• 융합보안논문지
• /
• 제4권3호
• /
• pp.37-46
• /
• 2004

본 논문에서는 IPSec(IP Security) 환경에서 이동 에이전트 시스템을 이용한 보안정책 협상모델을 설계하고자 한다. 기존의 IP 보안 시스템들은 약간의 문제점들이 있다. 각 보안영역과 구현환경에 따라 각기 다른 보안정책을 내부적으로 정의하여 사용하고 있다. 이로 인하여 패킷 전송시 보안 영역간 정책 요구사항이 서로 달라 패킷이 목적지까지 전달되지 않을 수도 있고, 패킷이 양방향으로 같은 경로를 따라 전송되고 같은 정책으로 보호되는지 보장할 수 없는 문제점을 내포하고 있다. 본 논문에서는 이러한 문제들을 이동 에이전트를 이용하여 해결할 수 있는 모델을 설계하였다. 각각의 보안 영역별로 보안정책의 협상이 필요하다면, 이동 에이전트는 보안정책 협상결과를 패스포트 형태로 관리하고, 이 패스포트를 이용하여 서로간의 인증 및 신뢰성을 보증해 준다.

• 디지털산업정보학회논문지
• /
• 제10권3호
• /
• pp.99-106
• /
• 2014

The most significant change and trend in the information security market in the year of 2014 is in relation to the issue and incidents of personal information security, which leads the area of information security to a new phase. With the year of 2011 as the turning point, the security technology advanced based on the policies and conditions that combine personal information and information security in the same category. Such technical changes in information security involve various types of information, rapidly changing security policies in response to emerging illegal techniques, and embracing consistent changes in the network configuration accordingly. This study presents the result of standardization and quantification of external access inference by utilizing the measurements to fathom the access authorization performance in advance for information security in specialized networks designed to carry out certain tasks for a group of clients in the easiest and most simple manner. The findings will provide the realistic data available with the access authorization inference modes to control illegal access to the edge of a client network.

• 한국CDE학회논문집
• /
• 제11권5호
• /
• pp.327-334
• /
• 2006

Recently, security incidents are growing rapidly in which internal employees let the drawing leak out to competitors or other countries. This type of security incidents has a characteristic that it occurs less frequently than other types of security incidents such as network or server security incident, but the damage is a lot more serious. The existing information security technologies to prevent internal information from being leaked out are only applicable to general documents(office documents, web pages and image files in which data are encrypted one by one). However, architectural drawings made up of collection of files with various formats(extensions) have problems with the process speed of en(de) cryption and accuracy, so the developments of security technologies by new methods are required. In this study, we design and develop a security technology based on work area with which users can protect the leakage of critical information in the kernel level while maintaining their work environment when they have to use sharing information that cannot be managed by the unit of file. As a result, we developed the "Virtual Secure Disk" which allows only authorized users and applications to have an access to drawings, and have verified its security by applying it to the actual company.

• 중소기업융합학회논문지
• /
• 제4권4호
• /
• pp.31-36
• /
• 2014

Recent advancement in Wireless Sensor Networks (WSNs) has paved the way for WSNs to enable in various environments in monitoring temperature, motion, sound, and vibration. These applications often include the detection of sensitive information from enemy movements in hostile areas or in locations of personnel in buildings. Due to characteristics of WSNs and dealing with sensitive information, wireless sensor nodes tend to be exposed to the enemy or in a hazard area, and security is a major concern in WSNs. Because WSNs pose unique challenges, traditional security techniques used in conventional networks cannot be applied directly, many researchers have developed various security protocols to fit into WSNs. To develop countermeasures of various attacks in WSNs, descriptions and analysis of current security attacks in the network layers must be developed by using a standard notation. However, there is no research paper describing and analyzing security models in WSNs by using a standard notation such as The Unified Modeling Language (UML). Using the UML helps security developers to understand security attacks and design secure WSNs. In this research, we provide standard models for security attacks by UML Sequence Diagrams to describe and analyze possible attacks in the three network layers.

• Nuclear Engineering and Technology
• /
• 제53권5호
• /
• pp.1479-1482
• /
• 2021

Research reactors are typically well-suited for outreach activities at different levels. However, unplanned seeking to increase the utilization of a research reactor may result in weakening the nuclear security of this facility. Research reactor staff might be in shortage of a functional nuclear security culture; specifically, there might be a conviction that the necessities of research can be given the priority over consistence with security procedural requirements. Research reactors are usually parts of bigger institutes or research labs of different activities. Moreover, the employments of research reactors are usually with the purpose that easy entry to the reactor premises is fundamental. So, they could be co-situated in places with different sorts of activities, mostly under similar security arrangements. The co-area of research reactor offices among different kinds of research labs introduces explicit security issues, the effects of which should be viewed as when building up a nuclear security framework. Notwithstanding potential security vulnerabilities presented in the design, research reactors frequently have devices kept promptly accessible to encourage research and education. The accessibility of these sorts of hardware could be used by an authorized person to commit an unapproved activity or cause harm. This paper aims to present insights to compromise contradicting conditions in new research reactors in which both enhancing utilization and ensuring security are satisfied.

• 대한전자공학회논문지TC
• /
• 제43권11호
• /
• pp.54-67
• /
• 2006

센서 노드의 저전력 저가격을 지향하는 Low Rate WPAN (Wireless Personal Area Network)은 유비쿼터스 환경을 실현하는 중요한 기술이다. LR WPAN의 표준화를 담당하고 있는 IEEE 802.15.4와 ZigBee Alliance에서는 대칭키 방식의 키 설정 및 관리 프로토콜인 SKKE(Symmetric -Key Key Establishment)를 권고하고 있으나, 키의 생성과 교환에서 전자서명과 같은 인증과정이나 보안 알고리즘의 부재로 보안에 취약성이 있다. 본 논문에서는 위에서 서술한 LR WPAN의 보안적인 문제점들을 해결하기 위하여 공개키 지반의 키 교환 및 보안 알고리즘을 제안하였다. 또한 통신 신뢰성 및 보안에 대한 취약성을 가지는 전력선 통신 기반의 원격검침시스템의 단점을 보완할 수 있는 IEEE 802.15.4 WPAN 기반의 원격검침 모델을 제시하고, 원격검침 프로파일에 제안한 보안 알고리즘을 적용함으로써 보안성을 향상시키도록 하였다.

• 정보보호학회논문지
• /
• 제31권4호
• /
• pp.763-777
• /
• 2021

정보보안은 IT 운영프로세스로 시작하여 지금은 정보기술의 중요한 문제로 인식되면서 각 국제단체에서 개념을 새롭게 규정하고 있다. 정보보안 자체가 IT기술들의 새로운 조합으로 하나의 기술 집합이고 기술영역이다. 많은 공공부문에서 IT 아웃소싱이 일반화되면서 SLA(Service Level Agreement)를 도입하여 IT서비스 수준에 대해 평가를 한다. 정보보안 영역에서 SLA 성과지표 도출과 선정에 대한 많은 연구는 진행되었지만, 성과지표의 서비스 수준 평가, 성과체계에 대한 적용방안은 찾기 어렵다. 이 논문은 공공부문을 기반으로 하는 정보보안 성과지표의 서비스 평가 체계와 보상 규정이 포함된 성과체계 적용에 대한 연구를 수행하였다. 특정 공공부문의 환경과 특성을 고려한 성과지표의 기대치와 목표치를 정의하는 기준과 보상(인센티브·페널티) 규정을 제시하고 적절한 SLA 비용을 정의한다.

• 한국정보통신학회:학술대회논문집
• /
• 한국해양정보통신학회 2003년도 춘계종합학술대회
• /
• pp.522-525
• /
• 2003

방송, 통신, 정보가전 등의 통합과 무선인터넷 환경이 활성화되는 등 정보통신 전반의 융합과정이 가속화되면서, 시스템 침해, 네트워크 교란 등 정보통신 침해사례가 다양화되고 피해규모도 지속적으로 증가할 것으로 예상된다. 또한 사이버 공간이 사회 경제생활의 중심영역으로 부각되는 반면 사이버테러의 위협 역시 증가하고 있는 바, 정보통신인프라의 신뢰성(reliability) 보장 여부가 향후 고도화된 정보통신사회의 성패를 좌우하게 됨으로써 이에 대한 효과적인 대응기술이 요구된다. 이에 본 논문에서는 정보보호 산업 전반에 대한 동향을 분석하여 그 대비책을 강구해 본다.

• 대한전기학회:학술대회논문집
• /
• 대한전기학회 2006년도 제37회 하계학술대회 논문집 A
• /
• pp.177-178
• /
• 2006

The enhancement of system security is one of the most important objectives of UPFC operation. To describe the system security, the index related to line flows and bus voltages are used. For the enhancement of security, the operation point of UPFC is set to minimize the index. This paper proposes the minimization algorithm using the Marquardt method. Moreover, the coefficients minimizing iteration number will be derived. For verification of the proposed operation scheme, numerical simulations have been performed on power system in Kwanju area, Korea with a UPFC.

• 정보처리학회지
• /
• 제17권2호
• /
• pp.18-29
• /
• 2010

In this paper, we surveyed SSO based security management including the knowledge domain of the area of cloud and its relevant components. Cloud computing refers to the delivery of software and other technology services over the Internet by a service provider. SSO refers to the ability to log on to a single security system once, rather than logging on separately to multiple security systems. Existing SSO solutions in cloud computing environment suggest several methods. SSO-based security Issues illustrate these key items in cloud computing environment such as risks and security vulnerabilities of SSO. SSO supports for multiple and different domains in cloud computing environment.