• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.1
• /
• pp.71-79
• /
• 2016

The main security threats in MANET are integrity and non-repudiation. In the meantime, a lot of secure routing protocols have been designed in order to block these security threats. In this paper, partnership-based authentication technique is proposed in order to provide participation exclusion of network and non-repudiation for the nodes. The proposed technique is a technique that participates in data communication for only the nodes receiving the authentication through the authentication process for the nodes. For this, the proposed technique is largely consists of two steps. The first step is the process that issued the certificate after the reliability for the nodes participating in the network is evaluated. And in the second step, the key exchange agreement with the neighbor nodes is performed and data communication is made after setting security path with responding nodes. The level of security in data transmission is improved because the process of path setting is performed through cooperation with a neighboring nodes having high reliability during the course of these two steps. The superiority of proposed technique in this paper was confirmed through the comparative experiment.

• Journal of the Korea Safety Management & Science
• /
• v.8 no.6
• /
• pp.91-108
• /
• 2006

RFID/USN is important infrastructure of the ubiquitous society. And so, It is various and practical research is attempted. These two base technology have physical characteristic and complement relationship. Like this relationship is applied Following example that is system research which manages warehouse stocks and conditions. First, We adhere RFID Tag at the Pallet of the warehouse and do identification goods. And then, It grasps the environment state information of stocks with sensor module which has Zigbee wireless communication function. From like this process RFID Tag information and jop-control command of sensor node also it is exposed to air. Therefore, We control sensor node in USN/RFID environment through the mobile device. And system design for the security Apply of the process is main purpose of this paper's. We propose the condition and function of the mobile device to the secondary. And We define the relation of the sensor node with RFID to be arranged to a warehouse. Finally, This paper is designed to find a trade-off of the following viewpoints. First, We offer suitable sensor-control information to a actual manager. Second, We offer RFID tag security approach to control the action of the sensor. Third, It increases the survivability of sensor node form.

• Korean Journal of Computational Design and Engineering
• /
• v.15 no.3
• /
• pp.204-211
• /
• 2010

Recently, business process management has become an important concept to define and execute business process. During the execution of the collaborative business processes defined by the consensus with manufacturing enterprises, a lot of variations can be occurred by various internal and external factors related to business. From this reason, manufacturing enterprises have tried to seek for a technology to define and execute the collaborative business process systematically under the dynamic situations approving process variation. This study defines the collaborative business process among manufacturing enterprises at first and proposes its execution technology under the dynamic situations. Here, the proposed execution technology includes the authority management of each process, sub-process, and activity for security, the forced execution of the incomplete process containing the undefined sub-process, the re-execution in a certain range of business process for correcting errors, and the dynamic selection of sub-process. Furthermore, this study implements a prototype system to check the validity of its application under the dynamic situations.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.4
• /
• pp.239-248
• /
• 2007

There's been a difficulty for general corporate to adopt recent incident response study because those studies focus on nation wide CERT Coordination Center or large organization aspect. This study is focus on study and design on security ticket based CERT system through analysis Security management's threat element, attack element, response element and it also help general corporate establish incident response process that is adjusted on IT operation. Confirmed CERT model's effectiveness and effect of quantitative Security incident management way that propose executing Security incident response experiment on the basis of this way. This study which provides general corporate oriented CERT model can be used to improve corporate's capability of responding incident by quantified management technique and select incident response SLA indicator. Already, formation which operate CERT can heighten corporation's information protection level by measure Security incident response result as metrical and analyze and improve problem continuously.

• KSCI Review
• /
• v.15 no.1
• /
• pp.141-150
• /
• 2007

There's been a difficulty for general corporate to adopt recent incident response study because those studies focus on nation wide CERT Coordination Center or large organization aspect. This study is focus on study and design on security ticket based CERT system through analysis Security management's threat element, attack element. response element and it also help general corporate establish incident response process that is adjusted on IT operation. Confirmed CERT model's effectiveness and effect of quantitative Security incident management wav that propose executing Security incident response experiment on the basis of this way. This study which Provides general corporate oriented CERT model can be used to improve corporate's capability of responding incident by quantified management technique and select incident response SLA indicator. Already, formation which operate CERT can heighten corporation's information protection level by measure Security incident response result as metrical and analyze and improve problem continuously.

• International Journal of Computer Science & Network Security
• /
• v.23 no.6
• /
• pp.77-83
• /
• 2023

This research is conducted to minimize the potential security risks of conducting online exams to an acceptable level as vulnerabilities and threats to this type of exam are presented. This paper provides a general structure for the risk management process and some recommendations for increasing the level of security.

• International Journal of Computer Science & Network Security
• /
• v.24 no.5
• /
• pp.73-78
• /
• 2024

COVID-19 pandemic outbreak increased the use of Internet of Medical Things (IoMT), but the existing IoMT solutions are not free from attacks. This paper proposes a secure and resilient framework for IoMT, it computes the risk using Risk Impact Parameters (RIP) and Risk is also calculated based upon the Threat Events in the Internet of Medical Things (IoMT). UICC (Universal Integrated Circuit Card) and TPM (Trusted Platform Module) are used to ensure security in IoMT. PILAR Risk Management Tool is used to perform qualitative and quantitative risk analysis. It is designed to support the risk management process along long periods, providing incremental analysis as the safeguards improve.

• Journal of Advanced Navigation Technology
• /
• v.12 no.6
• /
• pp.673-680
• /
• 2008

Multimedia system security can be categorized into groups such as protection of multimedia asset itself and protection of multimedia systems which can process multimedia asset. Divided consideration for these two factors will not hurt the importance of security management. In this paper, managing practices for keeping security level of multimedia systems are induced and categorized.

• Convergence Security Journal
• /
• v.3 no.1
• /
• pp.85-94
• /
• 2003

The Configuration management process is to establish and maintain the integrity of all the work products of a process or project. This paper discusses the similarities and differences between ISO/IEC 12207 and ISO/IEC 15846. The most widely used models for software process assesment, ISO/IEC 15504, CMM and CMMI can rate maturity of processes. We analyze and compare the practices for measuring Configuration process and propose metric for quantitative measure.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.817-838
• /
• 2014

Test environment on the company that handles a large amount of data such as telecommunications companies and financial institutions, may not always be the same as the production environment, which is caused by conversion of important columns about information and limitation of storage capacity due to the construction cost. Therefore, SQL performance degradation that occurs when the test and production environments are not the same, which is an important cause of connecting to the unexpected failures of online transactions, and it generates financial loss of business, customer complaints, a decrease in reliability. In studies related SQL performance, it has so far been conducted mainly studies of tuning associated with DBMS Optimizer, and it has not been addressed issues of this sector. Therefore, in this paper, I verify the validity about presentation of the advanced SQL Performance-based IT application change management process, in order to prevent failures of the online transactions associated with poor performance of SQL generated by differences in test and production environments.