• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.04a
• /
• pp.277-279
• /
• 2016

보건의료 산업에서 보건의료제공자와 의료 단체들은 국가와 국가간 환자의 정보를 교환한다. 이 때 교환되는 환자의 정보를 보호하기 위한 수단으로 공개키 기반 구조와 전자 인증서 기술을 사용해야 한다. 하지만 국가마다 전자인증서를 사용하기 위한 인증기관과 등록기관의 정책이 일치하지 않으므로, 여러 나라들과 기관이 신뢰하고 사용할 수 있는 프레임워크가 필요하다. 이러한 프레임워크를 구축하기 위한 국제 표준 문서가 ISO 17090이며, 본 고에서는 ISO 17090에 명시된 인증서 요구사항과 암호화 알고리즘에 대한 개선방안을 제시한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.587-590
• /
• 2017

In this paper, we investigate the current status and problems of information security in government - funded research institutes, where the frequency of cyber - infringement threats is increasing, and emphasize the importance of information security. do. To this end, we will contribute to the establishment of a stable information security infrastructure for government-funded research institutes in the future by identifying problems and proposing improvement measures based on data related to information security such as information security policies, organizations, and budgets of government-funded research institutes.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.4
• /
• pp.29-42
• /
• 2020

SCADA (Supervisory Control and Data Acquisition) systems for remote monitoring, data acquisition and control are applied to major industrial infrastructures including power, water and railroad. Recently, there are many researches on key management scheme for secure communication due to change to the open network environment. These systems are located at far distances and are connected to the main control center through various types of communication methods. Due to the nature of these systems, they are becoming the significant targets of cyber attack. We propose an efficient key management scheme which is established on ID-based cryptosystem without an expensive computation on MTU (Master Terminal Unit), Sub-MTU, and RTU (Remote Terminal Unit). The proposed method is secure and effective in key management among multiple legitimate devices.

• Journal of Urban Science
• /
• v.12 no.2
• /
• pp.31-36
• /
• 2023

Facing the global crisis of climate change, waterfront areas are experiencing a significant increase in property damages and casualties. In light of the climate change era, this paper aims to identify resilience strategies against rising sea levels and associated natural disasters. A comparison and analysis of resilience plans and strategies have been conducted for five waterfront cities. In conclusion, three key points are suggested. Firstly, establishing partnerships locally and globally is an emerging trend to effectively and collaboratively address climate change. Secondly, resilience is a fundamental concept in designing social, built, and cyber infrastructure, requiring attention from stakeholders. Lastly, designing a well-operating system is critical to respond effectively when external shocks or stress occurs.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.12
• /
• pp.1814-1823
• /
• 2016

LVC(live-virtual-constructive) integrated training system is a representative cyber-physical system. Each systems in a LVC system has different time domain, resolution and operation methods. So, it is very important to integrate different middlewares as a common middleware for heterogeneous systems using inter-working GWs. Especially, since the LVC system uses different time, it is necessary to study the method for guaranteeing causality and time synchronization among the events from different systems. In this study, we propose an time synchronization scheme to integrate the virtual and constructive system which use the simulation time of HLA (High Level Architecture)/ RTI (Run Time Infrastructure) into the live system based on the OMG DDS (Data Distribution Service). We propose a precise time synchronization scheme based on HLA time management and clock federate between participants and federates which are the communication objects of DDS and HLA/RTI respectively. In addition, we verified that time is well-synchronized among heterogeneous systems using the suggested scheme by implementing and demonstrating simulation applications on each middleware.

• The Journal of Korean Association of Computer Education
• /
• v.20 no.6
• /
• pp.95-104
• /
• 2017

The damage caused by information spill, forgery, falsification, and deletion by cyber infringement in educational institutions and universities is very large. In this study, we analyzed the types, causes, and problems of cyber infringement in educational administrative institutions and universities. As a result, administrative, physical and technical information protection activities were weak. In this paper, we propose a security enhancement method for each domain by dividing them into Internet zone, network-neutral zone (DMZ: Demilitarized Zone), general server zone, internal server zone (Server Farm), and user zone so that these vulnerabilities can be easily identified, supplemented or security enhanced. In addition, we have proposed a method to apply security information system architecture and information protection technology correctly for educational administration institutions and universities. This study is meaningful not to provide conceptual guidance but to suggest specific action and procedure oriented security management plan.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.531-543
• /
• 2013

The destruction and prejudice of major infrastructure such as energy, broadcast, communication and transportation could result in a threat to individual rights and liberties, as well as social and economic losses. If a traffic signal control facilities have been violated, the lives of the citizens discomfort as well as causing social disruption such as traffic accident. Because the control system is operating as a closed network and you think it is safe, the information protection system has not been built or security patches and anti-virus updates do not work properly. So, cyber attacks by security vulnerabilities are exposed. Therefore, there is a need to identify the characteristics of the system, and develop appropriate countermeasures in order to prevent cyber attacks and prejudices incidents. This paper examines the vulnerabilities of Intelligent Transport Systems and proposes the improvement of security vulnerabilities.

• IEIE Transactions on Smart Processing and Computing
• /
• v.3 no.2
• /
• pp.65-73
• /
• 2014

An overall responding security-centered framework is necessary required for infringement accidents, failures, and cyber threats. On the other hand, the correspondence structures of existing administrative, technical, physical security have weakness in a system responding to complex attacks because each step is performed independently. This study will recognize all internal and external users as a potentially threatening element. To perform connectivity analysis regarding an action, an intelligent convergence security framework and road map is suggested. A suggested convergence security framework was constructed to be independent of an automatic framework, such as the conventional single solution for the priority defense system of APT of the latest attack type, which makes continuous reputational attacks to achieve its goals. This study suggested the next generation convergence security framework to have preemptive responses, possibly against an APT attack, consisting of the following five hierarchical layers: domain security, domain connection, action visibility, action control, and convergence correspondence. In the domain, the connection layer suggests a security instruction and direction in the domains of administrative, physical and technical security. The domain security layer has consistency of status information among the security domain. A visibility layer of an intelligent attack action consists of data gathering, comparison and decision cycle. The action control layer is a layer that controls the visibility action. Finally, the convergence corresponding layer suggests a corresponding system of before and after an APT attack. The administrative security domain had a security design based on organization, rule, process, and paper information. The physical security domain is designed to separate into a control layer and facility according to the threats of the control impossible and control possible. Each domain action executes visible and control steps, and is designed to have flexibility regarding security environmental changes. In this study, the framework to address an APT attack and load map will be used as an infrastructure corresponding to the next generation security.

• The Journal of Korean Association of Computer Education
• /
• v.10 no.6
• /
• pp.79-89
• /
• 2007

The advent of e-Learning paradigm requires a various type of e-Learning models and systems which are appropriate to support effective teaching-learning process. Accordingly, the teaching-learning system using the Internet and the intelligent tutoring system(ITS) in e-Learning environment has attracted a fair amount of critical attention. However there is a wide gap between infrastructure of a present educational site and the u-learning environment. Therefore, in this paper, an ITS teaching-learning model is proposed and system is developed for a school environment, which is based on a learner's cognitive structure and applies a concept of u-Learning, and then is verified for validity. X-Neuronet, the developed system, offers a method of representing a learner's cognitive structure so as to apply the method for the efficient individualized learning.

• Convergence Security Journal
• /
• v.13 no.6
• /
• pp.51-59
• /
• 2013

Cyberspace, based on the dramatic development of information and communications technology, has brought enormous benefits to mankind. However, concerns over cyber terrorism and cyber attack are becoming serious. It is time to expand the global dialogue on international security issues in cyberspace. It is imperative to have a common understanding that cyberspace, the infrastructure for prosperity, should not be utilized as a space to create conflicts among states, and that all states agree to build confidence and peace in cyberspace. For this purpose, there are 3 tracks of international cooperations: 1)international cooperation such as UN and Conference on Cyberspace, 2)regional cooperations such as ARF and OSCE. 3)bilateral cooperations such US-Russia Cybersecurity Agreement, US-China presidential level dialogue. This paper will analyze the 1st track of international cooperations of UN and Conference on Cyberspace. With this, Korean government can prepare the forthcoming GGE activities and make our own strategy to deal with the global norms of good behaviour in cyberspace.