• Journal of Information Processing Systems
• /
• v.16 no.1
• /
• pp.42-48
• /
• 2020

This paper proposes an operating system architecture for unmanned aerial vehicle (UAV), which is secure against root exploit, resilient to connection loss resulting in the control loss, and able to utilize common applications used in Linux. The Linux-based UAVs are exposed to root exploit. On the other hand, the microkernel-based UAVs are not able to use the common applications utilized in Linux, even though which is secure against root exploit. For this reason, the proposed architecture uses a virtualized microkernel on the Linux operating system to isolate communication roles and prevent root exploit. As a result, the suggested Operating system is secure against root exploit and is able to utilize the common applications at the same time.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2004.05a
• /
• pp.1145-1148
• /
• 2004

Mainframe Linux를 이용한 가상서버환경은 점차 기존의 분산서버환경과 유사한 방향으로 진화하고 있다. 이와 같이 구현된 가상의 서버환경에서 보안성의 확보는 필수 사항으로 요구되고 있으며 이와 관련한 여러 방안 중 기존 분산서버환경과 유사한 Virtual Firewall의 필요성이 대두되고 있으며, 이에 본 논문은 분산서버환경의 Firewall 적용 및 Mainframe Linux의 가상서버환경 구현에 관한 연구활동을 바탕으로, Firewall로서의 기능적 요구사항과 Mainframe Linux 환경의 Resource 관리 관련요구사항을 기준으로 Debian 계열의 상용 Virtual Firewall의 적용과 성능에 대한 평가를 수행하였다. 추가로 기존 분산서버환경의 Appliance 형태의 Gigabit Firewall의 성능평가 결과를 비교하여 보았다. 기능 및 성능적인 면에서 기존 분산서버환경의 Firewall 제품들과 유사한 수준과, Resource 관리의 측면에서 타 서버들과 공존하는 가상서버환경에 큰 영향을 미치지 않는 결과를 보여주었다.

• Convergence Security Journal
• /
• v.10 no.2
• /
• pp.27-35
• /
• 2010

We implemented an application system which is able to verify visitor identification for remote bundle control based on OSGi and web camera control using embedded linux system. This system are designed open Oscar framework by porting java on the embedded linux system and implemented web camera system in local area networks. Also This system can verify information of visitor from receiving the data of RFID reader and designed the wireless internet system in home. Basically, in this paper we expect that home network system development and the period of application service development are reduced with integrated service provision based on OSGi.

• Convergence Security Journal
• /
• v.4 no.2
• /
• pp.43-51
• /
• 2004

Operating systems and application programs have security vulnerabilities derived from the software development process. Recently, incident cases related with the abuses of these vulnerabilities are increasing and the damages caused by them are becoming very important security issues all over the nations. Patch management is one of the most important processes to fix vulnerabilities of softwares and to ensure a security of systems. Since an institute or a company has distributed hierarchical and heterogeneous systems, it is not easy to update patches promptly. In this paper, we propose patch management framework to safely distribute and install the patches on Windows, Linux, and Solaris client systems. Besides, we considered extensibility and hierarchical structure for our patch management framework to support large scaled network environment.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.8
• /
• pp.3005-3011
• /
• 2010

As soon as high-performanced smart phones is rapidly emerging in recent, its security problems come to the front. Especially in case of an open platform, it is easy to be a target of virus. Many security solution industries such as Symantec and Ahnlab are developing a mobile security system, but they have not yet a commercial product. We developed the effective security function of Android system based on SELinux to solve this problem, and verified its performance by applying the user applications developed to S3C6410 board.

• Proceedings of the KAIS Fall Conference
• /
• 2011.12b
• /
• pp.562-564
• /
• 2011

본 논문에서는 리눅스 운영체제를 기반으로 오픈 소스 침입탐지 시스템인 Snort 등울 LSM(Linux Security Module) 구조의 hooking 부분에 구현시켜 보안 관리자가 의도하는 포트 스캔, DDOS 공격, ARP/IP 위장, 서명 탐지 등이 가능하도록 시스템을 구현하는 방법을 제시하고자 한다.

• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2002.11a
• /
• pp.72-81
• /
• 2002

Management for security product and application is becoming more difficult because they became more specialized. Most of research is focused on combining policies for information security management policy, security standard, and security tools. However, there are no researches for total solution for both application and security policy. Thereby, the purpose of this research is to propose a remote integrated management system based on linux. The system could efficiently manage data update for application and policy update for a server supporting the distinct configuration of each server. By using the remote integrated management system, system manager with poor secure knowledge also could easily manage their system securely.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2002.11a
• /
• pp.72-81
• /
• 2002

Management for security product and application is becoming more difficult because they became more specialized. Most of research is focused on combining policies for information security management policy, security standard, and security tools. However, there are no researches for total solution for both application and security policy. Thereby, the purpose of this research is to propose a remote integrated management system based on linux. The system could efficiently manage data update for application and policy update for a server supporting the distinct configuration of each server. By using the remote integrated management system, system manager with poor secure knowledge also could easily manage their system securely.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.799-803
• /
• 2006

리눅스 메모리 덤프데이터 분석기술은 메모리에 저장되는 데이터를 찾는데 목적이 있고, 현재 수행중인 프로그램이나, 리눅스 커널의 오류 발생 원인을 찾는데 이용이 된다. 이 논문에서는 리눅스 메모리 덤프 방법과 메모리 덤프 데이터 분석 기술에 대하여 기존의 방법들을 조사한 결과를 설명한다. 메모리 덤프데이터 분석기술은 메모리에 저장되는 기본적인 데이터를 조사를 할 수 있고, 수행중인 프로그램을 분석하고, 이미 만들어진 시스템을 역으로 추적하여 애초의 문서나 설계기법 등의 자료를 얻어낼 수 있다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.335-339
• /
• 2001

국외의 경우엔 일찍부터 컴퓨터 시스템 평가기준이 제정되어 활용중이나 국내의 경우엔 아직 평가기준이 없는 상태이다. 본 논문에서는 국내외 정보시스템의 보안 요구사항과 보증 요구사항을 바탕으로 리눅스 기반 PC의 보안성 평가기준을 제안하고자 한다. 평가등급은 KL(Korea Linux)1, KL2, KL3 등의 3등급으로 분류하였다. 제안된 평가기준은 오픈 소스기반의 리눅스를 이용하여 보안기능을 강화한 운영체제 개발방향을 제시하였고, 보안 시스템 구축의 방향 및 보안표준에 대한 복잡한 문제를 줄였다. 또한 국제공통평가기준(CC : Common Criteria)의 보안기능부분과 보증부분을 거의 수용함으로써, 외국의 보안성 평가기준과 상호 운용이 가능하다.