• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.141-146
• /
• 2022

The iris, a biometric information, is safe, unique, and reliable, such as fingerprints, and is personal information that can significantly lower the misrecognition rate than other biometric authentication. However, due to the nature of biometric authentication, it is impossible to replace it if it is stolen. There is a case in which an actual iris photo is taken and 3d printed so that the eyes work as if they were in front of the camera. As such, there is a possibility of iris leakage through high-definition images and photos. In this paper, we propose to improve iris masking performance by supplementing iris region masking research based on existing blurring techniques. Based on the results derived in this study, it is expected that it can be used for the security of video conference programs and electronic devices.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.3 no.4
• /
• pp.35-42
• /
• 2010

This paper reviews the current studies about the current secure OS, security module and SELinux, and suggests Linux access control module that uses the user discriminating authentication, security authority inheritance of subjects and objects, reference monitor and MAC class process and real-time audit trailing using DB. First, during the user authentication process, it distinguishes the access permission IP and separates the superuser(root)'s authority from that of the security manager by making the users input the security level and the protection category. Second, when the subjects have access to the objects through security authority inheritance of subjects and objects, the suggested system carries out the access control by comparing the security information of the subjects with that of the objects. Third, this system implements a Reference Monitor audit on every current events happening in the kernel. As it decides the access permission after checking the current MAC security attributes, it can block any malicious intrusion in advance. Fourth, through the real-time audit trailing system, it detects all activities in the operating system, records them in the database and offers the security manager with the related security audit data in real-time.

• Convergence Security Journal
• /
• v.13 no.3
• /
• pp.39-46
• /
• 2013

Recently, the problem of global warming has become a globally important issues. and To solve these problems, has been receiving increasing attention for the Green IT. In these situation, IT techniques are evolving with variety services and hacking techniques. so, it is inevitable to the use of a many and diverse secure system. As a result, Carbon Dioxide emissions are expected to increase. Therefore, in this paper is analyzed the factors of security system's $CO_2$ emissions through Experiments and A case study. and is proved that is reducing $CO_2$ emissions by improving the functional restructuring of the security system. In a future, this paper is expected to serve as a valuable Information for security network design and performance improvements and to reduce Carbon Emissions in the Field of IT.

• Convergence Security Journal
• /
• v.18 no.1
• /
• pp.43-60
• /
• 2018

Recently, with the arrival of the 4th industrial revolution, the security risks are converging and complexly changing, and the demand of cybersecurity experts is increasing. Therefore, in this paper, it is the largest of the domestic educational institutions, it has the largest number of emissions talent, and selects the representative major field of humanities and society. Then, after analyzing the common curriculum in each major field, compare it with the training course of cybersecurity experts derived through existing previous research. Through analysis results, we try to design a retraining course for cybersecurity professional human resources. Utilizing the results of this research, it is expected that it will be used as the basic material necessary for the subjects of the re-curriculum education. It is also expected to contribute to resolving the supply-demand gap of cybersecurity professionals.

• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.19-25
• /
• 2017

Public institutions invest about half of the information protection budget annually to introduce information security products and information protection services in order to prevent cyber terrorism and establish organizational security. However, research on whether introduced information security products has a positive influence on improving the information security level of the actual institution is in an incomplete state, and accordingly, There are problems such as the measurement of the investment effect of the information security product introduced in the organization and the difficulty in selecting the optimum information security product that the agency actually needs. In this paper, prior research will conduct research on the influence of the introduction of information security products on the improvement of information security level of organization through analysis of operational data of inadequate information security products, and based on the research results, It would be useful to use it for information security practices such as optimal product selection and internal security policy formulation through validation of the introduction of information security products of public institutions.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.214-216
• /
• 2021

It proposes a plan to strengthen the limitations of existing corporate security systems based on Zero-Trust. With the advent of the era of the Fourth Industrial Revolution, the paradigm of security is also changing. As remote work becomes more active due to cloud computing and COVID-19, security issues arising from the changed IT environment are raised. At the same time, in the current situation where attack techniques are becoming intelligent and advanced, companies should further strengthen their current security systems by utilizing zero trust security. Zero-trust security increases security by monitoring all data communications based on the concept of doubting and trusting everything, and allowing strict authentication and minimal access to access requestors. Therefore, this paper introduces a zero trust security solution that strengthens the existing security system and presents the direction and validity that companies should introduce.

• Convergence Security Journal
• /
• v.16 no.1
• /
• pp.59-68
• /
• 2016

Recently, many domestic and foreign industries is increasing gradually in the importance of security such as the emergence of a Convergence Information Technology(internet of things, cloud computing service, big data etc). Among these techniques, the industrial security market is expected to grow gradually and the evolution of security technologies, as well as vulnerabilities are also expected to increase. Therefore, an increase in physical vulnerability factors it is no exaggeration to standards that are determining the security of industrial security. In this paper will be analyzed to the physical security technology and case study, physical vulnerability factor. Thereby this is expected to be utilized as a basis for the countermeasure of physical corresponding infringement and attack in a future.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.128-131
• /
• 2012

WiBro the world is the communication technique which it standardizes from our country. The radio internet service use which uses WiBro is extending. Becomes accomplished from WiBro, terminals the internet service which is having a vulnerability in vulnerability and the Internet which come from the radio and the security technique is necessary in about vulnerability. It researched the vulnerability of WiBro terminals from the research which it sees and it researched a security technique in about vulnerability. To secure the vulnerability of WiBro, in order terminals it applies a security technique and around security technical applying comparison it analyzes.

• Journal of the Korea Convergence Society
• /
• v.1 no.1
• /
• pp.49-55
• /
• 2010

As the developing of the information communication technology, more and more devices are with the capacity of communication and networking. The convergence businesses which communicate with the devices have been developing rapidly. The IT convergence communication is viewed as one of the next frontiers in wireless communications. In this paper, we analyze detailed security threats against M2M(Machine to Machine), intelligent vehicle, smart grid and u-Healthcare in IT convergence architecture. We proposed a direction of the IT convergence security that imbedded system security, forensic security, user authentication and key management scheme.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2011.06a
• /
• pp.203-206
• /
• 2011

차세대 전력망인 Smart Grid는 에너지 효율성을 높이기 위한 대안이다. 현재 Smart Grid는 빠른 진행 속도에 비해 보안상 취약점을 다수 내포하고 있다. 이에 Smart Grid의 보안 취약점들을 분석하고, 취약점들에 대한 대응책을 마련하기 위한 방법을 연구하며, 그에 따른 보안 정책을 개발하여, 이들을 저장하여 보안 DB를 구축하고, 보안 시스템을 개발하여 지능적 취약점 DB 보안 시스템을 작동 시킬 수 있는 방법을 연구하여 다가올 보안 위협에 대응 할 수 있도록 하여 Smart Grid 시대의 발전에 기여 할 것이다.