• Journal of Digital Convergence
• /
• v.10 no.1
• /
• pp.341-347
• /
• 2012

The study provides the direction for constructing and operating ELN(Electronic Laboratory Notebook) system for systematic record, management and reliability security of the document. Firstly, Present the standard of the system environment for writing and management of ELN. Secondly, Establish guidelines for systematic maintenance and operation of ELN system. Thirdly, Draw up guidelines of inspection whether ELN system is managed in according with the standards and procedures. Therefore, it is expected that these guidelines contribute to vitalize ELN and set foundation of application for researching and developing information in the medium and long term.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.3
• /
• pp.69-77
• /
• 2015

MANET is composed of only the mobile nodes have a limited transmission range. The dynamic topology by the frequent movement of nodes makes routing difficult and is also cause exposed to security vulnerabilities. In this paper, we propose the security routing technique consisted of mechanism of two steps in order to respond effectively to attack by the modification of the routing information and transmit secure data. The hierarchical structure is used and the authentication node that issues the key of the nodes within each cluster is elected in this proposed method. The authentication node manages key issues and issued information for encrypting the routing information from the source node. The reliability value for each node is managed to routing trust table in order to secure data transmission. In the first step, the route discovery is performed using this after the routing information is encrypted using the key issued by the authentication node. In the second step, the average reliability value of the node in the found path is calculated. And the safety of the data transmission is improved after the average reliability value selects the highest path. The improved performance of the proposed method in this paper was confirmed through comparative experiments with CBSR and SEER. It was confirmed a better performance in the transmission delay, the amount of the control packet, and the packet transmission success ratio.

• Journal of Multimedia Information System
• /
• v.7 no.3
• /
• pp.215-220
• /
• 2020

Many state agencies and companies collect personal data for the purpose of providing public services and marketing activities and use it for the benefit and results of the organization. In order to prevent the spread of COVID-19 recently, personal data is being collected to understand the movements of individuals. However, due to the lack of technical and administrative measures and internal controls on collected personal information, errors and leakage of personal data have become a major social issue, and the government is aware of the importance of personal data and is promoting the protection of personal information. However, theory-based training and document-based intrusion prevention training are not effective in improving the capabilities of the privacy officer. This study analyzes the processing steps and types of accidents of personal data managed by the organization and describes measures against personal data leakage and misuse in advance. In particular, using Capture the Flag (CTF) scenarios, an evaluation platform design is proposed to respond to personal data breaches. This design was proposed as a troubleshooting method to apply ISMS-P and ISO29151 indicators to reflect the factors and solutions to personal data operational defects and to make objective measurements.

• Convergence Security Journal
• /
• v.17 no.3
• /
• pp.3-9
• /
• 2017

NFV is a technology that allows network services to be controlled and managed in software by separating various net work functions (NFs) from hardware devices in dedicated network equipment and implementing them in a high-performance general-purpose server. Therefore, standardized virtualization of network functions is one of the most important factors. However, until the introduction of NFV to provide commercial services, there are many technical issues to be solved such as guaranteeing performance, stability, support for multi-vendor environment, ensuring perfect interoperability, and linking existing virtual and non-virtual resources. In this paper, we propose a method to provide an end-to-end network virtualization service based on OSM R2 in KREONET.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.18 no.6
• /
• pp.779-788
• /
• 2015

The SONAR waterfall image(SWI) is used typically to target detection in SONAR operation and is managed with additional data linked in the naval combat system. The SWI and additional data are very important to classify a kind of target. Although additional data of the SWI is essential and must be kept together with the SWI, it was stored separately in the current system. In this paper, we propose an improved information management method in the naval combat system, where additional data can be contained in the SWI together by using information hiding techniques. The experimental results show that the effectiveness of information hiding techniques in the naval combat system. It is demonstrated that the information hiding techniques can be applied to the SWI that can make the naval combat system to be robust and secure.

• Journal of Korean Society of Disaster and Security
• /
• v.5 no.2
• /
• pp.43-48
• /
• 2012

As the major information communication infrastructure had been getting more important, 'Act on the Protection of Information and Communications Infrastructure'(APICI) was legislated in Korea 2001. Consequently, the major information system, nationwide monitering service systems and government administration operation & management systems have been registered and managed under the APICI. The authorized organizations related to above service and system, perform vulnerability analysis and evaluation for chief communication infrastructures by themselves or registered agencies. In this research, we propose an advanced model for vulnerability analysis and evaluation and apply it to the main information and communication infrastructures through the case study. We hope each related organization could apply this model for analysis and evaluation of vulnerability in these infrastructures.

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.21-28
• /
• 2019

As the number of websites managed by organizations or organizations increases, so does the number of web application servers and containers. In checking the status of the web service of the web application server and the container, it is very difficult for the person to check the status of the web service after accessing the physical server at the remote site through the terminal or using other accessible software It. Previous research on crawler-related research is hard to find any reference to the processing of data from crawling. Data loss occurs when the crawler accesses the database and stores the data. In this paper, we propose a method to store the inspection data according to crawl - based web application server management without losing data.

• Journal of Information Technology and Architecture
• /
• v.9 no.4
• /
• pp.401-411
• /
• 2012

There has been increased interest for cloud computing services that can promote cost savings while increasing investment in information resources. Cloud computing, however, has a disadvantage physically located in the external information resources to take advantage of the economic benefits, the advantages and increase the vulnerability of information protection and control of information assets. In this study, due to the unique properties of the new services, including vulnerability, the vulnerability of cloud computing derive the vulnerability of cloud computing and control items were derived through the mapping between vulnerability and control items, that are not being managed to identify vulnerabilities Cloud computing risk factors are presented.

• Journal of Korean Society of Disaster and Security
• /
• v.10 no.2
• /
• pp.43-47
• /
• 2017

There is no safety accident of the class 1 and 2 facilities that have been managed by the 'Special Act on Safety Management of Facilities' in the last 22 years. Safety accidents of the small sized facilities are increasing every year because of the lack of systematic management of the facilities. The government plans to enact a small portion of small sized buildings into the class 3 facilities, enabling them to enact a safety check. In this paper, we analyze the safety management status of the class 3 facilities of buildings and propose a plan for improving the safety of small sized buildings.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.11-26
• /
• 2011

The existing anonymous authentication schemes based on group signatures for protecting privacy do not provide anonymous authorization which is required in the practical environments. In this paper, we propose an anonymous authentication and authorization scheme that enables a service provider both to authenticate anonymously its users and to provide different service according to their authorization. In the proposed scheme, a user's real identity, anonymity and authorization are managed distinctly through the separation of group manager's capabilities and an authorization authority. It is also possible for the proposed scheme to apply various access control models.