• Journal of the Korea Society of Computer and Information
• /
• v.6 no.1
• /
• pp.60-66
• /
• 2001

We designed a role-based access control model that can resolve the complicated tasks of control requirements. The designed access control model can control permissions efficiently use of a role-based access control. It guarantees the confidentiality integrity and availa information making use of identity-based and rule-based access controls. It can also centre information flow. Our access control model protects resources from unauthorized accesses b multi-level security policies such as role, security level, integrity level and ownership.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.1
• /
• pp.71-77
• /
• 2004

In general, security server controls information of people who usually come to building. In order to exit and entrance, while they bring Identification card into contact with card reader, server admits them into building after asks whether their informations are or not in database. However if many People want to exit and entrance in all direction. it may give rise to a serious traffic congestion. Therefore the delay is due to server's overload. In this paper, we suggested IZA(Identification Zone Algorithm) in order to prevent of traffic congestion.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.16 no.27
• /
• pp.35-42
• /
• 1993

Just in time backup of the essential materials at industry and military is very important. Especially in case of military essential materials at wartime is so important as it controls victory and/or defeat. This paper presents the new approach for just in time suppling the essential materials at the beginning wartime - security step of materials, reservation priority and quantity requirement degree. In order to build the new approach, we introduced the concepts of cost and effect analysis for each essential item. First of all, the developed model will be useful to maximize combat sustaning power under constraint of budget.

• Korean Management Science Review
• /
• v.17 no.1
• /
• pp.145-158
• /
• 2000

The medical records of diagnostic and testing information include sensitive personal information that reveals some of the most intimate aspects of an individual's life. The hospital information system (HIS) operates in a state of high risk which may lead to the possible loss to the IS resources caused by various threats. This research addresses twofold : (1) to perform asset identification ad valuation and (2) to recommend countermeasures for secure HIS network using case studies This paper applied a risk management tool CRAMM (Central Computer and Tele-communications Agency's Risk Analysis and Management Method) to assess asset values and suggest countermeasures for the security of computerized medical information of two large hospitals in Korea. CRAMM countermeasures are recommended at the reference sites from the network security requirements of system utilized for the diagnosis and treatment of patients. The results of the study will enhance the awareness of IS risk management by IS managers.

• International Journal of Contents
• /
• v.11 no.4
• /
• pp.70-76
• /
• 2015

The development of technology provides and increases security as well as convenience for humans. The development of new technology directly affects the standard of life thanks to smart home automatic control systems. This paper describes a door control, automatic curtain, home security (CCTV, fire, gas, safe, etc.), home control (energy, light, ventilation, etc.) and web-based smart home automatic controller. It also describes the use of ARM (Advanced RISC Machines) for automatic control of home equipment, a Multi-Axes Servo Controller using FPGA (Field Programmable Gate Array) and PLC (programmable logic controller). Additionally, it describes the development of a HTML editor using web auto control software. The tab loading time (7 seconds) is faster when using ARM-based web browser software instead of Chrome and Firefox is used because the browser has a small memory footprint (300M). This system is realized by web auto controller language which controls and uses PLCs that are easier than existing devices. This smart home automatic control technology can control smart home equipment anywhere and anytime and provides a remote interface through mobile equipment.

• Journal of Internet Computing and Services
• /
• v.9 no.4
• /
• pp.69-77
• /
• 2008

I propose adding users’Media Access Control (MAC) addresses to standard X.509 certificates to provide more secure authentication. The MAC address can be added by the issuing Certification Authority (CA) to the "extensions" section of the X.509 certificate. I demonstrate that when two users with MAC address information on their digital certificates communicate, the MAC address on the first user’s certificate can be easily verified by the second user. In this way, security can be improved without markedly degrading system performance and the level of initial trust between participants in virtual communities will be improved.

• International Journal of Computer Science & Network Security
• /
• v.21 no.4
• /
• pp.272-276
• /
• 2021

Presently, Online / Offline Users are facing cyber attacks every day. These cyber attacks affect user's performance, resources and various daily activities. Due to this critical situation, attention must be given to prevent such users through cyber attacks. The objective of this research paper is to improve the IDS systems by using machine learning approach to develop a hybrid model which controls the cyber attacks. This Hybrid model uses the available KDD 1999 intrusion detection dataset. In first step, Hybrid Model performs feature optimization by reducing the unimportant features of the dataset through decision tree, support vector machine, genetic algorithm, particle swarm optimization and principal component analysis techniques. In second step, Hybrid Model will find out the minimum number of features to point out accurate detection of cyber attacks. This hybrid model was developed by using machine learning algorithms like PSO, GA and ELM, which trained the system with available data to perform the predictions. The Hybrid Model had an accuracy of 99.94%, which states that it may be highly useful to prevent the users from cyber attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.309-327
• /
• 2022

As ICT convergence is progressing in all industrial fields and creating the global ecosystem of the supply chain is accelerating, supply chain risk related with cyber area are also increasing. In particular. the supply chain of ICT products is very complex in terms of technical and environmental factors to be managed, so it is vert difficult to transparently manage the entire life cycle. Accordingly, the US, UK, and EU, etc. are conducting and establishing cyber supply chainsecurity-related research and policies for ICT product supply chains. Korea also has the plan to establish management system to secure the supply chain of major ICT equipment as a task in the basic plan of the national cybersecurity strategy announced in 2019, but there is no concrete policy yet. So, In this paper, we review the cyber supply chain security management system in the United States and present a supplementary way to the National Information Security Manual in Korea from the perspective of cyber supply chain security. It is expected that this will serve as a reference material for cyber supply chain measures that can be introduced in domestic information security field.

• The Journal of Society for e-Business Studies
• /
• v.8 no.3
• /
• pp.241-257
• /
• 2003

XML is a global standard for the Internet and e-business, and its use is growing in proportion to the spreading speed of e-Commerce. Thus, a policy for providing more safe security service for exchanging e-documents within e-Commerce is necessary. XKMS, one of XML security specification, defines the protocol for distributing and registering public keys for verifying electronic signatures and enciphering e-documents of e-Commerce applications with various and complicate functions. In this paper, we propose X-KISS service reference model and implement service component based on standard specification. Also describes the analysis and security of XML key information service for safe e-Commerce, paying attention to the features of XML based security service. This reference model supported include public key location by given identifier information, the binding of such keys to identifier information. The client service component controls the number of locate threads and validate threads to analyze the minimum requirements of real-time key retrievals. This service modeling offers the security construction guideline for future domestic e-business frameworks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.425-433
• /
• 2016

In smart grid, enhancement of efficiency and interoperability of electric power system is achieved through the connection with outer network, and this induces that power grid system is threatened increasingly, becomes the main target of cyber terrorism, and is sincerely required to design the secure power system. Although SSDLC(Secure System Development Life Cycle) is used for risk management from the design phase, traditional development life cycle is somewhat limited for satisfaction of information security indicator of power control system. Despite that power control system should reflect control entities of information security considering its own characteristics, validation elements are insufficient to apply into real tasks based on existing compliance. To make design of diagnostic model and assessment process for power control system possible and to give a direction for information security and present related indicator, we propose the new risk management framework of power control system which is applied operational security controls and standard architecture presented by IEC 62351 TC 57 with enterprise risk management framework.