• Title/Summary/Keyword: Mail security

Search Result 181, Processing Time 0.023 seconds

A Study on the Special Digital Signature Systems (특수 디지틀 서명방식에 대한 고찰)

  • 김승주;원동호
    • Review of KIISC
    • /
    • v.6 no.2
    • /
    • pp.21-34
    • /
    • 1996
  • 계약이나 송금 등을 행하는 서비스에서 서명은 없어서는 안되는 중요한 요소이며 특히 전자 우편(electronic mail), MHS(Message Handling System)나 EDI(Electronic Data Interchange) 서비스는 기업체는 물론 일반 사용자에게까지 널리 이용될 것으로 사료된다. 이러한 서비스의 특징은 통신망상에서 메시지를 이용하여 다양한 형태의 서비스를 제공하기 때문에 메시지 자체에 대한 인증이나 송신자, 수신자 상호 쌍방간에 인증, 부인 봉쇄 기능을 갖추는 것은 분쟁을 해결하는 필수 불가결한 요소이다. 이를 위한 기술적 대책이 디지틀 서명이다. 디지틀 서명 기술은 기존의 종이 문서에서 사용되는 수서명을 대신할 수 있는 것으로 메시지의 출처와 메시지의 진위 여부를 확인할 수 있는 매우 유용한 서명 방식이다. 그러나, 사실상 디지틀 서명이 많은 응용 업무에서 활용될 것은 자명한 사실이므로 적용 환경 및 적용 업무에 따라서 여러 가지 추가적인 요구조건이 등장할 수 있다. 이러한 특수한 디지틀 서명 프로토콜에 관한 연구는 매우 가치 있는 연구 분야이다.

  • PDF

A Study on Factors Influencing Internet Service Satisfaction in the High-Speed Information and Communication Network (초고속정보통신망하에서 인터넷서비스만족도에 영향을 주는 요인에 관한 연구)

  • 조성빈;유한주;유왕진
    • Journal of Korean Society for Quality Management
    • /
    • v.30 no.3
    • /
    • pp.168-185
    • /
    • 2002
  • A few recent international surveys reported that Korea ranks the top with respect to the high-speed information and communication network subscription per 100 people in the world. Such infrastructure has been bringing about broad changes in Internet service for both business and individual users. By conducting a questionnaire survey on a moderate size of sample proportional to the population of each region across country, we try to analyze what factors might explain the level of Internet service satisfaction with respect to security, searching, and convenience dimensions. According to the test results, several factors such as sex, age, kind of network lines, usage frequency, e-mail usage, e-shopping, online problem experience might explain the different levels of Internet service satisfaction in the high-speed Internet network. This study might shed a guidance to scholars conducting Internet-related studies and practitioners who plan information policies and business strategies.

A Study on the Propagation and Defense Model of Internet Worm (인터넷 웜의 확산 모델과 방어 모델 연구)

  • 서동일;김환국;이상호
    • Proceedings of the Korea Information Assurance Society Conference
    • /
    • 2004.05a
    • /
    • pp.181-185
    • /
    • 2004
  • In these days, many reports noticed that the Internet worms spread out and have done considerable damage to all over the world network within a few days. The worms, which is infected from various route such as e-mail, can spread very fast with common property, self replication. But, there is not prepare for the way effectively to interrupt internet worm. Therefore, to prevent our network resource, internet hosts and user clients, the systemic categorization and automatic defense mechanism is required in the Internet worm research. Hence, in this paper, we describe internet worm propagation and defense model.

  • PDF

A Comparative Study on ACH and Fedwire as a Cross-Border Payment System (국제전자결제시스템으로서 ACH와 Fedwire의 비교연구)

  • Lee, Byeong-Ryul
    • International Commerce and Information Review
    • /
    • v.10 no.1
    • /
    • pp.139-154
    • /
    • 2008
  • This research want to discuss some issues about payment system of America. This research focuses on comparing ACH with Fedwire. Firstly Fedwire is the payment system for only large-dollar transfer(Large-Value Transfer System; LVTS), while ACH(Automated Clearing House)payment mainly applies a consumer account. Secondly ACH transaction is either credit or debit transfer, while Fedwire is only credit transfer. Thirdly the communication system of Fedwire has twoway method, telephonelike communication network, but ACH is oneway store and forward electronic mail. At present LVTS divides into RTGS(Real-Time Gross Settlement) and DNS(Deferred Net Settlement). However Fedwire uses either RTGS(instantaneous for every transaction) or DNS(net net transaction) but ACH uses only DNS(net net transaction). Fourthly ACH is substantially cheaper than the Fedwire payment. lastly security is important in both Fedwire and ACH, it is even more crucial in Fedwire In addition, for each transaction, Fedwire may entail individual instantaneous confirmation to the originator and notification to the receiver, whereas ACH do not.

  • PDF

An Efficient Identity-Based Deniable Authenticated Encryption Scheme

  • Wu, Weifeng;Li, Fagen
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.9 no.5
    • /
    • pp.1904-1919
    • /
    • 2015
  • Deniable authentication protocol allows a sender to deny his/her involvement after the protocol run and a receiver can identify the true source of a given message. Meanwhile, the receiver has no ability to convince any third party of the fact that the message was sent by the specific sender. However, most of the proposed protocols didn't achieve confidentiality of the transmitted message. But, in some special application scenarios such as e-mail system, electronic voting and Internet negotiations, not only the property of deniable authentication but also message confidentiality are needed. To settle this problem, in this paper, we present a non-interactive identity-based deniable authenticated encryption (IBDAE) scheme using pairings. We give the security model and formal proof of the presented IBDAE scheme in the random oracle model under bilinear Diffie-Hellman (BDH) assumption.

기업 비밀정보 유출 방지 및 보호 관점에서의 디지털 복합기 보안 기술 동향 분석

  • Lee, Kwang-Woo;Kim, Seung-Joo
    • Review of KIISC
    • /
    • v.20 no.1
    • /
    • pp.47-55
    • /
    • 2010
  • 최근 주요 기업에서 기업 비밀정보가 유출되는 보안사고가 빈번히 발생함에 따라, 기업의 비밀정보 유출 방지 및 보호에 대한 사회적 관심이 높아지고 있다. 기업 비밀정보의 유출은 해당 기업뿐만 아니라 국가적으로도 막대한 손실을 초래할 수 있다는 문제를 가지고 있다. 이러한 문제를 해결하기 위해 각 기업에서는 보호구역의 설정, 출입허가 또는 출입시 휴대품 검사 등의 물리적인 유출 차단 방법을 구축하고 있으며, 기업 기밀문서에 대해서는 DRM(digital right management)을 활용한 문서유출 방지 및 네트워크 트래픽 차단 등 다양한 방법을 적용하고 있다. 하지만, 전자파일 형태로 존재하는 기밀문서는 인터넷 또는 네트워크에 연결된 PC 및 서버를 통해 전자우편(E-mail), 메신저, 게시판 등으로 쉽게 유출될 수 있어 많은 문제점을 가지고 있다. 이러한 시점에서 최근 널리 보급되고 있는 디지털 복합기는 문서 저장을 위한 하드디스크(HDD) 및 네트워크 응용 서비스를 포함하고 있어 다양한 보안 취약점에 노출되어 있다. 따라서 기업 비밀정보 유출 방지와 보호를 위해서는 디지털 복합기에 대한 보안 기술 연구가 필수적이다. 이에 본고에서는 기업 비밀정보 유출 방지 및 보호 관점에서 디지털 복합기 개발 현황을 살펴보고, 보안상 문제점을 해결하기 위해 연구되고 있는 디지털 복합기 보안기술에 대한 동향을 살펴보고자 한다.

Multi-level Certification System Using Arduino (아두이노를 이용한 다중 레벨 인증 시스템)

  • Yoo, Ho-weon;Kim, Yong-seung
    • Proceedings of the Korean Society of Computer Information Conference
    • /
    • 2015.07a
    • /
    • pp.87-88
    • /
    • 2015
  • 최근 IT기술의 발전과 더불어 보안의 중요성이 부각되면서 Pin Number, Password, Pattern Recognition 등 인증 방식에 대한 연구가 진행되고 있지만 위와 같은 One-factor 인증 시스템에는 "Shoulder Attack"과 같은 사용자 레벨에서의 보안공격에 취약하다. 위와 같은 문제점을 해결하기 위하여 'Google E-mail' 등 일부 강화된 보안이 필요한 시스템에서는 추가 모듈을 이용한 Two-factor 인증 시스템을 적용하여 보안을 제공하고 있지만 사용상의 번거로움과 복잡성으로 인해 고도의 보안 기술의 적용을 받지 못하는 등 많은 제약사항이 남아있다. 본 논문에서는 위 와 같은 One-factor 시스템의 취약점을 파악하여 그에 따라 보안 인증 절차를 향상시키기 위해 암호화와 인증 방법으로 지문인식을 사용하여 Multi-level 인증 시스템을 제안한다. 본 시스템은 Send 디비이스를 구현한 아두이노를 통해 M2M 서비스를 수행하며, 암호와 지문 정보를 아두이노 디바이스에 저장하여 두 가지의 신뢰적인 정보를 바탕으로 인증하는 시스템이다. 아두이노를 이용하여 디바이스 분리를 통한 사용자 레벨에서의 보안을 강하고 지문인식을 통해 불편함과 복잡성을 간소화하였다.

  • PDF

Design and Implementation of Web Mail System with enforced Security Faculty (보안 기능이 강화된 웹 메일 시스템의 설계 및 구현)

  • 이시영;고정국
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2001.04a
    • /
    • pp.196-198
    • /
    • 2001
  • 최근 Outlook Express나 유도라와 같은 메일 프로그램이 웹 브라우저를 이용하여 메일을 송수신 할 수 있는 웹 메일 서비스가 제공되면서 점진적으로 기존의 메일 서비스를 대체하고 있다. 기존 메일 시스템은 메시지 전송 에이전트(sendmail)의 보안상 허점 및 파일 잠금 현상, CGI방식의 과도한 오버헤드, POP3 프로토콜의 위치 투명성 지원 미비 등 여러 가지 문제점을 내포하고 있다. 본 논문에서는 기존 메일 시스템의 문제점을 해결하기 위해서 PHP와 큐 메일, IMAP 프로토콜을 사용한 3-티어 구조의 웹 메일 시스템을 설계하고 구현하였다. 구현된 시스템은 강화된 보안 기능과 안전한 메시지 수신을 보장하며 부하 분산을 통해 서버의 효율이 향상되었다.

A Study on Prevention of Accident in Korean Security Industry (경호산업의 재해예방에 관한 연구)

  • Cho, Han-Bong
    • Korean Security Journal
    • /
    • no.2
    • /
    • pp.259-289
    • /
    • 1999
  • The Security Industry has dynamic working conditions. So this study intends to find the advisable direction for the reduction of accidents. To achieve the aim, the investigation of documents and the examinations of actual proofs have been done to figure the theoretical background and to see the basic knowledge of security industry. The questionnaire was composed of two question sheets to search real data and actual proofs, with making targets of pure security organization and personnel. The one consists of 9 questions to find the scale and extent of security organizations and the population and character of security personnel, and the other 25 questions in 3 major areas to analyze the causes, the frequency rates, the factors, and the condition of accidents. The period of survey was July 15th to October 15th in 1997 by mail/telephone/interview. The questionnaires were efficiently returned from 102 different organizations including the public security groups of Seoul Metropolitan Police Bureau and so on, with the information of 8,222 persons having worked for Korean Security Industry in 1996. So being based on the reality, some meaningful facts were found, and were compared with the national statistics of the Government. This study is made up of 5 chapters : in the 1st chapter the motivation, the object, the method, the direction and the limitation of the approach were presented ,in the 2nd chapter the theoretical background were inferred ; in the 3rd chapter the collected data of accidents in Korean Security Industry were analyzed and explained on the base of the questionnaires , in the 4th chapter the advisable facts connected with preventing accidents were mentioned ; in the last the conclusion were stated. With the replies of 102 different organizations including the information of 8,222 persons in 1996, the main facts found or analyzed through this study are as follows. Firstly, accident is an unpredictable and occasional event. It occurs to man and/or thing, but the frequency rate of accidents in Korean Government and other Institutes has been calculated and evaluated only in the point of the accident related with man. Secondly, the factors of accidents are firstly relevant to the way preventing accidents in Security Industry in Korea. However the frequency rate is academically calculated and evaluated by at once man(population) and hour(time). But the Government has done the rate only by man(population). This can be improper and inaccurate rates. Thirdly, the confused concept of security is used in Korean Government, academic society, corporation and so on. Therefore the detailed formation of the concept is needed for the development of Security Industry in Korea. Fourthly, security organizations can be classified into 'public security(public law enforcement)' and 'private security' according to its identification, and furthermore 'private security' can be divided into 'facilities-guard service', 'body-guard service', and 'patrol service' according to its major role. Fifthly, in the viewpoint of the number of both organization and population,'facilities-guard service' is centered in Korean 'private security'. According to the analyzed results of the questionnaires in this study, the frequency rate of accidents of Korean Security Industry is 0.43(%) totally in 1996 : 'facilities-guard service' 0.54(%), 'body-guard service' 0.12(%), and 'patrol service' 0.21(%) in 'private security', and 'public security' 0.20(%). With regard to the accident frequency rate of organization and population, 'facilities-guard service' is the highest. The accident frequency rate of population in 'facilities-guard service' organization ranges dispersively from 0.20(%) to 11.11(%). Sixthly, the accidented rate of workers having serviced for under one year is 57.6(%). This can mean that the main factor of accidents in Korean Security Industry is the lack of role-understanding and training/education. And another factor can be found on the time of accident occurrence. Many accidents have been occurred on the relaxed points like as just after lunch and morning rush-hour. Lastly, the major advisable facts related to preventing accidents are as follows : The workers who are over fifty years old in 'facilities-guard service' organization need to be educated for preventing accidents ; It is desirable that the training and education to prevent accidents should be practiced in the time of pre-service ; As the style of accidents and the age of the accidented are not same according to major service area('public security' and 'private security' : 'facilities-guard service', 'body-guard service', and 'patrol service'), the plans to prevent accidents must be different and various. However fracture and bruise are general accidents in Korean Security Industry ; Workers must care about traffic accident and violent fall ; It seems that the grouped working with other two persons will reduce accident occurrence possibility rather than individually single working.

  • PDF

A Study on Security Capability of IDPS (침입 탐지 및 차단 시스템의 보안능력에 관한 연구)

  • Woo, Sung-Hee
    • Journal of the Institute of Electronics Engineers of Korea CI
    • /
    • v.49 no.4
    • /
    • pp.9-15
    • /
    • 2012
  • With the rise of internet and e-commerce, this is more applicable now than ever. People rely on computer networks to provide them with news, stock prices, e-mail and online shopping. People's credit card details, medical records and other personal information are stored on computer systems. Many companies have a web presence as an essential part of their business. The research community uses computer systems to undertake research and to disseminate findings. The integrity and availability of all these systems have to be protected against a number of threats. Amateur hackers, rival corporations, terrorists and even foreign governments have the motive and capability to carry out sophisticated attacks against computer systems. Therefore, the field of information and communication security has become vitally important to the safety and economic well being of society as a whole. This paper provides an overview of IDS and IPS, their functions, detection and analysis techniques. It also presents comparison of security capability and characteristics of IDPS techniques. This will make basis of IDPS(Intrusion Detection and Protection System) technology integration for a broad-based IDPS solutions