• Journal of Korea Society of Digital Industry and Information Management
• /
• v.8 no.3
• /
• pp.49-55
• /
• 2012

Recently, with the rapid development of android-based smartphones, it is becomes a major security issue that the case of Android platform is an open platform. so it is easy to be a target of mobile virus penetration and hacking. Even there are a variety of security mechanisms to prevent the vulnerable points of the Android platform but the reason of most of the security mechanisms were designed at application-level that highly vulnerable to the attacks directly to the operating system or attacks using the disadvantages of an application's. It is necessary that the complementary of the android platform kernel blocks the kernel vulnerability and the application vulnerability. In this paper, we proposed a secure system using linux-based android kernel applied to LIDS(Linux Intrusion Detection and Defense System) and applied a smart phone with s5pc110 chip. As a result, the unauthorized alteration of the application was prevented with a proposed secure system.

• Review of KIISC
• /
• v.13 no.4
• /
• pp.37-48
• /
• 2003

응용 수준에서 정보보호를 위한 침입차단시스템(Firewall)과 침입탐지시스템(IDS)은 조직 내의 컴퓨터 서버 보안 대책으로는 그 한계를 갖고 있다. 이에 따라 보안 운영체제(Secure OS)에 관한 필요성이 점차 사회적으로 공감대를 형성하고 있다. 본 고에서는 보안 리눅스 운영체제의 필요성, 기존 리눅스의 보안성, 보안 리눅스의 개발에 따른 요구사항과 개발 방법을 기술한다. 또한 최근 보안 리눅스 연구 동향으로 미국, 일본, 독일 등의 리눅스 보안 연구동향을 살펴보고, 국내 연구기관과 업체의 제품 출시 현황을 살펴본다. 특히 최근 리눅스 커널 2.5.29부터 표준기능으로 포함되고 있는 커널 보안 모듈 방식인 LSM(Linux Security Module)의 기본 구조를 살펴본다. 현재 국내에서 개발하여 보급되고 있는 보안 리눅스 운영체제는 기존 리눅스 커널에 시스템 호출 후킹을 통한 LKM 방식으로 추가적인 접근제어 외에 해킹 차단, 감사 추적, root의 권한 제한, 통합보안관리 등의 추가적 기능을 제공한다. 향후 Firewall, IDS의 한계를 보완하는 서버 보안 대책으로 활발한 보급이 예상된다.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.3 no.4
• /
• pp.35-42
• /
• 2010

This paper reviews the current studies about the current secure OS, security module and SELinux, and suggests Linux access control module that uses the user discriminating authentication, security authority inheritance of subjects and objects, reference monitor and MAC class process and real-time audit trailing using DB. First, during the user authentication process, it distinguishes the access permission IP and separates the superuser(root)'s authority from that of the security manager by making the users input the security level and the protection category. Second, when the subjects have access to the objects through security authority inheritance of subjects and objects, the suggested system carries out the access control by comparing the security information of the subjects with that of the objects. Third, this system implements a Reference Monitor audit on every current events happening in the kernel. As it decides the access permission after checking the current MAC security attributes, it can block any malicious intrusion in advance. Fourth, through the real-time audit trailing system, it detects all activities in the operating system, records them in the database and offers the security manager with the related security audit data in real-time.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.1
• /
• pp.49-57
• /
• 2017

With the prevalence of mobile devices, many organizations introduce MDM BYOD and try to increase the level of security with them. However, device control of mobile devices in application level cannot be a solution against the fundamental problems. In this paper, we propose a more flexible and more secure method to control the hardware devices using Linux Security Module in the kernel level with the mandatory access control.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.6 no.7
• /
• pp.1100-1105
• /
• 2002

As Unix based server including Linux are increased steadily, MS group users who want to connect these servers are increased. There were lots of connection using traditional network services like telnet or ftp for a long while, but connection using "TTSSH or PuTTY" which get used free have been increasing since “secure shell”(SSH) appeared. This paper compare TTSSH ＆ PuTTY′s characters and using method, and propose remote-access tool which improve TTSSH for MS group users.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2002.11a
• /
• pp.418-422
• /
• 2002

As Unix based server including Linux are increased steadily, MS group users who want to connect these servers are increased. There were lots of connection using telnet for a while, but there are increased connection using "TTSSH or PUTTY" which get used free since "secure shell"(SSH) appeared recently. This paper compare TTSSH & PuTTY′s characters and using method, and propose remote-access tool which improve TTSSH.

• KIISE Transactions on Computing Practices
• /
• v.23 no.8
• /
• pp.504-509
• /
• 2017

Preserving the integrity of the booting process is important. Recent rootkit attacks and subverting OS attacks prove that any post-OS security mechanism can be easily circumvented if the booting process is not properly controlled. Using an actual case as an example, the hacker of the Se-jong government office simply bypassed the user's password authentication by compromising the normal booting process. This paper analyzes existing pre-OS protection using secure boot and measured boot, and proposes another bootloader that overcomes the limitations. The proposed bootloader not only guarantees the integrity of all the pre-OS binaries, bootloaders, and kernel, it also makes explicit records of integrity in the booting process to the external TPM device, so that we can track modifications of BIOS configurations or unintended booting process modifications.

• The Journal of the Korea Contents Association
• /
• v.17 no.4
• /
• pp.307-319
• /
• 2017

SELinux is known as a secure operating system that is easily accessible to users due to the popularization of Linux, and is applied to various security operating system references deployed on systems such as embedded systems and servers. However, if SELinux is applied without considering the performance overhead of activating the SELinux kernel module, the performance of the entire system may be degraded. In this paper, we describe the factors directly affecting the performance inside the SELinux kernel and show that it is possible to improve performance by simply reorganizing the policy without changing the SELinux kernel. This can be used as a reference when security administrators or developers apply SELinux.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.317-321
• /
• 2002

최근 Firewall, IDS와 같은 응용프로그램 수준의 보안 제품은 내부서버 자체의 취약성을 방어하지 못한다. 본 논문에서는 TCSEC C2급에 해당하는 보안성을 가지는 리눅스를 LKM(Loadable Kernel Module) 방법으로 B1급 수준의 다중등급 보안을 구현하였다, 따라서 구현된 다중등급 보안 리눅스 커널의 주요 기능을 기술하고, 시험 평가로서 강제적 접근제어, 성능 및 해킹 시험을 실시하였다. 구현된 보안 커널 기반의 리눅스 운영체제는 B1급의 요구사항을 만족하며, root의 권한 제한, DB를 이용한 실시간 감사추적, 해킹차단, 통합보안관리등의 추가적 기능을 제공한다.

• Electronics and Telecommunications Trends
• /
• v.23 no.4
• /
• pp.39-47
• /
• 2008

PC, 노트북 컴퓨터, 스마트폰, PDA, PMP, 텔레매틱스 단말 등 다양한 정보단말은 소형화, 모바일화, 복합화 추세에 있으며 이에 따라 다루는 정보, 접근하는 인터페이스, 서비스의 종류가 다양해지고 단말 자체의 이동성이 증가하여 보안 위험이 높아지고 있다. 또한 단말의 컴퓨팅 성능과 서비스의 질적 향상으로 모바일플랫폼이 데스크톱 환경 수준의 일반적인 환경으로 발전하게 되어 요구되는 보안 수준 역시 높아지고 있다. 본 고에서는 Linux, Windows 등 데스크톱 운영체제를 비롯하여 Wqnit 등 모바일 플랫폼까지 보안 요구사항과 기술 추세를 살펴보고 향후 발전방향에 대하여 논의해 보고자 한다.