• Convergence Security Journal
• /
• v.15 no.6_1
• /
• pp.49-57
• /
• 2015

Changes in the national intelligence security industry is becoming increasingly rapidly changing due to the development of the network and the use of the Internet. Information also can be called by critical information assets, as well as social infrastructure of the country's reality is that individuals at risk. These professionals make to prevent terrorists to destroy national defense system and network was absolutely necessary. But, Cyber Terror Response NCOs to be responsible for cyber terrorism requires a professional NCOs with advanced knowledge. National Competency Standards(NCS) using a national information security field tutors to conduct training courses teaching - learning model to develop and to apply.

• Convergence Security Journal
• /
• v.8 no.1
• /
• pp.1-7
• /
• 2008

The hacking method came to be more complicated, became program ant it was automated. That is hacking trend of recent times. Before, The password crack, catch root authority is trend of hacking which uses the vulnerability of server. Hacker attack network or all of domain not some host. Web application system at hacking technique develops and improve transmitted data through the network shows many vulnerability. The massive data are transmitted through the network without encipherment filtering. It will be able to bring about the neck of a bottle actual condition which is serious in security system because of the network where the user comes to be many it leads and the data which is delivered comes to be many. In this paper, we propose web application system to prevent overload from bottleneck in encipherment system. It can solve security key trust problem in encoding and decoding with public key infrastructure.

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.71-79
• /
• 2019

The demand of smart cars is increasing rapidly. International stand organize such as 3GPP and 5GAA are proposing standard communication protocvols for connected-car, and automotive network infrastructure. But Smart car network have many security threats and more dangerous against the existed wire communication network. Typically, peripheral devices of a smart car may disguise their identity and steal location information and personal information about the vehicle. In addition, the infrastructure elements around smart cars can conspire and put driving cars in danger, threatening lives. This is a very serious security threat. Therefore, in order to solve these problems, we proposed a system that is secure from collusion and tampering attacks using attribute-based authorize delegation method and threshold encryption algorithms. We have demonstrated using a semantic safety model that the proposed system can be safe from collusion attack.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.197-208
• /
• 2020

Based on the network infrastructure advanced in the information knowledge society, the structure of computer net work is operated by establishing the composition of network in various forms that have secured the security. In case of computer network of national/public organizations, it is necessary to establish the technical and managerial securit y environment even considering the characteristics of each organization and connected organizations. For this, the im portance of basic researches for cyber training by analyzing the technical/managerial vulnerability and cyber threats based on the classification and map of cyber threats according to the characteristics of each organization is rising. T hus, this study aims to analyze each type of external/internal cyber threats to computer network of national/public o rganizations established based on the dualistic infrastructure network of internet and national information network, a nd also to present the cyber threat framework for drawing the elements of cyber security training, by drawing and analyzing the actual elements of cyber threats through the case-based scenario.

• International journal of advanced smart convergence
• /
• v.10 no.4
• /
• pp.22-29
• /
• 2021

For web application vulnerability diagnosis, from the development stage to the operation stage, it is possible to stably operate the web only when there is a policy that is commonly applied to each task through diagnosis of vulnerabilities, removal of vulnerabilities, and rapid recovery from web page damage. KISA presents 28 evaluation items for technical vulnerability analysis of major information and communication infrastructure. In this paper, we diagnose the vulnerabilities in the automobile goods shopping mall website and suggest security measures according to the vulnerabilities. As a result of diagnosing 28 items, major vulnerabilities were found in three items: cross-site scripting, cross-site request tampering, and insufficient session expiration. Cookie values were exposed on the bulletin board, and personal information was exposed in the parameter values related to passwords when personal information was edited. Also, since the session end time is not set, it was confirmed that session reuse is always possible. By suggesting security measures according to these vulnerabilities, the discovered security threats were eliminated, and it was possible to prevent breaches in web applications and secure the stability of web services.

• The Journal of Economics, Marketing and Management
• /
• v.10 no.6
• /
• pp.17-26
• /
• 2022

Purpose: This study analyzes advanced cases of overseas smart cities and examines policy implications related to the creation of smart cities in Korea. Research design, data, and methodology: Analysis standards were established through the analysis of best practices. Analysis criteria include Technology, Privacy, Security, and Governance. Results: In terms of technology, U-City construction experience and communication infrastructure are strengths. Korea's ICT technology is inferior to major countries. On the other hand, mobile communication, IoT, Internet, and public data are at the highest level. The privacy section created six principles: legality, purpose limitation, transparency, safety, control, and accountability. Security issues enable urban crime, disaster and catastrophe prediction and security through the establishment of an integrated platform. Governance issues are handled by the Smart Special Committee, which serves as policy advisory to the central government for legal system, standardization, and external cooperation in the district. Conclusions: Private technology improvement and participation are necessary for privacy and urban security. Citizens should participate in smart city governance.

• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.31-38
• /
• 2024

Recent expansion in cloud service usage has heightened the importance of cloud security. The purpose of this study is to analyze current research trends in the field of cloud security and to derive implications. To this end, R&D project data provided by the National Science and Technology Knowledge Information Service (NTIS) from 2010 to 2023 was utilized to analyze trends in cloud security research. Fifteen core topics in cloud security research were identified using LDA topic modeling and ARIMA time series analysis. Key areas identified in the research include AI-powered security technologies, privacy and data security, and solving security issues in IoT environments. This highlights the need for research to address security threats that may arise due to the proliferation of cloud technologies and the digital transformation of infrastructure. Based on the derived topics, the field of cloud security was divided into four categories to define a technology reference model, which was improved through expert interviews. This study is expected to guide the future direction of cloud security development and provide important guidelines for future research and investment in academia and industry.

• Journal of Digital Convergence
• /
• v.11 no.7
• /
• pp.141-148
• /
• 2013

Smart grid can two-way communication using ICT(Information & Communication Technology). Also, smart grid can supply to dynamic power that grafted to electric vehicle can activate to electric vehicle charging infrastructure and used to storage battery of home. Storage battery of home can resale to power provider. These electric vehicle charging infrastructure locate fixed on home, apartment, building, etc charging infrastructure that used fluid on user. If don't authentication for user of fluid user use to charging infrastructure, electric charging service can occurred to illegal use, electric charges and leakgage of electric information. In this paper, we propose smartcard and dynamic ID based user authentication scheme for used secure to electric vehicle service in smart grid environment.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.21-27
• /
• 2023

In the cloud computing environment, servers and applications can be set up within minutes, and recovery in case of fail ures has also become easier. Particularly, using virtual servers in the cloud is not only convenient but also cost-effective compared to the traditional approach of setting up physical servers just for temporary services. However, most of the und erlying networks and security systems that serve as the foundation for such servers and applications are primarily hardwa re-based, posing challenges when it comes to implementing cloud virtualization. Even within the cloud, there is a growing need for virtualization-based security and protection measures for elements like networks and security infrastructure. This paper discusses research on enhancing the security of cloud networks using network virtualization technology. I configured a secure network by leveraging virtualization technology, creating virtual servers and networks to provide various security benefits. Link virtualization and router virtualization were implemented to enhance security, utilizing the capabilities of virt ualization technology. The application of virtual firewall functionality to the configured network allowed for the isolation of the network. It is expected that based on these results, there will be a contribution towards overcoming security vulnerabil ities in the virtualized environment and proposing a management strategy for establishing a secure network.

• Convergence Security Journal
• /
• v.12 no.1
• /
• pp.27-33
• /
• 2012

VANET(Vehicular Ad-hoc Network) is a kind of ad hoc networks consist of intelligence vehicular ad nodes, and has become a hot emerging research project in many fields. It provide traffic safety, cooperative driving and etc. but has also some security problems that can be occurred in general ad hoc networks. Also, in VANET, vehiculars sho uld be able to authenticate each other to securely communicate with network-based infrastructure, and their location s and identifiers should not be exposed from the communication messages. This paper explains V2I authentication pr otocol using a hash function that preserves the user privacy. In addition, we analyze the security stability of the V2I authentication protocol using Casper in the formal verification technique. As a result, V2I authentication protocol us ing hash function prove a stability.