• Proceedings of the Korean Information Science Society Conference
• /
• 2000.04a
• /
• pp.175-177
• /
• 2000

인터넷에서의 보안 사고가 급증하게 되면서 여러 가지 보안 도구들이 소개되고 있으나, 보안상 완벽한 효과를 기대하기 어렵고 침입에 의한 자료 손실이 발생하였을 경우를 위한 대책은 전무한 상태이다. 본 논문은 보안관리 통합시스템의 에이전트들 간에 주기적인 백업을 수행하게 함으로써 침입자의 부정행위에 의한 자료 손실을 신뢰적으로 복구할 수 있는 메커니즘을 제시한다.

• The KIPS Transactions:PartC
• /
• v.8C no.5
• /
• pp.535-542
• /
• 2001

Mobile codes such as Java, Java-Script, ActiveX, and Script code are loaded into a client system first and then run without any notice to the client user. Executing code by this mechanism may cause various security problems such as flowing out system information, deleting or modifying files, and exhausting system resources. In this paper we propose an integrated authentication system to establish the uniform security countermeasure on various mobile codes. The system helps to solve to problems mentioned above. An integrated authentication system allows to load into an interpreter using ACL (Access Control List) which sets up an access authority to the executable contents and communicates with an interpreter using client/server model.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.12C
• /
• pp.1707-1721
• /
• 2004

In this paper, we propose a distributed communication model of intrusion detection system(IDS) in which integrated security management at networks level is possible, model it at a security node and distributed system levels, design and implement a simulator. At the node level, we evaluate the transfer capability of alert message based on the analysis of giga-bit security node architecture which performs hardware-based intrusion detection. At the distributed system level, we perform the evaluation of transfer capability of detection and alert informations between components of distributed IDS. In the proposed model, we carry out the performance evaluation considering decision factors of communication mechanism and present the results in order to gain some quantitative understanding of the system.

• The Transactions of the Korea Information Processing Society
• /
• v.2 no.6
• /
• pp.891-902
• /
• 1995

To integrate both the OSI network and the TCP/IP internet, the application gateway that have the powerful and flexible paradigms has been used, but due to the micro-managements of the gateway produce the high costs and the long delay of communication in the case of emergency. The mechanism that maps the access control policies between two domains using the different security policies is needed. These problems are caused by integrating both domains with the different standards. In this paper, the application gateway that delegating to an agent the powerful and flexible services of the CMIP as well as the management functions were proposed. A proposed algorithm that delegates he management script to an gateway safely by capitalizing on the Diffie-Hellman's distribution method, and presents the security mechanism mediating the security policies for guaranteeing the secure communication between two domains using the different security policies.

• Convergence Security Journal
• /
• v.11 no.4
• /
• pp.77-83
• /
• 2011

In addition to the rapid development of health information technology services for the development of new medical information, a lot of research is underway. Improve health care services for patients are many ways to help them. However, no information about the security, if only the technology advances in health care systems will create an element of risk and threat. Today's issues and access issues are stable over a public network. Ad hocsensor network using secure, non-integrated health information system's security vulnerabilities does not solve the security vulnerabilities. In the development and utilization of health information systems to be subject to greater restrictions. Different security policies in an environment with a medical information system security policy mechanism that can be resolved if people get here are needed. Context-aware and flexible policy of integration and confidential medical information through the resistance should be guaranteed. Other cross-domain access control policy for telecommunications should be protected. In this paper, that the caller's medical information system, diversification, diversification Security agent in the environment, architecture, design, plan, role-based security system are proposed. The proposed system architecture, design work in the field and in the utilization of one model are expected to be.

• International Journal of Computer Science & Network Security
• /
• v.23 no.3
• /
• pp.94-100
• /
• 2023

The primary goal of any communication spacecraft is to provide communication in variety of frequency bands based on mission requirements within the Indian mainland. Some of the spacecrafts operating in S-band utilizes a 6m or larger aperture Unfurlable Antenna (UFA for S-band links and provides coverage through five or more S-band spot beams over Indian mainland area. The Unfurlable antenna is larger than the satellite and so the antenna is stowed during launch. Upon reaching the orbit, the antenna is deployed using motors. The deployment status of any deployment mechanism will be monitored and verified by the telemetered values of micro-switch position before the start of deployment, during the deployment and after the completion of the total mechanism. In addition to these micro switches, a camera onboard will be used for capturing still images during primary and secondary deployments of UFA. The proposed checkout system is realized for validating the performance of the onboard camera as part of Integrated Spacecraft Testing (IST) conducted during payload checkout operations. It is designed for acquiring the payload data of onboard camera in real-time, followed by archiving, processing and generation of images in near real-time. This paper presents the architecture, design and implementation features of the acquisition, processing and Image generation system for Camera onboard spacecraft. Subsequently this system can be deployed in missions wherever similar requirement is envisaged.

• The Journal of the Korea Contents Association
• /
• v.6 no.12
• /
• pp.29-39
• /
• 2006

With the increasing popularity of the wireless network, the vulnerability issue on IEEE 802.1x Wireless Local Area Network (WLAN) are more serious than we expected. Security issues range from mis-configured wireless Access Point(AP) such as session hijacking to Denial of Service(DoS) attack. We propose a new system based on intrusion detection or prevention mechanism to protect the wireless network against these attacks. The proposed system has a security solution on AP that includes an intrusion detection and protection system(IDS/IPS) as an embedded module. In this paper, we suggest integrated wireless IDS/IPS module on AP with wireless traffic monitoring, analysis and packet filtering module against malicious wireless attacks. We also present that the system provides both enhanced security and performance such as on the university wireless campus network.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.747-749
• /
• 2017

To protect financial services against danger of financial accidents and customer information leakage caused by malware, injection attack and so on, Financial Services Commission announced "Financial Networks Security Enhancement Comprehensive Plan", which suggests the guideline of protecting customer information and providing secure financial services by separating network topology and then makes the financial company use network partitioning system. In consequence of this policy, financial companies respectively chose between the physical partitioning mechanism or the logical partitioning mechanism according to their IT environment. This paper suggests an efficient infrastructure configuration plan for making the logical network partition, by comparison of a construction of traditional general equipment and an integrated HCI(Hyper Converged Infrastructure) through 'Hyper Converged' which is one of virualization techniques for developing currently, and the case study of the integrated HCI method.

• Journal of Advanced Navigation Technology
• /
• v.12 no.5
• /
• pp.444-450
• /
• 2008

With the advancement of the mobile device and arrival of the integrated wired/wireless environments, the damand for services accessible by mobile devices is rapidly increasing. However, unlike existing wired networks, communication in wireless networks has many weaknesses. Therefore, research and development into an appropriate security technology has reached a critical stage, as combined wired/wireless environments emerge. Therefor, in this paper, we propose that device authentication technology in AAA (Authentication, Authorization, Accounting) mechanism of Mobile environment for secure service offer.

• Journal of Internet of Things and Convergence
• /
• v.2 no.3
• /
• pp.25-30
• /
• 2016

The issued problem in the existed NFC authentication system is the security problem caused by the fixed key and the inconvenience occurred by the extra NFC tag. This paper aims to enhance the security level through OTP system added up the key generation mechanism and the convenience level by the integrated Android App. This proposed authentication system on Arduino will be widely applied to IoT security and will be used on diverse applications.