• 제어로봇시스템학회:학술대회논문집
• /
• 2005.06a
• /
• pp.1594-1597
• /
• 2005

A rapid development and a wide use of the Internet have expanded a network environment. Further, the network environment has become more complex due to a simple and convenient network connection and various services of the Internet. However, the Internet has been constantly exposed to the danger of various network attacks such as a virus, a hacking, a system intrusion, a system manager authority acquisition, an intrusion cover-up and the like. As a result, a network security technology such as a virus vaccine, a firewall, an integrated security management, an intrusion detection system, and the like are required in order to handle the security problems of Internet. Accordingly, a router, which is a key component of the Internet, controls a data packet flow in a network and determines an optimal path thereof so as to reach an appropriate destination. An error of the router or an attack against the router can damage an entire network. This paper relates to a method for RSMS (router security management system) for secure networking based on a security policy. Security router provides functions of a packet filtering, an authentication, an access control, an intrusion analysis and an audit trail in a kernel region. Security policy has the definition of security function against a network intrusion.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.239-246
• /
• 2021

This article substantiates the scientific provisions for modelling the level of Ukraine's public financial security taking into account the impact of budget policy, in the process of which identified indicators of budget policy that significantly affect the public financial security and the factors of budget policy based on regression analysis do not interact closely with each other. A seven-factor regression equation is constructed, which is statistically significant, reliable, economically logical, and devoid of autocorrelation. The objective function of maximizing the level of public financial security is constructed and strategic guidelines of budget policy in the context of Ukraine's public financial security are developed, in particular: optimization of the structure of budget revenues through the expansion of the resource base; reduction of the budget deficit while ensuring faster growth rates of state and local budget revenues compared to their expenditures; optimization of debt serviced from the budget through raising funds from the sale of domestic government bonds, mainly on a long-term basis; minimization of budgetary risks and existing threats to the public financial security by ensuring long-term stability of budgets etc.

• International Area Studies Review
• /
• v.22 no.4
• /
• pp.55-75
• /
• 2018

In China, different from the private enterprises or the locally-administered state enterprises, central state-owned enterprises generally spread over cornerstone industry which is greatly influenced by the public policy, which results in the objective existence of government influence in their productive activities. As the strategic resource, listed companies controlled by central state-owned enterprises, mostly distributed in the lifeblood and security of key industries. Therefore, listed companies controlled by central state-owned enterprises' governance efficiency play an important role in optimal allocation of state-owned assets, improve capital operation, improve the return on capital, and maintain state-owned assets safety. As the immune systems of national governance, the government audit strengthen the supervision of listed companies controlled by central state-owned enterprises in case of the loss of state-owned assets and significant risk events occur, to ensure that the value of state-owned assets. As an important component of national governance, government audit produced in entrusted with the economic responsibility of public relationship. Government audit can play an important role in maintaining financial security and corruption, and also improve listed company's accounting stability and transparency. While government audit can improve governance efficiency and maintain state-owned assets safety, present literature is scarce. Under the corporate governance theory and the economical responsibility theory, the thesis select data from 2010-2017 to verify the relationship between government audit and listed companies controlled by central state-owned enterprises' corporate performance. Results show that listed companies controlled by central state-owned enterprises are more likely to be audited by government of poor performance. Results also show that the government audit will have a promoting effect on listed companies controlled by central state-owned enterprises, and through to the improvement of the governance efficiency will enhance its companies' value. The results show that China's government audit has appealing role in accomplishing central state-owned enterprises to realize the business objectives and in promoting the governance efficiency.

• Proceedings of KOSOMES biannual meeting
• /
• 2004.11a
• /
• pp.13-16
• /
• 2004

2001년 9월 11일 미국에 대한 항공기 데러 이후 해상화물운송선박 및 항만시설에 대한 해상 테레에 대비하고자 IMO에서 "국제선박 및 항만시설보안 코드(ISPS Code)"를 제정 및 채택하여 2004년1월 1일부터 발효 중이다. 이와 관련하여 선박에서 이를 적용하기 위하여 해운선사에서는 많은 노력을 경주하였으며 보안시스템을 효과적으로 운영하는가에 대한 검증은 선박보안심사를 통하여 이루어지고 있다. 또한 보안시스템을 운영하고자 할 경우에는 회사보안책임자, 선박보안책임자 및 해상종사자에 대한 효과적인 사전교육이 반드시 필요한 실정이다. 따라서 향후 선박보안심사는 ISM 심사와의 차이를 고려하여 시스템의 이해 및 운영, 보안설비 정비, 보안사건 발생시 비상대응 및 시스템활동기록의 검증에 집중하여야 하며 ISM 심사와의 통합형태가 되어야 할 것이다. 또한 선박보안교육의 경우에는 교육기관을 통한 보안교육에만 의존할 것이 아니라 승선 전 및 승선 후 교육을 통하여 보안의식을 고양시키어야 한다.

• 한국IT서비스학회:학술대회논문집
• /
• 2003.05a
• /
• pp.145-152
• /
• 2003

본 연구의 선행 연구에서는 증권시스템의 기능점수를 직접 구하여 기능점수와 운영비용과의 회귀분석을 실시하였다. 수집된 자료의 건수가 적었던 관계로 통계적 유의성을 충분하게 확보하지 못하였다. 따라서 본 연구에서는 증권시스템의 기능점수를 직접 측정하는 것이 현실적으로 많은 제약이 있음을 감안하여, 비교적 자료 수집이 용이한 프로그램 본 수를 측정하였다. 이러한 프로그램 본 수는 스텝 수로 1차 변환이 되었고, 스텝 수는 다시 기능점수로 2차 변환이 되었다. 이렇게 변환된 기능점수와 운영비용과의 회귀분석을 실시하였으며, 증권정보시스템 운영비용 추정 모델을 제시하였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.4
• /
• pp.33-43
• /
• 2001

This paper presents a secure Linux OS in which multi-level security functions are implemented at the kernel level. Current security efforts such as firewall or intrusion detection system provided in application-space without security features of the secure OS suffer from many vulnerabilities. However the development of the secure OS in Korea lies in just an initial state, and NSA has implemented a prototype of the secure Linux but published just some parts of the technologies. Thus our commercialized secure Linux OS with multi-level security kernel functions meets the minimum requirements for TCSEC B1 level as well kernel-mode encryption, real-time audit trail with DB, and restricted use of root privileges.

• The KIPS Transactions:PartC
• /
• v.10C no.2
• /
• pp.145-154
• /
• 2003

Current security efforts provided in such as firewall or IDS (intrusion detection system) of the network level suffer from many vulnerabilities in internal computing servers. Thus the necessity of secure OS is especially crucial in today's computing environment. This paper identifies secure OS requirements, analyzes tile research trends for secure Linux in terms of security kernel, and provides the descriptions of the multi-level security(MLS) Linux kernel which we have implemented. This security kernel-based Linux meets the minimum requirements for TCSEC Bl class as well providing anti-hacking, real-time audit trailing, restricting of root privileges, and enterprise suity management functions.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.121-127
• /
• 2022

Recently, social issues related to cryptocurrency mining are continuously occurring at the same time as cryptocurrency prices are rapidly increasing. In particular, since cryptocurrency can be acquired through cryptographic operation, anyone with a computer can easily try mining, and as the asset value of major cryptocurrencies such as Bitcoin and Ethereum in creases, public interest is increasing. In addition, the number of cases where individuals who own high-spec computers mine cryptocurrencies in various places such as homes and businesses are increasing. Some miners are mining at companies or public places, not at home, due to the heat problem of computers that consume a lot of electrical energy, causing various problems in companies as well as personal moral problems. Therefore, this study studies the technology to obtain evidence for the traces of mining attempts using the Windows artifacts of the computers that mined cryptocurrency. Through this, it is expected that it can be used for internal audit to strengthen corporate security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.10 no.1
• /
• pp.39-52
• /
• 2000

컴퓨터망의 확대 및 컴퓨터 이용의 급격한 증가에 따른 부작용으로 컴퓨터 보안 문제가 중요하게 대두되고 있다. 이에 따라 침입자들로부터 침입을 줄이기 위한 침입탐지시스템에 관한 연구가 활발하다. 본 논문에서는 컴퓨터 면역 시스템을 바탕으로 한 새로운 IDS 모델을 제안하고, 이를 설계하고 프로토타입을 구현하는 그 타당성을 보인다. 제안한 모델에서 IDS들은 여러 컴퓨터에 분산되고, 분산된 IDS들 중 어느 하나가 특권 프로세스(Privilege process)에 의해 발생된 시스템 호출 순서 중 비정상적인 시스템 호출을 탐지한 경우 이를 다른 IDS들과 서로 동적으로 공유하여 새로운 침입에 대한 면역력을 향상시킨다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.665-666
• /
• 2009

정보통신 기술과 저장 매체의 발전으로 많은 분야에 편리함과 더불어 산업기밀유출사고의 위험이 늘어나고 있다. 보안사고 중 80% 이상이 인적 보안 유출 이였으며 현직 직원의 유출은 약 25%정도의 부분을 차지하고 있었다. 기존의 단순한 시스템 로그 정보를 이용한 사용자 감사기술, DRM을 이용한 데이터 보호기술방법 보다는 진보된 방법이 필요하다. 사용자 정보와 시스템 정보, 시스템 콜 정보 수집을 통한 구분된 감사데이터의 통계기법을 이용한 지능적인 이상행위 탐지 기법을 제시한다.