• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.181-192
• /
• 2017

Internet of Things includes the whole process of collected information generated from a variety of objects, as well as analyzing and sharing it, and providing useful information services to people. This study seeks ways to improve security and safety in the areas of service security technology, ID management technology and service access control, all of which take place in the IoT environment. We have implemented the services that can design and issue C&C (Certificate and Capability) service token authentication, which is based on a public key, to improve the service security. In addition, we suggest LCRS (Left Child-Right Sibling) resource model management for the efficient control of resources when generating the resource services from the data collected from node devices. We also implemented an IoT services platform to manage URL security of the resource services and perform access control for services.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1181-1191
• /
• 2021

The pandemic has rapidly developed a non-face-to-face environment. However, the sudden transition to a non-face-to-face environment has led to new security issues in various areas. One of the new security issues is the security threat of insiders, and the zero trust security model is drawing attention again as a technology to defend against it.. Software Defined Perimeter (SDP) technology consists of various security factors, of which device validation is a technology that can realize zerotrust by monitoring insider usage behavior. But the current SDP specification does not provide a technology that can perform device validation.. Therefore, this paper proposes a device validation technology using SVDD-based abnormal behavior detection technology through user behavior monitoring in an SDP environment and presents a way to perform the device validation technology in the SDP environment by conducting performance evaluation.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.04a
• /
• pp.328-330
• /
• 2004

현재 CC는 하나의 제품으로 이루어진 단일 TOE(Target of Evaluation)를 기준으로 작성된 것이며, 여러 제품으로 이루어진 시스템에 대해서는 다루고 있지 않다. 또한 국ㆍ내외적으로 정보보호제품 분류체계가 서로 달라 표준화가 이루어져야 한다. 이에 본 논문에서는 CC기반 통합제품의 산출 모델 및 평가업무량 알고리즘을 제시하고, 환경에 따른 표준화된 정보보호제품 분류체계를 제시한다.

• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.3-9
• /
• 2022

Recently, as the environment of the 4th industrial revolution has arrived, the opening, sharing and convergence of data are actively being achieved in any organization. However, the opening and sharing of data inevitably leads to security vulnerability and there is ambivalence that is a threat that can affect the existence of an organization operated in the 4th industrial revolution environment. Especially security issues in the organization of the military can be a threat to the state, not the military itself, so it is always necessary to maintain a high level of security discipline. In this paper, 14 variables were selected through structural equation model applying theory of planned behavior, deterrence and protection motivation to find out the security level development measures by extracting factors that can affect security level. As a result, the theory of planned behavior that the security knowledge embodied through the usual security regulation education and evaluation affects the behavior was adopted, and the theory of deterrence and protection motivation showed the significance of the rejection level. In addition, it was confirmed that the variables that have the greatest impact on the military security level through the measured values of the three-year security audit were commanders and mental security. In conclusion, in order to improve the security level, it is suggested that security education, definite reward and punishment, and security system upgrading should be firmly established and mental security posture should be secured.

• Journal of Digital Contents Society
• /
• v.10 no.1
• /
• pp.129-145
• /
• 2009

As the secure distribution and sharing of information over the World Wide Web becomes increasingly important, the needs for flexible and efficient support of access control systems naturally arise. Since the eXtensible Markup Language (XML) is emerging as the de-facto standard format of the Internet era for storing and exchanging information, there have been recently, many proposals to extend the XML model to incorporate security aspects. To the lesser or greater extent, however, such proposals neglect the fact that the data for XML documents will most likely reside in relational databases, and consequently do not utilize various security models proposed for and implemented in relational databases. In this paper, we take a rather different approach. We explore how to support security models for XML documents by leveraging on techniques developed for relational databases considering object perspective. More specifically, in our approach, (1) Users make XML queries against the given XML view/schema, (2) Access controls for XML data are specified in the relational database, (3) Data are stored in relational databases, (4) Security check and query evaluation are also done in relational databases, and (5) Controlling access control is executed considering XML tree levels

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.637-651
• /
• 2017

In order for a financial company to collect personal information, it explicitly notifies consumers of the contents stipulated by law and gets consent beforehand. As a result, as financial products became more complicated and diverse, and the contents of 'Consent form for providing personal information' became more complicated and more. In particular, in the case of internet or mobile, the letter became smaller as the screen size limit, making it more difficult to understand. This is because almost all companies that collecting personal information are in a similar situation, In the position of consumers who use services are, contradictions arise that habitually agree without understanding the consent contents. In this research, in order to present a consent policy establishment decision-making model to rationally collect and use personal information through the Internet website of financial companies, consider the domestic and foreign legal system Then, derive a problem To present improvement measures. In addition, the evaluation factors selected through the research are verified by presenting decision making models and formulas using AHP (Analytic Hierarchy Process) method.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.97-105
• /
• 2022

This paper explains trends in security technologies for ICS. Since ICS is usually applied to large-scale national main infrastructures and industry fields, minor errors caused by cyberattack could generate enormous economic cost. ICS has different characteristic with commonly used IT systems, so considering security threats of ICS separately with IT is needed for developing modern security technology. This paper introduce framework for ICS that analyzes recent cyberattack tactics & techniques and find out trends in Intrusion Detection System (IDS) which is representative technology for ICS security, and analyzes AI technologies used for IDS. Specifically, this paper explains data collection and analysis for applying AI techniques, AI models, techniques for evaluating AI Model.

• Journal of the Korea Society for Simulation
• /
• v.8 no.3
• /
• pp.105-121
• /
• 1999

Computer security is considered important due to the side effect generated from the expansion of computer network and rapid increase of the use of computers. Intrusion Detection System(IDS) has been an active research area to reduce the risk from intruders. We propose a new IDS model, which consists of several computers with IDS, based on the immune system model and describe the design of the IDS model and the prototype implementation of it for feasibility testing and evaluate the performance of the IDS in the aspect of detection time, detection accuracy, diversity which is feature of immune system, and system overhead. The IDSs are distributed and if any of distributed IDSs detect anomaly system call among system call sequences generated by a privilege process, the anomaly system call can be dynamically shared with other IDSs. This makes the IDSs improve the ability of immunity for new intruders.

• Journal of the Semiconductor & Display Technology
• /
• v.23 no.1
• /
• pp.7-11
• /
• 2024

In the era of the 4th Industrial Revolution, new technologies such as artificial intelligence, big data, cloud, Internet of Things, and blockchain are being developed and applied to new industries. Blockchain has the characteristics of decentralization, security, and transparency, so it can serve as a core technology for developing new growth industries. Blockchain is provided as BaaS (Blockchain as a Service), but it is not easy for users who are introducing or building blockchain to choose BaaS. In this study, we identify evaluation factors and develop a decision-making model using fuzzy theory and AHP for BaaS selection. Eventually we aim to help companies choose the best BaaS and develop and commercialize blockchain-based services by developing a new decision-making model for BaaS selection.

• Proceedings of the KAIS Fall Conference
• /
• 2009.12a
• /
• pp.578-581
• /
• 2009

본 논문에서는 통합보안관리 시스템에 대해서 주요 기능을 분석하고 시장동향을 조사하였으며, 기존의 소프트웨어 품질 평가 기술 및 표준화에 관한 연구를 추진하고, 통합보안관리 시스템의 보안성 품질 평가 모델을 개발하였다. 본 연구를 통하여 도출된 통합보안관리 시스템의 보안성 품질 평가 모델을 통하여 통합보안관리 시스템의 품질을 향상시키는데 중요한 역할을 할 것으로 본다.