• Title/Summary/Keyword: Private Security Service provider

Search Result 18, Processing Time 0.02 seconds

An Study of Information Security Observance Priority for Smartwork Activation using AHP(Analytic Hierarch Process) (계층적 분석기법(AHP)을 이용한 스마트워크 활성화를 위한 정보보호 준수사항 우선순위에 관한 연구)

  • Im, Jung-Kil;Kim, Sang-Chul;Lee, Hyeon-Uk
    • Journal of Information Technology Services
    • /
    • v.12 no.2
    • /
    • pp.291-300
    • /
    • 2013
  • In this study, divide by a private enterprise and army, 2 organizations about observed priority item among administrator, service provider, user viewpoint about the information security item for smartwork activation and in 3 steps hierarchic according to AHP technique analyzed and decided priority for information security observance item. As a result, importance difference could confirm identified by administrator, service provider, user viewpoint period of about information security observance item recognizing in a private enterprise and army.

An Experimental Study of Private Key and Secret Key Disclosure Vulnerability in Cryptographic Service Provider(CSP) Module (Cryptographic Service Provider(CSP) 모듈의 개인키/비밀키 노출 취약점에 대한 실험적 연구)

  • Park, Jin-Ho;Cho, Jae-Ik;Im, Eul-Gyu
    • Convergence Security Journal
    • /
    • v.7 no.3
    • /
    • pp.61-70
    • /
    • 2007
  • In Windows operating system, CSPs(Cryptographic Service Providers) are provided for offering a easy and convenient way of using an various cryptographic algorithms to applications. The applications selectively communicate with various CSPs through a set of functions known as the Crypto API(Cryptographic Application Program Interface). During this process, a secure method, accessing data using a handle, is used in order to prevent analysis of the passing parameters to function between CryptoAPI and CSPs. In this paper, our experiment which is using a novel memory traceback method proves that still there is a vulnerability of private key and secret key disclosure in spite of the secure method above-mentioned.

  • PDF

Private Blockchain and Smart Contract Based High Trustiness Crowdsensing Incentive Mechanism (프라이빗 블록체인 및 스마트 컨트랙트 기반 고신뢰도 크라우드센싱 보상 메커니즘)

  • Yun, Jun-hyeok;Kim, Mi-hui
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.4
    • /
    • pp.999-1007
    • /
    • 2018
  • To implement crowdsensing system in reality, trustiness between service provider server and user is necessary. Service provider server could manipulate the evaluation of sensing data to reduce incentive. Moreover, user could send a fake sensing data to get unjust incentive. In this paper, we adopt private blockchain on crowdsensing system, and thus paid incentives and sent data are unmodifiablely recorded. It makes server and users act as watcher of each others. Through adopting smart contract, our system automates sensing data evaluation and opens to users how it works. Finally, we show the feasibility of proposing system with performance evaluation and comparison with other systems.

Performance Management and Analysis for Guaranteed End-to-End QoS Provisioning on MPLS-based Virtual Private LAN Service(VPLS)

  • Kim, Seong-Woo;Kim, Chul;Kim, Young-Tak
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.28 no.2B
    • /
    • pp.144-156
    • /
    • 2003
  • Internet/Intranet has been continuously enhanced by new emerging IP technologies such as differentiate service(DiffServ), IPSec(IP Security) and MPLS(Multi-protocol Label Switching) traffic engineering. According to the increased demands of various real-time multimedia services, ISP(Internet Service Provider) should provide enhanced end-to-end QoS(quality of service) and security features. Therefore, Internet and Intranet need the management functionality of sophisticated traffic engineering functions. In this paper, we design and implement the performance management functionality for the guaranteed end-to-end QoS provisioning on MPLS-based VPLS(Virtual Private LAN Service). We propose VPLS OAM(Operation, Administration and Maintenance) for efficient performance management. We focus on a scheme of QoS management and measurement of QoS parameters(such as delay, jitter, loss, etc.) using VPLS OAM functions. The proposed performance management system also supports performance tuning to enhance the provided QoS by re-adjusting the bandwidth of LSPs for VPLS. We present the experimental results of performance monitoring and analysis using a network simulator.

A Study on Utilization and its Model of the Private Military Companies(PMCs) in Introducing the Legal System in Korea (민간군사기업의 법제화 필요성과 그 모델에 관한 연구)

  • Kwak, SunJo
    • Convergence Security Journal
    • /
    • v.18 no.3
    • /
    • pp.149-161
    • /
    • 2018
  • The private military company(PMC) or the private military industry may be one of the most important, but little understood developments in security studies to have taken place over the last decade. This new industry, where firms not only supply the goods of warfare, but rather fulfill many of the professional service functions, is not only significant to the defence community, but has wider ramifications for global politics and warfare. The private military industry emerged in the early 1990s. Its underlying cause was the confluence of three momentous dynamics - the end of the Cold War and the vacuum this produced in the market of security, transformations in the nature of warfare, and the normative rise of privatization. In order to introduce MPFs(Military Provider Firms) into Korea, where in principle private citizens are prohibited to own a gun, unlike the United States, a special law should be enacted which allows them to possess weapons and fight in combat. Therefore, the National Assembly of Korea has been submitting and discussing "the Act on the Prevention and Conduction of Practice of Piracy" since 2014.

  • PDF

Study on Privacy in the IPTV Broadcasting Service (IPTV 방송서비스에서의 개인정보보호에 관한 연구)

  • Lee, Jinhyuk;Kim, Seungjoo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.3
    • /
    • pp.701-712
    • /
    • 2016
  • The number of subscriber of digital pay TV service such as Digital Cable TV and IPTV is increasing from various kind of service provider world widely. These services require personal information of users to provide VOD(Video on Demand) and customized contents. Therefore, massive amount of personal information collected by service provider can cause social confusion such as leakage of privacy and property damage. This paper investigates whether broadcasting stations are providing enough notification for privacy policy and methodology of collecting private information in proper way. Furthermore, we analyze actual network traffic of IPTV service between user and service provider to suggest solution of privacy protection along with current status analysis.

Operation Status of Chinese Security Service Industry and Institutional Settlement Methods (중국 보안서비스산업의 운영실태 및 제도정착 방안)

  • Lee, Sangchul
    • Journal of the Society of Disaster Information
    • /
    • v.10 no.4
    • /
    • pp.536-547
    • /
    • 2014
  • With the changing safety services and social order systems accompanied by the economic development and changing public security environment since the Chinese economic reform, the security service industry in China is growing daily and related problems are increasing. For the Chinese security service market to be activated, the monopoly of security services by the public security agencies must be removed. In addition, the research and development, expansion, and applications of safety and crime prevention technologies regarding the safety and protection of exhibition, sales, culture, sports, commerce activities, combinations of safety technologies and crime prevention processes, the provision of relevant technical operations, and the expansion of security service areas are required. Furthermore, the administration rights, property rights, and business management rights of security companies must be separated, the security headquarters must be integrated and coordinated for optimization of various resources solely by market needs, and their rights and affiliation relations must be clear. Besides, the competitiveness of security companies in the security service market must be enhanced by unifying the business management, and optimizing and sharing their resources. The security service ordinances of China that have been implemented now must be applied realistically, methods to activate the true market economy for security services must be researched, and various ordinances related to security services must be realigned in line with the characteristics of security services. Finally, for the mutual cooperation system between public and private security services, the public security agencies must acknowledge the importance of private security services and the status of security service providers in crime prevention and social order maintenance. They must establish partnership relations with each other beyond the unilateral direction and management system for security services and drive with positive attitudes the security service industry which is still in its infancy.

A Study on the Criminal Threat and Privacy Protection with a Proxy Service (프록시 서비스를 통한 범죄 위협과 프라이버시 보호에 관한 연구)

  • Kang, Shin-Beom;Lee, Sang-Jin;Lim, Jong-In
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.2
    • /
    • pp.317-326
    • /
    • 2012
  • Internet service provider is able to collect personal information to prevent the violations of the rights of service providers and customers using internet. But there are still many debates going on between a personal privacy and a regulation. Proxy servers are used in various technical purposes include bypass access. Although the proxy server users are increasing but there are not any proper institutional mechanisms and regulations to protect users. In this study, we discuss the two sides of a proxy service includes its privacy protection function and the cyber-crime threat and propose supplementary measures to mediate between the interests of public and private.

A Study on the Protection for Personal Information in Private Security Provider's (경비업자의 개인정보보호에 관한 연구)

  • Ahn, Hwang-Kwon;Kim, Il-Gon
    • Convergence Security Journal
    • /
    • v.11 no.5
    • /
    • pp.99-108
    • /
    • 2011
  • The purpose of this study is to profile actual conditions of personal information protection systems operated in overseas countries and examine major considerations of personal information that security service providers must know in the capacity of privacy information processor, so that it may contribute to preventing potential occurrence of any legal disputes in advance. Particularly, this study further seeks to describe fundamental idea and principle of said Personal Information Protection Act; enhancement of various safety measures (e.g. collection / use of privacy data, processing of sensitive information / personal ID information, and encryption of privacy information); restrictions on installation / operation of video data processing devices; and penal regulations as a means of countermeasure against leakage of personal information, while proposing possible solutions to cope with these matters. Using cases among foreign countries for this study. Possible solutions proposed by this study can be summed up as follows: By changing minds with sufficient legal reviews, it is required for security service providers to 1) clearly and further specify any purposes of collecting and using privacy information, if possible, 2) obtain any privacy information by legitimate means as it is necessary to collect such information, 3) stop providing any personal information for the 3rd parties or for any other purposes except fundamental purposes of using privacy information, and 4) have full knowledge about duty of safety measure in accordance with safe maintenance of privacy information and protect any personal information from unwanted or intentional leakage to others.

A study about the influence to the client system when using PKI-based authentication system (공개키 기반 인증체계의 사용이 클라이언트 시스템에 미치는 영향에 관한 연구)

  • Jeon, Jeong-Hoon
    • Journal of the Korea Society of Computer and Information
    • /
    • v.17 no.12
    • /
    • pp.159-167
    • /
    • 2012
  • The authentication system of the PKI(public key infrastructure) provides the authenticity and security, accessibility, economic feasibility, and convenience to the service provider and users. Therefore the public and private companies in Korea widely use it as the authentication method of the web service. However, the safety client system is threatened by many vulnerable factors which possibly caused when using PKI-based authentication system. Thus, in this article vulnerable factors caused by using the PKI-based authentication system will be analyzed, which is expected to be the useful data afterwards for the construction of the new authentication system as well as performance improvement.