• The KIPS Transactions:PartC
• /
• v.10C no.4
• /
• pp.405-412
• /
• 2003

As the XML is approved standard language by the UN, the progress which complemented the XML security has being processed rapidly. In this paper, we design and implement the "XML-Signcryption" as a security mechanism to protect the XML document that can operate between other platforms. The signature and encryption which is the standard specification in W3C needs to be able to proceed them separately. Generally the signature and encryption require four times modular exponential operation, however the signcryption only needed three times modular exponential operation. This will benefit overall system effectiveness in terms of cost. And this scheme offers to convenient the user, because the signature and encryption implement as a single XML format. This tool can save the parsing time as a number of tags is few within a document. And also, in this paper, based on a research of Web Services security, we can apply XML-Signcryption to the SOAP message to provide the security services. Based on the XML-Signcryption scheme which provides confidentiality, integrity, authentication and non-repudiation to the XML document and Web Service security simultaneously.

• Korean Security Journal
• /
• no.4
• /
• pp.319-341
• /
• 2001

Most of protecting security activity is carried out by manpower partly by security equipment. The protecting security market and the area of protecting security activity is increasing in spite of change of economic and social environment situation. For more effective protecting security activity, the coordination of electronic equipment and manpower is required. So some application method is suggested throughout the thesis, which is especially focused on new approaching method. The integration of intrusion detecting system, C.C.TV system and Access control system is introduced for general application in chapter III, and some application systems are proposed for protecting security activity in chapter IV. But the security equipment is only aid for manpower, so manpower and equipment should be coordinated well.

• Journal of the Society of Disaster Information
• /
• v.4 no.1
• /
• pp.70-83
• /
• 2008

The basic legislations regulating the private security in Korea are Private Security Business Act and Private Policeman Act. But this dualistic system of private security causes difficulties in unity and efficiency of private security operation and makes it complicated to supervise each personnel with effect. Besides despite similar service and duty, there is all the difference between private security guard and private policeman in regard of social position, pay, authority, and so on. Therefore it is suggested that the two Acts should be unified and the united private security act should be enacted. Legislating new private security act will lead to considering the detail legislative definition on qualification of personnels and business range.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.61 no.5
• /
• pp.664-668
• /
• 2012

This paper presents the operation strategy of KEPCO(Korea Electric Power COporation) ${\pm}80kV$ 60MW Bipole HVDC system that will be applied between Guemak C/S(converter station) and Hanlim C/S in Jeju island. Unlike intertie HVDC system, this system is located in AC power grid inside. Therefore, the enhancement of system security related with line flow and bus voltages can be major operation strategy. In this paper, in particular, the optimal operation algorithm in the abnormal(not steady state) power system is presented and simulated.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.2
• /
• pp.457-476
• /
• 2011

This paper presents an improved XOR-based Data Hiding Scheme (XDHS) to hide a halftone image in more than two halftone stego images. The hamming weight and hamming distance is a very important parameter affecting the quality of a halftone image. For this reason, we proposed a method that involves minimizing the hamming weights and hamming distances between the stego image and cover image in $2{\times}2$-pixel grids. Moreover, our XDHS adopts a block-wise operation to improve the quality of a halftone image and stego images. Furthermore, our scheme improves security by using a block-wise operation with A-patterns and B-patterns. Our XDHS method achieves a high quality with good security compared to the prior arts. An experiment verified the superiority of our XDHS compared with previous methods.

• Journal of Information Technology Services
• /
• v.19 no.5
• /
• pp.33-47
• /
• 2020

In recent years, due to the demand for operating efficiency and cost reduction of industrial facilities, remote access via the Internet is expanding. the control network accelerates from network separation to network connection due to the development of IIoT (Industrial Internet of Things) technology. Transition of control network is a new opportunity, but concerns about cybersecurity are also growing. Therefore, manufacturers must reflect security compliance and standards in consideration of the Internet connection environment, and enterprises must newly recognize the connection area of the control network as a security management target. In this study, the core target of the control system security threat is defined as the network boundary, and issues regarding the security architecture configuration for the boundary and the role & responsibility of the working organization are covered. Enterprises do not integrate the design organization with the operation organization after go-live, and are not consistently reflecting security considerations from design to operation. At this point, the expansion of the control network is a big transition that calls for the establishment of a responsible organization and reinforcement of the role of the network boundary area where there is a concern about lack of management. Thus, through the organization of the facility network and the analysis of the roles between each organization, an static perspective and difference in perception were derived. In addition, standards and guidelines required for reinforcing network boundary security were studied to address essential operational standards that required the Internet connection of the control network. This study will help establish a network boundary management system that should be considered at the enterprise level in the future.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.4
• /
• pp.699-707
• /
• 2023

DevSecOps is a concept that adds security procedures to the operational procedures of DevOps to respond to the short development and operation cycle. Multi-step vulnerability scanning process should be considered to provide reliable security while supporting rapid development and deployment cycle in DevSecOps. Many open-source vulnerability scanning tools available can be used for each stage of scanning, but there are difficulties in evaluating the security level and identifying the importance of information in integrated operation due to the various functions supported by the tools and different security results. This paper proposes an integrated security metric design plan for scurity results and the combination of open-source scanning tools that can be used in security stage when building the open-source based DevSecOps system.

• Proceedings of the KIEE Conference
• /
• 1998.07c
• /
• pp.1173-1175
• /
• 1998

This paper presented the development plan of voltage security on-line monitoring system (VSECOMs). VSECOMs consists of voltage security monitoring system and data management system. VSECOMs has the function of bus voltage watch. voltage stability analysis, and voltage security assessment. EMS data on-line acquisition, PSS/E file conversion, and overall data management. VSECOMs is designed with client/server structure. We will seek stable operation of KEPCO's power system by installation of VSECOMs in EMS of KEPCO.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.6
• /
• pp.2861-2880
• /
• 2018

Mobile Ad hoc Networks (MANETs) have become a viable platform owing to their potential of providing communication without any pre-existing infrastructure and central administrating authority. Mutual support and co-operation among nodes are prerequisites for performing functions in such networks. The scarcity of resources makes it economical for nodes to conserve their resources and misbehave by avoiding participation in the network. Therefore, a mechanism is required to detect and handle such misbehaving nodes and promote co-operation in the network. Existing techniques for handling misbehaving nodes focus only on their current behaviour without considering the antecedent behaviour of nodes. In real world, a node may dynamically change its behaviour in accordance to its requirements. Hence, an efficient mechanism is required for providing security against such misbehaviour. This paper proposes an Adaptive Security Model which contemplates the present as well as anterior behaviour of nodes for providing security against dynamic node behaviour. The adaptivity of the model is nested in its ability to requite well-behaving nodes and penalize misbehaving ones in conformity with their overall behaviour. Simulation results indicate the efficiency of proposed scheme in securing the network from the menace of dynamic behaviour of nodes.

• Journal of applied mathematics & informatics
• /
• v.31 no.3_4
• /
• pp.425-441
• /
• 2013

In literature, several strong designated verifier signature (SDVS) schemes have been devised using elliptic curve bilinear pairing and map-topoint (MTP) hash function. The bilinear pairing requires a super-singular elliptic curve group having large number of elements and the relative computation cost of it is approximately two to three times higher than that of elliptic curve point multiplication, which indicates that bilinear pairing is an expensive operation. Moreover, the MTP function, which maps a user identity into an elliptic curve point, is more expensive than an elliptic curve scalar point multiplication. Hence, the SDVS schemes from bilinear pairing and MTP hash function are not efficient in real environments. Thus, a cost-efficient SDVS scheme using elliptic curve cryptography with pairingfree operation is proposed in this paper that instead of MTP hash function uses a general cryptographic hash function. The security analysis shows that our scheme is secure in the random oracle model with the hardness assumption of CDH problem. In addition, the formal security validation of the proposed scheme is done using AVISPA tool (Automated Validation of Internet Security Protocols and Applications) that demonstrated that our scheme is unforgeable against passive and active attacks. Our scheme also satisfies the different properties of an SDVS scheme including strongness, source hiding, non-transferability and unforgeability. The comparison of our scheme with others are given, which shows that it outperforms in terms of security, computation cost and bandwidth requirement.