• Journal of Advanced Navigation Technology
• /
• v.15 no.6
• /
• pp.1098-1103
• /
• 2011

In spite of many advantages of cloud computing, security concerns are a barrier in users' adopting the cloud service. In this paper, we evaluate relative priorities between security attributes of ISO 7498-2 standards affecting overall security quality in cloud computing. For an objective evaluation, the fuzzy AHP(Analytic hierarchical process) is applied. The evaluation results represented the relative priority with concrete number can be an effective management method to choose and develop the cloud computing service.

• Journal of Families and Better Life
• /
• v.31 no.6
• /
• pp.39-51
• /
• 2013

Because of the increasing demand for day care centers, The Korean government has enforced childcare accreditation. The government has created the evaluation certification system for child care facilities. But the system includes variable items, and the physical rules are not sufficient for ensuring security and quality amenities. So this study, through literature search, examined the rules of Child Care Centers in the U.S. and compared them with those in Korea focusing on the provision of security and amenities. The standards found in 4 U.S. states were investigated, and the results are as follows. The rule pertaining to the size of indoor activity spaces in C.C.C. allows the spaces to be smaller in Korea than in the U.S. There is no specific criterion for infants and toddlers in our standard. When comparing the standards of Korea with those of the United States, Korea's standards do not state specific rules about child care facilities such as indoor furniture, finishes and space planning. Additionally, the binding force ensuring compliance with the standards of physical facilities is weak. Thus, the ratings of child care standards for the physical environment should be presented in detail. And if a center does not comply with the criteria, stronger penalties will have to be imposed.

• Convergence Security Journal
• /
• v.6 no.4
• /
• pp.101-112
• /
• 2006

It will not be able to guarantee the secure operation for the information and communication systems with only technical security. So, ISMS(Information Security Management System) research and standardization are active going on. Korea published "The national cyber security management regulation" and "The national cyber security manual" in 2005. According to the regulation and manual, the government organ and public institution must accomplish the security management assessment to itself for systematic management of an information security. We studied related standards and security management systems of the Australia and the USA, and analyzed the security management evaluation system in "The national cyber security manual" in efficient security management focus. We presented the improvement direction of national security evaluation system through the research. We propose the additional control, selective control set and improvement of the evaluation process for efficient security management. Proposed system possible composition of suitable to each organ and flexible adaptation of rapidly changed information environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.547-560
• /
• 2014

Smart Grid, which maximize the efficiency of energic utilization by applying Information and Communication Technology to Power Grid, requires high availability. Attacks, such as DDoS, which cause suspension of service and lead to social disruptions have recently been increasing so that systematic management over availability becomes more important. In this paper, we presents a new evaluation criteria of Korean Smart Grid by comparing availability assessment items of international standards specified in management system and then overcome the limitations of availability evaluation of existing information security management system.

• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.9-17
• /
• 2021

Numerous IoT devices are connected to a wireless network environment to collect and transmit data without time and space limitations, but many security vulnerabilities are exposed in these process. But IoT security is not easy to create feasible security standards and device authentication due to differences in the approach or implementation of devices and networks. However, it is clear that the improvement and application of the standard framework for enhancing the security level of the device is the starting point to help the most successful security effect. In this study, we investigate the confidentiality, integrity, availability, and access control implementation plans for IoT devices (which are the basic goals of information security), and standardized security evaluation criteria for IoT devices, and study ways to improve them.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.463-471
• /
• 2021

Since 2016, National Institute of Standards and Technology (NIST) has been conducting a post quantum cryptography standardization project in preparation for a quantum computing environment. Three rounds are currently in progress, and most of the candidates (5/7) are lattice-based. Lattice-based post quantum cryptography is evaluated to be applicable even in an embedded environment where resources are limited by providing efficient operation processing and appropriate key length. Among them, SABER KEM provides the efficient modulus and Toom-Cook to process polynomial multiplication with computation-intensive tasks. In this paper, we present the optimized implementation of evaluation and interpolation in Toom-Cook algorithm of SABER utilizing ARM/NEON in ARMv8-A platform. In the evaluation process, we propose an efficient interleaving method of ARM/NEON, and in the interpolation process, we introduce an optimized implementation methodology applicable in various embedded environments. As a result, the proposed implementation achieved 3.5 times faster performance in the evaluation process and 5 times faster in the interpolation process than the previous reference implementation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1375-1391
• /
• 2012

Smart grid is a next-generation intelligent power grid that applying ICT to power grid to maximize the energy efficiency ratio. Recently, technologies and standards for smart grid are being developed around the world. Information security which is an essential part of smart grid development has to be managed continuously. Information security management system certification for organizational risk management has been implemented in Korea. Although preparation for information security management system certification which is applicable to smart grid is considered, there are no specific methods. This paper is to propose core and added evaluation criteria for Korean smart grid based on K-ISMS through comparative analysis between ISMS operated in Korea and smart grid information security management system developed in the United States. Added evaluation criteria enable smart grid related business that certified existing ISMS to minimize redundant and unnecessary certification assessment work.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.55-64
• /
• 2021

In the last few years, the massive development in wireless networks, high internet speeds and improvement in car manufacturing has shifted research focus to Vehicular Ad-HOC Networks (VANETs). Consequently, many related frameworks are explored, and it is found that security is the primary issue for VANETs. Despite that, a small number of research studies have taken into consideration the identification of performance standards and parameters. In this paper, VANET security frameworks are explored, studied and analysed which resulted in the identification of a list of performance evaluation parameters. These parameters are defined and categorized based on the nature of parameter (security or general context). These parameters are identified to be used by future researchers to evaluate their proposed VANET security frameworks. The implementation paradigms of security frameworks are also identified, which revealed that almost all research studies used simulation for implementation and testing. The simulators used in the simulation processes are also analysed. The results of this study showed that most of the surveyed studies used NS-2 simulator with a percentage of 54.4%. The type of scenario (urban, highway, rural) is also evaluated and it is found that 50% studies used highway urban scenario in simulation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1133-1143
• /
• 2012

Currently, Many Cyber Security Centers(CSC) are established and being operated in our country. But, in the absence of indicators to evaluate activities of the Managed Security Service(MSS), We can't identify the CSC's level of overall job performance. Therefore, we can't derive strengths and weaknesses from the CSC. From these reasons, The purpose of this research is to develop an objective indicator to evaluate activities of the MSS. I studied both international and domestic Information Security Management System(ISMS) as related standards(ISO/IEC 27001, G-ISMS). Moreover, I analysed the NIST Computer Security Incident Handing Guide and the Incident Management Capability Metrics(IMCM) of Carnegie Mellon Software Engineering Institute(SEI). The implications for this analysis and domestic hands-on experience are reflected in the research. So I developed 10 evaluation domains and 62 detail evaluation items. This research will contribute to our understanding the level of the CSC's job performance.

• Journal of Advanced Navigation Technology
• /
• v.12 no.4
• /
• pp.384-391
• /
• 2008

These days, along with the information society, the value of information has emerged as a powerful factor for a company's development and sustainability, and therefore, the importance of the Information Security and Management System (ISMS) has emerged and become an integral part of all areas of business. In this paper, ISMS evaluation methods from around the world are compared and analyzed with the standards of various management guidelines, definitions, management of threats and vulnerability, approaches to result calculations, and the evaluation calculation indexes for domestic to propose the best method to evaluate the Information Security Management System that will fit the domestic environment.