• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.1
• /
• pp.24-45
• /
• 2012

In this paper, we present a survey of security and privacy preserving issues in M2M communications in Cyber-Physical Systems. First, we discuss the security challenges in M2M communications in wireless networks of Cyber-Physical Systems and outline the constraints, attack issues, and a set of challenges that need to be addressed for building secure Cyber-Physical Systems. Then, a secure architecture suitable for Cyber-Physical Systems is proposed to cope with these security issues. Eventually, the corresponding countermeasures to the security issues are discussed from four aspects: access control, intrusion detection, authentication and privacy preserving, respectively. Along the way we highlight the advantages and disadvantages of various existing security schemes and further compare and evaluate these schemes from each of these four aspects. We also point out the open research issues in each subarea and conclude with possible future research directions on security in Cyber-Physical Systems. It is believed that once these challenges are surmounted, applications with intrinsic security considerations will become immediately realizable.

• Journal of the Korean Society of Safety
• /
• v.27 no.3
• /
• pp.77-82
• /
• 2012

The leakage of toxic chemicals impact seriously on human being and environment, therefore during their treatment process, a proper management system is necessary to control their toxic effect. This study was designed to suggest the management regulation that supports business managers and facilities management. There are no extra regulation to control emergency accidents and terrors in chemical facilities. Developed countries like USA operate the management standards to control the toxic chemical and facilities according to their toxicity and processes. In order to solve this problem, we have analysed the advanced nations standard methods of security in chemical plants to study the new security management regulation which helps to prevent the chemical accidents. Especially, in USA, CCPS (Center for Chemical Process Safety), SVA (Security Vulnerability Assessment) and RBPSs (Risk-Based Performance Standards) of DHS (Department of Homeland Security) were invest I gated. On the basis of the results, we have suggested the application methods of the security and safety regulation in Korea.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1319-1328
• /
• 2014

While the recent advance in network system has made it easier to collect and process personal information, the loss of customers, financial companies and even nations is getting bigger due to the leakage of personal information. Therefore, it is required to take a measure to prevent additional damage from the illegal use of leakaged personal information. Currently, financial companies use access control in accordance with job title or position on general documents as well as important documents including personal information. Therefore, even if a documents is confidential, it is possible for a person of the same job title or position to access the document properly. This paper propose setting up security grade of documents to improve current access control system. It will help preventing the leakage of personal information.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.1
• /
• pp.79-90
• /
• 2017

If digital forensic investigators can utilize file access logs when they audit insider information leakage cases or incident cases, it would be helpful to understand user's behaviors more clearly. There are many known artifacts related to file access in MS Windows. But each of the artifacts often lacks critical information, and they are usually not preserved for enough time. So it is hard to track down what has happened in a real case. In this thesis, I suggest a method to utilize SACL(System Access Control List) which is one of the audit functions provided by MS Windows. By applying this method of strengthening the Windows's audit settings, even small organizations that cannot adopt security solutions can build better environment for conducting digital forensic when an incident occurs.

• Asia pacific journal of information systems
• /
• v.8 no.2
• /
• pp.105-119
• /
• 1998

As the first step to information security, the security policy and organizational control need to be established. The purpose of this study is to investigate the policy and management of information security of five major Korean business groups. The results of case study on five giant groups can be summarized as follows. There exists a basic policy for information security. But it is outdated and not realistic in the present. The security audit and education need to be upgraded. It is also necessary to use security tools actively. The security level is low in companies which do not have independent information security divisions. Therefore, it is desirable to build information security teams. The number of security personnel is not enough for the task although there exist an information security team in the company. It is important to check if the team has the ability of perform information security task. The interview with security managers reveals that the total security management should be integrated with physical and computer security. It is suggested that an Information Security Center play the major role for information security. The study on the information security management for industry level is expected to be performed in the future.

• Convergence Security Journal
• /
• v.12 no.2
• /
• pp.87-98
• /
• 2012

The department has established a variety of studies and training courses and has tried to nurture talented people for security companies. However, the research is marginal, and each university department of security guard education, curriculum falling due after graduating students. Moreover, even if students are occupied an employment exceptional adaptability has occurred. Therefore, each university of private security department will need to collaborate with competitive private security company for reinforce and employment rate in center of experienced field. Then, the security's society will be placed in professional occupation, elevate the phase and will decrease the turnover rate. Qualification system of private security have been indicated in distrust, moreover the system have to be adjusted because not enough effort, control system, cooperation system with training center, one-sided emphasis and private inquiry by adding in private security law.

• Journal of Advanced Navigation Technology
• /
• v.13 no.4
• /
• pp.586-599
• /
• 2009

Recently, a lot of nations are establish and researches the u-City which ubiquitous technology based city, and u-City Management Center(UMC) is also establish and researches. Technical researches of UMC are increasing. However, administrator privilege management researches for UMC is not enough. If we don't manage to administrator privilege who can access and control all of information in UMC, security problems will be occurs. Therefore, in this paper, analyses of administrator privilege management security problems, and proposed administrator privilege management system classification.

• Proceedings of the KIEE Conference
• /
• 1995.07a
• /
• pp.308-310
• /
• 1995

Most of the elevator door controllers have been controlled by DC Motors as an actuator. Recently, The control system using AC induction motor and general purpose inverter has been applied to control of elevator door. But there are some difficulties in making use of this system, such as adjustment of door speed pattern, door open-close time, and security of passenger safety. In order to solve these problems, a special inverter has, been developed with an encoder feedback. From the result of field-test, we proved that a special inverter with encoder feedback device has come to considerable effect. Until now about 1,200 sets of these inverters are operated in Korea and about 100 sets are operated in South-east Asia.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.5
• /
• pp.2427-2445
• /
• 2016

In contrast to traditional "store-and-forward" routing mechanisms, network coding offers an elegant solution for achieving maximum network throughput. The core idea is that intermediate network nodes linearly combine received data packets so that the destination nodes can decode original files from some authenticated packets. Although network coding has many advantages, especially in wireless sensor network and peer-to-peer network, the encoding mechanism of intermediate nodes also results in some additional security issues. For a powerful adversary who can control arbitrary number of malicious network nodes and can eavesdrop on the entire network, cryptographic signature schemes provide undeniable authentication mechanisms for network nodes. However, with the development of quantum technologies, some existing network coding signature schemes based on some traditional number-theoretic primitives vulnerable to quantum cryptanalysis. In this paper we first present an efficient network coding signature scheme in the standard model using lattice theory, which can be viewed as the most promising tool for designing post-quantum cryptographic protocols. In the security proof, we propose a new method for generating a random lattice and the corresponding trapdoor, which may be used in other cryptographic protocols. Our scheme has many advantages, such as supporting multi-source networks, low computational complexity and low communication overhead.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.103-108
• /
• 2021

The emergence of new technologies and their implementation by different manufacturers of electronic devices are experiencing an ascending trend. Most of the time, these protocols are expected to reach a certain degree of maturity, and electronic equipment manufacturers use simplified communication standards and interfaces that have already reached maturity in terms of their development such as ModBUS, KNX or CAN. This paper proposes an IoT solution of the Smart Home type based on an Analysis and Prediction System. A data acquisition component was implemented and there was defined an algorithm for the analysis and prediction of actions based on the values collected from the data update component and the data logger records.