• Convergence Security Journal
• /
• v.2 no.2
• /
• pp.59-66
• /
• 2002

The access controls are the methods which are generally used in such systems as computer operating systems, workflow systems, information security systems and etc.. In the paper, is proposed a role-based access control model which not only has fundamental security functions such as security, integrity and flow control, but also meets the access control requirements of role-based social organizations. The proposed role-based access control model is designed in order to perform its functions in simple and secure way, largely in the environment of web-based applications.

• The Journal of Information Systems
• /
• v.24 no.3
• /
• pp.1-19
• /
• 2015

Purpose This study discusses the contradictory behavior of smart-phone users who consider security is important, but they do not follow the security recommendations. We found through literature research that this contradictory behavior is resulted from a low level of efficacy. Design/methodology/approach Research hypotheses were set based on Extended Parallel Process Model, Control Theory, and Self Efficacy Mechanism. The data were collected from undergraduate students. Total of 178 data were used for the analysis. Findings Results of the analysis, first, showed that the relationship between threat and security attitude varies with the level of coping efficacy. Second, showed that the relationship between threat and fear does not vary with the level of coping efficacy. Both the groups with high coping efficacy and low coping efficacy had a statistically significant effect on the relationship between threat and fear.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.9
• /
• pp.1955-1962
• /
• 2012

Recently the flow of information security has become a user-centered change. This is mostly breach of security by the normal and abnormal entering harmful files during user internet. Therefore, we would like to design security system that breach of security can be prevented in advance to improve using the reliability of DNS and system control in this paper. In other words, we would like to suggest method can be block randomly to access the site which information security system of user-centric is breached harmful files infected in user computer.

• Korean Journal of Computational Design and Engineering
• /
• v.11 no.5
• /
• pp.327-334
• /
• 2006

Recently, security incidents are growing rapidly in which internal employees let the drawing leak out to competitors or other countries. This type of security incidents has a characteristic that it occurs less frequently than other types of security incidents such as network or server security incident, but the damage is a lot more serious. The existing information security technologies to prevent internal information from being leaked out are only applicable to general documents(office documents, web pages and image files in which data are encrypted one by one). However, architectural drawings made up of collection of files with various formats(extensions) have problems with the process speed of en(de) cryption and accuracy, so the developments of security technologies by new methods are required. In this study, we design and develop a security technology based on work area with which users can protect the leakage of critical information in the kernel level while maintaining their work environment when they have to use sharing information that cannot be managed by the unit of file. As a result, we developed the "Virtual Secure Disk" which allows only authorized users and applications to have an access to drawings, and have verified its security by applying it to the actual company.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.471-478
• /
• 2013

Industrial control system was designed mainly in the form of analog in early days. However, necessity of digital system engineering is increasing recently because systems become complicated. Consequently, stability of digital systems is improved so most industrial control systems are designed with digital. Because Using digital design of Industrial control system is expanded, various threatening possibilities such as penetration or destruction of systems are increasing enormously. Domestic and overseas researchers accordingly make a multilateral effort into risk analysis and preparing countermeasures. In this paper, this report chooses common security requirement in industrial control system and nuclear control system through relevant guidelines analysis. In addition, this report suggests the development plan of nuclear cyber security system which will be an essential ingredient of planning approvals.

• Journal of Power Electronics
• /
• v.15 no.4
• /
• pp.994-1005
• /
• 2015

This paper presents a novel power control strategy for PWM current-source rectifiers (CSRs) in the stationary frame based on the instantaneous power theory. In the proposed control strategy, a virtual resistance based on the capacitor voltage feedback is used to realize the active damping. In addition, the proportional resonant (PR) controller under the two-phase stationary coordinate is designed to track the ac reference current and to avoid the strong coupling brought about by the coordinate transformation. The limitations on improving steady-state performance of the PR controller is investigated and mitigated using a cascaded lead-lag compensator. In the z-domain, a straightforward procedure is developed to analyze and design the control-loop with the help of MATLAB/SISO software tools. In addition, robustness against parameter variations is analyzed. Finally, simulation and experimental results verify the proposed control scheme and design method.

• Journal of Digital Convergence
• /
• v.19 no.8
• /
• pp.49-57
• /
• 2021

This paper aims to confirm the effect of self-control and organization-control on information security attitude. The research method is composed of a cross-design of locus of control and tightness culture. The measurement variables used in the assessment are information security actual attitude, compliace behavioral attitude, and information security efficacy. As a result, the locus of control had a significant effect on information security actual attitude, information security efficacy, information security efficacy, and it was found that influence of the internal-based condition was greater than the external-based condition. The tightness culture had a significant effect on compliace behavioral attitude, information security efficacy, and it was found that influence of the tight culture-based condition was greater than the loose culture-based condition. In addition, the discussion contatins the implications of information security direction that reflect these research results.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.6
• /
• pp.63-70
• /
• 2013

In accordance with the advancement of IT, application systems with various and complex functions are being required. Such application systems are typically built based on database in order to manage data efficiently. But most object-oriented analysis design methodologies for developing web application systems have not been providing interconnections with the database. Since the requirements regarding the security issues increased, the importance of security has become emphasized. However, since the security is usually considered at the last step of development, it is difficult to apply the security during the whole process of system development, from the requirement analysis to implementation. Therefore, this paper suggests an object-oriented analysis and design methodology for secure database design from the requirement analysis to implementation. This object-oriented analysis and design methodology for secure database design offers correlations with database that most existing object-oriented analysis and design methodologies could not provide. It also uses UMLsec, the modeling language, to apply security into database design. In addition, in order to implement security, RBAC (Role Based Access Control) of relational database is used.

• 제어로봇시스템학회:학술대회논문집
• /
• 2005.06a
• /
• pp.1602-1605
• /
• 2005

An audit tracer is one of the last ways to defend an attack for network equipments. Firewall and IDS which block off an attack in advance are active way and audit tracing is passive way which analogizes a type and a situation of an attack from log after an attack. This paper explains importance of audit trace function in network equipment for security and defines events which we must leave by security audit log. We design and implement security audit system for secure router. This paper explains the reason why we separate general audit log and security audit log.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1994.11a
• /
• pp.99-107
• /
• 1994

For the secure control of the communication satellite, security mechanisms should be employed on the ground station as well as on the spacecraft. In this paper, we present a security architecture fur the spacecraft command security of the communication satellite. An authentication mechanism is also proposed using message authentication code (MAC) based on the Data Encryption Standard (DES) cryptosystem.