• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.2
• /
• pp.405-414
• /
• 2017

In this study, a survey for a satisfaction evaluation of the Test Report Information Service (TRIS) was conducted. A survey questionnaire on modified Information System Success Model(ISSM) of Delone and Mclean was carried out by 183 users in three groups, such as munition quality assurance agency, munition corporation, and test institute. As a survey result, training on the TRIS was in strong demand in all three groups. An understanding and proficiency of the overall system were different from the work process of each user group. In addition, the munition quality assurance agency needs to enhance the system function with its characteristics. Test institute has necessity of the linkage method with the TRIS depending on the authentication system. User groups are different in the operational method of TRIS between the contractor and cooperation. Accordingly, cooperation needs to be educated continually. This study can help in the construction of a Military Quality Integration Information System to secure the reliability of munitions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1243-1257
• /
• 2019

With the emergence of the IoT environment, various smart devices provide consumers with the convenience and various services. However, as security threats such as invasion of privacy have been reported, the importance of security issues in the IoT environment has emerged, and in particular, the security problem of key management has been discussed, and the PUF has been discussed as a countermeasure. In relation to the key management problem, a protocol using MIPUF has been proposed for the security problem of the group key management system. The system can be applied to lightweight IoT environments and the safety of the PUF ensures the safety of the entire system. However, in some processes, it shows vulnerabilities in terms of safety and efficiency of operation. This paper improves the existing protocol by adding authentication for members, ensuring data independence, reducing unnecessary operations, and increasing the efficiency of database searches. Safety analysis is performed for a specific attack and efficiency analysis results are presented by comparing the computational quantities. Through this, this paper shows that the reliability of data can be improved and our proposed method is lighter than existing protocol.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.187-196
• /
• 2020

In order to manage information security risk, various information security level evaluation and information security management system certification have been conducted on a larger scale than ever. However, there are continuous cases of infringement of information protection for companies with excellent information security evaluation and companies with excellent information security management system certification. The existing information security risk management methodology identifies and analyzes risks by identifying information assets inside the information system. Existing information security risk management methodology lacks a review of where cyber threats come from and whether security devices are properly operated for each route. In order to improve the current risk management plan, it is necessary to look at where cyber threats come from and improve the containment level for each inflow section to absolutely reduce unnecessary cyber threats. In addition, it is essential to measure and improve the appropriate configuration and operational level of security equipment that is currently overlooked in the risk management methodology. It is necessary to block and enter cyber threats as much as possible, and to detect and respond to cyber threats that inevitably pass through open niches and use security devices. Therefore, this paper proposes additional evaluation items for evaluating the containment level against cyber threats in the ISMS-P authentication items and vulnerability analysis and evaluation items for major information and communication infrastructures, and evaluates the level of security equipment configuration for each inflow.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.21 no.2
• /
• pp.15-26
• /
• 2021

Recently, as the introduction of cloud, mobile, and IoT has become active, there is a growing need for technology development that can supplement the limitations of traditional security solutions based on fixed perimeters such as firewalls and Network Access Control (NAC). In response to this, SDP (Software Defined Perimeter) has recently emerged as a new base technology. Unlike existing security technologies, SDP can sets security boundaries (install Gateway S/W) regardless of the location of the protected resources (servers, IoT gateways, etc.) and neutralize most of the network-based hacking attacks that are becoming increasingly sofiscated. In particular, SDP is regarded as a security technology suitable for the cloud and IoT fields. In this study, a new access control system was proposed by combining SDP and hash tree-based large-scale data high-speed signature technology. Through the process authentication function using large-scale data high-speed signature technology, it prevents the threat of unknown malware intruding into the endpoint in advance, and implements a kernel-level security technology that makes it impossible for user-level attacks during the backup and recovery of major data. As a result, endpoint security, which is a weak part of SDP, has been strengthened. The proposed system was developed as a prototype, and the performance test was completed through a test of an authorized testing agency (TTA V&V Test). The SDP-based access control solution is a technology with high potential that can be used in smart car security.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.12C
• /
• pp.1258-1267
• /
• 2003

As the need for stable and high speed wireless Internet service Brows, the wireless LAN service provider hurries to preempt wireless LAN service market. IAPP(InterAccess Point protocol) is defined to be able to provide a secure handoff mechanism of wireless LAN terminal information between AP(Access Point)s, and the related IEEE standard is IEEE 802.11f. For the secure handoff of wireless LAN terminal, it is necessary to transfer terminal's authentication & accounting information securely from old AP to new AP IEEE 802.11f recommends RADIUS server as IAPP server which authenticates AP and provides information for secure channel between APs. This paper proposes IAPP server using Diameter protocol to overcome the limit of RADIUS sewer, and describes about the interaction between server components and integration method with the current IAPP client system.

• The KIPS Transactions:PartC
• /
• v.10C no.5
• /
• pp.565-574
• /
• 2003

This paper implements an intrusion detection message exchange protocol library (IDMEPL) for SDMS-RTIR, which Korea Information Security Agency (KISA) has developed to hierarchically detect and respond to network vulnerability scan attacks. The IDMEPL, based on the IDMEF and the IAP of the IDWG, enables SDMS-RTIR to interact with other intrusion detection systems (IDS) in realtime, and supports the TLS protocol to prevent security threats in exchanging messages between its server and its agents. Especially, with the protocol selection stage, the IDMEPL can support various protocols such as the IDXP besides the IAP. Furthermore, it can allow for agents to choose an appropriate security protocol for their own network, achieving security stronger than mutual authentication. With the IDMEPL, SDMS-RTIR can receive massive intrusion detection messages from heterogeneous IDSes in large-scale networks and analyze them.

• Journal of Digital Contents Society
• /
• v.12 no.2
• /
• pp.165-176
• /
• 2011

Recently, digital rights management (DRM) related researches are widely spreading with prosperity of IT industries. The DRM technology protects proprietor of copyright by preventing mischanneling and illegal copy. In this paper, we propose a new DRM model that has an enhanced and efficient protocol based on certificate using smart card. The proposed model overcomes weaknesses of WCDRM model and has following additional advantages: first, copy protection is enhanced by hiding user's specific information from attacker by storing the information within smart card; second, server load for contents encryption is reduced by making clear protocols among author, distributer, certificate authority, and users; third, offline user authentication is guaranteed by combining partial secret values in media players and smart card. Exposure of core information also is minimized by storing them in smart card. In addition, we show that the proposed system is more secure than WCDRM model by comparing various factors of anonymous attackers.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.467-477
• /
• 2013

The cloud computing has propagated rapidly and thus there is growing interest on the introduction of cloud services in the public institution. Accordingly, domestic public institution are adoption of cloud computing impose and devise a plan. In addition, more specifically, is building a cloud computing system in the public institution. However, solutions to various security threats(e.g., availability invasion of storage, access by unauthorized attacker, data downloaded from uncertain identifier, decrease the reliability of cloud data centers and so on) is required. For the introduction and revitalize of cloud services in the public institution. Therefore, in this paper, we propose a public key based secure data management scheme for the cloud data centers in public institution. Thus, the use of cloud computing in the public institutions, the only authorized users have access to the data center. And setting for importance and level of difficulty of public data management enables by systematic, secure, and efficient. Thus, cloud services for public institution to improve the overall security and convenience.

• 한국디지털정책학회:학술대회논문집
• /
• 2005.06a
• /
• pp.107-143
• /
• 2005

Mobile service that geography, position by development of space Information Technology and technology of communications, space are various to us now becoming limelight as point contents and infra information that customers do demand based on radio superhigh speed authentication net on highly information society by offer infringement problem about individual's privacy or information by political and scientific interest be injured. Purpose of this study grasps use factor of LBS application Mobile service, and it is that analyze actual proof through questionnaire to grasp whether some relation is with value and action determination that is felt of LBS application Mobile service. Distributed all question of 190 copies but disk floret inclination did valid data 171 that clear question and omission remove a lot of questions by type of study among questionnaire of collected 182 wealths. Analyzed factor analysis and authoritativeness to search validity and confidence of questionnaire and used single regression analysis and multiple regression analysis for hypothetical verification. According to verification result, Mobile service that apply position base service usefulness and system quality, adaptedness of Mobile service that apply position base service by leading person affecting in use, acted for connection healthy and felt value is important factor immediately. Usability and social effect, felt expense, privacy did not appear by leading person that keep in mind in this study. Is been related with step that Mobile service that apply position base service is placed. That is, as present childhood, a person who have experience that use service to look for friend is few and usability fairly in last in wide application boundary and this very important person was removed finally in model. This study has sense in terms of study systematically about LBS application service use leading person that is getting into the spotlight worldwide among Mobile service that is injured newly.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.53 no.8
• /
• pp.28-36
• /
• 2016

ID federation provides users various benefits such as employing multiple services with only single authentication and mitigating management burden of service providers that individually preserve account information of users. To keep up with this international trend, efforts for making the domestic ID federation is ongoing to provide users in the domestic research and education community seamless network connectivity and to support tetherless extension of research environment. In this paper, we analyze the foreign ID federation policies and compare them as a underlying work for making the domestic ID federation. Besides, we suggest some contents that should be included in the domestic ID federation policy. To activate the coming domestic ID federation, we need to first have a well-made federation policy. Then, we need to aggressively promote the domestic ID federation, develop various and fascinating services, and build a convenient support system for technology and service.