• Convergence Security Journal
• /
• v.10 no.4
• /
• pp.39-48
• /
• 2010

In a complex, secure IT system environment there will be groups of data that be segregated from one another, yet reside on the same system. Users of the system will have varying degrees of access to specific data. The Configuration Management(CM) of the information architecture, the physical architecture, user privileges and application security policies increases the complexity for operations, maintenance and security staff. This pager describes(current work to merge the capabilities of a network CM toll with those of a Computer Aided System Engineering(CASE) tool. The rigour of Systems Engineering(SE) modelling techniques can be used to deal with the complexities of multi-level information security. The SE logical and physical models of the same system are readily tailorable to document the critical components of both the information architecture and physical architecture that needs to be managed. Linking a user-friendly, physical CM tool with the extended capabilities of a CASE tool provide the basis for improved configuration management of secure IT systems.

• Journal of National Security and Military Science
• /
• s.13
• /
• pp.109-136
• /
• 2016

Define the importance and role of the acquisition strategy based on the Defense Acquisition Management System, diagnose and analyze the actual state of document preparation. We analyzed the timing and details of the basic strategy of the project in 2015 and suggested a supplementary plan to improve the efficiency of Military force improvement projects in conjunction with the Defense Planning and Management System. It is necessary to reduce the preparation period including the policy decision making process and then divide it into planning and programming stages to complement the role of acquisition strategy. In order to apply these improvements, the necessary revision of laws and regulations to be reviewed is referred to, enabling continuous research.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.777-785
• /
• 2016

Engineering education accreditation addresses evaluation for program outcomes according to educational objectives and assessment process, which students are expected to obtain by the time of graduation in order to train international competitive engineers with continuous quality improvement in engineering programs. This paper shows a case study of a program outcomes assessment system including performance criteria, evaluation process, document system and continuous quality improvement process and an achievement evaluation by the assessment system for program outcomes in Information Security Program of Hoseo university.

• The KIPS Transactions:PartC
• /
• v.8C no.5
• /
• pp.551-556
• /
• 2001

The ESES system has been developed to supply a digital signature function, an encryption function, and a library of cryptographic primitives and algorithm for securing an XML document and the existing non-XML documents that are exchanged in the electronic commerce. In this paper, we will introduce the overview of ESES system and explain how the ESES processes to offer security services Finally we\`ll conclude our talk by presenting the summary and further works.

• International Journal of Computer Science & Network Security
• /
• v.21 no.4
• /
• pp.41-46
• /
• 2021

The article studies the implementation of automation in the education process as a convenient interface of a document management system, on the one hand, which makes it easy to navigate the program, requiring from the user only a small amount of any special skills in working with electronic computers, on the other hand, it provides to the user operational information about all the data of interest to him, taking into account the access rights given to this or that information, stored in the enterprise database.

• The Journal of the Korea Contents Association
• /
• v.8 no.11
• /
• pp.25-32
• /
• 2008

Access control techniques should be flexible enough to support all protection granularity levels. Since access control policies are very likely to be specified in relation to document types, it is necessary to properly manage a situation in which documents fail to be dealt with by the existing access control policies. In terms of XML documents, it is necessary to describe policies more flexibly beyond simple authorization and to consider access control methods which can be selected. This paper describes and designs the access control policy system for authorization for XML document access and for efficient management to suggest a way to use the capacity of XML itself. The system in this paper is primarily characterized by consideration of who would exercise what access privileges on a specific XML document and by good adjustment of organization-wide demands from a policy manager and a single document writer.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.297-302
• /
• 2004

Internet becomes absolutely necessary tools due to rapid progress of information technology. Educational correspondence abount an age of information demand is a education focused on a learner and remote education based on information technology. WBI(Web Based Instruction) is a formation that remotly educate a learner using web, possible mutual reaction between instructor and learner, submint various studying material, has a good point to overcome spatial restriction. Internal and external standardization working is accelerated and recently XML security studies are activated using XML which is next generation web standard document format. And XML electronic signature raise interworking between digital signature systems used by various field of using XML document. Using these merit and complementing defect are main contents that users have to pay about Certification service to get CA certificate from 2004 june. This paper propose multiplex Certification remote education agent system using XML digital signature to satisfy security requirement.

• Journal of National Security and Military Science
• /
• s.2
• /
• pp.237-260
• /
• 2004

As the research work about XML based on the development of Internet and according to the information exchange standard is being carried out, the need of discovering new methods to store XML documents and manage them efficiently according to the frequency of large-capacity XML documents increases. Consequently, as a kind of back-end database system, XML storage systems such as RDBMS, OODBMS and Native XML DBMS etc. are coming forth in order to save XML documents. It is an urgent task to make comparisons among usage expense, function comparison storage, inquiry, and manage dimension for each DBMS. This paper makes an analysis and comparison of DTD-independent XML document access methods in RDBMS, OODBMS and Native XML DBMS for XML storage and management. After analyzing the advantages and disadvantages of each access method and comparing the function of typical commerce DBMS such as Oracle 8i, eXcelon and Tamino for finding the possibility of military applications, an another appropriate method to save XML documents is proposed as to find an implementation approach to save structural XML documents.

• Journal of the Korea Convergence Society
• /
• v.9 no.12
• /
• pp.53-60
• /
• 2018

With the development of information and communication technology, we have been able to access and manage documents containing corporate information anytime and anywhere using smart devices. As the work environment changes to smart work, the scope of information distribution is expanded, and more efforts are needed to manage security. This paper proposes a file sharing system that enables users who have smart devices to manage and share files through mutual cooperation. Proposed file sharing system, the user can add a partner to share files with each other when uploading files kept by spliting the part of the file and the other uses an algorithm to store on the server. After converting the file to be uploaded to base64, it splits it into encrypted files among users, and then transmits it to the server when it wants to share. It is easy to manage and control files using dedicated application to view files and has high security. Using the system developed with proposed algorithm, it is possible to build a system with high efficiency even for SMEs(small and medium-sized enterprises) that can not pay much money for security.

• Journal of Internet Computing and Services
• /
• v.11 no.4
• /
• pp.143-158
• /
• 2010

The illegal leakage of enterprise digital confidential information will threaten the enterprise with bankruptcy. Today since most small-and-medium companies have no capability to fight against illegally compromising their critically confidential documents in spite of knowing the leakage of them, strongly safe distribution system of the digital confidential documents should be designed so in secure as to prevent any malicious intent of embezzlement from accessing the critical information. Current DRM-based protection system is not always perfect to protect the digital secrets, even seems to leave the secrets open. Therefore our study has analyzed the illegal leakage paths that hackers attack against and the vulnerability of the current protection systems. As result, we study the group communication based system architecture satisfying the security conditions to make even legitimate working employee keep out of the confidential documents, without performance degradation. The main idea of this architecture is to stay every secrets in encrypted form; to isolate the encrypted documents from the crypto-key; to associate every entity with one activity and to authenticate every entity with DSA-based public key system; multiple authentication method make hackers too busy to get a privilege to access the secrets with too many puzzle pieces. This paper deal with the basic architectural structure for the above issues.