• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.176-180
• /
• 2006

In this paper, we propose an efficient authentication protocol based on certificateless signature scheme, which does not need any infrastructure to deal with certification of public keys, among the vehicles in Vehicular Ad-hoc Networks. Moreover, the proposed protocol introduces the concept of interval signature key for efficiently solving the problem of certificate revocation.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.06a
• /
• pp.829-832
• /
• 2007

A Mobile Ad Hoc Network is a system of wireless mobiles nodes that dynamically self-organized in arbitrary and temporary network topologies allowing people and devices to inter-network without any preexisting communication infrastructure. Taking into account its nature and challenges and security issues, we present current security solution and analyse the scheme for protecting attacks.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.1
• /
• pp.860-863
• /
• 2005

Ad-Hoc networks are a new generation of networks offering unrestricted mobility without any underlying infrastructure. Primary applications of Ad-Hoc networks are in military, tractical and other security sensitive operations, where the environment is hostile. Hence, security is a critical issue. In this paper, we ahve identified certain misbehaviors caused by mallicious node for reactive routing protocol. We also discuss the intrusion detection and intrusion prevention model to prevent several identified attacks in the networks

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.146-152
• /
• 2003

DNS는 인터넷 자원 관리를 위해 사용되고 있는 분산 네이밍 데이터베이스로써 최근보안상의 취약점으로 인해 안전한 인터넷 사용에는 한계가 있다고 지적되었다. 따라서 안전한 인터넷 기반 제공을 위해 DNS의 보안 고도화 연구가 진행되었으며 그 일환으로 BNS 보안 확장(DNSSEC)이 대두되었다. 본 논문에서는 DNSSEC에 대한 이론적인 바탕을 토대로 보다 안전한 인터넷 자원 사용을 위한 방안을 연구하고 이의 적용방안과 안정화를 위한 제반 사항을 기술한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2020.11a
• /
• pp.65-68
• /
• 2020

자체 제작한 프로그램인 USB 보안 모듈과 Active Directory를 활용하여 서버에서 다수의 클라이언트를 관리할 수 있는 인프라를 구축한다. USB 보안 모듈과 기존 소극적인 보안 정책으로 인해 개인 또는 내부망으로 사용하고 있는 Active Directory의 보안 정책을 결합하여 극단적이고 폐쇄적인 강력한 보안 기능을 가능케 하며 그 효용성을 제안 한다.

• Journal of the Korean Institute of Illuminating and Electrical Installation Engineers
• /
• v.24 no.4
• /
• pp.25-32
• /
• 2010

The Supervisory Control and Data Acquisition Systems (SCADA) system provides monitoring, data gathering, analysis, and control of the equipment used to manage most infrastructure. The SCADA Network is implemented in a various manner for larger utilities, and multiple types of protocol and communication interfaces are used to network the control center to remote sites. The existing SCADA equipment and protocols were designed and implemented with availability and efficiency, and as a result security was not a consideration. So, performance, reliability, flexibility and safety of SCADA systems are robust, while the security of these systems is often weak. This makes some SCADA networks potentially vulnerable to disruption of service, process redirection, or manipulation of operational data that could result in public safety concerns and/or serious disruptions to the infrastructure. To reduce the risks, therefore, there is a need to have a security device such as cipher devices or cryptographic modules for security solutions. In this paper we develop an embedded cipher device for the SCADA equipment. This paper presents a cipher device designed to improve the security of its networks, especially in the serial communication.

• Convergence Security Journal
• /
• v.6 no.4
• /
• pp.153-160
• /
• 2006

The control system is accomplishing very important role in our life currently as the national critical Infrastructure and large scale industry plant. We manage SCADA system to manage generally the control system interconnected with the information system. The operating system of SCADA is changing also to the well-known OS like Windows or UNIX for offer various convenience and facility to the user. We offered the reason why such change of the system makes so that it is exposed to cyber terror. In the traditional SCADA system is managed safely by an isolated network system physically. It is the trend to increase gradually though a cyber terror possibility is thinner on a control system than a information system but the cyber terror gives a nation or community wide damage influence of large scale if it happens. Therefore this paper presents a security safeguard plan about SCADA system and helps prepare systematic security strategy and enhance the security level implement.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.8
• /
• pp.1466-1477
• /
• 2016

Public key infrastructure(PKI), principle technology of the certificate, is a security technology providing functions such as identification, non-repudiation, and anti-forgery of electronic documents on the Internet. Our government and financial organizations use PKI authentication using ActiveX to prevent security accident on the Internet service. However, like ActiveX, plug-in technology is vulnerable to security and inconvenience since it is only serviceable to certain browser. Therefore, the research on HTML5 authentication system has been conducted actively. Recently, domestic bank introduced PKI authentication complying with web standard for the first time. However, it still has inconvenience to register a certification on each website because of same origin policy of web storage. This paper proposes the certificate based SSO protocol that complying with web standard to provide user authentication using certificate on several sites by going around same origin policy and its security proof.

• Journal of the Korea Society of Computer and Information
• /
• v.20 no.5
• /
• pp.113-121
• /
• 2015

This research suggests construction processes and security solutions for security control center as management measures for security management improvement in domestic electronic security companies. Security control center (SCC) is the central nerve of electronic security service, and no matter how well the on-site response system has been built, if SCC ceases to work due to an incident or disaster or security control personnel are harmed, the electronic security system cannot perform its proper functions. It is divided to a spatial structure, the infrastructure, control equipment, control solutions and operating structure in a construction process in the security control center. And a solution can be presented for physical security, information security, and personnel security in the way to security solutions.

• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.9 no.2
• /
• pp.55-62
• /
• 2001

A safe and secure civil aviation system is a critical component of the nation's overall security, physical infrastructure, and economic foundation. Although it is not fully known at this time what actually occurred or which of the weaknesses in the nation's aviation security apparatus contributed to the terrible events of 11 September in the U.S.A., it is clear that serious weaknesses exist in our aviation security system including regulation system. Actually, defectiveness of regulations structure and contents concerned in aviation security were discussed in various studies. On this study, we have identified defectiveness in aviation security regulation system by the comparative study between 14 CFR and Korean regulations. Finally, we are to provide some suggestions and alternatives to improve aviation security regulation system in this country.