• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.181-190
• /
• 2009

DBMS access that used high speed internet web service through WAS is increasing. Need application of DB security technology for 3-Tier about DBMS by unspecified majority and access about roundabout way connection and competence control. If do roundabout way connection to DBMS through WAS, DBMS server stores WAS's information that is user who do not store roundabout way connection user's IP information, and connects to verge system. To DBMS in this investigation roundabout way connection through WAS do curie information that know chasing station security thanks recording and Forensic data study. Store session about user and query information that do login through web constructing MetaDB in communication route, and to DBMS server log storing done query information time stamp query because do comparison mapping actuality user discriminate. Apply making Rule after Pattern analysis receiving log by elevation method of security authoritativeness, and develop Module and keep in the data storing place through collection and compression of information. Kept information can minimize false positives of station chase through control of analysis and policy base administration module that utilize intelligence style DBMS security client.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.31-45
• /
• 2004

Public Key Infrastructure(PKI) provides a strong authentication. Privilege Management Infrastructure(PMI) as a new technology can provide user's attribute information. The main function of PMI is to give more specified authority and role to user. To authenticate net and role, we have used digital signature. Role Based Access Control(RBAC) is implemented by digital signature. RBAC provides some flexibility for security management. NEIS(National Education Information System) can not always provide satisfied quality of security management. The main idea of the proposed RNEIS(Roll Based NEIS) is that user's role is stored in AC, access control decisions are driven by authentication policy and role. Security manager enables user to refer to the role stored in user's AC, admits access control and suggests DB encryption by digital signature.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.1
• /
• pp.77-87
• /
• 2008

Recently, many hash-based authentication protocols were presented to guarantee mutual authentication between tag and DB in RFID system. To be suitable for distributed DB environment, one generally uses fixed constant value as a tag ID. However, some existing protocols have security flaws or heavy computational loads in DB in order to search a tag ID. We propose a secure authentication protocol which is suitable for distributed DB environment by using unchangeable tag ID. The storage method of pre-synchronized information in DB at previous session is core idea of our proposal which gives low-cost ID search of DB at next session. In normal synchronization state, our protocol only requires 3 hash operations in tag and DB respectively.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.41 no.4
• /
• pp.103-112
• /
• 2004

This paper suggests the way to realize smart card security system by using handwritten signature instead of a password which is traditionally used for user authentication. Because of the familiarity of signature we don't need to try to remember the password and signature is difficult to be used by guess or illegal forced situation. The feature data of handwritten signature is large, so we designed COS which is consist of special commands for processing user's handwritten signature data, user authentication, and basic commands based on ISO 7816-3. Also protocol among user, smart card terminal and DB server is designed. In registration process, the feature data of user signature is saved in both a DB server and a smart card. User authentication is processed by comparing the user signature and the saved feature data in a smart card and in a DB server. And the authentication result and hash value of signature data in DB server are transferred to smart card. During this process the authentication between DB server and user is finished. The proposed security system has more higher level of security in user authentication of smart card and it will Provide safer and more convenient security services.

• International Journal of Computer Science & Network Security
• /
• v.22 no.12
• /
• pp.107-115
• /
• 2022

Recently, big data applications need another database different from the Relation database. NoSQL databases are used to save and handle massive amounts of data. NoSQL databases have many advantages over traditional databases like flexibility, efficiently processing data, scalability, and dynamic schemas. Most of the current applications are based on the web, and the size of data is in increasing. NoSQL databases are expected to be used on a more and large scale in the future. However, NoSQL suffers from many security issues, and one of them is access control. Many recent applications need Fine-Grained Access control (FGAC). The integration of the NoSQL databases with FGAC will increase their usability in various fields. It will offer customized data protection levels and enhance security in NoSQL databases. There are different NoSQL database models, and a document-based database is one type of them. In this research, we choose the CouchDB NoSQL document database and develop an access control mechanism that works at a fain-grained level. The proposed mechanism uses role-based access control of CouchDB and restricts read access to work at the document level. The experiment shows that our mechanism effectively works at the document level in CouchDB with good execution time.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1305-1317
• /
• 2019

Although encryption for data protection is essential in the big data platform environment of public institutions and corporations, much performance verification studies on encryption algorithms considering actual big data workloads have not been conducted. In this paper, we analyzed the performance change of AES, ARIA, and 3DES for each of six workloads of big data by adding data and nodes in MongoDB environment. This enables us to identify the optimal block-based cryptographic algorithm for each workload in the big data platform environment, and test the performance of MongoDB by testing various workloads in data and node configurations using the NoSQL Database Benchmark (YCSB). We propose an optimized architecture that takes into account.

• Proceedings of the KIEE Conference
• /
• 2000.07a
• /
• pp.203-205
• /
• 2000

The credibility and reliability of data is a very important issue in the protective relay setting which seriously influences the system security In this paper, DB management system which provides a convenient environment for various data handling such as data saving, retrieval, DB copy, DB update, DB editor and DB navigation using Web is explained. This paper also describes DB security adopted in the developed system.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.11 no.5
• /
• pp.78-88
• /
• 2012

AVIs on the road are installed for (1) security (2) and for traffic, and they are various managed by (1) police department, (2) local government, (3) national highway management, (4) Korean highway corporation. But although the collected data of the plate number, the travel time, the picture of the car are same, they are used in purposes of its installation because the managements are different and the data are difficult to be connected with each other. For this reason, this study is to appraise the application for creating traffic information by integrating these data, and to suggest the introduction of spatial detection system which integrated security-traffic AVI DB for the purpose of reliability improvement of center's velocity. The estimating sections of link travel information seems to be expanded, and the error rate between the center's velocity and the experimental value will be reduced if integrated DB of traffic and security AVIs is used for creating traffic information. Also, the crime prevention and arrest rate is expected to rise in the future.

• 정보보호뉴스
• /
• no.9 s.132
• /
• pp.14-18
• /
• 2008

개인정보보호 유출사고가 줄지어 법정으로 향하고 있다. 내외부자에 의한 고객정보의 불법 유출이 그 원인으로, 굵직굵직한 소송사건들이 과연 어떤 판례를 남기게 될 지가 많은 기업들에게 초미의 관심사가 되고 있다. 개인정보를 대량으로 수집하는 기업들이라면 이런 법정 공방은 '내' 문제가 될 수 있기 때문이다. 이와 같은 기업의 관심은 자연스럽게 데이터베이스 즉, DB 보안에 대한 관심으로 이어지고 있다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.686-690
• /
• 2003

웹 응용프로그램에 대한 위협이 점차 확산되면서 오늘날 많은 Web Application Firewall들이 등장하고 있다. 하지만, 대부분의 기관에서 웹 서버 자체의 변조는 기관의 미지 실추를 제외하면 업무상 큰 문제를 유발하지 않는다. 웹 서버에 대한 보안을 고려하는 이유는 웹 서버가 침입을 당할 경우 DB 서버의 내용에 손상이 가해질 수 있기 때문이다. 본 고에서는 Web Application Firewall과 연동하여 허용되는 SQL 질의패턴을 자동으로 생성하여 불법적인 SQL 질의를 차단하는 DB Application Firewall을 제안한다. 이를 통해 웹 응용프로그램의 취약점으로 인해 SQL 질의가 변조되더라도 DB 서버에 해당SQL질의가 전달되는 것을 차단할 수 있다.