• The Transactions of the Korea Information Processing Society
• /
• v.6 no.3
• /
• pp.641-653
• /
• 1999

The paper is design and implementation of the system to support security communication between a Web Browser and a CGI program by a Web Server using PKI(Public Key Infrastructure. This system uses GSS(Generic Security Service)-API to communicate with PKI, offers a Web user a Client Proxy, and offers a CGI developer there library functions related with security. TLS(Transport Layer Security) supports security communication between a Web Browser and a Web Server, but the system supports security communication between a Web Browser and a CGI program as the protected data received from a Client Proxy are sent to a CGI program, and the CGI program decrypts the data using the library functions supported by this system.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.11
• /
• pp.1478-1481
• /
• 2019

As core technologies(IoT, 5G, Cloud, Bigdata, AI etc) leading the Fourth Industrial Revolution promote smart convergence across the national socio-economic infrastructure, the threat of new forms of cyber attacks is increasing and the possibility of massive damage is also increasing. Reflecting this trend, cyber security is expanding from simple information protection to CPS(Cyber Physical System) protection that combines safety and security that implements hyper-connectivity and ultra-reliability. This study introduces the recent evolution of cyber attacks and looks at the next generation cyber security technologies based on the conceptual changes of cyber security technologies such as SOAR(Security Orchestration, Automation and Response) and Zero Trust.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.1
• /
• pp.71-87
• /
• 2008

In order to survive in a competitive environment, many companies are taking much interest in building IT infrastructure and are investing in that area. But, despite of all the interest and investments, many companies are unsatisfied and confused because of the lack of guidance and understandings of IT infrastructure. Therefore the purpose of this study is to prove that the level of IT usage is different according to organizational characteristics and industrial categories, and to give a guideline to companies' planning on newly building IT infrastructure. In conclusion, companies newly planning on building IT infrastructure should consider the amount of information technology functional uses according to the organizational characteristics and industrial category and they follow the below guidelines. On building the IT infrastructure the organization having the characteristics of formalization should consider and provide the standardization function first. The companies having the characteristics of decentralization should consider and provider firstly the application and communication function. And the companies having the characteristics of specialization should consider and provider the security function.

• Journal of KIISE:Computer Systems and Theory
• /
• v.33 no.9
• /
• pp.608-614
• /
• 2006

The popularization of high-speed networks and the innovation of high-performance hardware/servers have enlarged the role of large-scale, highly distributed IT infrastructure. Though many criteria on the assessment of IT infrastructure can be considered, the survivability assessment is treated as the most important one due to the essential role as an infrastructure. While assessing the survivability of some given IT infrastructures, we can not only choose the best one among them but also improve their survivability by modifying their structure and security policies. In this paper, we propose a DMKB-based assessment system on the survivability of IT infrastructures, where DMKB is a kind of database which provides the known vulnerabilities and defense mechanism for many system components.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.747-749
• /
• 2017

To protect financial services against danger of financial accidents and customer information leakage caused by malware, injection attack and so on, Financial Services Commission announced "Financial Networks Security Enhancement Comprehensive Plan", which suggests the guideline of protecting customer information and providing secure financial services by separating network topology and then makes the financial company use network partitioning system. In consequence of this policy, financial companies respectively chose between the physical partitioning mechanism or the logical partitioning mechanism according to their IT environment. This paper suggests an efficient infrastructure configuration plan for making the logical network partition, by comparison of a construction of traditional general equipment and an integrated HCI(Hyper Converged Infrastructure) through 'Hyper Converged' which is one of virualization techniques for developing currently, and the case study of the integrated HCI method.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.7
• /
• pp.1-8
• /
• 2017

As the IT environment becomes more sophisticated, various threats and their associated serious risks are increasing. Threats such as DDoS attacks, malware, worms, and APT attacks can be a very serious risk to enterprises and must be efficiently managed in a timely manner. Therefore, the government has designated the important system as the main information communication infrastructure in consideration of the impact on the national security and the economic society according to the 'Information and Communication Infrastructure Protection Act', which, in particular, protects the main information communication infrastructure from cyber infringement. In addition, it conducts management supervision such as analysis and evaluation of vulnerability, establishment of protection measures, implementation of protection measures, and distribution of technology guides. Even now, security consulting is proceeding on the basis of 'Guidance for Evaluation of Technical Vulnerability Analysis of Major IT Infrastructure Facilities'. There are neglected inspection items in the applied items, and the vulnerability of APT attack, malicious code, and risk are present issues that are neglected. In order to eliminate the actual security risk, the security manager has arranged the inspection and ordered the special company. In other words, it is difficult to check against current hacking or vulnerability through current system vulnerability checking method. In this paper, we propose an efficient method for extracting diagnostic data regarding the necessity of upgrading system vulnerability check, a check item that does not reflect recent trends, a technical check case for latest intrusion technique, a related study on security threats and requirements. Based on this, we investigate the security vulnerability management system and vulnerability list of domestic and foreign countries, propose effective security vulnerability management system, and propose further study to improve overseas vulnerability diagnosis items so that they can be related to domestic vulnerability items.

• Journal of KIISE:Information Networking
• /
• v.29 no.2
• /
• pp.109-116
• /
• 2002

Through the increment of requirement for group oriented communication services, on the open network, the multicast infrastructure has become a widely discussed researching topic. However the research of the security properties that safety, efficiency and scaleability in a multicast structure, has not been enough. In this study, we discuss conventional multicast key management structures and propose a scalable secure multicast key management structure based on PKI(Public Key Infrastructure), IPSec, domain subgroup and structural two mode scheme. Also we certify to the usability of new proposed scheme from comparing it with conventional schemes in the part of safety, efficiency and scaleability.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.97-104
• /
• 2021

The key challenges and problematic aspects of the formation of intellectually and innovation-oriented strategies of regional entities at the present stage of their development are considered. The main tasks that arise in the process of strategizing the potential-forming development of regional economic systems in the context of digitalization are identified. The list of key organizational and economic directions of strategic character of providing intellectual and innovative development of regional economic systems is formed, which includes clustering of centers of high-tech development of regions, creation of creative hubs, development of knowledge infrastructure and improvement of interregional cooperation; a brief description of each of the presented strategic organizational and economic directions is given. Based on the analysis, the key strategic guidelines for the development of regional economic entities in the context of digitalization under the influence of potential-forming determinants, which form the content basis for further processes of strategizing qualitative aspects of development of specific regional entities.

• International Journal of Computer Science & Network Security
• /
• v.22 no.7
• /
• pp.29-34
• /
• 2022

The innovative process of digitalization and creation of innovation from an idea to its commercialization requires certain financial costs, labor and mental efforts. The amount of investment (corporate and public) is the most important imperative to enhance innovation and is traditionally considered as the main "input" indicators of the development of innovation infrastructure, in this case, the financial infrastructure of innovation. At the same time, the modern theory of innovation development assumes a systematic approach to the organization of innovation activity, which provides for the close interaction of several subsystems: human (including intellectual) potential, financial and technological capital, as well as relevant institutions and methods of regulation.. Thus, the main task of the study is to analyze the features of investment support for the process of digitalization of socio-economic systems in the context of strengthening international economic relations. As a result of the study, current trends and prerequisites of investment support for the process of digitalization of socio-economic systems in the context of strengthening international economic relations were revealed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.31-40
• /
• 2014

In Korea, the Public Key Infrastructure (PKI) has been introduced. For secure information transmission and identification, the electronic signature authorization system of a certificate-based is built, and then the service provide.The certificate is stored in location what users can easily access and copy. Thus, there is a risk that can be stolen by malware or web account hacking. In addition, private key passwords can be exposed by the logging tool, after keyboard security features are disabled. Each of these security weaknesses is a potential conduit for identity theft, property/asset theft, and theft of the actual certificates. The present study proposes a method to prevent the private key file access illegally. When a certificate is stored, the private key is encrypted by the dependent element of the device, and it is stored securely. If private key leakage occurs, the retrieved key could not be used on other devices.