• Convergence Security Journal
• /
• v.6 no.2
• /
• pp.31-42
• /
• 2006

In this paper, we proposed an integrated infrastructure for optimal information security to resolve these kinds of problems and to implement more powerful protection. The proposed infrastructure presents a security framework, provides a functional mechanism, and implements a scheme for information security based on the design concept of integrated structures. In order to ensure effective malicious traffic blocking, this paper emphasizes that a comprehensive approach through infrastructure improvement and combination of scanning tool is the only measure for preparing against today's environment of virus infiltration. The proposed model is a measure developed at a time when a permanent technological solution to virus is yet to be developed. A performance analysis model is developed and the performance is evaluated through the case studies for the proposed methodology. The effectiveness of the infrastructure for optimal information security needs the continuous diagnostic evaluation and tuning through the users or the organizations.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.8
• /
• pp.1435-1442
• /
• 2006

The ideal method of safety evaluation is to verify results of execution against all possible operations within operating system, but it is impossible. However, the formal method can theoretically prove the safety on actual logic of operating system. Therefore we explain the contents of the art of the safety verification of security kernel, and make a comparative study of various standardized formal verification tools. And then we assigned PVS(Prototype Verification system) of SRI(Stanford Research Institute) to verify the safety of a modified BLP(Bell & LaPadula) model, the core access control model of multi-lavel based security kernel. Finally, we describe formal specification of the revised BLP model using the PVS, and evaluate the safety of the model by inspecting the specification of the PVS.

• Convergence Security Journal
• /
• v.12 no.6
• /
• pp.11-17
• /
• 2012

Network security performance evaluation is a complex and diverse system environments, a single, specific performance measurements alone performance evaluation measure itself and the meaning of the reliability of the evaluation results do not limit the number of days only. In this paper, we propose a method to measure the security features of security, QoS measurement techniques using MOS satisfaction. MOS(Mean Opinion Score) Rating specifications for network security, QoS satisfaction and how to operate the development and operational model for future customer's satisfaction for information systems that can be used to evaluate the QoS measurement/analysis be utilized in the field. Objectified in the form of standards and performance measurement system provider (supplier development) and consumers(users) all the results available so that how to develop a system. Development is the development of information security features, the performance of these two features networking capabilities and a comprehensive evaluation of a three-gaeyoungyeok Correlating performance measurement methodology. Systematic measurement environment designed using the proposed methodology of this study, when the operating system is on the satisfaction of the security, QoS can be calculated. Forward In addition, a variety of performance metrics and performance measurement methods by extending the network security system satisfaction rating upgrade by the way will be.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.9
• /
• pp.4197-4219
• /
• 2017

Cloud computing is a new service to provide dynamic, scalable virtual resource services via the Internet. Cloud market is available to multiple cloud computing resource providers and users communicate with each other and participate in market transactions. However, since cloud computing is facing with more and more security issues, how to complete the allocation process effectively and securely become a problem urgently to be solved. In this paper, we firstly analyze the cloud resource allocation problem and propose a mathematic model based on combinatorial double auction. Secondly, we introduce a trust evaluation mechanism into our model and combine genetic algorithm with simulated annealing algorithm to increase the efficiency and security of cloud service. Finally, by doing the overall simulation, we prove that our model is highly effective in the allocation of cloud resources.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.6
• /
• pp.3273-3308
• /
• 2017

Building appropriate trust evaluation models is an important research issue for security guarantee in social networks. Most of the existing works usually consider the trust values at the current time slot, and model trust as the stochastic variable. However, in fact, trust evolves over time, and trust is a stochastic process. In this paper, we propose a novel time-variant stochastic trust evaluation (TSTE) model, which models trust over time and captures trust evolution by a stochastic process. Based on the proposed model, we derive the time-variant bound of untrustworthy probability, which provides stochastic trust guarantee. On one hand, the time-variant trust level of each node can be measured by our model. Meanwhile, by tolerating nodes with relatively poor performance, our model can effectively improve the node resource utilization rate. Numerical simulations are conducted to verify the accuracy and consistency of the analytical bounds on distinguishing misbehaved nodes from normal ones. Moreover, simulation results on social network dataset show the tradeoff between trust level and resource utilization rate, and verify that the successful transmission rate can be improved by our model.

• Journal of Power Electronics
• /
• v.16 no.2
• /
• pp.685-694
• /
• 2016

This paper presents a reliability assessment model for the power semiconductors used in wind turbine power converters. In this study, the thermal loadings at different timescales of wind speed are considered. First, in order to address the influence of long-term thermal cycling caused by variations in wind speed, the power converter operation state is partitioned into different phases in terms of average wind speed and wind turbulence. Therefore, the contributions can be considered separately. Then, in regards to the reliability assessment caused by short-term thermal cycling, the wind profile is converted to a wind speed distribution, and the contribution of different wind speeds to the final failure rate is accumulated. Finally, the reliability of an actual power converter semiconductor for a 2.5 MW wind turbine is assessed, and the failure rates induced by different timescale thermal behavior patterns are compared. The effects of various parameters such as cut-in, rated, cut-out wind speed on the failure rate of power devices are also analyzed based on the proposed model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.853-862
• /
• 2021

Today, disturbance and paralysis of information and communication infrastructure by electronic infringement of national infrastructure is emerging as a threat. Accordingly, the government regularly implements the vulnerability analysis and evaluation system of major information and communication infrastructure to protect the information system and control system of major infrastructure, and invests increased human and material resources every year to efficiently operate it. However, despite the government's efforts, as infringement accidents and attempts targeting national infrastructure continue to occur, the government's resource input to prepare the information protection foundation has little effect on the information protection activity result calculation, making the evaluation system not efficient. The question arises that it is not. Therefore, in this study, we use the DEA model to review the efficient operation of the vulnerability analysis and evaluation system for major information and communications infrastructure, and suggest improvement measures to enhance the level of information protection based on the analyzed results.

• Convergence Security Journal
• /
• v.16 no.6_2
• /
• pp.73-82
• /
• 2016

This study is to investigate the Effect of Career Choice Motives of the Private Security Guards on Job choice evaluation and Job Attitude. For this study visiting the 8 companies around the capital area and surveyed from May 1st to October 10th 2015 using the stratified random sampling method. A total of 240 questionnaires were distributed and among them, 220 copies were used except for analysis. I used SPSSWIN 21.0 and AMOS 21.0 to reliability analysis, factor analysis, analysis of structural equation model, path analysis. The level of statistical significance was set to .05. The following are conclusions. Job choice motivation has a positive effect on Job choice evaluation and Job attitude but Job choice evaluation doesn't play intermediary role on relationship between Job choice motivation and Job attitude.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.161-170
• /
• 2008

Despite the recent growth in size and frequency of damages caused by illegal information breaches, current business counter-measures and precautionary systems are greatly limited. Some major companies have developed Information Security Management Systems (ISMS) to safeguard their vital information; however, such measures are largely based on the ISO27001 and lacks in many aspects to grasp the holistic corporate security level and reinforce precautionary measures. The information protection level evaluation model introduced in this paper is a pragmatic evaluative tool that can be utilized to devise effective corporate information security precautionary measures and countermeasures, based on the BSC (Balanced ScoreCard) method for an actual and realistic corporate information security level evaluation possible.

• The KIPS Transactions:PartC
• /
• v.10C no.4
• /
• pp.423-432
• /
• 2003

It is essential suity management and standardized asset analysis for telecommunication networks, however existing risk analysis methods and tools are not enough to give shape of the method to evaluate value and asset. they only support asset classification schemes. Moreover, since the existing asset classification schemes are to evaluate comprehensive general risk, they are not appropriate for being applied telecommunication networks and they can´t offer any solutions to an evaluator´s subjectivity problem. In this paper, to solve these problems, we introduce the standardized definition of asset evaluation model new asset classification scheme, two-dimensional asset process classification scheme to consider business process and asset, various evaluation standards for quantitative value and qualitative evaluation. To settle an valuator´s subjectivity problem, we proposed $\beta$-distribution Delphi method.