• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.307-310
• /
• 2010

Ubiquitous society to build basic infrastructure in the power supply and power equipment safety is important. U-City in order to prevent the disaster of U-IT Power Equipment Performance Module and the security for the safety of the U-City is necessary. In this paper, the power unit of U-IT module, temperature sensor, humidity sensor, equipped with sensors arranged throughout the fire, and home distribution boards, Home Network Wall-Pad, Blocker, MPNP black boxes, arc detection, arc safety equipment, outlet of the modular performance evaluation and security measures will be studied. U-IT power devices and sensors to analyze the information conveyed by proactive risk and ensure safety, access control, authentication, security safeguards, such as U-IT integrated management system for electrical safety and strengthen the security, safety and security with a U-City will contribute to the construction and operation.

• 한국IT서비스학회:학술대회논문집
• /
• 2002.11a
• /
• pp.379-384
• /
• 2002

현재 대부분의 XML 기반 e-Business 프레임워크의 연구 및 지원은 개별적인 구성 컴포넌트의 세부 설계 기법 및 구현 방법 개발에만 집중되어 있는 것이 현실이다. 과거와는 달리 보안 요소가 부가적인 요구 사항이 아닌 핵심 개발 요소라는 인식이 확대되어 가는 과정에 있다. 인터넷 보안기술 중 공개키 암호화 시스템을 이용해 향상된 보안 수준을 제공하기 위한 기반 기술인 PKI는 각종 응용 시스템 및 전자상거래 기반 기술로서 현재 가장 중요한 기술로 인식되고 사용되고 있다. 본 논문에서는 XML기반 차세대 PKI기술인 XKMS 보안 모듈 설계를 통해 웹 서비스에 보다 안전한 보안 서비스를 제공하기 위한 방안을 연구한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.6
• /
• pp.1197-1202
• /
• 2017

Security services that support electric energy service gateway require relatively high reliability. In particular, the application services that accompany communications and data are run organically. Each of the security services should support a secure service platform that supports a secure, scalable life cycle for existing services which should be extends security layer of Universal Middleware. In this convergence platform, it is the study of security transfer modular services that allow independent life cycle management of systems through Universal middleware. First, It is modular in terms of energy consumption service and data, enabling real-time operation, communications, remote management and applications. Second, the life cycle of the secure module to support start, stop and updating of the security module by applying the security policy module layer concept. It is modular system enabling to design of dyanmic models in the smart grid, the service was intended to be standardized and applied to the security service platform.

• Convergence Security Journal
• /
• v.19 no.5
• /
• pp.3-9
• /
• 2019

The importance of Industrial Security is continuously growing along with the rapid development of convergence technologies. Accordingly, it is expected for the gap between the supply and demand of industrial security professional personnel to grow every year. In order to reduce the supply and demand of industrial security, it is important to not only train professional qualifications but at the same time, secure a professional qualification acquisitor. In this regard, South Korea has introduced the Industrial Security Expert qualification as a non-governmental qualifications ince 2010. From 2017, promoted as nation-certified qualification and has supported activities as expert in industrials ecurity field. However, it is reality that Industrial Security Expert qualification has not yet to be recognized as professional qualification in the field of industry, have low rate of utilization as academic research is also shown the sign of stagnation. Based on these background, this research set goal in deducing a activation method for industrial security professional qualification concentrating on Industrial Security Expert qualification. The analysis on operation condition of Industrial Security Expert qualification and related precedent research was conducted and raised four types of activation method, which are organizational aspect, certification system improvement and operation aspect, certification acquisitors' utilization aspect and professionalism enhancement aspect.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.11
• /
• pp.1471-1477
• /
• 2019

Currently, there are various security methods in smart phone. Among them, pin number and pattern lock were used long as they were used from early smart phone. However, security is weak that much. The security of pin number is slightly high, but the security of conventional pattern lock remains moderate. However, the conventional pattern lock is still used by several people because of convenience. This is because some users' smart phones don't support biometric security. The most convenient security method for devices that don't support biometric security is pattern lock. However, this method is vulnerable to shoulder surfing attack and smudge attack. Therefore, we introduce random pattern lock that solves the vulnerability of the conventional pattern lock while maintaining the convenience of the pattern lock. This is a lock method that places each point placed on the screen in a circular shape and assigns a random number to it. Therefore, If this is introduced, It's expected to solve vulnerability.

• 정보보호뉴스
• /
• s.137
• /
• pp.58-59
• /
• 2009

경제위기와 더붙어 기업과 개인이 다양한 보안위협에 노출됨에 따라 지난 2008년은 1.25 인터넷 대란 이후 정보보호가 다시 한번 사회적 이슈로 떠오른 해였다. 협박성 대량 트래픽 공격(DDoS : 분산 서비스거부공격)에 의한 웹 서비스의 불안정, 급속도로 이용자가 늘고 있는 인터넷전화(VoIP)의 보안 위협까지. 기업과 일반 IT 제품 및 서비스 이용자들은 직간접적으로 보안이슈에 노출되고 있다.

• 정보보호뉴스
• /
• s.128
• /
• pp.21-23
• /
• 2008

정보보호 담당자가 해야 할 일들이 점차 많아지고 있다. 침해사고 대응을 비롯해, 내부 정보 유출방지, 개인정보보호, 보안 프로세스 확립, 보안활동에 대한 평가까지. 그럼에도 정보보호팀이나 관련 부서가 수행해야 하는 여러 업무 가운데 가장 기본적인 임무는 해커의 공격으로부터 기업의 IT 자산을 안전하게 보호하는 것일 수 밖에 없다. 인터파크 지마켓 보안팀은 그 기본에 가장 충실한 곳으로 손꼽히는 곳이다.

• Convergence Security Journal
• /
• v.8 no.4
• /
• pp.199-207
• /
• 2008

Web service has many security weekness because it is exposure to outside and connected with various application. Especially, as new technology developed new type of security weakness has occured consistently. In this paper, we construct webserver and honeyweb by using virtual reality on a basis these weakness. So it cannot be influenced by any attack to the hardware of the system. By using honey web, it disigned and embodied web server secutiry system to collect the data about new attack. Through this, it can provide proper secutiry in a web environment of mutual communication.

• Convergence Security Journal
• /
• v.22 no.3
• /
• pp.13-18
• /
• 2022

With the rapid development of IT technology, integration with existing industries has led to an increase in smart manufacturing that simplifies processes and increases productivity based on 4th industrial revolution technology. Security threats are also increasing and there are. In the case of supply chain attacks, it is difficult to detect them in advance and the scale of the damage is extremely large, so they have emerged as next-generation security threats, and research into detection technology is necessary. Therefore, in this paper, we collect, store, analyze, and visualize logs in multiple environments in real time using ELK Stack and Sysmon, which are open source-based analysis solutions, to derive information such as abnormal behavior related to supply chain attacks, and efficiently We try to provide an effective detection method.

• Convergence Security Journal
• /
• v.10 no.4
• /
• pp.13-19
• /
• 2010

The flow of time, depending on the company's ongoing business link to guarantee the proportion of much greater importance, it in the organization as part of an enterprise-wide level, rather than acting on the information society has been considered as the topic of race. Information Security Governance, the integrity of the information, service continuity, the three kinds of information asset protection purpose begins. It is essential for corporate governance, transparency should be part, must be aligned with the IT framework. Existing information security governance framework that small businesses a wide range of governance issues and interests have never had. Therefore, we simplified the information security governance framework is proposed, and solve problems, and propose a framework for analysis of the safety and efficiency through the analysis of the effectiveness of the proposed method were discussed.