• International Journal of Computer Science & Network Security
• /
• v.23 no.2
• /
• pp.31-38
• /
• 2023

In the current Internet system, there are many problems using anonymity of the network communication such as personal information leaks and crimes using the Internet system. This is why TCP/IP protocol used in Internet system does not have the user identification information on the communication data, and it is difficult to supervise the user performing the above acts immediately. As a study for solving the above problem, there is the study of Policy Based Network Management (PBNM). This is the scheme for managing a whole Local Area Network (LAN) through communication control for every user. In this PBNM, two types of schemes exist. As one scheme, we have studied theoretically about the Destination Addressing Control System (DACS) Scheme with affinity with existing internet. By applying this DACS Scheme to Internet system management, we will realize the policy-based Internet system management. In this paper, required functions in the PBNM Scheme for multiple domains as cyber physical system that utilizes data science and AI is examined.

• International Journal of Computer Science & Network Security
• /
• v.23 no.1
• /
• pp.71-77
• /
• 2023

In the current Internet system, there are many problems using anonymity of the network communication such as personal information leaks and crimes using the Internet system. This is why TCP/IP protocol used in Internet system does not have the user identification information on the communication data, and it is difficult to supervise the user performing the above acts immediately. As a study for solving the above problem, there is the study of Policy Based Network Management (PBNM). This is the scheme for managing a whole Local Area Network (LAN) through communication control for every user. In this PBNM, two types of schemes exist. As one scheme, we have studied theoretically about the Destination Addressing Control System (DACS) Scheme with affinity with existing internet. By applying this DACS Scheme to Internet system management, we will realize the policy-based Internet system management. In this paper, to realize it, concept of the Internet PBNM Scheme is proposed as the final step.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.11a
• /
• pp.158-161
• /
• 2023

스마트팩토리는 기존 제조산업과 ICT(Information & Communication Technology)가 융합된 지능형 공장이다. 이는 직접적인 제조공정 과정이 수행되는 OT(Operational Technology) 영역(0~3계층)과 전사업무 관리를 수행하는 IT(Information Technology) 영역(4~5계층)으로 구분되며, 각 영역과 계층이 연결되어 제조·물류·유통 과정의 자동화 및 지능화를 제공한다. 그러나 각 영역과 계층이 연결됨에 따라 보안위협 벡터가 증가하고 있으며, 다영역·다계층 환경인 스마트팩토리에 적합한 대응체계 연구를 위해 영역별 보안위협 관련 데이터를 통합하여 처리 및 관리하는 아키텍처 연구가 필요한 실정이다. 이에 따라 본 논문에서는 스마트팩토리 환경 내 IT 및 OT 영역 장치를 식별하고 보안위협 관련 데이터 통합 처리 및 관리를 위한 아키텍처를 제안한다.

• International Journal of Computer Science & Network Security
• /
• v.23 no.11
• /
• pp.1-7
• /
• 2023

In the current Internet system, there are many problems using anonymity of the network communication such as personal information leaks and crimes using the Internet system. This is why TCP/IP protocol used in Internet system does not have the user identification information on the communication data, and it is difficult to supervise the user performing the above acts immediately. As a study for solving the above problem, there is the study of Policy Based Network Management (PBNM). This is the scheme for managing a whole Local Area Network (LAN) through communication control for every user. In this PBNM, two types of schemes exist. As one scheme, we have studied theoretically about the Destination Addressing Control System (DACS) Scheme with affinity with existing internet. By applying this DACS Scheme to Internet system management, we will realize the policy-based Internet system management. In this paper, basic system design for PBNM scheme for multi-domain management utilizing data science and AI is proposed.

• Korean Security Journal
• /
• no.51
• /
• pp.81-100
• /
• 2017

Recently, Crime patterns in our society are diversifying as followed on the urbanization of population and the influx of immgrants. Existing murder, kidnap, sexual assault, etc. Especially, the crimes such as school violence, dating violence, domestic violence, violent abuse and even social hatred a crime, motiveless crime are spreading into every phase of national life. Due to the social situation, the sharp increase in demand for personal protection, the scale of private security industry has been constantly expanded. Following this trend, the personal protective regulations in Security Industry Act has been revised several times since the it was enacted in 1995. However, despite the fact that the legal and institutional aspects should have been amended and improved systematically according to the industrial development, the regulations adopted initially adopted has been maintained so far, which have resulted in various problems as they could not coincide with the purpose of private security, being divorced from the reality of private security industry and social changes. Especially, in the case of personal protection service and facility security service, the legal requirements of both services are identical with each other in terms. Such legal systems may cause confusion to security businesses and employees, or the police managing and supervising them, regarding the scope and duties of security services. In order to improve such problems, the regulations of permission requirement that the personal protective regulations in Security Industry Act should be revised system. In this study, relevant personal protection provisions prescribed in the Security Industry Act have been reviewed critically in this paper. And also the regulations were review of those personal protection provisions enacted in security industry Act, so that the improvement plan for the personal protection provisions that are apposite to the cases in this country could be suggested in order to amend the current laws and provide real grounds for the law enforcement.

• Strategy21
• /
• s.42
• /
• pp.258-292
• /
• 2017

This paper is designed to make a national strategic concept for the ROK's maritime security and to explore cooperation directions for the ROK Navy and Coast Guard in order to implement the newly-made maritime security strategic concept. As strategy is composed of three main categories(goals, ways, means), the goal of the ROK's maritime security strategy is 'Safe and Affluent Sea' and the way to realize the goal is the principle of cooperative leverage, and the means as tasks to implement the strategic concept are maritime safety, maritime security, and maritime stewardship. The concept of national fleet as used in the US is applied to promoting the cooperation between the ROK Navy and Coast Guard. Thus, under the newly-established maritime security strategic concept along with the national fleet model, followings are suggested as policy proposals for facilitating mutual cooperation between the ROK Navy and Coast Guard in dealing with not only traditional threats but also non-traditional treats at sea and from the sea as well. First, the ROK Navy and Coast Guard has been making efforts to enhance interoperability between the two sea services. However, the mutual cooperations have been focused mainly on areas on operational level rather than policy level. Therefore, the two sea services are recommended to enlarge exchanges and cooperation in policy areas. Second, there are still demands for further cooperation areas between the two sea services in command and communications. The interoperability in C2 between the two needs to be upgraded even to the areas of anti-terrorist activities ar sea, ASUW, ASW, maritime interdiction, etc. Third, mutual comparability between the two needs to be reflected in the maritime forces development to ensure the comparability in UNREP and other logistics areas. Fourth, the standardization of logistical materials and equipments is needed as a way of sustaining operational capability and logistical capacity for the ROK Navy and Coast Guard as well. Fifth, the ROK Navy and Coast Guard are recommended to participate more actively in international maritime cooperation activities such as PASSEX. Sixth, Complementary laws and regulations need further to be revised and to be newly made for collectively managing swiftly maritime accidents and natural disasters at sea.

• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.61-69
• /
• 2020

Since spear-phishing mail attacks focus on a particular target persistently to collect and take advantage of information, it can incur severe damage to the target as a part of the intelligent and new attacks such as APT attacks and social engineering attacks. The usual spam filtering services can have limits in countering spear-phishing mail attacks because of different targets, goals, and methods. In this paper, we analyze mail security services of several enterprises hosted by midium and small-sized enterprises with relatively security vulnerabilities in order to see whether their services can effectively respond spear-phishing mail attacks. According to the analysis result, we can say that most of mail security hosting services lack in responding spear-phishing mail attacks by providing functions for mainly managing mails including spam mail. The analysis result can be used as basic data to extract the effective and systematic countermeasure.

• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.69-74
• /
• 2006

USA is strengthening the information sanity by managing federal agency's information and information system systematically. For this purpose, US government put the Federal Information Security Management Act into the E-Government Act of 2002. According to the FISMA, it is required to have information security management plan for ail federal agencies. In addition that, Inspector Generals of these agencies should assess the status of their agency and report the result to the office of Management and Budget. Collecting all the reports from each agency, OMB should report to GAO on general status of information security of federal agency. It is helpful to provoke the information security as a necessary activity to realize the E-government. Comparing these efforts with our system will give us good implications to get more idea to secure our information system.

• The KIPS Transactions:PartC
• /
• v.9C no.5
• /
• pp.775-782
• /
• 2002

This paper introduces Policy Management Tool which was implemented based on Policy Information Model in network suity system. Network security system consists of policy terror managing and sending policies to keep a specific domain from attackers and policy clients detecting and responding intrusion by using policies that policy server sends. Policies exchanged between policy server and policy client are saved in database in the form of directory through LDAP by using Policy Management Tool based on network security policy information model. NSPIM is an extended policy information model of IETF's PCIM and PCIMe, which enables network administrator to describe network security policies. Policy Management Tool based on NSPIM provides not only policy management function but also editing function using reusable object, automatic generation function of object name and blocking policy, and other convenient functions to user.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.29-43
• /
• 2019

In recent years, as the network traffic in the WSN(Wireless Sensor Network) has been increased by the growing number of IoT wireless devices, SDWSN(Software-Defined Wireless Sensor Network) and its security that aims a secure SDN(Software-Defined Networking) for efficiently managing network resources in WSN have received much attention. In this paper, we study on how to efficiently and securely design a PUF(Physical Unclonable Function)-assisted group key distribution scheme for the SDWSN environment. Recently, Huang et al. have designed a group key distribution scheme using the strengths of SDN and the physical security features of PUF. However, we observe that Huang et al.'s scheme has weak points that it does not only lack of authentication for the auxiliary controller but also it maintains the redundant synchronization information. In this paper, we securely design an authentication process of the auxiliary controller and improve the vulnerabilities of Huang et al.'s scheme by adding counter strings and random information but deleting the redundant synchronization information.