• Title/Summary/Keyword: Managing Security Services

Search Result 70, Processing Time 0.024 seconds

Derivation of Security Requirements for Cloud Managing Security Services System by Threat Modeling Analysis (위협 모델링 분석에 의한 클라우드 보안관제시스템 보안요구사항 도출)

  • Jang, Hwan
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.10 no.5
    • /
    • pp.145-154
    • /
    • 2021
  • Recently, the introduction of Cloud Managing Security Services System to respond to security threats in cloud computing environments is increasing. Accordingly, it is necessary to analyze the security requirements for the Cloud Managing Security Services System. However, the existing research has a problem that does not reflect the virtual environment of the cloud and the data flow of the Cloud Managing Security Services System in the process of deriving the requirements. To solve this problem, it is necessary to identify the information assets of the Cloud Managing Security Services System in the process of threat modeling analysis, visualize and display detailed components of the cloud virtual environment, and analyze the security threat by reflecting the data flow. Therefore, this paper intends to derive the security requirements of the Cloud Managing Security Services System through threat modeling analysis that is an improved existing research.

Development of Managing Security Services System Protection Profile (보안관제시스템 보호프로파일 개발)

  • Son, Seung-Wan;Kim, Kwang-Seok;Choi, Jung-Won;Lee, Gang-Soo
    • Journal of Digital Contents Society
    • /
    • v.16 no.2
    • /
    • pp.345-353
    • /
    • 2015
  • Security Management System is a system which operates in the security control center for security control. All living things across the Internet in recent years, with the rapid increase in the subscriber base has increased the need for network security dramatically depending on yirueojim through web services, thus cyber security sheriff, I have a big issue to build a security management system, each agency and perform control tasks. But the security functional requirements for security management system would not specified exactly, in developing a security management system to build and design a situation that PP's needs require a lot of trouble. In this paper, we develop a Managed Security System Protection Profile for the security functional requirements specification of the security management system.

A Method for Data Access Control and Key Management in Mobile Cloud Storage Services (모바일 클라우드 스토리지 서비스에서의 데이터 보안을 위한 데이터 접근 제어 및 보안 키 관리 기법)

  • Shin, Jaebok;Kim, Yungu;Park, Wooram;Park, Chanik
    • IEMEK Journal of Embedded Systems and Applications
    • /
    • v.8 no.6
    • /
    • pp.303-309
    • /
    • 2013
  • Cloud storage services are used for efficient sharing or synchronizing of user's data across multiple mobile devices. Although cloud storages provide flexibility and scalability in storing data, security issues should be handled. Currently, typical cloud storage services offer data encryption for security purpose but we think such method is not secure enough because managing encryption keys by software and identifying users by simple ID and password are main defectives of current cloud storage services. We propose a secure data access method to cloud storage in mobile environment. Our framework supports hardware-based key management, attestation on the client software integrity, and secure key sharing across the multiple devices. We implemented our prototype using ARM TrustZone and TPM Emulator which is running on secure world of the TrustZone environment.

OPEN LBS PLATFORM ARCHITECTURE

  • Choi, Hae-Ock
    • Proceedings of the KSRS Conference
    • /
    • 2002.10a
    • /
    • pp.854-859
    • /
    • 2002
  • Location Based Services, or LBS refers to value-added service by processing information utilizing mobile user location. With the rapidly increasing wireless internet subscribers and world LBS market, the various location based applications are introduced such as buddy finder, proximity and security services. As the killer application of the wireless internet, the LBS has preconsidered technology about location determination technology, LBS middleware server for various application, and diverse contents processing technology. This paper describes the open architecture for LBS platform ensuring interoperability among the wireless networks and various location-based application services and the functional requirements for the LBS platform. The LBS platform in a narrow sense provides a standard interfaces for location management and network management for location services as follows, positioning (location acquisition through network or/and handset), location managing, location based functions, profile management, authentication and security, location based billing, information roaming between carriers and the system monitoring independent to specific network or ISP/CPs(Content Providers).

  • PDF

Spear-phishing Mail Filtering Security Analysis : Focusing on Corporate Mail Hosting Services (스피어피싱 메일 필터링 보안 기능 분석 : 기업메일 호스팅 서비스 중심으로)

  • Shin, Dongcheon;Yum, Dayun
    • Convergence Security Journal
    • /
    • v.20 no.3
    • /
    • pp.61-69
    • /
    • 2020
  • Since spear-phishing mail attacks focus on a particular target persistently to collect and take advantage of information, it can incur severe damage to the target as a part of the intelligent and new attacks such as APT attacks and social engineering attacks. The usual spam filtering services can have limits in countering spear-phishing mail attacks because of different targets, goals, and methods. In this paper, we analyze mail security services of several enterprises hosted by midium and small-sized enterprises with relatively security vulnerabilities in order to see whether their services can effectively respond spear-phishing mail attacks. According to the analysis result, we can say that most of mail security hosting services lack in responding spear-phishing mail attacks by providing functions for mainly managing mails including spam mail. The analysis result can be used as basic data to extract the effective and systematic countermeasure.

MANAGING SPENT NUCLEAR FUEL FROM NONPROLIFERATION, SECURITY AND ENVIRONMENTAL PERSPECTIVES

  • Choi, Jor-Shan
    • Nuclear Engineering and Technology
    • /
    • v.42 no.3
    • /
    • pp.231-236
    • /
    • 2010
  • The growth in global energy demand and the increased recognition of the impacts of carbon dioxide emissions from fossil fuel plants have aroused a renewed interest on nuclear energy. Many countries are looking afresh at building more nuclear power stations to deal with the twin problems of global warming and the need for more generating capacity. Many in the nuclear community are also anticipating a significant growth of new nuclear generation in the coming decades. If there is a nuclear renaissance, will the expansion of nuclear power be compatible with global non-proliferation and security? or will it add to the environmental burden from the large inventory of spent nuclear fuel already produced in existing nuclear power reactors? We learn from past peaceful nuclear activities that significant concerns associated with nuclear proliferation and spent-fuel management have resulted in a decrease in public acceptance for nuclear power in many countries. The terrorist attack in the United States (US) on September 11, 2001 also raised concern for security and worry that nuclear materials may fall into the wrong hands. As we increase the use of nuclear power, we must simultaneously reduce the proliferation, security and environmental risks in managing spent-fuel below where they are today.

A Development of Central Policy Database for managing Heterogeneous Firewall Systems (이종의 침입 차단시스템 관리를 위한 중앙 정책 데이터베이스 개발)

  • Lee, Dong-Young;Chung, Tai-Myoung
    • The KIPS Transactions:PartD
    • /
    • v.9D no.6
    • /
    • pp.1063-1070
    • /
    • 2002
  • With a remarkable growth and expansion of Internet, the security issues emerged from intrusions and attacks such as computer viruses, denial of services and hackings to destroy information have been considered as serious threats for Internet and the private networks. To protect networks from intrusions and attacks, many vendors have developed various security systems such as firewalls and intrusion detection systems. However, managing these systems individually demands too much work and high cost. Thus, integrated and autonomous security management for various security products has become more important. In this paper, we present the architecture of the WISMSF (Web-based Integrated Security Management System for Firewalls) and the merits of centralized approach for managing heterogeneous firewalls and implement the prototype of the central policy database that is a component of the WISMSF engine. The WISMSF engine supports an integrated view for policies, the integrity of polities and the easy recovery and addition of policies. And also, we define the policy conflicts of WISMSF and present the policy recovery process to support to the policies consistence.

Improving Customer Information Management System by Using Blockchain and Biometric Authentication (블록체인과 바이오메트릭 인증 기술을 이용한 고객 정보 관리 시스템의 개선 방안)

  • Na, YunSeok;Cho, Sangrae;Kim, Soo-hyung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.4
    • /
    • pp.1021-1030
    • /
    • 2018
  • Nowadays, the ubiquitous environment that can utilize the computer everywhere is being formed. As the environment changes, services develop and manage systems and databases that can manage customer information to provide better services to customers through Information Technology. The system that most services maintain is a way of putting and managing customer information on the server. In this paper, we first find the problem in terms of security and convenience. After that, we propose a solution that improves the problem through blockchain technology and biometric authentication.

A Study of Hierarchical Policy Model of Policy-based Integrated Security Management for managing Heterogeneous Security Systems (이종의 보안시스템 관리를 위한 정책 기반의 통합보안관리시스템의 계층적 정책모델에 관한 연구)

  • Lee, Dong-Yeong;Kim, Dong-Su;Jeong, Tae-Myeong
    • The KIPS Transactions:PartC
    • /
    • v.8C no.5
    • /
    • pp.607-614
    • /
    • 2001
  • With a remarkable growth and expansion of Internet, the security issues emerged from intrusions and attacks such as computer viruses, denial of services and hackings to destroy information have been considered as serious threats for Internet and the private networks. To protect networks from those attacks, many vendors have developed various security systems such as firewalls, intrusion detection systems, and access control systems. However, managing those systems individually requires too much work and high cost. Thus, in order to manage integrated security management and establish consistent security management for various security products, the policy model of PN-ISMS (Policy Based Integrated Security Management System) has become very important. In this paper, present the hierarchical policy model which explore the refinement of high-level/conceptual policies into a number of more specific policies to form a policy hierarchy. A formal method of policy description was used as the basis of the mode in order to achieve precision and generality. Z-Notation was chosen for this propose. The Z-Notation is mathematical notation for expressing and communicating the specifications of computer programs. Z uses conventional notations of logic and set theory organized into expressions called schemas.

  • PDF

Enhancing the Cybersecurity Checklist for Mobile Applications in DTx based on MITRE ATT&CK for Ensuring Privacy

  • Gee-hee Yun;Kyoung-jin Kim
    • Journal of Internet Computing and Services
    • /
    • v.24 no.4
    • /
    • pp.15-24
    • /
    • 2023
  • Digital therapeutics (DTx) are utilized to replace or supplement drug therapy to treat patients. DTx are developed as a mobile application for portability and convenience. The government requires security verification to be performed on digital medical devices that manage sensitive information during the transmission and storage of patient data. Although safety verification is included in the approval process for DTx, the cybersecurity checklist used as a reference does not reflect the characteristics of mobile applications. This poses the risk of potentially overlooking vulnerabilities during security verification. This study aims to address this issue by comparing and analyzing existing items based on the mobile tactics, techniques, and procedures of MITRE ATT&CK, which manages globally known and occurring vulnerabilities through regular updates. We identify 16 items that require improvement and expand the checklist to 29 items to propose improvement measures. The findings of this study may contribute to the safe development and advancement of DTx for managing sensitive patient information.