• Title/Summary/Keyword: Security test

Search Result 1,256, Processing Time 0.026 seconds

A Study of the DEVOPS Test Automation Module for Integrated Development Environment (통합 개발환경에서 데브옵스 기반 테스트 자동화 모듈 개발에 대한 연구)

  • Jung Kwang Lak;Kim Sun Joo
    • Convergence Security Journal
    • /
    • v.22 no.1
    • /
    • pp.3-9
    • /
    • 2022
  • The role of the integrated development environment is very important in software development of a development project. After many developers develop different modules, software product is completed through compile, debugging, integration, testing, and distribution. However, bugs and various issues in the development process cause problems such as quality deterioration of software product and dissatisfaction with requirements. So the need for automated testing to avoid these problems and improve quality has increased. In this study, we propose test automation modules of four perspectives to improve quality throughout the test automation in an integrated development environment. Each automation module operates through the tool chain of an integrated build framework implemented on the devops.

A Study oil the Next-bit Test (Next-bit 검정 방법 분석)

  • 강주성;박상우;박춘식
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 1998.12a
    • /
    • pp.345-353
    • /
    • 1998
  • 본 논문에서는 next-bit 검정의 이론적 배경을 고찰하고, 실제적인 검정법으로 구현된 검정방법에 대하여 조사 분석한다. Next-bit 검정 이론은 Schrift와 Shamir가 제시한 다양한 검정방법을 중심으로 소개한다. 그리고 구현된 통계적 검정 방법은 ACISP'96에서 발표된 검정법과 CISC'97에서 제안된 검정법을 비교 분석한다.

  • PDF

Development and Evaluation of Physical Fitness Program for Special Security Guards in Nuclear Power Plant (원자력발전소 특수경비원을 위한 체력훈련 프로그램의 개발 및 효과검증)

  • Jeong, Ho-won;Lee, Suk-ho
    • Korean Security Journal
    • /
    • no.62
    • /
    • pp.87-111
    • /
    • 2020
  • Special security guards working at nuclear power plants, one of the country's major facilities, serve as human protection to safeguard from threats to nuclear facilities and nuclear materials. The purpose of this study was to develop a physical fitness program for fitness management that is essential for the completion of missions of special guards. This program was designed to prepare the physical fitness test proposed by Jeong et al. (2019). Researchers conducted literature analysis, research meetings, expert meetings and pretests, and developed a 90-minute physical fitness program for 6 weeks, 3 times a week. In order to verify the effectiveness of the developed physical fitness program, the experiment was conducted on 29 subjects(control group: 15, exercise group:14). Specifically, a six-week physical fitness program was conducted for exercise groups, and the fitness test for a special security guard was conducted for all subjects before and after the experiment. As a result, it was found that the physical fitness program was effective in improving the performance of 20m shuttle run, leg tuck, 20m sprint & carry, and medicine ball back throw. Until recently, problems of neglecting fitness management of security guards have been pointed out. It is expected that the physical fitness program proposed by this study will be a practical alternative for security guards' fitness management.

The Study on the Development of the HD(High Definition) Level Triple Streaming Hybrid Security Camera (HD급 트리플 스트리밍 하이브리드 보안 카메라 개발에 관한 연구)

  • Lee, JaeHee;Cho, TaeKyung;Seo, ChangJin
    • The Transactions of the Korean Institute of Electrical Engineers P
    • /
    • v.66 no.4
    • /
    • pp.252-257
    • /
    • 2017
  • In this paper for developing and implementing the HD level triple streaming hybrid security camera which output the three type of video outputs(HD-SDI, EX-SDI, Analog). We design the hardware and program the firmware supporting the main and sub functions. We use MN34229PL as image sensor, EN778, EN331 as image processor, KA909A as reset, iris, day&night function part, A3901SEJTR-T as zoom/focus control part. We request the performance test of developed security camera at the broadcasting and communication fusion testing department of TTA (Telecommunication Technology Association). We can get the three outputs (HD-SDI, EX-SDI, Analog) from the developed security camera, get the world best level at the jitter and eye pattern amplitude value and exceed the world best level at the signal/noise ratio, and minium illumination, power consumption part. The HD level triple streaming hybrid security camera in this paper will be widely used at the security camera because of the better performance and function.

The Security Problem Analysis for Reversibility of Transformed Biometric Information Data on Eigenvector-based face Authentication (특성 벡터를 이용한 얼굴 인증 시스템에서 변환된 생체 정보 데이터의 가역성에 대한 보안 문제 분석)

  • Kim, Koon-Soon;Kang, Jeon-Il;Nyang, Dae-Hun;Lee, Kyung-Hee
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.3
    • /
    • pp.51-59
    • /
    • 2008
  • The biometrics has been researched as a means for authenticating user's identity. Among the biometrics schemes for face recognition, the eigenvector-based schemes, which use eigenvector made from training data for transforming test data to abstracted data, are widely adopted. From those schemes, however, it is hard to expect cancelable feature, which is a general concept for security in the biometrics. In this paper, we point out the security problem that is the recovery of valuable face information from the abstracted face data and consider a possible attack scenario by showing our experiment results.

Impacts of Perceived Security and Knowledge on Continuous Intention to Use Mobile Fintech Payment Services: An Empirical Study in Vietnam

  • NGUYEN, Dat Dinh;NGUYEN, Thanh Duc;NGUYEN, Trung Duc;NGUYEN, Ha Viet
    • The Journal of Asian Finance, Economics and Business
    • /
    • v.8 no.8
    • /
    • pp.287-296
    • /
    • 2021
  • Stepping into the technological boom time, Vietnam has integrated into the trends of using Fintech applications as a new means of payment. This article evaluates the relationship between perceived security (including service security and platform security), knowledge, confirmation, perceived usefulness, satisfaction, attitude and lastly enterprise's images regarding the service and continuous intention to use Fintech services. The survey results of 352 Vietnamese customers using Fintech services, reliability test and extended post-acceptance model (EPAM) which is based on PAM and ECT models. From the survey, we further found out that perceived security (BSS) has no direct impact on continued intention to use, while perceived security (BSS) has positive impact on confirmation (CON), similarly, perceived usefulness (PU) and user's satisfaction (SES). Knowledge of the Mobile Fintech payment service (KNOW) has a positive impact on perceived security (BSS). Confirmation (CON) has a positive influence on perceived usefulness but in the meanwhile it has created a negative impact on user's satisfaction (SES). From the survey it can also tell that user's attitude (ATT) and enterprise image (IMG) both have a positive impact on continual intention to use Fintech services. From the research results, we also propose some recommendation to enhance the continual intention to use Fintech services in Vietnam.

The intruder traceback mechanism based on active networks (액티브 네트워크 기반 침입자 역추적 메커니즘)

  • Lee Young-seok
    • Journal of Internet Computing and Services
    • /
    • v.6 no.1
    • /
    • pp.1-12
    • /
    • 2005
  • Recently, the patterns of cyber attack through internet have been various and have become more complicated and thus it is difficult to detect a network intruder effectively and to response the intrusion quickly. Therefore, It is almost not possible to chase the real location of a network intruder and to isolate the Intruder from network in UDP based DoS or DDoS attacks spoofing source IP address and in TCP based detour connection attacks. In this paper, we propose active security architecture on active network to correspond to various cyber attacks promptly. Security management framework is designed using active technology, and security control mechanism to chase and isolate a network intruder is implemented. We also test the operation of the active security mechanism implemented on test_bed according to several attack scenarios and analyze the experiment results.

  • PDF

Specification-based Intrusion Detection System for the Initial Authentication Phase of WiBro (와이브로의 초기인증에 적합한 명세기반의 침입탐지시스템)

  • Lee, Yun-Ho;Lee, Soo-Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.2
    • /
    • pp.23-32
    • /
    • 2010
  • WiBro(Wireless Broadband), the service based on IEEE 802.16e(mobile WiMAX) standard, is a wireless broadband Internet technology being developed by the domestic telecommunication industry. In this paper, we analyze security vulnerabilities of WiBro focusing on initial authentication phase and propose a specification-based intrusion detection system that can detect those vulnerabilities. We first derive a specification from the normally operational process of the initial authentication based on PKMv2 EAP-AKA and formalize the derived specification as a state transition diagram. Proposed system executes the intrusion detection based on those specification and state transition diagram. In this paper, to verify the detection capability of proposed system, we construct a test bed network and execute scenario-based test.

The Analysis of KASS Operational Mitigation Methods and Continuity Cases Based on ICAO Standards (ICAO 표준 기반 KASS 운영 상 완화조치 및 연속성 사례 분석)

  • Yun-Jung Choi;Dong-Hwan Bae;Hyo-Jung Yoon;Donghwan Yoon
    • Journal of Positioning, Navigation, and Timing
    • /
    • v.13 no.2
    • /
    • pp.131-136
    • /
    • 2024
  • This paper deal with a method for calculating the continuity of Korea Augmentation Satellite System (KASS), which was completed in Korea in December 2023, and a plan to respond in the event that a continuity hazard situation occurs during operation. For this purpose, the International Civil Aviation Organization (ICAO) Satellite Based Augmentation System (SBAS) continuity standards, Wide Area Augmentation System (WAAS), and European Geostationary Navigation Overlay Service (EGNOS) continuity cases are examined in this paper. According to the measures recommended by the ICAO, when the number of continuity risks exceeds a certain level and the level drops drastically, various mitigation operations by country are implemented. Through this, if KASS does not meet ICAO continuity standards in the future, such measures can be referred to. In addition, this paper computes the short-term KASS continuity during the test broadcast period. Although continuity does not meet the ICAO standards, although this test period is too short, further meaningful analysis in the future is required. Additionally, this paper carried out an analysis of the timing and period to systematically calculate the meaningful value of continuity.

A study on effects of implementing information security governance by information security committee activities (정보보호 위원회 활동에 따른 정보보호 거버넌스 구현 효과에 관한 연구)

  • Kim, Kunwoo;Kim, Jungduk
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.4
    • /
    • pp.915-920
    • /
    • 2015
  • The commitment of top management is still insufficient for information security even the core of information security governance is dependent on the leadership of top management. In this situation, information security committee can be a good way to vitalize the commitment of top management and its activities are essential for implementing information security governance. The purpose of this study is to test that information security committee affects implementing information security governance and security effect. For a empirical analysis, questionnaire survey was conducted and the PLS(Partial Least Square) was used to analyze the measurement and structural model. The study result shows that a hypothesis related value delivery is not accepted and it is required to study various methods about how the information security provides positive value to business.