• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.135-141
• /
• 2008

The risk enlargement of cyber infringement and hacking is one of the latest hot issues. To solve the problem, the research for Security Risk Analysis, one of Information Security Technique, has been activating. However, the evaluation for Security Risk Analysis has many burdens; evaluation cost, long period of the performing time, participants’ working delay, countermeasure cost, Security Management cost, etc. In addition, pre-existing methods have only treated Analyzing Standard and Analyzing Method, even though their scale is so large that seems like a project. the Analyzing Method have no option but to include assessors’ projective opinion due to the mixture using that both qualitative and quantitative method are used for. Consequently, in this paper, we propose the Security Risk Analysis Methodology which manage the quantitative evaluation as a project and use Case-Based Reasoning Algorithm for define the period of the performing time and for select participants.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.843-853
• /
• 2017

In the case of electronic payment, the obligation to use the certificate-based authentication was abolished. As Fin-tech service providers gain autonomy, various authentication methods are provided. SMS, ARS, PIN, Text-passwords, Fingerprints are popular authentication methods in the mobile Fin-tech services. In this study evaluate the usability and security of authentication methods in a unified mobile environment. We evaluate the usability through SUS and interview. Also we evaluate the security level of authentication methods through NIST guideline. At the result of the usability evaluation, Fingerprint authentication method had been determined as the highest usability, also Fingerprint authentication method had been determined as the safest authentication method by obtaining Security Level 4.

• Convergence Security Journal
• /
• v.5 no.3
• /
• pp.67-73
• /
• 2005

Security requirements must be defined well to reduce software vulnerabilities in requirement specification phase. In this paper, we show how to specify security requirements in structured manner for object-oriented development methodology. Our method specifies security requirements through four phases: defining security objectives, identifying the threat, construct attack tree, and specifying security function. This method would help developers to specify security requirements and functions which software have to possess clearly and systematically.

• Journal of Information Processing Systems
• /
• v.14 no.3
• /
• pp.740-750
• /
• 2018

There are a great number of Internet-connected devices and their information can be acquired through an Internet-wide scanning tool. By associating device information with publicly known security vulnerabilities, security experts are able to determine whether a particular device is vulnerable. Currently, the identification of the device information and its related vulnerabilities is manually carried out. It is necessary to automate the process to identify a huge number of Internet-connected devices in order to analyze more than one hundred thousand security vulnerabilities. In this paper, we propose a method of automatically generating device information in the Common Platform Enumeration (CPE) format from banner text to discover potentially weak devices having the Common Vulnerabilities Exposures (CVE) vulnerability. We demonstrated that our proposed method can distinguish as much adequate CPE information as possible in the service banner.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.463-472
• /
• 2012

This paper propose a security method that performs mutual authentication between the SIP UA and the server, check for integrity of the signaling channel and protection of SDP information for VoIP using a One-Time Password. To solve the vulnerability of existing HTTP Digest authentication scheme in SIP, Various SIP Authentication schemes have been proposed. But, these schemes can't meet security requirements of SIP or require expensive cryptographic operations. Proposed method uses OTP that only uses hash function and is updated each authentication. So Proposed method do not require expensive cryptographic operations but performs user authentication efficiently and safely than existing methods. In addition, Proposed method verifies the integrity of the SIP messages and performs SDP encryption/decryption through OTP that used for user authentication. So Proposed method can reduce communication overhead when applying S/MIME or TLS.

• Journal of Advanced Navigation Technology
• /
• v.11 no.1
• /
• pp.79-86
• /
• 2007

In recent, one of the interesting research areas is about quality of network system. Therefore many research centers including ISO are preparing the measuring and evaluating method for network quality. This study will represent an evaluating model for network security based on checklist. In addition, we propose an measuring and evaluating method for network performance. The purpose of two studies is to present the evaluating procedure and method for measuring security of network on set workwill be identified and a measuring method and procedure will be proposed.

• International journal of advanced smart convergence
• /
• v.1 no.2
• /
• pp.39-42
• /
• 2012

This paper proposed a method that detects emergency situations in a video stream using MHI (Motion History Image) and template matching for a video-based intelligent security system. The proposed method creates a MHI of each human object through image processing technique such as background removing based on GMM (Gaussian Mixture Model), labeling and accumulating the foreground images, then the obtained MHI is compared with the existing MHI templates for detecting an emergency situation. To evaluate the proposed emergency detection method, a set of experiments on the dataset of video clips captured from a security camera has been conducted. And we successfully detected emergency situations using the proposed method. In addition, the implemented system also provides MMS (Multimedia Message Service) so that a security manager can deal with the emergency situation appropriately.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.4
• /
• pp.737-744
• /
• 2007

It need estimation model who is efficient and estimate correctly organization's information security level to achieve effectively organization's information security target. Also, estimate class information security level for this and need reformable estimation indicator or standard and estimation methodology of information security systems that application is possible should be studied in our country. Therefore many research centers including ISO are preparing the measuring and evaluating method for network duality. This study will represent an evaluating model for network security based on checklist. In addition, we propose ah measuring and evaluating method for network performance. The purpose of two studies is to present the evaluating procedure and method for measuring security of network on set workwill be identified and a measuring method and procedure will be proposed.

• ETRI Journal
• /
• v.29 no.3
• /
• pp.399-401
• /
• 2007

With a growing emphasis on human identification, iris recognition has recently received increasing attention. Iris recognition includes eye imaging, iris segmentation, verification, and so on. In this letter, we propose a novel and efficient iris recognition method which employs a cumulative-sum-based grey change analysis. Experimental results demonstrate that the proposed method can be used for human identification in efficient manner.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.6
• /
• pp.1599-1618
• /
• 2024

Access control has always been one of the effective methods to protect data security. However, in new computing environments such as big data, data resources have the characteristics of distributed cross-domain sharing, massive and dynamic. Traditional access control mechanisms are difficult to meet the security needs. This paper proposes CACM-MMSR to solve distributed cross-domain access control problem for massive resources. The method uses blockchain and smart contracts as a link between different security domains. A permission decision model migration method based on access control logs is designed. It can realize the migration of historical policy to solve the problems of access control heterogeneity among different security domains and the updating of the old and new policies in the same security domain. Meanwhile, a semantic reasoning-based permission decision method for unstructured text data is designed. It can achieve a flexible permission decision by similarity thresholding. Experimental results show that the proposed method can reduce the decision time cost of distributed access control to less than 28.7% of a single node. The permission decision model migration method has a high decision accuracy of 97.4%. The semantic reasoning-based permission decision method is optimal to other reference methods in vectorization and index time cost.