• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.319-325
• /
• 2016

Cloud computing-related security incidents have occurred recently are beyond the scope of a enterprise's security incident is expanded to the entire range of customers who use the cloud computing environment. The control technology for the overall integrated security of the cloud data center is required for this purpose. This study research integrated and additional security elements for the cloud data center control to understand the existing control technology. It is a better understanding of the IaaS cloud environment to build the IaaS cloud environment by CloudStack. SW-IaaS cloud structure by combining CloudStack and IaaS cloud model presented by NIST is proposed in this study. This paper derive a security framework to consider in each layer of The SW-IaaS cloud components, which are composed of the Cloud Manager, Cluster Manager, and Computer Manager.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.5
• /
• pp.57-64
• /
• 2007

Mobile Agent has been known that it is an efficient communication paradigm for distributed applications and that a mobile agent provides higher flexibility and performance than existing communication paradigms. Despite these benefits, mobile agent is not used widely in the market because it is very vulnerable to a variety of attacks. To be applied to develop distributed applications, a mobile agent paradigm must consider both security and performance. In this paper, we propose and evaluate an improving method of a migration performance for a mobile agent model using ISM(Integrated Security Manager), which provides high-level security services and travel plan guide. In the proposed method. ISM offers the travel plan guide service which replies the accumulated results when a mobile agent has executed all migration plans related the trusted domain to be managed by ISM. Our method improved about $33{\sim}82%$ of total execution time than the existing method.

• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2002.11a
• /
• pp.72-81
• /
• 2002

Management for security product and application is becoming more difficult because they became more specialized. Most of research is focused on combining policies for information security management policy, security standard, and security tools. However, there are no researches for total solution for both application and security policy. Thereby, the purpose of this research is to propose a remote integrated management system based on linux. The system could efficiently manage data update for application and policy update for a server supporting the distinct configuration of each server. By using the remote integrated management system, system manager with poor secure knowledge also could easily manage their system securely.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2002.11a
• /
• pp.72-81
• /
• 2002

Management for security product and application is becoming more difficult because they became more specialized. Most of research is focused on combining policies for information security management policy, security standard, and security tools. However, there are no researches for total solution for both application and security policy. Thereby, the purpose of this research is to propose a remote integrated management system based on linux. The system could efficiently manage data update for application and policy update for a server supporting the distinct configuration of each server. By using the remote integrated management system, system manager with poor secure knowledge also could easily manage their system securely.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.2
• /
• pp.111-122
• /
• 2002

Malicious attackers generally attempt to intrude the target systems by taking advantage of existing system vulnerabilities and executing readily available code designed to exploit blown vulnerabilities. To the network security administrators, the rat and minimal step in providing adequate network security is to identify existing system vulnerabilities and patch them as soon as possible. Network-based vulnerability analysis scanners (NVAS), although widely used by network security engineers, have shortcomings in that they depend on limited information that is available and generally do not have access to hast-specific information. Host-based vulnerability analysis scanner (HVAS) can serve as an effective complement to NVAS. However, implementations of HVAS differ from one platform to another and from one version to another. Therefore, to security engineers who often have to maintain a large number of heterogeneous network of hosts, it is impractical to develop and manage a large number of HVAS. In this paper, we propose an agent-based architecture named ISMAEL and describe its prototype implementation. Manager process provides various agent processes with descriptiom on vulnerabilities to check, and an agent process automatically generates, compiles, and executes an Java code to determine if the target system is vulnerable or not. The result is sent back to the manager process, and data exchange occurs in % format. Such architecture provides maximal portability when managing a group of heterogeneous hosts and vulnerability database needs to be kept current because the manager process need not be modified, and much of agent process remains unchanged. We have applied the prototype implementation of ISMAEL and found it to be effective.

• 제어로봇시스템학회:학술대회논문집
• /
• 2005.06a
• /
• pp.1594-1597
• /
• 2005

A rapid development and a wide use of the Internet have expanded a network environment. Further, the network environment has become more complex due to a simple and convenient network connection and various services of the Internet. However, the Internet has been constantly exposed to the danger of various network attacks such as a virus, a hacking, a system intrusion, a system manager authority acquisition, an intrusion cover-up and the like. As a result, a network security technology such as a virus vaccine, a firewall, an integrated security management, an intrusion detection system, and the like are required in order to handle the security problems of Internet. Accordingly, a router, which is a key component of the Internet, controls a data packet flow in a network and determines an optimal path thereof so as to reach an appropriate destination. An error of the router or an attack against the router can damage an entire network. This paper relates to a method for RSMS (router security management system) for secure networking based on a security policy. Security router provides functions of a packet filtering, an authentication, an access control, an intrusion analysis and an audit trail in a kernel region. Security policy has the definition of security function against a network intrusion.

• Journal of Korean Society of Disaster and Security
• /
• v.15 no.4
• /
• pp.47-56
• /
• 2022

Along with high-rise buildings, complex buildings used by many unspecified people, such as various buildings and underground-linked buildings, are increasing. In particular, high-rise buildings are accompanied by a number of casualties and a lot of property damage in the event of a disaster, so reinforced integrated disaster management is necessary. The High-Rise Disaster Management Act stipulates that a general disaster manager is appointed and requires stricter safety management tasks than other buildings. Therefore, this study aims to analyze and present item factors for a preliminary survey of job satisfaction of general disaster managers through literature research and expert verification.

• The Journal of the Korea Contents Association
• /
• v.13 no.11
• /
• pp.533-540
• /
• 2013

Currently, as the Android platform only supports single-user protection, it needs security solution for multi-users. Specially, it has to protect specific applications which have personal and financial information, and be available to support authority management for contents access. Thus, this paper proposes an integrated user authority manger model for the Android platform. It helps application authority which is capable to divide into three statuses: installation, execution, deletion with the help of information technology.

• Journal of Advanced Navigation Technology
• /
• v.16 no.4
• /
• pp.709-716
• /
• 2012

Recently, smartgrid has interested in enable to existing electrical grid to supplying stably and efficient energy management. Smartgrid environment using PLC is transmit PLC module collected electricity consumption information in each house from PLC module to server. This communication process can occurred security threats such as personal information leak of consumer, electrical grid paralysis. In this paper, we propose efficient electricity consumption information transmission protocol with ID-based key distribution method for respond to security threats.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1047-1057
• /
• 2018

As the number of services offered on the Internet exponentially increases, password managers are increasing popular applications that store several passwords in an encrypted database (or password vault). Browser-integrated password managers or locally-installed password managers store the password vault on the user's device. Although a web-based password manager stores the password vault on the cloud server, a user can store the master password used to sign in the cloud server on her device. An attacker that steals a user's encrypted vault stored in the victim's device can make an offline attack and, if successful, all the passwords in the vault will be exposed to the attacker. This paper investigates the vulnerability of the password vault stored in the device and develops attack programs to verify the vulnerability of the password vault.