• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.4
• /
• pp.127-132
• /
• 2014

Some laws and regulations may require internet service providers to provide services based on the age of users. Age verification in the online environment should be used as a tool to provide service that is appropriate to child based on age. Using the minimum attribute information, processes on age verification provides the proper guidance to the internet services. However, there is a lack of a globally accepted trust framework for age verification process including evaluation factors for age verification information. In this paper the federation model of user attributes were described and evaluation factors for the age verification information were suggested. Also using the suggested evaluation factors, performance evaluation of federation model of user evaluation was performed. To meet the requirements of evaluation factors, framework of federation model should consider the unlinkability pseudonym support, eavesdropping protection and cloning protection.

• The Journal of Information Technology
• /
• v.10 no.4
• /
• pp.85-93
• /
• 2007

RFID applied in many area. I think that RFID enlarge for our life more and more. The application technology of RFID change the Mobile RFID using mobile phone and PDF etc. I think, Mobile RFID enlarge application technology gradually. In this paper, we propose the quality measurement metrics for mobile RFID middleware. I propose the quality testing model for interoperability and security of mobile RFID middleware. We examine the international standard for mobile RFID and software testing. In this paper, I proposed the evaluation model of mobile RFID middleware on the basis of international standard ISO/IEC 9126-2 and ISO/IEC 25000 series.

• The Journal of the Korea Contents Association
• /
• v.10 no.8
• /
• pp.84-94
• /
• 2010

ESM can do and wishes to investigate ESM software field base technology and investigate ESM software technology, market, standard and evaluation certification trend and develop evaluation model of ESM software that it becomes foundation to protect ESM software effectively that develop quality evaluation model of ESM software in this research by integration security administration system that gather fire wall, IDS, VPN etc. various kind of security solution by one. That is, because reflecting requirement of ESM software, develop evaluation module and proposed evaluation example along with method of exam.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.687-704
• /
• 2017

As Korea's industrial competitiveness and technological prowess increase, collaboration and technical exchanges with contracting companies are increasing. In an environment where cooperation with the contracting company is unavoidable ordering companies are also striving to prevent leakage of technologies through various security systems, policy-making and security checks. However, although the contracting companies were assessed to have a high level of security management the leakage of technical datas are steadily increasing. Issues are being raised about the effectiveness of the security management assessment and the actual security management levels. Therefore, this study suggested a security management system model to improve security management efficiency in the general contract structure. To prove this, analyze the efficiency of 36 contractor companies for the technical datas security management system using the DEA model. The results of the analysis are reflected in the assessment results. Lastly, suggestions for improving the effectiveness of the technical datas security system are proposed.

• The KIPS Transactions:PartC
• /
• v.12C no.6 s.102
• /
• pp.817-826
• /
• 2005

BcN(Broadband convergence Network) is being developed in order to support a variety of network applications, with enhanced capabilities of QoS(Quality of Service) provisioning and security, and IPv6. In a high-speed network environment such as BcN, it if more likely for the network resources to be exposed to various intrusion activities. The propagation speed of intrusion is alto expected to be much faster than in the existing Internet In this paper, we present a multi-domain security management framework which my be used for a global intrusion detection at multiple domains of BcN and describe its characteristics. For the performance evaluation, we first present test results for the security node and compare with other products. Then we design and Implement an OPNET simulator for the proposed framework, and present some simulation results. In the simulation model, we focus on the performance of alert information in the security overlay network.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.117-120
• /
• 2002

이 논문에서는 전자상거래에서의 안전하고 신뢰할 수 있는 이용여건을 마련하기 위해 자율규제로 추진되고 있는 국내외 인터넷 평가모델에 대한 분석과 효율적인 전자상거래 인증· 평가모델을 제시한다.

• Journal of Multimedia Information System
• /
• v.6 no.4
• /
• pp.165-172
• /
• 2019

Machine-learning techniques have been actively employed to information security in recent years. Traditional rule-based security solutions are vulnerable to advanced attacks due to unpredictable behaviors and unknown vulnerabilities. By employing ML techniques, we are able to develop intrusion detection systems (IDS) based on anomaly detection instead of misuse detection. Moreover, threshold issues in anomaly detection can also be resolved through machine-learning. There are very few datasets for network intrusion detection compared to datasets for malicious code. KDD CUP 99 (KDD) is the most widely used dataset for the evaluation of IDS. Numerous studies on ML-based IDS have been using KDD or the upgraded versions of KDD. In this work, we develop an IDS model using CSE-CIC-IDS 2018, a dataset containing the most up-to-date common network attacks. We employ deep-learning techniques and develop a convolutional neural network (CNN) model for CSE-CIC-IDS 2018. We then evaluate its performance comparing with a recurrent neural network (RNN) model. Our experimental results show that the performance of our CNN model is higher than that of the RNN model when applied to CSE-CIC-IDS 2018 dataset. Furthermore, we suggest a way of improving the performance of our model.

• Journal of Korean Society of Disaster and Security
• /
• v.5 no.2
• /
• pp.43-48
• /
• 2012

As the major information communication infrastructure had been getting more important, 'Act on the Protection of Information and Communications Infrastructure'(APICI) was legislated in Korea 2001. Consequently, the major information system, nationwide monitering service systems and government administration operation & management systems have been registered and managed under the APICI. The authorized organizations related to above service and system, perform vulnerability analysis and evaluation for chief communication infrastructures by themselves or registered agencies. In this research, we propose an advanced model for vulnerability analysis and evaluation and apply it to the main information and communication infrastructures through the case study. We hope each related organization could apply this model for analysis and evaluation of vulnerability in these infrastructures.

• Journal of the military operations research society of Korea
• /
• v.27 no.1
• /
• pp.89-100
• /
• 2001

Information technology has been made remarkable progress and most of computer systems are connected with internet over the world. We have not only advantages to access them easy, but also disadvantages to misuse information, abuse, crack, and damage privacy. We should have safeguards to preserve confidentiality, integrity and availability for our information system. Even tough the security is very important for the defense information system, we should not over limit users availability. BS7799, a British standard, is an evaluation criteria for information security management. In this paper we propose an audit model to manage and audit information security using control items of BS7799, which could be useful to mange the defence information system security. We standardize audit items, and classify them by levels, and degrees by using appropriate audit techniques / methods / processes.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.10
• /
• pp.73-81
• /
• 2017

In this paper, we propose an analysis framework to capture the trends of information security incidents and evaluate the security policy based on the incident analysis. We build a big data from news media collecting security incidents news and policy news, identify key trends in information security from this, and present an analytical method for evaluating policies from the point of view of incidents. In more specific, we propose a network-based analysis model that allows us to easily identify the trends of information security incidents and policy at a glance, and a cosine similarity measure to find important events from incidents and policy announcements.