• Journal of Korea Society of Industrial Information Systems
• /
• v.15 no.4
• /
• pp.53-60
• /
• 2010

Biometrics are methods of recognizing a person based on the physiological or behavioral characteristics of his of her body. They are highly secure with little risk of loss or falsification by others. This paper has designed and implemented a security system of biometrics by precisely measuring heartbeat signals at two fingertips and using a photoplethysmogram, which is applicable to biometrics. A performance evaluation has led to the following result. The security system of biometrics for personal authentication which has been designed and implemented by this study has achieved a recognition rate of 90.5%. The security system of biometrics suggested here has merits of time saving and easy accessibility. The system is touch-based and collects the necessary biometrics information by simply touching the machine with fingers, so anyone can utilize the system without any difficulty.

• Journal of KIISE:Computing Practices and Letters
• /
• v.9 no.3
• /
• pp.311-321
• /
• 2003

A current firewall or IDS (intrusion detection system) of the network level suffers from many vulnerabilities in internal computing servers. For a secure Linux implementation using system call hooking, this paper defines two requirements such as the multi-level security function of TCSEC B1 and a prevention of hacking attacks. This paper evaluates the secure Linux implemented in terms of the mandatory access control, anti-hacking and performance overhead, and thus shows the security, stability and availability of the multi-level secure Linux. At the kernel level this system protects various hacking attacks such as using Setuid programs, inserting back-door and via-attacks. The performance degradation is an average 1.18% less than other secure OS product.

• Journal of the Institute of Electronics Engineers of Korea SC
• /
• v.42 no.4 s.304
• /
• pp.35-44
• /
• 2005

Face recognition out of biometrics is considerable interesting due to high performance and accessibility in applications to security such as access control and banking service. Therefore, a study on the protocol of the performance test is an important issue to understand the art-of state and to show a direction in future works, in addtion to developing algorithms. We present a design criterion for the performance test protocol of face recognition system and show the result of experiment executed on identification and verification scenario based on PCA algorithm and XM2VTS DB

• The Journal of Information Technology
• /
• v.9 no.3
• /
• pp.1-14
• /
• 2006

China has recently (28 August 2004) adopted a new act legalizing the electronic signature. This new act provides electronic signatures with the same legal status as handwritten signatures, and states that on-line certification providers will have to be created in order to ensure the security of on-line operations made using said signatures. This new act is intended to increase Chinese electronic business, and thus to raise the revenue China can expect from said business. And the law grants electronic signatures the same legal effect as handwritten signatures and seals in business transactions, and sets up the market access system for online certification providers to ensure the security of e-commerce. As Internet trade requires a reliable third party to identify the signers, the credibility of online certifying organizations is significant for the transaction security. So, considering the weakness of China's social credibility system, the law regulates that the online signatures certification providers should be approved and administered by governments.

• Proceedings of the KSR Conference
• /
• 2008.06a
• /
• pp.343-352
• /
• 2008

Safety-critical systems related to the railway communications are currently undergoing changes. Mechanical and electro-mechanical devices are being replaced by programmable electronics that are often controlled remotely via communication networks. Therefore designers and operators now not only have to contend with component failures and user errors, but also with the possibility that malicious entities are seeking to disrupt the services provided by theirs systems. Recognizing the safety-critical nature of the types of communications required in rail control operations, the communications infrastructure will be required to meet a number of safety requirements such as system faults, user errors and the robustness in the presence of malicious attackers who are willing to take determined action to interfere in the correct operation of a system. This paper discusses the safety strategies employed in the railway communications and proposes a security mechanism for Korean railway communication system. We present the developed communication safety evaluation tool based on the proposed security mechanism and also evaluate its protecting capability against the threats of masquerading, eavesdropping, and unauthorized message manipulation.

• Proceedings of the IEEK Conference
• /
• 2005.11a
• /
• pp.1035-1038
• /
• 2005

This paper describes the designs and the implementations of two H/W IPSec Systems, look-aside and inline, on TOE (Transport Offloading Engine). These systems aim for guaranteeing the security of datagram networks while preserving the bandwidth of gigabit networks. The TOE offloads a host CPU from network burdens, so that it makes the gigabit wire speed possible, and then deeper level security architecture of the IPSec guarantees the security of gigabit service network dominated by datagram packets. The focus of this paper is to minimize the TOE's performance degradation caused by the computation-oriented IPSec. The look-aside IPSec system provides a significant improvement in the CPU offload of the IPSec cryptography loads. However, the inline system completely offloads the host CPU from whole IPSec loads, providing significant additional cost saving compared to the look-aside system. In this paper, the implementations of TOE cards including commercial IPSec processors are presented. As the result of performance evaluation with the protocol analyzer, we can get the fact that the inline IPSec system is 8 times faster than the S/W system and 2 times faster than the look-aside system.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.119-126
• /
• 2021

The study develops methodological aspects for modeling the determining impact of modernization on the enterprise's economic security in development competitive conditions using the model of speed, stability and spaciousness of modernization. Modeling the determining impact of modernization on the enterprise's economic security in a competitive conditions involves: firstly, the formation of estimated modeling indicators in accordance with the speed, stability and spaciousness of the enterprise's modernization; secondly, establishing the weight of indicators in the assessment system using the tools of cognitive judgment; thirdly, the establishment of reference values of sound evaluation indicators; fourthly, the calculations of the integrated impact assessment of the modernization's determining impact modeling on the enterprise's ensuring economic security in a competitive conditions; fifthly, conducting calculations and analytical summarization of the results. To determine a comprehensive integrated indicator of the modernization changes impact on the competitiveness and economic security of enterprises, we use the correlation method of the calculated value with the reference value, as well as use weights for groups of calculations. Approbation of modeling of determining influence of modernization on maintenance of economic safety of the enterprise in competitive conditions of development by authors was carried out concerning such enterprises, as: JSC "Ukrzaliznytsia", SE "Ukraerorukh", SE IA "Boryspil", SE "Ukrposhta", KP "Kyivpastrans".

• Convergence Security Journal
• /
• v.14 no.4
• /
• pp.55-60
• /
• 2014

In this study, we propose a cryptographic module quality evaluation system referenced by ISO/IEC 9000 quality system with Quality, Quality Factor, Quality Subfactor, Metric. Practical application process encryption algorithm based on the encryption algorithm to encrypt the pros and cons valuation of diagnosis, point selection algorithm, analysis, and quality items(quality factor), eliciting constraints derived, such as the cryptographic module design quality evaluation system is set to step 5. The five steps are examples of field-based diagnostic tool for cryptographic operations, the most essential work to be done in order to derive one will work. 2-Factor encryption module for connection between indicator items(quality factor) to identify and ensure the quality of the item the constraints of the environment are two kinds of cryptographic operations. This study is an encryption module and a practical field application system, it presents the standardized model. We have to meet the rapid changes in information technology. The environment, development and the encryption algorithm applied to model a wide variety of on-site development encryption will be able to expect the efficiency.

• Convergence Security Journal
• /
• v.22 no.5
• /
• pp.135-143
• /
• 2022

The defense environment is rapidly changing, such as nuclear and missile threats of North Korea, changes in war patterns, and a decrease in military service resources due to low birth rate. In order to actively respond to these changes, the Korean military is promoting Defense Innovation 4.0 and is trying to foster an army armed with high technology such as artificial intelligence (AI), big data analysis, etc. In this regard, we analyze the effectiveness of the radar-based AI scientific guard system applied by high technology for guard operations using Analytic Hierarchy Process (AHP). We first select evaluation factors that can assess the effectiveness of the scientific guard system, and analyze its relative importance. Each evaluation factor was selected by deriving a significant concept from operating principle and how they work, and by consulting experts on the correlation between each factor and effectiveness of the scientific guard system. We examine the relative effects of the radar-based AI scientific guard system and existing scientific guard system based on the importance of the evaluation factors.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.131-139
• /
• 2007

Vulnerability analysis helps to remove discriminating vulnerabilities that exist in various equipment that composes operating information system. It is possible to explain representation and exclusion method about vulnerabilities of each equipment by vulnerability analysis. But it is difficult to display the weakness of whole information system. To do this, analyst synthesizes several information that achieved by vulnerability analysis. But the existing method does not provide fair evaluation because operators' personal opinion. In this paper, we explain about method that unites discriminatively vulnerable point and expresses whole weakness degree in numerical value by equipment, by system class, or by overall system.