• The Transactions of the Korea Information Processing Society
• /
• v.3 no.7
• /
• pp.1822-1833
• /
• 1996

As the size and complexity of networks increase, it is difficult to manage the whole network using single network manager, thus it is more resonable to manage the network using several network managers distributed on the network. Security interoperability should be supported among network management systems (NMSs)that use different management policies. In this paper, an algorithm that makes it posible to take a role into a role lattices is suggested to provide security interoperability among NMSs that have their own role lattices. In addition, security constraints are proposed to maintain the confidentiality and integrity of information by dynamically modifying the access rights of roles as the state of a system changes. Also, the security constraints are expressed using ECA rules in this paper.

• Convergence Security Journal
• /
• v.5 no.3
• /
• pp.1-7
• /
• 2005

Today, network is a fragile state in many threat attacks. Especially, the company serviced like internet or e-commerce is exposed to danger and targeted of attacker Therefore, it is realistic that the company use the security solution. It exist various security solution in our school network. For example, Firewall, IDS, VirusWall, VPN, etc. The administrator must manage various security solution. But it is inefficient. Therefore, we need the Management System to controll every security solution. In this paper, we deal with basic contents of security solution to manage the ESM and merits and demerits when use it. Also we suggest method that the Administrator can manage his network more efficiently and systematically by using the ESM in our school network.

• 제어로봇시스템학회:학술대회논문집
• /
• 2005.06a
• /
• pp.2513-2515
• /
• 2005

Internet attack incidents have steadily increased along with the increase in Internet users. To protect systems and networks from these attacks, advanced security systems have been developed. Now that these security systems are operating, their successful management is more important than the purchase and establishment of new information security systems. The acquisition of good systems is ineffective and financially wasteful unless they are managed properly. Adequate management policy has recently become the focus of users. In other words, for companies and educational institutions with their domains, capital expenses are enormous to bear, and good security staffs are difficult to find, for which reasons outsourcing vendors or Managed Security Service Providers (MSSPs) that manage and operate the information security systems of certain domains become very appealing. Today, customers expect ISPs to perform MSSP services that used to be carried out by the security companies. This document presents the role and necessity of ISPs as MSSPs.

• ETRI Journal
• /
• v.31 no.5
• /
• pp.554-564
• /
• 2009

In information security and network management, attacks based on vulnerabilities have grown in importance. Malicious attackers break into hosts using a variety of techniques. The most common method is to exploit known vulnerabilities. Although patches have long been available for vulnerabilities, system administrators have generally been reluctant to patch their hosts immediately because they perceive the patches to be annoying and complex. To solve these problems, we propose a security vulnerability evaluation and patch framework called PKG-VUL, which evaluates the software installed on hosts to decide whether the hosts are vulnerable and then applies patches to vulnerable hosts. All these operations are accomplished by the widely used simple network management protocol (SNMP). Therefore, system administrators can easily manage their vulnerable hosts through PKG-VUL included in the SNMP-based network management systems as a module. The evaluation results demonstrate the applicability of PKG-VUL and its performance in terms of devised criteria.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.25-31
• /
• 2012

LTE/SAE has presented the handover key management to revoke the compromised keys and to isolate corrupted network devices. In this paper, we identify that the handover key management is vulnerable to de-synchronization attacks, which is jeopardizing the forward secrecy of handover key management. Also, an adversary could prevent the UE from creating the secure link with eNodeB, which is delaying the handover procedure. In this paper, we present a counrermeasure to prevent above attacks, and analyze the performance issues of the proposed protocol.

• Convergence Security Journal
• /
• v.2 no.2
• /
• pp.179-187
• /
• 2002

Grid is a infrastructure to connect heterogeneous resources that are scattered over areas with high-speed network and to cooperate with each other. To carry out Grid application, first, network resources should be managed, since the network has to be safe and reliable. GMA suggests an effective architecture for monitoring of resources that are scattered over a wide area. In this paper, basing on GMA, Grid network management system based on web for practical and general network management is designed. Grid network management system has to operate and connect various distributed management system. Using LDAP authentication, as one access system, Grid network management system maintain stability.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.1
• /
• pp.43-49
• /
• 2009

Network industry is complex combined with various fields of industry, such as communication, broadcast, construction, and home appliances. Moreover, it's fairly lucrative since the growth industry makes lots of added values, interacting with the others. The network industry, usually called 'Ubiquitous', connects some home appliances and makes an integrated system that you can use them with whenever and wherever. A demand for network security, however, has skyrocketed due to the relatively low safety. It's been expected that the market of home security is going to be grown up nearly 30 percent every year. Recently, analog surveilance cameras have been replaced with digital ones, and they will be providing stronger security services taking advantage of mutual interaction with related industies. In this paper, a mobile monitoring system for home security is proposed, which makes it possible to supervise all home appliances wherever you're, using the conventional wired/wireless network infra.

• Journal of Broadcast Engineering
• /
• v.13 no.2
• /
• pp.261-273
• /
• 2008

Multimedia service whose use is rapidly increasing supports effective services to convert and transmit multimedia data based on network speed, noise circumstance, terminal computation, and type of contents for satisfying QoS. For supporting information protection of multimedia service, it offers middle level of singular security service or security mechanism which is based on policy of service provider, depending on present terminal computation and type of contents. It can support security mechanism for more effective multimedia service, if we study security of application layer and network layer for supporting multimedia service. In this paper, we propose Multimedia security framework reflected on quantitative analysis of the WLAN(Wireless Local Area Network) mesh network security using the utility function in the level of the sorority, violation and addictive compensation model.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.4
• /
• pp.664-673
• /
• 2018

The industrial control system (ICS) has operated as a closed network in the past, but it has recently been linked to information and communications services and has been causing damage due to cyber attacks. As a countermeasure, the Information Communication Infrastructure Protection Act was enacted, but it cannot be applied to various real control environments because there is only a one-way policy-from a control network to a business network. In addition, IEC62443 defines an industrial control system reference model as an international standard, and suggests an area security model using a firewall. However, there is a limit to linking an industrial control network, operating as a closed network, to an external network only through a firewall. In this paper, we analyze the security model and research trends of the industrial control system at home and abroad, and propose an industrial control system security model that can be applied to the actual interworking environments of various domestic industrial control networks. Also, we analyze the security of firewalls, industrial firewalls, network connection equipment, and one-way transmission systems. Through a domestic case and policy comparison, it is confirmed that security is improved. In the era of the fourth industrial revolution, the proposed security model can be applied to security management measures for various industrial control fields, such as smart factories, smart cars, and smart plants.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.11
• /
• pp.5487-5495
• /
• 2012

The important issue that applies security key are secure rekeying, processing time and cost reduction. Because of sensor node's limited energy, energy consumption for rekeying affects lifetime of network. Thus it is necessary a secure and efficient security key management method. In this paper, I propose an energy efficient group-based cluster key management (EEGCK) in the large scale sensor networks. EEGCK uses five security key for efficient key management and different polynomial degree using security fitness function of sector, cluster and group is applied for rekeying and security processing. Through both analysis and simulation, I also show that proposed EEGCK is better than previous security management method at point of network energy efficiency.