• Title/Summary/Keyword: Information secure service

Search Result 859, Processing Time 0.026 seconds

The Non-Repudiation Service for Secure Message Handling System (Secure MHS를 위한 부인봉쇄 서비스)

  • 차경돈;홍기융;김동규
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 1991.11a
    • /
    • pp.155-164
    • /
    • 1991
  • 컴퓨터가 널리 보급되고 정보통신 기술이 발전함에 따라 지리적으로 먼거리에 있는 사람에게 정보를 주고받을 수 있게 되었는데, 안전한 데이타의 송수신은 그 중요성이 더해가고 있다. 이런 시점에서 ISO가 OSI 환경에서 안전성 제공을 위해 IS 7498-2로 발표한 OSI Security Architecture에서는 5가지 안전성 서비스틀 제공하였다. 본 논문에서는 이들 중 이미 발생한 통신 사실을 부인할 수 없도록 하는 부인봉쇄 서비스를 제공할 수 있는 부인봉쇄 서비스 구현 모델을 MHS(Message Handling System)상에 설계하였으며, 구현방안을 제시하였다.

  • PDF

Improved Secure Remote User Authentication Protocol

  • Lee, Ji-Seon;Park, Ji-Hye;Chang, Jik-Hyun
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.34 no.9B
    • /
    • pp.931-938
    • /
    • 2009
  • Recently, Holbl et al. proposed an improvement to Peyravian-Jeffries's password-based authentication protocol to overcome some security flaws. However, Munilla et al. showed that Holbl et al.'s improvement is still vulnerable to off-line password guessing attack. In this paper, we provide a secure password-based authentication protocol which gets rid of the security flaws of Holbl et al.'s protocol.

Threat Issues of Intelligent Transport System in the V2X Convergence Service Envrionment (V2X 융합서비스 환경에서 지능형차량시스템의 위협 이슈)

  • Hong, Jin-Keun
    • Journal of the Korea Convergence Society
    • /
    • v.6 no.5
    • /
    • pp.33-38
    • /
    • 2015
  • In a V2X convergence service environment, the principal service among infotainment services and driver management services must be supported centering on critical information of the driver, maintenance manager, customer, and anonymous user. Many software applications have considered solutions to be satisfied the specific requirements of driving care programs, and plans. This paper describes data flow diagram of a secure clinic system for driving car diagnosis, which is included in clinic configuration, clinic, clinic page, membership, clinic request processing, driver profile data, clinic membership data, and clinic authentication in the V2X convergence service environment. It is reviewed focusing on security threat issue of ITS diagnostic system such as spoofing, tampering, repudiation, disclosure, denial of service, and privilege out of STRIDE model.

Secure Jini Service Architecture Providing Ubiquitous Services Having Persistent States (유비쿼터스 서비스 상태지속을 지원하는 안전한 Jini 서비스 구조)

  • Kim, Sung-Ki;Jung, Jin-Chul;Park, Kyung-No;Min, Byoung-Joon
    • The KIPS Transactions:PartC
    • /
    • v.15C no.3
    • /
    • pp.157-166
    • /
    • 2008
  • The ubiquitous service environment is poor in reliability of connection and also has a high probability that the intrusion against a system and the failure of the services may happen. Therefore, It is very important to guarantee that the legitimate users make use of trustable services from the viewpoint of security without discontinuance or obstacle of the services. In this paper, we point out the problems in the standard Jini service environment and analyze the Jgroup/ARM framework that has been developed in order to help fault tolerance of Jini services. In addition, we propose a secure Jini service architecture to satisfy the security, availability and quality of services on the basis of the analysis. The secure Jini service architecture we propose in this paper is able to protect a Jini system not only from faults such as network partition or server crash, but also from attacks exploiting flaws. It provides security mechanism for dynamic trust establishment among the service entities. Moreover, our secure Jini service architecture does not incur high computation costs to merge the user service states because of allocation of the replica based on each session of a user. Through the experiment on a test-bed, we have confirmed that proposed secure Jini service architecture is able to guarantee the persistence of the user service states at the level that the degradation of services quality is ignorable.

A Study of Response and Plan to Decrease Damage of ISP Secure Payment (ISP 안전결제 서비스 피해를 최소화하기 ISP 대응방안 연구)

  • Kim, Byung-Man;Ma, Sangjun
    • Journal of Convergence Society for SMB
    • /
    • v.5 no.2
    • /
    • pp.33-38
    • /
    • 2015
  • The damage to the security is increasing as public key-based ISP secure payment service is used in online banking payment system. Security technology aspect to ISP secure payment security has no special problems. But, security damage that occurs due to the simplicity of the payment system is a problem. In this paper, we propose response and plan for ISP secure payment service to minimize the damage that occurs due to the simplicity of a security settlement system. Proposed scheme is applicable to various billing systems such as secure payments, online payment, mobile payment, credit card. Proposed scheme is characterized in that can stably support the capabilities of the new billing system. Also, proposed scheme is to analyze the various security threats arising from the payment of the financial services and to describe response and plan technology.

  • PDF

Service Scenarios for Green House Gas Monitoring Service over NGN

  • Choi, Sam-Gil;Kim, Dong-Il;Lee, Soong-Hee
    • Journal of information and communication convergence engineering
    • /
    • v.9 no.4
    • /
    • pp.401-404
    • /
    • 2011
  • Considerations for green house gas (GHG) monitoring over next generation network (NGN) are regarded as a green convergence service for the successful reduction of GHG emission leading to resolve global warming issue in that NGN is expected to provide secure connections to fixed-and-mobile converged (FMC) features. Model-based scenario approach is an appropriate way to standardize and actualize the desired service. This paper first describes the service scenario of GHG monitoring service over NGN.

Multicast Secure Architecture based on PIM-SM (소규모 멀티캐스트를 기반으로 한 멀티캐스트 보안구조)

  • 김성선;이상순;정영목
    • Journal of the Korea Society of Computer and Information
    • /
    • v.6 no.2
    • /
    • pp.116-122
    • /
    • 2001
  • A conventional multicast secure protocol. MVMRP, CBT is designed for a large scaled r protocol so the PIM-SM (protect Independent Multicst-Sparse Mode) routing protocol which small number of clients, long distance path among the hosts and shortest path routing chara weak point of require it's own Core tree and re-keying when the traffic is pass through the ro In this study, proposes a architect for a licit information secure of join/leave to all the user or on-service user. With proposed architect, subgroups for multicast secure group mana will be divided by RP (Rendezvous-Point) unit and each RP has a subgroup manager. As a result, the transmitting time is shortened because there is no need to data translation by group key on data sending and the whole architecture size is samller than the other multicast secure architecture.

Performance Analysis of WPA(Wi-Fi Protected Access Technology) in Wired and Wireless Network (유무선 네트워크 상에서 WPA 성능 분석)

  • Seol, Jeong-Hwan;Lee, Ki-Young
    • Proceedings of the IEEK Conference
    • /
    • 2005.11a
    • /
    • pp.281-284
    • /
    • 2005
  • WPA is a security service that greatly increases data protection and access control on WLANs. WPA uses TKIP that is secure algorithm of 802.11i and 802.1X/EAP authentication. It provides enhanced secure ability with the dynamic security key to correct WEP's weaknesses. In this paper, we obtain measured data transmission time that by how to create secure key of WPA in the wired and wireless network. The result shows that the delay of data transmission time was not long even if used WPA.

  • PDF

The Security Architecture for Secure Cloud Computing Environment

  • Choi, Sang-Yong;Jeong, Kimoon
    • Journal of the Korea Society of Computer and Information
    • /
    • v.23 no.12
    • /
    • pp.81-87
    • /
    • 2018
  • Cloud computing is a computing environment in which users borrow as many IT resources as they need to, and use them over the network at any point in time. This is the concept of leasing and using as many IT resources as needed to lower IT resource usage costs and increase efficiency. Recently, cloud computing is emerging to provide stable service and volume of data along with major technological developments such as the Internet of Things, artificial intelligence and big data. However, for a more secure cloud environment, the importance of perimeter security such as shared resources and resulting secure data storage and access control is growing. This paper analyzes security threats in cloud computing environments and proposes a security architecture for effective response.

A Study on ways to secure personal information stability according to the implementation of the mobile phone use system for milityary personnel (군장병 휴대전화 사용제도 시행에 따른 개인정보 안정성 확보 방안 연구)

  • Hwangbo, Wongyu;Shin, Dong-Kyoo
    • Journal of Internet Computing and Services
    • /
    • v.23 no.6
    • /
    • pp.49-58
    • /
    • 2022
  • As military service members are fully permitted to use mobile phones for sickness after work, it is time to minimize the direct collection of personal information from telecommunication companies when opening mobile phones to secure the safety of military service personnel's personal information. Prior to introducing the use of mobile phones by soldiers after work, the Ministry of National Defense established a security control system such as blocking the mobile phone shooting function to prevent security accidents and concerns about some adverse functions such as illegal cyber gambling, game addiction, and viewing pornography. come. Mobile telecommunications companies entrust personal information processing tasks, such as opening mobile phones, to telecommunications agencies and carry out management and supervision, such as checking the status of personal information protection measures. When a military service member opens a mobile phone, a personal information management agency is newly established using the right to portability of personal information, and a system for requesting the transmission of personal information from the military service member is proposed.