• Title/Summary/Keyword: Security Test

Search Result 1,277, Processing Time 0.035 seconds

Design of Security Management System

  • Kim Seok-Soo;Soh Woo-Young
    • International Journal of Contents
    • /
    • v.1 no.2
    • /
    • pp.22-25
    • /
    • 2005
  • Enterprise security management system: Enterprise Security Management (EMS) is centralized integrated management of other kind of security solutions such as intrusion cutoff system, intrusion detection system and virtual private network. With the system, it is possible to establish security policies for entire IT system through interlocking of solutions. A security system of company network is progressing as a ESM(Enterprise Security Management) in existing security solution foundation. The establishment of the security policy is occupying very important area in ESM of the security system. We tried to analyze existing ESM system for this and designed security solution structure for enhancing the inside security. We applied implementing directly IDS system and tested. This test set the focus about inside security

  • PDF

The Impact of Organizational Information Security Climate on Employees' Information Security Participation Behavior (조직의 정보보안 분위기가 조직 구성원의 정보보안 참여 행동에 미치는 영향)

  • Park, Jaeyoung;Kim, Beomsoo
    • The Journal of Information Systems
    • /
    • v.29 no.4
    • /
    • pp.57-76
    • /
    • 2020
  • Purpose Although examining the antecedents of employees' extra-role behavior (i.e. information security participation behavior) in the information security context is significant for researchers and practitioners, most behavioral security studies have focused on employees' in-role behavior (i.e. information security policy compliance). Thus, this research addresses this gap by investigating how organizational information security climate influences information security participation behavior based on social information processing theory and Griffin and Neal's safety model. Design/methodology/approach We developed a research model by applying Griffin and Neal's safety model to the information security context and then tested our research model by conducting an online survey for employees of organizations with information security policies. Structural equation modeling (SEM) with SmartPLS 3.3.2 is used to test the corresponding hypothesis. Findings Our results show that organizational information security climate, information security knowledge, information security motivation are effective in motivating information security participation behavior. Also, we find that organizational information security climate positively influences both information security knowledge and information security motivation. Our findings emphasize the importance of organizational information security climate because it is capable of affecting employees on information security participation behavior. Our study contributes to the literature on information security by exploring the role of organizational information security climate in enhancing employees' information security participation behavior.

Design and Implementation of App Control System for Improving the Security of the Mobile Application (모바일 애플리케이션의 보안성 향상을 위한 App 제어 시스템 설계 및 구현)

  • Lee, Yu-Jun;Jang, Young-Hwan;Park, Seok-Cheon
    • The Journal of the Korea Contents Association
    • /
    • v.16 no.2
    • /
    • pp.243-250
    • /
    • 2016
  • Recently, with the rise of the mobile device, from mobile devices the user who owns the security, speed up the implementation of the guarantee management environment as businesses and individual equipment for the effcient management of the existing system, but the introduction of the MDM MDM App management features administrators to register the App until you can't prvent the security threat. Therefore, this paper addresses these issues in order to improve the security of your application for the control system. The proposed system is a function of the MDM authentication technology to design analysis, and system architecture to help prevent information disclosure within the design and implementation of Mobile-based application control system. Implementation of the control system to assess the security of the international common criteria security evaluation complete the test scenarios on the basis of the test items. An average of 40% of the test results to verify the results of this enhanced security.

Application Methodology of XML Test Assertion for BioAPI Standard Conformance Tests in Distributed Environment (분산 환경에서의 생체인증 API 표준 적합성을 위한 XML Test Assertion 적용 방안)

  • Son, Min-Woo;Kim, Yong-Chai;Shin, Dong-Il;Shin, Dong-Kyoo;Sin, Yong-Nyeo;Kim, Jae-Seong
    • 한국IT서비스학회:학술대회논문집
    • /
    • 2007.11a
    • /
    • pp.562-567
    • /
    • 2007
  • 분산 환경에서 신분 확인을 위한 생체인증기기가 이용되는 경우 그 기기가 생체인증 표준인 BioAPI를 준용하여 제대로 구현된 것인가에 대한 적합성 시험이 필요하게 된다. 이러한 적합성 시험은 분산 환경의 사용자 및 서비스 제공자에게 표준 규격을 준용한 제품이라는 신뢰성을 주게 된다. 기존에 제공되는 있는 BioAPI(Biometric Application Programming Interface) v2.0 기반의 BSP(Biometric Service Provider)는 오프라인 상에서 BioAPI기반의 제품의 준용 여부만을 평가하기 때문에 분산 환경에서 여러 사람이 동시에 준용 여부를 평가 받기 힘들며 이에 따른 동시 서비스 제공도 불가능하다. 본 논문에서는 BioAPI v2.0 기반의 제품들이 분산 환경에서 제공되는 9개 모델의 표준화된 환경으로 구분하고, 원활한 적합성 시험을 위하여 XML기반의 Test Assertion을 설계하여 생체인증 API 표준 적합성을 시험하였다. XML Test Assertion을 이용한 생체인증 적합성 시험을 위한 메시지 플로우를 밝혀 그 타당성을 입증하였다.

  • PDF

Formal Description and Reference Implementation Code Generation for a Security Algorithm using VDM-SL (VDM-SL을 이용한 보안 알고리즘의 형식적 표현과 참조구현 코드 생성)

  • Kim, Young-Gil;Kim, Ki-Su;Kim, Young-Wha;Ryou, Jae-Cheol;Jang, Chung-Ryong
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.6 no.4
    • /
    • pp.67-84
    • /
    • 1996
  • VDL-SL (Vienna Development Method-Specification Language) is one of the FSL(Formal Specification Language) which is being presented for the correct description of the security relevant standards. Several tools are being developed for the correctness and the convenience in the description and executable code generation of security relevant standards using VDM-SL. The IFAD VDM-SL Toolbox is one that has many functions : syntax checking, type checking, c++ code generation, test coverage information. This paper describes a formal method for description and implementation of MD4 algorithm using VDM-SL and IFAD VDM-SL Toolbox, and examines the result applied to secure hash algorithm, and proposes the relation to strict conformance test which recently suggested as a security test method.

Stream Cipher Algorithm using the Modified S-box (변형된 S박스를 이용한 스트림 암호 알고리즘)

  • 박미옥;최연희;전문석
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.13 no.5
    • /
    • pp.137-145
    • /
    • 2003
  • Nowadays, people can communicate with each other on any time at my place by development of wireless communications. But, the openness of mobile communications Poses serious security threats and the security is necessary on mobile communications to support the secure communication channel. The most commonly method is stream cipher for mobile communications. Generally, this stream cipher is implemented by LFSR(Linear Feedback Shift Register). On this paper proposes the modified mechanism of the S box is usually used in block cipher to advance security og the stream cipher and this mechanism is the modified three one in consideration og the randomness. Generally, S box that is function with nonlinear property makes data more strong by attack. The randomness test of the proposed algorithm is used Ent Pseudorandom Number Sequence Test Program and by the test result it proves that it has better randomness and serial correlation value than the based stream cipher on respective test.

Development of Test Software Program for Detection Array Module Signal Processing System (Array 검출모듈 신호처리 System의 Test Software Program 개발)

  • Park, Ge-O;Sung, So-Young;Kim, Young-kil
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2017.05a
    • /
    • pp.379-382
    • /
    • 2017
  • Shipping and logistics safety, security system is strengthening worldwide, the development of shipping and logistics safety security core technology for national security logistics system construction has been carried out. In addition, it is necessary to localize the Array Detection System, which is a core component of the container search machine, to cope with the 100% pre-inspection of the container scheduled for 2018 in the United States. In this paper, we propose a test software program developed by using TI-RTOS (Texas Instruments - Real Time Operating System) with a test digital signal processing board which is developed self development.

  • PDF

An Empirical Study of Security for API in Windows Systems (윈도우즈에서 제공되는 기본 API에 대한 안전성 고찰)

  • Choi, Young-Han;Kim, Hyoung-Chun;Oh, Hyung-Geun;Lee, Do-Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.19 no.2
    • /
    • pp.75-82
    • /
    • 2009
  • In this paper, we test for security targeting on APIs of Windows as that is used by many people worldwide. In order to test APIs in DLL fils of Windows OS, we propose Automated Windows API Fuzz Testing(AWAFT) that can execute fuzz testing automatically and implemented the practical tool for AWAFT. AWAFT focuses on buffer overflows and parsing errors of function parameters. Using the tool, we found 177 errors in the system folder of Windows XP SP2. Therefore, AWAFT is useful for security testing of Windows APIs. AWAFT can be applied to libraries of third party software in Windows OS for the security.

On Randomness tests for the Statistical Analysis of Symmetric Ciphers (비밀키 암호 시스템의 통계적 특성 분석을 위한 Randomness test 방법의 비교 고찰)

  • 김종희;염대현;이필중
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 1998.12a
    • /
    • pp.421-441
    • /
    • 1998
  • 본 논문에서는 스트림 암호 알고리즘과 블록 암호 알고리즘과 같은 비밀키 암호 시스템의 통계적 특성을 측정하기 위하여 사용된 여러 가지 randomness 테스트 방법들을 구현하여 그 성능을 randomness test의 power측면에서 서로 비교하였다. 여기서, power란 randomness test가 nonrandom한 비트 스트림을 얼마나 정확하게 검정할 수 있는 가를 나타내는 적도이다. 그리고, 스트림 암호 알고리즘과 블록 암호 알고리즘의 통계적 특성을 측정하기 위해 가장 효율적이라고 생각되는 테스트 방법들을 찾아 이 방법들을 사용할 것을 제안한다. 끝으로 제안된 방법들을 이용하여, DES, AES후보 알고리즘, SEED의 통계적 특성을 분석하였다.

  • PDF

The Influence of Watching Military Life Experience TV Program ('Real Man') on University Students' Military Image and Security Awareness (군생활체험 TV프로그램 '진짜사나이' 시청이 대학생의 군 이미지와 안보의식에 미치는 영향)

  • Cho, Sang-Hyeok
    • Convergence Security Journal
    • /
    • v.16 no.7
    • /
    • pp.147-158
    • /
    • 2016
  • The purpose of this study was to investigate the influence of watching 'Real Man' program on university student s' military image and security awareness. For the purpose of the study, 392 university students in Seoul, Chungcheong and Jeolla were selected. With the collected data, factorial analysis, t-test, frequency analysis, one-way analysis of variance, and multiple regression analysis were performed through SPSS 21.0. First, according to personal characteristic and watching degree, there were differences in military image and security awareness. There were significant differences in rationality, coherence, familiarity, violence, authority among sub factors of military image and in perspective about policy towards North Korea, persepectives about North Korea, military threats of North Korea, security will among sub factors of security awareness. Second, military image of university students who watched 'Real Man' had an influence on security awareness. Military image had an meaningful influence on perspective about North Korea, military threats of North Korea, security will among sub factors of security awareness.