• Title/Summary/Keyword: information security system

Search Result 6,599, Processing Time 0.039 seconds

Design and Implementation of Authentication System for RFID Security (RFID 보안을 위한 인증 시스템의 설계 및 구현)

  • Lee, Ji-Yong;Joo, Hong-Il;Han, Jong-Uk;Ryu, Dae-Hyeon
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • v.9 no.1
    • /
    • pp.328-331
    • /
    • 2005
  • In this paper we review the security and privacy problems in the RFID system and briefly describe the research topics to solve these problem. And, we design and implement the tag authentication system to authenticate tags in the RFID system which is composed of PC, reader and passive type tag with low power 8 bit microprocessor.

  • PDF

Design and Implementation of an Enhanced Secure Android-Based Smartphone using LIDS

  • Lee, Sang Hun
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.8 no.3
    • /
    • pp.49-55
    • /
    • 2012
  • Recently, with the rapid development of android-based smartphones, it is becomes a major security issue that the case of Android platform is an open platform. so it is easy to be a target of mobile virus penetration and hacking. Even there are a variety of security mechanisms to prevent the vulnerable points of the Android platform but the reason of most of the security mechanisms were designed at application-level that highly vulnerable to the attacks directly to the operating system or attacks using the disadvantages of an application's. It is necessary that the complementary of the android platform kernel blocks the kernel vulnerability and the application vulnerability. In this paper, we proposed a secure system using linux-based android kernel applied to LIDS(Linux Intrusion Detection and Defense System) and applied a smart phone with s5pc110 chip. As a result, the unauthorized alteration of the application was prevented with a proposed secure system.

On the Security or a Mobile Payment System Proposed at WISA 2002 (WISA 2002에 제안된 무선 전자 지불 시스템의 안전성)

  • 한대완;이동훈;황상철;류재철
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.13 no.6
    • /
    • pp.113-119
    • /
    • 2003
  • In WISA 2002, Ham et al. proposed a one-way mobile payment system. They claimed that the electronic cash of the system satisfies unforgeability and double spending prevention. In this paper, we point out that their system is not secure as they claimed by showing that the forgery of payment scripts is possible.

Hash-based pattern matching system for detection performance (탐지성능을 향상 위한 해시기반 패턴 매칭 시스템)

  • Kim, Byung-Hoon;Lee, Dong-Hwi;Kim, Kui-Nam
    • Annual Conference of KIPS
    • /
    • 2009.11a
    • /
    • pp.671-672
    • /
    • 2009
  • 네트워크 대역폭과 침입 기술의 발달하는 상황에서 침입탐지 시스템의 패턴 매칭 방식으로는 대용량화된 패킷을 스니핑되는 환경에서 기존의 패턴 매치 방식은 서비스에 따른 순차적인 패턴 매칭 방법으로는 모든 패킷들의 패턴을 분석하는 것에는 한계가 발생하며, 중요한 패킷을 패턴 매칭을 통하여 분석하지 못하여 여러 취약점에 대한 공격이 발생할 수 있는 악성 봇, 정보의 유출이 발생할 수 있다. 본 연구에서는 패턴 매칭 기법을 이용하는 침입탐지 시스템의 패턴 매칭 성능 향상을 위하여 서비스별로의 순차적인 패턴 매칭 방법에서 해시 기반의 패턴 매칭을 이용하여 패턴 매칭의 시간을 단축 시켜 빠른 속도로 탐지 할 수 있는 시스템을 제시하고 검증하고자 한다.

Development of Intrusion Detection System for GOOSE Protocol Based on the Snort (GOOSE 프로토콜 환경에서 Snort 기반의 침입 탐지 시스템 개발)

  • Kim, Hyeong-Dong;Kim, Ki-Hyun;Ha, Jae-Cheol
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.6
    • /
    • pp.1181-1190
    • /
    • 2013
  • The GOOSE(Generic Object Oriented Substation Event) is used as a network protocol to communicate between IEDs(Intelligent Electronic Devices) in international standard IEC 61850 of substation automation system. Nevertheless, the GOOSE protocol is facing many similar threats used in TCP/IP protocol due to ethernet-based operation. In this paper, we develop a IDS(Intrusion Detection System) for secure GOOSE Protocol using open software-based IDS Snort. In this IDS, two security functions for keyword search and DoS attack detection are implemented through improvement of decoding and preprocessing component modules. And we also implement the GOOSE IDS and verify its accuracy using GOOSE packet generation and communication experiment.

Implementation of Secure E-Mail System based on lava (자바기반의 안전한 전자 메일 시스템 구현)

  • 이원구;김성준;이희규;조한진;이재광
    • Journal of Internet Computing and Services
    • /
    • v.2 no.3
    • /
    • pp.51-62
    • /
    • 2001
  • Recently, as computers and networks become popular, distributing information on the Internet is common In our daily life. also, the explosion of the Internet. of wireless digital communication and data exchange on Internet has rapidly changed the way we connect with other people. The e-mail has been commonly used by users as well recognizing It as the standard of manners among users on the Internet. In the past, e-mail has been the primary choice of exchanging Information, but secure mail is gaining popularity abroad and domestically because of their nature of providing security. That is. it has been used a variety of fields such as general mail and e-mail for advertisement. But, As the data transmitted on network can be easily opened or forged with simple operations. most of existing e-mail system don't have any security on the transmitted information. Thus. security mail system need to provide security including message encryption, content Integrity, message origin authentication, and non-repudiation. In this paper, we design implement secure mail system with non-repudiation service and encryption capability to provide services for certification of delivery and certification of content as well as the basic security services. API.

  • PDF

Security Operation Implementation through Big Data Analysis by Using Open Source ELK Stack (오픈소스 ELK Stack 활용 정보보호 빅데이터 분석을 통한 보안관제 구현)

  • Hyun, Jeong-Hoon;Kim, Hyoung-Joong
    • Journal of Digital Contents Society
    • /
    • v.19 no.1
    • /
    • pp.181-191
    • /
    • 2018
  • With the development of IT, hacking crimes are becoming intelligent and refined. In Emergency response, Big data analysis in information security is to derive problems such as abnormal behavior through collecting, storing, analyzing and visualizing whole log including normal log generated from various information protection system. By using the full log data, including data we have been overlooked, we seek to detect and respond to the abnormal signs of the cyber attack from the early stage of the cyber attack. We used open-source ELK Stack technology to analyze big data like unstructured data that occur in information protection system, terminal and server. By using this technology, we can make it possible to build an information security control system that is optimized for the business environment with its own staff and technology. It is not necessary to rely on high-cost data analysis solution, and it is possible to accumulate technologies to defend from cyber attacks by implementing protection control system directly with its own manpower.

A Study of Information Security Maturity Measurement Methodology for Banking System based on Cyber -based Transaction Processing Architecture Diagnosis (사이버거래 처리 구조 진단을 기반으로 한 뱅킹시스템 정보보호 성숙도 측정방법론 연구)

  • Bang, Kee-Chun
    • Journal of Digital Contents Society
    • /
    • v.15 no.1
    • /
    • pp.121-128
    • /
    • 2014
  • SSE-CMM for security engineering, engineering, assurance, risk is divided into three elements of the process maturity assessment model and the level of information security presented. Maturity measurement of privacy, vulnerability diagnosis and risk analysis methodologies is used in practical field for present a comprehensive conclusion. The common cyber services are internet banking, mobile banking, telephone banking and the like. Transaction structure, a kind of cyber-banking system, information security maturity of the existing measurement methodologies for research purposes, vulnerability diagnosis and risk analysis methodologies to be used in practical field present a comprehensive conclusion. To ensure safety and convenience for the user, convenient to deal with cyber environment is the key to the activation of cyber trading. Particularly by measuring the maturity of cyber banking system to ensure the safety of the practice field much effects are expected as a result.

USB security solution using 2 fator authentication (2차 인증방식을 이용한 USB보안 솔루션 (USS Solution))

  • Ko, Sang-Hyun;Han, Seok-Jin;Choi, Yoon-SU;Bae, Jong-Su;Lee, Hyun
    • Annual Conference of KIPS
    • /
    • 2017.11a
    • /
    • pp.267-270
    • /
    • 2017
  • As IT technology developed, storage media also developed. Among them, USB, which is a removable storage medium, is used not only to have several per person but also to work in various companies. Users store valuable and confidential data within USB. As time went on, the need for security increased. In order to solve this security problem, USB has been introduced to allow users to access internal files by inputting ID and password by embedding a security program in USB. However, the method of storing ID and Password inside is low confidentiality and high risk of information leakage. To solve these problems, we propose a 2 factor authentication system using Radius server in addition to login authentication. The proposed system not only improves the authenticity of the device, but also reduces the risk of infringement of personal information when lost. It also encrypts internal files to increase the confidentiality of internal information.

SVM-Based Speaker Verification System for Match-on-Card and Its Hardware Implementation

  • Choi, Woo-Yong;Ahn, Do-Sung;Pan, Sung-Bum;Chung, Kyo-Il;Chung, Yong-Wha;Chung, Sang-Hwa
    • ETRI Journal
    • /
    • v.28 no.3
    • /
    • pp.320-328
    • /
    • 2006
  • Using biometrics to verify a person's identity has several advantages over the present practice of personal identification numbers (PINs) and passwords. To gain maximum security in a verification system using biometrics, the computation of the verification as well as the storing of the biometric pattern has to take place in a smart card. However, there is an open issue of integrating biometrics into a smart card because of its limited resources (processing power and memory space). In this paper, we propose a speaker verification algorithm using a support vector machine (SVM) with a very few features, and implemented it on a 32-bit smart card. The proposed algorithm can reduce the required memory space by a factor of more than 100 and can be executed in real-time. Also, we propose a hardware design for the algorithm on a field-programmable gate array (FPGA)-based platform. Based on the experimental results, our SVM solution can provide superior performance over typical speaker verification solutions. Furthermore, our FPGA-based solution can achieve a speed-up of 50 times over a software-based solution.

  • PDF