabilities that appear in the network environment without the risk of exposure in the use of information are growing. Web-based medical information security issues when accessing only the technology advances, without attempting to seek a safe methodology are to increase the threat element. So it is required. to take advantage of web-based information security measures as a web-based access control security mechanism-based design. This paper is based on software architecture, design, ideas and health information systems were designed based on access control security mechanism. The methodologies are to derive a new design procedure, to design architecture and algorithms that make the mechanism functio n. To accomplish this goal, web-based access control for multiple patient information architecture infrastructures is needed. For this software framework to derive features that make the mechanism was derived based on the structure. The proposed system utilizes medical information, medical information when designing an application user retrieves data in real time, while ensuring integration of encrypted information under the access control algorithms, ensuring the safety management system design.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.3
• /
• pp.661-669
• /
• 2004

As a large number of distributed systems becoming more popular, interoperability, portability and security are becoming major concerns of modern computing. CORBA and object-oriented database which provide transparency of network and database are increasingly being used as the basis for distributed system to solve these problems. The two methods can help accomplish assurance of security by using a method-based access control technique or an attribute-based access control technique. These methods also enhance the unavailability or inefficiency caused by the delay of access process and bottleneck of the network due to the complex instance-based access control. We propose a security model on the type information based access control system that can enhance both security and availability by separating the functions delivered from CORBA and object-oriented databases. We apply the access control model specifically to enhancement of security system and also perform a test to verify the security and availability of our model.

• Journal of National Security and Military Science
• /
• s.9
• /
• pp.257-282
• /
• 2011

In this paper, we propose an architecture design of military operation system utilizing cellular networks. The main contribution of this paper is to provide a cost-effective military operation solution for ground forces, which is based on IT(information technology). By employing the cellular phones of officers' and non-commissioned officers' as the tools of operational communication, the proposed system can be constructed in the minimum duration and be built on the four components: command and control system, gateway, security system, and terminal(cell phone). This system is most effective for the warfare of limited area, but the effectiveness does not decrease under the total war covering the whole land of Korea. For the environmental change of near future, expanded architecture is also provided to utilize the functionalities of smart phones.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.341-342
• /
• 2017

Control and development systems such as air traffic control systems, road traffic systems, and Korea Hydro &Nuclear Power are the infrastructure facilities of the country, and if the malicious hacking attacks proceed, the damage is beyond imagination. In fact, Korea Hydro & Nuclear Power has been subjected to a hacking attack, causing internal information to leak and causing social problems. In this study, we analyze the environment of the development control system and analyze the status of the convergence security research, which is a recent issue, and propose a strategy system for stabilizing various power generation control systems and propose countermeasures. We propose a method to normalize and integrate data types from various physical security systems (facilities), IT security systems, access control systems, to control the whole system through convergence authentication, and to detect risks through fusion control.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.579-588
• /
• 2019

Industrial control systems consist of various physical devices such as sensors, actuators. Security Infringement such as waterworks facilities Remote Access Infringement and power control systems Infection have been occured by vulnerability of Access Control. Access control to physical devices must be fulfilled with a reliable system. However, Having a single access control system inside company can not guarantee reliability. In addition, when single access control is struggled with error or infringement, access control system is totally unavailable. so system requires a additional access control method or system. In this paper, we proposed access control mechanism for reliable and stable operation using blockchain and smart contract. Proposed Mechanism using trust score to consider resources to be consumed depending on each industrial environment in consideration of the industrial control system where availability is more important than integrity and confidentiality. Unlike other blockchain-based access control system, proposed system is designed for the currently operating industrial control system.

• Journal of Advanced Navigation Technology
• /
• v.18 no.4
• /
• pp.353-358
• /
• 2014

In the past, security on control system was guaranteed by isolation of control system networks from external networks. However as devices of the control systems became more various and interaction between the devices became necessary, effective management system for such network emerged and this triggered connection between control system networks and external system networks. This made management of control system easier but also made control system exposed to various cyber attack threats, Therefore researches on appending security measures on each protocols are in progress. This paper focused on DNP(distributed network protocol)3 protocol which is used for communication between control center and substations. It describes characteristics of DNP3 protocol and research on adding security elements to the protocol. It also analyzed known vulnerabilities of DNP3 protocol and proposed data mining methodology for detecting such vulnerabilities.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.155-167
• /
• 2012

Cloud computing service is a next generation IT service which has pay-per-use billing model and supports elastically provisioning IT infra according to user demand. However it has many potential threats originating from outsourcing/supporting service structure that customers 'outsource' their own data and provider 'supports' infra, platform, application services, the complexity of applied technology, resource sharing and compliance with a law, etc. In activation of Cloud service, we need objective assessment standard to ensure safety and reliability which is one of the biggest obstacles to adopt cloud service. So far information security management system has been used as a security standard for a security management and IT operation within an organization. As for Cloud computing service it needs new security management and assessment different from those of the existing in-house IT environment. In this paper, to make a Information Security Management System considering cloud characteristics key components from threat management system are drawn and all control domain of existing information security management system as a control components are included. Especially we designed service security management to support service usage in an on-line self service environment and service contract and business status.

• Journal of Electrical Engineering and Technology
• /
• v.4 no.3
• /
• pp.315-322
• /
• 2009

Penetration and installation of a new dynamic technology known as Flexible AC Transmission Systems (FACTS) in a practical and dynamic network requires and force expert engineer to develop robust and flexible strategy for planning and control. Unified Power Flow Controller (UPFC) is one of the recent and effective FACTS devices designed for multi control operation to enhance the power system security. This paper presents a dynamic strategy based on Particle Swarm Optimization (PSO) for optimal parameters setting of UPFC to enhance the system loadability. Firstly, we perform a multi power flow analysis with load incrementation to construct a global database to determine the initial efficient bounds associated to active power and reactive power target vector. Secondly a PSO technique applied to search the new parameters setting of the UPFC within the initial new active power and reactive power target bounds. The proposed approach is implemented with Matlab program and verified with IEEE 30-Bus test network. The results show that the proposed approach can converge to the near optimum solution with accuracy, and confirm that flexible multi-control of this device coordinated with efficient location enhance the system security of power system by eliminating the overloaded lines and the bus voltage violation.