• Journal of Internet Computing and Services
• /
• v.7 no.1
• /
• pp.17-30
• /
• 2006

With the wide acceptance of the Internet and the Web, volumes of information and related users have increased and companies have become to need security mechanisms to effectively protect important information for business activities and security problems have become increasingly difficult. This paper proposes a improved access control model for access control enforcement in enterprise environments through the integration of the temporal constraint character of the GT-RBAC model. sub-role hierarchies concept and PBDM(Permission Based Delegation Model). The proposed model. called Extended GT-RBAC(Extended Generalized Temporal Role Based Access Control) delegation Model. supports characteristics of GTRBAC model such as of temporal constraint, various time-constrained cardinality, control flow dependency and separation of duty constraints (SoDs). Also it supports conditional inheritance based on the degree of inheritance and business characteristics by using sub-roles hierarchies and supports permission based delegation, user to user delegation, role to role delegation, multi-step delegation and temporal delegation by using PBDM.

• Convergence Security Journal
• /
• v.13 no.2
• /
• pp.155-163
• /
• 2013

Connection hijacking attack using the vulnerability of the TCP protocol to redirect TCP stream goes through your machine actively (Active Attack). The SKEY such as one-time password protection mechanisms that are provided by a ticket-based authentication system such as Kerberos or redirection, the attacker can bypass.Someone TCP connection if you have access on TCP packet sniffer or packet generator is very vulnerable. Sniffer to defend against attacks such as one-time passwords and token-based authentication and user identification scheme has been used. Active protection, but these methods does not sign or encrypt the data stream from sniffing passwords over insecure networks, they are still vulnerable from attacks. For many people, an active attack is very difficult and so I think the threat is low, but here to help break the illusion successful intrusion on the UNIX host, a very aggressive attack is presented. The tools available on the Internet that attempt to exploit this vulnerability, known as the recent theoretical measures is required. In this paper, we propose analysis techniques on a wireless network intruder detection.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.9 no.1
• /
• pp.15-23
• /
• 2016

As various IoT devices appear recently, Cloud Services such as DropBox, Amazon S3, Microsoft Azure Storage, etc are widely use for data sharing across the devices. Although, cryptographic algorithms like AES is prevalently used for data security, there is no mechanisms to allow selectively and flexibly use wider spectrum of lightweight cryptographic algorithms such as LEA, SEED, ARIA. With this, IoT devices with lower computation power and limited battery life will suffer from overly expensive workload and cryptographic operations are slower than what is enough. In this paper, we designed and implemented a CloudGate that allows client programs of those cloud services to flexibly select a cryptographic algorithms depending on the required security level. By selectively using LEA lightweight algorithms, we could achieve the cryptographic operations could be maximum 1.8 faster and more efficient than using AES.

• Journal of Intelligence and Information Systems
• /
• v.16 no.1
• /
• pp.45-56
• /
• 2010

Sensor Networks are composed of many sensor nodes, which are capable of sensing, computing, and communicating with each other, and one or more sink node(s). Sensor networks collect information of various objects' identification and surrounding environment. Due to the limited resources of sensor nodes, use of wireless channel, and the lack of infrastructure, sensor networks are vulnerable to security threats. Most research of sensor networks have focused on how to detect and counter one type of attack. However, in real sensor networks, it is impractical to predict the attack to occur. Additionally, it is possible for multiple attacks to occur in sensor networks. In this paper, we propose the Secure Routing Mechanism to Defend Multiple Attacks in Sensor Networks. The proposed mechanism improves and combines existing security mechanisms, and achieves higher detection rates for single and multiple attacks.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.8
• /
• pp.95-104
• /
• 2013

DDoS attacks have became as a social threat since 2009 7.7 DDoS turmoil. Even though defence techniques have been developing to provide against those threats, they become much more sophisticate. In recent years, the attack form of DDoS is changing from high amount of traffic attack of network layers to highly sophisticate small amount of application layers. To make matters worse, attack agent for the attack has became very intelligent so that it is difficult to be blocked since it can't be distinguished from normal PCs. In the user authentication system(such as CAPTCHA) User intervention is required to distinguish normal PCs and intelligent attack agents and in particular, in a NAT environment, IP-based blocking method can be cut off the normal users traffic at the same time. This research examined defense techniques which are able to distinguish between agent and normal PC and effectively block ways the HTTP DDoS offense applying one-time session key based authentication method using Cookie which is used in HTTP protocol to protect web sever from sophisticate application layer of DDoS.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.323-331
• /
• 2021

The relevance of the study implies the need to explain the main determinants of environmental policy, allowing countries to converge on a common working basis. The purpose of the research is to explore ways in which the environmental aspects of EU regions and territories can be shaped to apply to domestic environmental policy. A total of 997 representatives from the Ukrainian UTCs, who are involved in local environmental policy, participated in the survey. Results of the research. A hierarchy of regional environmental policy objectives has been identified. Three key principles of eco-policy development have been distinguished. The means of the innovative approach strategy implementation have been outlined (formation of the regional market of environmental services; organization of interaction between environmental agencies and market structures; establishment of environmental funds which finance environmental activities; implementation of the "collateral return" system; formation of a system of benefits and loans to enterprises that successfully implement the environmental policy). The means of the prognostic approach implementation strategy to the development of the region's environmental policy have been determined (the use of an orderly and successful long-term strategy of economic development of the region; obligatory consideration in the mechanisms strategy aimed at improvement of environmental management system of the region, interbranch impact of the projects implemented on the region's ecological situation; taking into consideration the economic and geographical peculiarities of the region, the necessary infrastructure, issues of the territorial location of the large enterprises in the region and their impact on the environment). The means of the traditional approach strategy implementation have been outlined (activity programs focused on solution of specific problems, rather than on the implementation of measures for environmental restoration and enhancement; nature conservation problems have interbranch, interdepartmental character due to unity of the region's ecosystem; tracking complexity of changing conditions (water basins, woodlands, air-mass transport), regional boundaries generally do not coincide with natural ecosystems boundaries). The practical significance of the study lies in providing recommendations for the implementation of certain aspects of Ukrainian UTC's environmental policy.

• Convergence Security Journal
• /
• v.19 no.1
• /
• pp.97-101
• /
• 2019

If the operating system's core file contains an Intel PT, the debugger can not only check the program state at the time of the crash, but can also reconfigure the control flow that caused the crash. We can also extend the execution trace scope to the entire system to debug kernel panics and other system hangs. The second-generation PT, the WinIPT library, includes an Intel PT driver with additional code to run process and core-specific traces through the IOCTL and registry mechanisms provided by Windows 10 (RS5). In other words, the PT trace information, which was limited access only by the first generation PT, can be executed by process and core by the IOCTL and registry mechanism provided by the operating system in the second generation PT. In this paper, we compare and describe methods for collecting, storing, decoding and detecting malicious codes of data packets in a window environment using 1/2 generation PT.

• International Journal of Computer Science & Network Security
• /
• v.21 no.3
• /
• pp.295-303
• /
• 2021

The relevance of the research is due to the fact that the issue of poverty is one of the most acute social problems of the beginning of the third millennium. The phenomenon of poverty is widespread in third world countries as well as it is observed in relatively developed countries. Poverty rates in Latin America are threatening. Consequently, the issue of social and economic inequality in these countries has become extremely acute. The purpose of the research: to identify the causes of poverty and social inequality and substantiate the main directions of poverty reduction in third world countries. The research methods: comparative analysis; index method; systematization; grouping; generalization. Results. The classification of the causes of poverty has been carried out and the directions of its overcoming in the countries of Latin America on groups of indicators have been defined, namely: 1) political; 2) economic; 3) demographic; 4) regional-geographical; 5) social; 6) qualification; 7) personal. Based on the Net Domestic Product indicator, a comparison of economic indicators of the studied countries has been carried out. It has been revealed that from 1990 to 2018 income inequality increased in 52 of 119 countries studied, and decreased in 57 states. Inequality has increased in the world's most populous countries, particularly China and India. In general, countries with growing inequality are home to more than two-thirds (71%) of the world's population. Trends in the distribution of income in the world have been investigated by applying the Gini index, the high level of which is observed in Latin America (Colombia 48,9%, Panama 46,1%, Chile and Mexico 45,9%). The forecast of the impact of the Covid-19 pandemic on this issue has been outlined; the ways of its impact on the economies of the countries have been studied. As a result of the study, the main directions and mechanisms of the strategy for poverty reduction and social inequality in the third world countries have been identified. The implementation of the poverty reduction strategy presented in this academic paper may have a positive impact on the economic situation of the population of Latin American countries.

• International Journal of Computer Science & Network Security
• /
• v.21 no.5
• /
• pp.57-68
• /
• 2021

Successfully adapting to digital and customer-oriented transformation, the concept of lean manufacturing professes the philosophy of creating greater benefit while minimizing losses. These losses are operations that do not add value in the production process to ensure the efficiency, flexibility, and profitability of projects. In the context of broad automation and digitalization of all sectors of the economy, mechanisms for combining automation technologies and lean production are becoming available. Moreover, when it comes to the efficient use of financial, human, or material resources, it is clear that the use of Industry 4.0 technologies can be an effective tool for achieving the goals of lean production, as many of them pursue the same goal. In this context, this article aims to study the effectiveness of the implementation of project management concepts at the global level and identify the main factors influencing its effectiveness to ensure the achievement of lean production through LEAN technologies and Industry 4.0 technologies. To achieve this goal, several statistical indicators were selected and several statistical methods of analysis were used: pairwise correlation, regression analysis, methods of comparison, synthesis, and generalization. Statistical analysis was conducted according to a survey conducted by the Project Management Institute (PMI) in 2020. An economic-mathematical model of dependence of project effectiveness in different regions of the world on the level of implementation of project management approaches is built, which shows that the increase in project effectiveness by 85% is due to financial losses, technical training, and consumer orientation. These results allow project managers to develop appropriate strategies to improve project management approaches at all levels. It is established that LEAN technologies and technologies of Industry 4.0 have several tools that have a positive effect on minimizing losses following the concept of lean production. Besides, given that the technology of Industry 4.0 is focused on the automation of Lean Production technology, a mechanism for the introduction of lean production using these technologies and methods.

• International Journal of Computer Science & Network Security
• /
• v.21 no.4
• /
• pp.186-198
• /
• 2021

The introduction of digital technologies affects most socio-economic processes and activities in the economy, from agriculture to public services. Even though the world is currently only in the early stages of digital transformation, the digital economy is growing rapidly, especially in developing countries. Shortly, digital platforms will be able to replace the "invisible hand" of the market and turn it into digital. Some digital platforms have already reached global reach in some sectors of the economy. The growing value of data and artificial intelligence is reflected in the high capitalization of these enterprises. Their growing role has far-reaching consequences for the organization of economic activity and integration into the field of e-business. However, their importance and level of development in different countries differ significantly. The main purpose of this article is an assessment of the level and trends of the digital economy in the world and the identification of homogeneous groups of states following the main trends in the development of its components from among the EU countries. The methodology of the conducted research is based on the use of general scientific research methods in the analysis of secondary sources and the application of statistical methods of correlation-regression and cluster analysis. Macroeconomic indicators and components of DESI (Digital Economy and Society Index) were used for the analysis. Results. Based on the analysis established that most developed countries have a medium level of digitalization of the business environment and a high level of digitalization of socially oriented public services, while countries with lower GDP focus their policies on building digital infrastructure and training qualified personnel. The study summarizes and analyzes current trends in digital technology, analyzes the level and dynamics of integration of digital technologies of the studied EU countries, the level of development of e-business and e-commerce. The conceptualization of mechanisms of creation of added value in the digital economy is offered and the possible consequences of digitalization of the economy of developing countries are generalized.