• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.04b
• /
• pp.959-962
• /
• 2002

DNSSEC은 IETF에서 논의중인 DNS 보안 표준으로서, DNS에 있어 가장 큰 잠재적 위협인 '도메인 네임에 대응되는 IP주소의 위변조 위협에 대응하기 위해 논의되고 있는 표준이다. 최근 네트워크 환경에서의 최상의 암호화 기법으로 자리잡은 공개키 암호화 기법을 이용하여, 도메인 Zone에 서명을 하여, 이러한 Zone 메시지를 받아보았을 때, 서명을 검증함으로서, DNS메시지가 중간에 위 변조없이 적정한 소스로부터 왔다는 것을 확인하는 것이다. 본 논문에서는 DNSSEC에서 가능한, 계층적 인증방식을 .KR 하위 도메인네임에서 활용할 수 있는 방안으로서, secure resolver를 이용한 도메인네임의 인증을 제시하였다.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.51 no.9
• /
• pp.11-20
• /
• 2014

For Web-based applications in IoT environment, IETF CoRE WG has standardizing the CoAP. One of limitations of CoAP is that CoAP standard does not consider the mobility management of the CoAP sensor node. In this paper, we propose the mobility management protocol of CoAP sensor node by considering the characteristics of the constrained network. The proposed mobility management protocol supports for Web client to be transmitted the sensing data from CoAP node reliably while the CoAP sensor moves into different wireless networks. To do this, we designed the architecture with the separate IP address management of CoAP sensor node and presented the mobility management protocol, which includes the holding and binding mode, in order to provide the reliable transmission. Finally, the numerical analysis and simulation with NS2 tool have been done for the performance evaluation in terms of the handover latency and packet loss with comparing the proposed mobility management protocol with other the existing mobility management protocols. The performance result shows that the proposed mobility management can provide the transmission of sensing data without the packet loss comparing with the existing mobility management protocol reliably.

• Journal of Korean Society of Water and Wastewater
• /
• v.32 no.4
• /
• pp.309-315
• /
• 2018

Currently, the commercialization of the $5^{th}$ Generation (5G) service is becoming more prevalent in domestic communication network technology. This has reduced communication delay time and enabled large-capacity data transmission and video streaming services in real-time. In order to keep pace with these developments, K-water has introduced a smart process control system in water purification plants to monitor the status of the water purification process. However, since wireless networks are based on the public Long Term Evolution (LTE) network, communication delay time remains high, and high-resolution video services are limited. This is because communication networks still have a closed structure due to expense and security issues. Therefore, with 5G in its current form, it is very difficult to accommodate future services without improving the infrastructure of its communication networks. In recognition of these problems, this study implemented the authentication and management function of wireless networks on a wired network management system in the K-water Bansong water purification plant. The results confirmed that wired Local Area Network (LAN) services give a higher security performance than an expensive commercial wireless LAN system. This was achieved by using an Internet Protocol (IP) address management system of wired networks and the packet filtering function of the Layer2 (L2) switch. This study also confirmed that it is possible to create a wireless LAN service that is 3.7 times faster than the existing LTE communication network.

• Journal of Information Technology Services
• /
• v.23 no.1
• /
• pp.1-10
• /
• 2024

The IT environment is changing due to the acceleration of digital transformation in enterprises and organizations. This expansion of the digital space makes centralized cybersecurity controls more difficult. For this reason, cyberattacks are increasing in frequency and severity and are becoming more sophisticated, such as ransomware and digital supply chain attacks. Even in large organizations with numerous security personnel and systems, security incidents continue to occur due to unmanaged and unknown threats and vulnerabilities to IT assets. It's time to move beyond the current focus on detecting and responding to security threats to managing the full range of cyber risks. This requires the implementation of asset Inventory for comprehensive management by collecting and integrating all IT assets of the enterprise and organization in a wide range. IT Asset Management(ITAM) systems exist to identify and manage various assets from a financial and administrative perspective. However, the asset information managed in this way is not complete, and there are problems with duplication of data. Also, it is insufficient to update of data-set, including Network Infrastructure, Active Directory, Virtualization Management, and Cloud Platforms. In this study, we, the researcher group propose a new framework for automated 'Comprehensive IT Asset Management(CITAM)' required for security operations by designing a process to automatically collect asset data-set. Such as the Hostname, IP, MAC address, Serial, OS, installed software information, last seen time, those are already distributed and stored in operating IT security systems. CITAM framwork could classify them into unique device units through analysis processes in term of aggregation, normalization, deduplication, validation, and integration.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.10
• /
• pp.1862-1872
• /
• 2017

To overcome the limitations of the current Central Mobility Management (CMM) protocols, IETF has been discussing about the Distributed Mobility Management (DMM) protocols that the centralized mobility functions of Home Agents (HA) are distributed to network edges closer to mobile users. The DMM protocol has some advantages of low-cost traffic delivery and high scalability. However, it faces several problems such as a high signaling cost and a complex address management. Especially, users moving at a high speed and with long-live sessions can make these problems worse. To reduce the high signaling cost for long-live sessions, we propose a novel hybrid DMM protocol allocating different mobility anchors according to the session durations. In this paper, we analyze the performance of the proposed hybrid DMM protocol and show superior performance with respect to the signaling cost.

• Journal of KIISE:Computing Practices and Letters
• /
• v.5 no.4
• /
• pp.479-488
• /
• 1999

인터넷의 성장과 더불어 수많은 응용시스템들이 인터넷 기반 시스템으로 바뀌고 있다. 특히, 인터넷 기반 전문가시스템은 다양한 구조와 방법으로 설계될 수 있고 이미 제작되었던 수많은 인터넷 기반 전문가시스템들은 그 나름대로의 장단점을 가지고 있다. 본 연구는 특정 전문가시스템의 개발이 아니라 WWW(World Wide Web)을 사용자 인터페이스로 이용할 수 있는 전문가시스템 쉘에 관한 연구이다. 본 시스템은 WWW 하부구조에 대한 의존성을 제거, 클라이언트와 네크워크에 부담 격감, HTML과 부합하는 텍스트에 기초한 통신과 같은 장점 외에 중앙 집중적 다중 사용자 접근 관리 기능을 제공한다. 본 시스템은 다중사용자를 위한 서버/클라이언트 환경 구축을 위해 소켓을 이용하여 큐잉(queueing)과 직렬화(serialization)를 해결하고 비연결 지향적인 WWW의 특성으로 인한 사용자 관리의 어려움은 사용자의 IP 주소와 Timer를 이용한 휴무기간 검사를 이용하여 해결한다.Abstract The growth of internet drives many applications into internet-based systems. Internet-based expert systems can be designed with various concepts and methodologies, and they have their own merits and demerits. This papers is a study on a development of not expert system itself but expert system shell which is able to use WWW(World Wide Web) as user interface. The suggested system supports functions on multiuser management controlled by a server system as well as independence on development environments, minimization of the load for clients and network, and text-based communications such as HTML. The system uses socket, which solves problems of queuing and serialization, in order to construct multiuser server/client environmen and also the system solves the non-connective property of WWW which makes it difficult to control users and processes by using IP address and idle time which is supported by the timer.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1117-1132
• /
• 2019

Recently, IT technology such as internet, mobile, and IOT has rapidly developed, making it easy to collect data necessary for business, and the collected data is analyzed as a new method of big data analysis and used appropriately for business. In this way, data collection and analysis becomes easy. In such data, personal information including an identifier such as a sensor id, a device number, IP address, or the like may be collected. However, if systematic management is not accompanied by collecting and disposing of large-scale data, violation of relevant laws such as "Personal Data Protection Act". Furthermore, data quality problems can also occur and make incorrect decisions. In this paper, we propose a new data governance maturity model(DGMM) that can identify the personal data contained in the data collected by companies, use it appropriately for the business, protect it, and secure quality. And we also propose a over all implementation process for DG Program.

• Journal of KIISE:Information Networking
• /
• v.32 no.3
• /
• pp.370-381
• /
• 2005

Mobile IP provides an efficient and scalable mechanism for host mobility within the Internet. Using Mobile If, mobile nodes may change their point of attachment to the Internet without changing their If address. However, it would result in a high signaling cost. To reduce the signaling cost, we factor in the fact that mobile users will not be actively communicating much of the time. In fact, there Is no necessity to send a binding update message to the home agent when an mobile node does not communicates with others while moving. From this point of view, we propose a lazy update strategy for minimizing signaling cost using the forwarding pointer in hierarchical Mobile IPv6. In our proposal, binding updates are sent only when a mobile node is in a busy mode. If an mobile node is in a dormant mode, binding update messages are delayed until busy mode using the forwarding pointer. As a result, our proposal can reduce the total signaling cost by eliminating unnecessary binding update messages when a mobile node Is in a dormant mode. In addition to, our proposal reduces unnecessary location update cost resulting from ping-pong effect under mobile node's dormant mode. Analysis results using the discrete analytic model presented in this paper shows that our proposal can has superior performance than hierarchical Mobile nv6 when the call-to-mobility ratio is low and the length of the forwarding pointer chain K is low.

• Convergence Security Journal
• /
• v.5 no.2
• /
• pp.51-56
• /
• 2005

Service operating management to keep stable and effective environment according as user increase and network environment of the Internet become complex gradually and requirements of offered service and user become various is felt constraint gradually. To solve this problem, invasion confrontation system through proposed this log analysis can be consisted as search of log file that is XML's advantage storing log file by XML form is easy and fast, and can have advantage log files of system analyze unification and manages according to structure anger of data. Also, created log file by Internet Protocol Address sort by do log and by Port number sort do log, invasion type sort log file and comparative analysis created in other invasion feeler system because change sort to various form such as do log by do logarithm, feeler time possible.

• Industrial Engineering and Management Systems
• /
• v.11 no.1
• /
• pp.82-86
• /
• 2012

In For the past few years, query log data has been collected to find user's behavior in using the site. Many researches have studied on the usage of query logs to extract user's preference, recommend personalization, improve caching and pre-fetching of Web objects, build better adaptive user interfaces, and also to improve Web search for a search engine application. A query log contain data such as the client's IP address, time and date of request, the resources or page requested, status of request HTTP method used and the type of browser and operating system. A query log can offer valuable insight into web site usage. A proper compilation and interpretation of query log can provide a baseline of statistics that indicate the usage levels of website and can be used as tool to assist decision making in management activities. In this paper we want to discuss on the tasks performed of query logs in pre-processing of web usage mining. We will use query logs from an online newspaper company. The query logs will undergo pre-processing stage, in which the clickstream data is cleaned and partitioned into a set of user interactions which will represent the activities of each user during their visits to the site. The query logs will undergo essential task in pre-processing which are data cleaning and user identification.