• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.8C
• /
• pp.748-757
• /
• 2002

Cyber-terror trials are increased in nowadays and these attacks are commonly using security vulnerability and information gathering method by variable services grew by the continuous development of Internet Technology. IDS's application environment is affected by this increasing Cyber Terror. General Network based IDS detects intrusion by signature based Intrusion Detection module about inflowing packet through network devices. Up to now security in network is commonly secure host, an regional issue adopted in special security system but these system is vulnerable intrusion about the attack in globally connected Internet systems. Security mechanism should be produced to expand the security in whole networks. In this paper, we analyzer the DARPA's program and study Infusion Detection related Technology. We design policy security framework for policy enforcing in whole network and look at the modules's function. Enforcement of security policy is acted by Intrusion Detection system on gateway system which is located in network packet's inflow point. Additional security policy is operated on-line. We can design and execute central security policy in managed domain in this method.

• The KIPS Transactions:PartC
• /
• v.12C no.3 s.99
• /
• pp.369-378
• /
• 2005

War simulation system is a virtual space that my tactical simulation exercise is held. The data used in this system are considered sensitive and needs to be protected. But suity vulnerabilities and possible security loopholes were not considered when designing the war game simulation system. So currently the systemis highly vulnerable against hackers and data leakages. This paper proposed a security system for war game simulation system based on considering the currently vulunerabilities and possible suity leakages. The proposed security system supports security patches. In this paper, we analyze vulunerabilities of the running environment of current system and we design and implement the security system that is consisted of three components : Authentication System, Encryption System and Network Security System. The security patches are safe and there are no negative effects on the system's performance. The patches are proved to be effective and very reliable towards solving the security vulnerabilities.

• Journal of the Society of Disaster Information
• /
• v.9 no.3
• /
• pp.290-299
• /
• 2013

This study is to present an improvement of security for the National Assembly by survey of persons who use the National Assembly facilities. Most of respondent said that their security consciousness level is above average, and they know National Assembly building is National Major Facility First class but they did not know well what the Major Facility First class is. Many of respondents thought security design of National Assembly building is inadequate, so reinforcement of access control management is necessary. For reinforcement of access control management, security gate and preparing of some obstacles are required. They said that they could put up with inconveniences incurred as a result of reinforcement of access control management, that could be affected positively for the reinforcement. The recognition on the necessity of security education is high, but there is no proper security education program. For practical security education, contents and different method followed by different facilities user should be considered.

• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.107-113
• /
• 2019

Data security is the planning, implementation and implementation of security policies and procedures for the proper audit and authorization of access to and use of data and information assets. In addition, data serviced through internal / external networks, servers, applications, etc. are the core objects of information protection and can be said to focus on the protection of data stored in DB and DB in the category of information security of database and data. This study is a preliminary study to design a proper Data Security Management System (DSMS) model based on the data security certification system and the US Federal Security Management Act (FISMA). And we study the major security certification systems such as ISO27001 and NIST's Cybersecurity Framework, and also study the state of implementation in the data security manager solution that is currently implemented as a security platform for preventing personal data leakage and strengthening corporate security.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.2
• /
• pp.233-245
• /
• 2010

This paper proposes security architecture, security audit framework, and audit check item. These are based on the security requirement that has been researched in the information system audit. The proposed information security architecture is built in a way that it could defend a cyber attack. According to its life cycle, it considers a security service and security control that is required by the information system. It is mapped in a way that it can control the security technology and security environment. As a result, an audit framework of the information system is presented based on the security requirement and security architecture. The standard checkpoints of security audit are of the highest level. It was applied to the system introduction for the next generation of D stock and D life insurance company. Also, it was applied to the human resources information system of K institution and was verified. Before applying to institutions, system developers and administrators were educated about their awareness about security so that they can follow guidelines of a developer security. As a result, the systemic security problems were decreased by more than eighty percent.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.763-780
• /
• 2024

As the domestic and international landscape undergoes rapid changes, the importance of implementing security measures in response to the growing threats that businesses face is increasing. In this context, the need for Security by Design (SbD), integrating security from the early design stages, is becoming more pronounced, with threat modeling recognized as a fundamental tool of SbD. Particularly, to save costs and time by detecting and resolving security issues early, the application of the Shift Left strategy requires the involvement of personnel with limited security expertise, such as software developers, in threat modeling. Although various automated threat modeling tools have been released, their lack of user-friendliness for personnel lacking security expertise poses challenges in conducting threat modeling effectively. To address this, we conducted an analysis of research related to threat modeling tools and derived usability evaluation criteria based on the GQM(Goal-Question-Metric) approach. An expert survey was conducted to validate both the validity and objectivity of the derived criteria. We performed usability evaluations of three threat modeling tools (MS TMT, SPARTA, PyTM), and the evaluation results led to the conclusion that MS TMT exhibited superior usability compared to other tools. This study aims to contribute to the creation of an environment where personnel with limited security expertise can effectively conduct threat modeling by proposing usability evaluation criteria.

• The Journal of Information Systems
• /
• v.25 no.2
• /
• pp.51-77
• /
• 2016

Purpose Organizations invest significant portions of their budgets in fortifying information security. Nevertheless, the security threats by employees are still at large. We discuss methods to reduce security threats that are posed by employees in organization. This study finds antecedent factors that increases or decreases employee's compliance intention. Also, the study suggests organizations' security environmental factors which influences the antecedent factors of compliance intention. Design/methodology/approach The structural equation model is then applied in order to verify this research model and hypothesis. Data were collected on 415 employees working in organizations with an implemented information security policy in South Korea. We analyzed the fitness and validity of the research model via confirmatory factor analysis in order to verify the research hypothesis, then we analyzed structural model, and derived the result. Findings The result shows that organizational commitment and peer behavior increase security compliance intention of employees, while security system anxiety decreases compliance intention. And, organization's physical security system and security communication both have influence on antecedent factors for information security compliance of employees. Our findings help organizations to establish information security strategies that enhance employee security compliance intention.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.12B
• /
• pp.728-734
• /
• 2007

In this paper, we propose a GOSST(Grade Of Services Steiner minimum Tree) heuristic mechanism for the design of a physical multiple security grade network with minimum construction cost. On the network, each node can communicate with other nodes by its desiring security grade. Added to the existing network security methods, the preventing method from illegal physical access is necessary for more safe communication. To construct such network with minimum cost, the GOSST problem is applied. As the GOSST problem is a NP-Hard problem, a heuristic with reasonable complexity is necessary for a practical solution. In this research, to design the physical multiple security grade network with the minimum construction cost, the reformed our previous Distance Direct GOSST heuristic mechanism is proposed. The mechanism brings average 29.5% reduction in network construction cost in comparison with the experimental control G-MST.

• Convergence Security Journal
• /
• v.12 no.3
• /
• pp.11-17
• /
• 2012

According to ISO/IEC 9000, quality to satisfy users' requirements when using the product or service is defined as the characteristics of the synthesized concept. Secure web application coding information systems with the reliability and quality of service is one of the determining factor. Secure coding in order to achieve the quality based on the model is necessary. The reason is that the security is in quality properties in the range of non-functional requirements that necessitates. Secure coding for the design of quality systems based on the quality of the definition of quality attributes, quality requirements, quality attribute scenarios are defined, and must be set. To this end, referring to IEEE 1061 quality model for web application, quality model structure is developed. Secure web application architecture design is composed of coding quality of the model systems, web applications draw interest to stakeholders, decision drivers secure coding architecture, quality attributes, eliciting quality requirements of the security settings, creating web application architecture descriptions and security framework.

• Convergence Security Journal
• /
• v.24 no.1
• /
• pp.43-49
• /
• 2024

The convergence of education and technology has been emphasized, leading to the application of educational technology (EdTech) in the field of education. EdTech provides learner-centered, customized learning environments through various media and learning situations. In this paper, we designed hardware for EdTech-based educational tools for IoT security education in the field of cybersecurity education. The hardware is based on a dual microcontroller unit (MCU) within a single board, allowing for both attack and defense to be performed. To leverage various sensors in the Internet of Things (IoT), the hardware is modularly designed. From an educational perspective, utilizing EdTech in cybersecurity education enhances engagement by incorporating tangible physical teaching aids. The proposed research suggests that the design of IoT security education hardware can serve as a reference for simplifying the creation of a security education environment for embedded hardware, software, sensor networks, and other areas that are challenging to address in traditional education..