• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.07a
• /
• pp.219-222
• /
• 2003

기존 운영체제 시스템의 취약점을 극복하기 위한 방안으로 기존 운영체제에 보안 커널을 추가한 Secure OS 이다 본 논문은 Secure OS의 특징인 Access Control기능에 대하여 조사 분석하여 사용자의 권한의 최소화를 연구하였다. 그리고 실질적인 공격 예로서 공격자가 ROOT 권한을 획득하였을 경우 Secure OS는 기존 OS보다 안전하다는 것을 연구하였다. Secure OS 제품은 (주)시큐브의 Secuve TOS제품을 사용하여 테스트하였다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.11
• /
• pp.2381-2390
• /
• 2011

This paper presents the effective and detailed secure monitoring method being used based on Secure OS. For this, the detailed secure log of process, object, user's command and database query in task server are collected by 3 kinds of log collecting module. The log collecting modules are developed by ourselves and contained as constituents of security system. Secure OS module collects process and system secure log of objective unit, Backtracker module collects user's command session log, SQLtracker module collects database query in details. When a system auditor monitors and traces the behaviour of specified user or individual user, the mutual connection method between the secure logs can support detailed auditing and monitering effectively.

• Review of KIISC
• /
• v.13 no.4
• /
• pp.49-59
• /
• 2003

정보보호기술이 '수동형'에서 점차로 '능동형'으로 진화하고 있는 가운데, Secure OS가 능동형 정보보호기술의 핵심으로 주목받고 있다. Secure OS는 서버시스템 보안의 원천적 기술로 접근통제에 관한 보안정책, 보안모델 및 보안메커니즘에 대하여 검증 가능한 방법으로 안전ㆍ신뢰성이 확보되어야 한다. 이에 본 논문에서는 Secure OS 핵심기술의 이해와 더불어 Secure OS 개발 시 안전ㆍ신뢰성을 확보하기 위하여 이론적으로 잘 정립되고 정형화된 보안정책, 보안모델 및 보안메커니즘에 대하여 살펴본다.

• Review of KIISC
• /
• v.13 no.4
• /
• pp.60-67
• /
• 2003

능동형 Secure OS 시스템은 운영체제 커널에 접근 제어, 사용자 인증, 감사 추적, 암호화 파일 시스템, 신뢰 채널, 동적 구성 등의 보안 기능을 추가 구현하여 시스템에 발생 가능한 해킹을 방지하고 차단하는 시스템을 말한다. 이러한 능동형 Secure OS 시스템은 시스템 해킹을 탐지하거나 시스템 해킹을 감지하였을 때 동적으로 구성을 바꾸는 등의 조치를 취하는 시스템 기능이 필요하다. 본 고에서는 능동형 Secure OS의 주요 기능과 함께 핵심 기술의 구현 내용을 기술하며, 시스템내의 감사 추적 기능에 의해 능동적으로 시스템을 구성하고 실시간 조치가 가능하도록 한 능동형 Secure OS 시스템을 소개한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.4
• /
• pp.33-43
• /
• 2001

This paper presents a secure Linux OS in which multi-level security functions are implemented at the kernel level. Current security efforts such as firewall or intrusion detection system provided in application-space without security features of the secure OS suffer from many vulnerabilities. However the development of the secure OS in Korea lies in just an initial state, and NSA has implemented a prototype of the secure Linux but published just some parts of the technologies. Thus our commercialized secure Linux OS with multi-level security kernel functions meets the minimum requirements for TCSEC B1 level as well kernel-mode encryption, real-time audit trail with DB, and restricted use of root privileges.

• The KIPS Transactions:PartC
• /
• v.12C no.7 s.103
• /
• pp.999-1006
• /
• 2005

The Secure OS is an operating system which adds security functions to the existing operating system, in order to secure a system from sorority problems originated from inherent frailty of applications or operating systems. With the existing Secure Oses for it is difficult to set an effective security policy securing personal resources in a multi-user environment system. To solve this problem in this paper we present two Techniques to secure user data efficiently in the RBAC-based Secure OS for a multi-user environment. Firstly we utilizes object's owner information in addition to object's filename. Secondly we make use of meta symbol('$\ast$'), which is able to describe multiple access targets. In addition this paper gives some examples to show advantages from these techniques. And these features are implemented in an solaris-based Secure OS called Secusys.

• 제어로봇시스템학회:학술대회논문집
• /
• 2005.06a
• /
• pp.1602-1605
• /
• 2005

An audit tracer is one of the last ways to defend an attack for network equipments. Firewall and IDS which block off an attack in advance are active way and audit tracing is passive way which analogizes a type and a situation of an attack from log after an attack. This paper explains importance of audit trace function in network equipment for security and defines events which we must leave by security audit log. We design and implement security audit system for secure router. This paper explains the reason why we separate general audit log and security audit log.

• Journal of the Korean Association of Geographic Information Studies
• /
• v.26 no.4
• /
• pp.67-79
• /
• 2023

Service environments through laptops, smart devices, and various IoT devices are developing very rapidly. Recent security measures in these Internet environments mainly consist of network application level solutions such as firewall(Intrusion Prevention Systems) and IDS (intrusion detection system). In addition, various security data have recently been used on-site, and issues regarding the management and destruction of such security data have been raised. Products such as DRM(Digital Rights Management) and DLP(Data Loss Prevention) are being used to manage these security data. However despite these security measures, data security measures taken out to be used in the field are operated to the extent that the data is encrypted, delivered, and stored in many environments, and measures for encryption key management or data destruction are insufficient. Based on these issues we aim to propose a SecureOS Module, an OS-based security module. With this module users can manage and operate security data through a consistent interface, addressing the problems mentioned above.

• The KIPS Transactions:PartC
• /
• v.10C no.2
• /
• pp.145-154
• /
• 2003

Current security efforts provided in such as firewall or IDS (intrusion detection system) of the network level suffer from many vulnerabilities in internal computing servers. Thus the necessity of secure OS is especially crucial in today's computing environment. This paper identifies secure OS requirements, analyzes tile research trends for secure Linux in terms of security kernel, and provides the descriptions of the multi-level security(MLS) Linux kernel which we have implemented. This security kernel-based Linux meets the minimum requirements for TCSEC Bl class as well providing anti-hacking, real-time audit trailing, restricting of root privileges, and enterprise suity management functions.

• Convergence Security Journal
• /
• v.1 no.1
• /
• pp.9-20
• /
• 2001

In the 3rd Wave of information revolution, technical research & development for more rapid and safe information exchange take a sudden turn currently According to a step up in importance and efficiency value of information, it's necessary to research technical development in various field altogether. Especially information security is the very core of essential technology. However most System attacks are based on the weakness of OS, it is difficult to achieve the security goal in the only application level. For the solution of this problem, so many technology researches to serve secure, trust information security in OS itself are activated. Consequently we introduce the tendency of current secure OS development projects of security kernel all over world in this report and inquire into security mechanism of the File Griffin which prevents file system forgery, modification perfectly by performing digital signature certificate on kernel level.