• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.3
• /
• pp.129-141
• /
• 2006

The purpose of this paper is to design Conformance Test Suite for BSP(Biometric Service Provider) based on BioAPI(Biometric Application Programming Interface) v2.0. The proposed BioAPI Conformance Test Suite enables users to test BSP with framework independently. A test scheduling tool has been embodied to use Test Assertion in the form of XML. In order to demonstrate the performance of the Conformance Test Suite, the experiment was performed by using both verification and identification BSPs. As the results of this experiment, we were able to determinate whether BSPs based on BioAPI v2.0 satisfied standard requirements or not.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.4
• /
• pp.3-11
• /
• 2004

The XML has been becoming a basis of the related application and industry standards with proliferation of electronic transactions on the web, and the standardization on XML Signature, which can be applied to the digital contents including XML objects from one or more sources, is in the progress through a joint effort of W3C(World Wide Web Consortium) and IETF(Internet Engineering Task Force). Along with this trend, the development of products implementing XML Signature has been growing, and the XML Signature products are required to implement the relevant standards correctly to guarantee the interoperability among different XML Signature products. In this paper, we propose a conformance testing method for testing the XML Signature products, which includes a testing procedure and test cases. The test cases were obtained through analysis of XML Signature standards. Finally we describe the design and uses of our XML Signature conformance testing tools which implements our testing method.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.15 no.2
• /
• pp.53-61
• /
• 2019

In this paper, we propose 'a self - conformance system of convergence security provider' to provide basic data for security and reliability of convergence industrial technology, system and service. It is difficult to evaluate convergence security systems, limited to information and communication service providers, unable to check convergence security items, burden of submission documents, difficulty in measuring convergence security service level and we will summarize product and service-based requirements that can be integrated and systematically measure the level of convergence security and define renewed life cycle-based convergence security information and content security and assurance requirements. On the basis of this, each convergence security company declares conformity with the standard itself without the certification of the certification body, and introduces the provider conformity certification system which can manufacture and sell. This will enable the company to strengthen its competitiveness through timely launch and implementation of products and services and cost reduction.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.6 no.4
• /
• pp.67-84
• /
• 1996

VDL-SL (Vienna Development Method-Specification Language) is one of the FSL(Formal Specification Language) which is being presented for the correct description of the security relevant standards. Several tools are being developed for the correctness and the convenience in the description and executable code generation of security relevant standards using VDM-SL. The IFAD VDM-SL Toolbox is one that has many functions : syntax checking, type checking, c++ code generation, test coverage information. This paper describes a formal method for description and implementation of MD4 algorithm using VDM-SL and IFAD VDM-SL Toolbox, and examines the result applied to secure hash algorithm, and proposes the relation to strict conformance test which recently suggested as a security test method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.2
• /
• pp.45-58
• /
• 2001

There are relatively many research results of the validation of the cryptography. But few researches on the validation of cryptography implementations were accomplished. However, developer\`s misunderstanding the crypto-algorithm or a mistake in implementation of the crypto-a1gorithm leads to lose reliability of security products. Therefore, as validation of the crypto-algorithm itself also validation of the implementation is important. The major objective of this paper is to propose Security Products Validation Tool. Our tool validates implementation of the public key algorithm (RSA. KCDSA) and hash algorithm (SHA-1, HAS-170). The validation process is composed of several items and our tool performs validation teats for conformance to related standard.

• The Magazine of the IEIE
• /
• v.30 no.6
• /
• pp.624-637
• /
• 2003

CMVP(Cryptographic Module Validation Program) validates cryptographic modules to FIPS 140-1, 2, and other FIPS cryptography based standards. This paper gives an overview of the CMVP, cryptographic modules, cryptographic algorithms, and the applicable standards. This provides a brief overview of the security requirements that must be met by each cryptographic module that is submitted to a CMT laboratory for conformance testing and describes the Cryptographic Algorithm Testing.

• Nuclear Engineering and Technology
• /
• v.52 no.5
• /
• pp.995-1001
• /
• 2020

With the development of digital instrumentation and control (I&C) devices, cyber security at nuclear power plants (NPPs) has become a hot issue. The Stuxnet, which destroyed Iran's uranium enrichment facility in 2010, suggests that NPPs could even lead to an accident involving the release of radioactive materials cyber-attacks. However, cyber security research on industrial control systems (ICSs) and supervisory control and data acquisition (SCADA) systems is relatively inadequate compared to information technology (IT) and further it is difficult to study cyber-attack taxonomy for NPPs considering the characteristics of ICSs. The advanced research of cyber-attack taxonomy does not reflect the architectural and inherent characteristics of NPPs and lacks a systematic countermeasure strategy. Therefore, it is necessary to more systematically check the consistency of operators and regulators related to cyber security, as in regulatory guide 5.71 (RG.5.71) and regulatory standard 015 (RS.015). For this reason, this paper attempts to suggest a template for cyber-attack taxonomy based on the characteristics of NPPs and exemplifies a specific cyber-attack case in the template. In addition, this paper proposes a systematic countermeasure strategy by matching the countermeasure with critical digital assets (CDAs). The cyber-attack cases investigated using the proposed cyber-attack taxonomy can be used as data for evaluation and validation of cyber security conformance for digital devices to be applied, and as effective prevention and mitigation for cyber-attacks of NPPs.

• Journal of Convergence for Information Technology
• /
• v.8 no.5
• /
• pp.85-93
• /
• 2018

This study investigates the suitability of the blockchain and FIDO among non-face-to-face authentication means in order to secure diversity of identfication means operated in South Korea. In order to do this, the study selected and analyzed seven conformance criteria (universality, persistence, uniqueness, convenience, security, applicability, and economics), and the results were appropriate. Accordingly, in order to apply the blockchain and FIDO as the identification means, the related regulations and notices should be revised to improve the identification procedure. In addition, differentiated certification standards should be established for each service field to apply various authentication means as well as existing identification means, and the authentication means should be continuously developed and linked with the service. In the future, the identification means will bring security of the information circulation environment in the IoT, so it should be implemented in a variety of services by supporting application of identification means.

• Proceedings of the Korea Contents Association Conference
• /
• 2006.11a
• /
• pp.599-603
• /
• 2006

Korea Information Security Agency has executed the certification system for the information security management since 2002 and examines the conformance of the IDCs'total management system including the technical and the physical protection measure. However, this certification system has the standard only for the IDC in the wire/wireless segregated and the evaluation method for the wire/wireless integrated has not been suggested yet. This paper is on the basis of "Accumulation Information Communication Facility Secure Principle", guidelines of Wireless LAN security operation, the existing principles and recommendations of the information security and the data on IDC environment. And the paper suggests the IDC network model in the wire/wireless integrated and the IDC evaluation method.

• 한국IT서비스학회:학술대회논문집
• /
• 2007.11a
• /
• pp.562-567
• /
• 2007

분산 환경에서 신분 확인을 위한 생체인증기기가 이용되는 경우 그 기기가 생체인증 표준인 BioAPI를 준용하여 제대로 구현된 것인가에 대한 적합성 시험이 필요하게 된다. 이러한 적합성 시험은 분산 환경의 사용자 및 서비스 제공자에게 표준 규격을 준용한 제품이라는 신뢰성을 주게 된다. 기존에 제공되는 있는 BioAPI(Biometric Application Programming Interface) v2.0 기반의 BSP(Biometric Service Provider)는 오프라인 상에서 BioAPI기반의 제품의 준용 여부만을 평가하기 때문에 분산 환경에서 여러 사람이 동시에 준용 여부를 평가 받기 힘들며 이에 따른 동시 서비스 제공도 불가능하다. 본 논문에서는 BioAPI v2.0 기반의 제품들이 분산 환경에서 제공되는 9개 모델의 표준화된 환경으로 구분하고, 원활한 적합성 시험을 위하여 XML기반의 Test Assertion을 설계하여 생체인증 API 표준 적합성을 시험하였다. XML Test Assertion을 이용한 생체인증 적합성 시험을 위한 메시지 플로우를 밝혀 그 타당성을 입증하였다.