• Title/Summary/Keyword: information security system

Search Result 6,599, Processing Time 0.04 seconds

Privacy and Security Model for RFID Healthcare System in Wireless Communication Network (무선센서네트워크 환경하에서 RFID 헬스 시스템을 위한 보안 모델)

  • Kim, Jung-Tae
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.16 no.6
    • /
    • pp.1223-1228
    • /
    • 2012
  • The use of a mobile agent in hospital environment offers an opportunity to deliver better services for patients and staffs. Furthermore, medical errors will be reduced because M-health system helps to verify the medical process. Optimized security protocols and mechanisms are employed for the high performance and security. Finally, a challenge in the near future will be converge the integration of Ubiquitous Sensor Network (USN) with security protocols for applying the hospital environment. We proposed secure authentication and protocol with Mobile Agent for ubiquitous sensor network under healthcare system surroundings.

The Industrial Security along with the International Transfer of Technology (국제기술이전계약에서의 산업보안에 관한 연구)

  • SEO, Jung-Doo
    • THE INTERNATIONAL COMMERCE & LAW REVIEW
    • /
    • v.76
    • /
    • pp.1-20
    • /
    • 2017
  • The industrial technology (including trade secrets), which is commonly understood as systematic and applied technical knowledge, can be transferred to third parties by contracting for the transfer of technology or by granting of a licence. The activity of industrial espionage, due to the gradual increase of the economic interests of intellectual property, is displaying intensively in order to gain advanced technology information. With our outstanding high technology, but compared to the level of the advanced countries, the technical protection systems, the legal protection measures and the systematic management thereof may still be insufficient. Our industrial technology outflow abroad, due to the vulnerability to the security control system in our country, has been increasing since the 2000. Computer software and SNS, such as smart devices, appear as a rapid change in the technical information environment. In order to minimize the dead zone of a new industrial security, the country's organic activity is being conducted. In 2006, Industrial Technology Outflow Prevention and Protection Law was enacted, which emphasized the responsibilities of the country. In this paper for the economic entity's efforts to prevent technology leakage oversea, I have looked to how the industrial technology can be protected in terms of national security and economic benefits of our enterprises. To solve the above-mentioned problems hereof, Korean government should willingly establish a reliable legal system for supporting to enterprise's operations, and Korean companies should autonomously introduce a synthetic technology protection system and incorporate the confidentiality clauses in an international transfer of technology agreement with third parties.

  • PDF

A Comprehensive Analyses of Intrusion Detection System for IoT Environment

  • Sicato, Jose Costa Sapalo;Singh, Sushil Kumar;Rathore, Shailendra;Park, Jong Hyuk
    • Journal of Information Processing Systems
    • /
    • v.16 no.4
    • /
    • pp.975-990
    • /
    • 2020
  • Nowadays, the Internet of Things (IoT) network, is increasingly becoming a ubiquitous connectivity between different advanced applications such as smart cities, smart homes, smart grids, and many others. The emerging network of smart devices and objects enables people to make smart decisions through machine to machine (M2M) communication. Most real-world security and IoT-related challenges are vulnerable to various attacks that pose numerous security and privacy challenges. Therefore, IoT offers efficient and effective solutions. intrusion detection system (IDS) is a solution to address security and privacy challenges with detecting different IoT attacks. To develop an attack detection and a stable network, this paper's main objective is to provide a comprehensive overview of existing intrusion detections system for IoT environment, cyber-security threats challenges, and transparent problems and concerns are analyzed and discussed. In this paper, we propose software-defined IDS based distributed cloud architecture, that provides a secure IoT environment. Experimental evaluation of proposed architecture shows that it has better detection and accuracy than traditional methods.

A Measures to Converge Manage an Efficient Information Security Management System for Information Security Experts Manpower (정보보호 인력양성을 위한 효율적인 정보보호관리체계의 융합 관리 방안)

  • Lee, Keun-Ho
    • Journal of the Korea Convergence Society
    • /
    • v.5 no.4
    • /
    • pp.81-86
    • /
    • 2014
  • The development in IT technology has brought about various services that are on offer based on a new service model. But such new services have increased security risks. The government is operating a program to foster experts in information security to protect assets from the threat of such risks, too. Society's awareness on the importance of information security has also grown, leading to various courses to train such personnel, including membership clubs for the fostering of such specialists. This study seeks to suggest a method that efficiently manages the convergence of running a curriculum on ISMS(information security management systems) and a club that focuses on information protection. Such converged information security courses are expected to contribute to a safer IT-based society.

Development of Skills Framework for Information Security Workforce (정보보호 분야 직무체계 개발)

  • Jun, Hyo-Jung;Kim, Tae-Sung;Yoo, Jin-Ho;Gee, Sang-Ho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.19 no.3
    • /
    • pp.143-152
    • /
    • 2009
  • Successful industries that have maintained their competitiveness are characterized by well-established skills framework system. Skills framework establishes the agreed-upon, industry-identified knowledge, skills and abilities required to succeed in the workplace. Skills framework forms a solid foundation for the development of outcomes-based instruction and assessment, thus it benefits industry, students, educators and government. Each group has a major stake in the education of our students and in the efficient development of a productive workforce. Particularly in fast-changing fields like information security, relevant data that accurately reflect current and future knowledge and skills enable timely direction of resources, development and revision of industry-relevant curriculum, and efficient development of career information and job profiles. Skills framework occupies an indispensable position in any dialog concerning education or training in technical fields. In this study, we develop the skills framework for information security professionals.

Analysis of Domestic Security Solution Market Trend using Big Data (빅데이터를 활용한 국내 보안솔루션 시장 동향 분석)

  • Park, Sangcheon;Park, Dongsoo
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.20 no.5
    • /
    • pp.492-501
    • /
    • 2019
  • To use the system safely in cyberspace, you need to use a security solution that is appropriate for your situation. In order to strengthen cyber security, it is necessary to accurately understand the flow of security from past to present and to prepare for various future threats. In this study, information security words of security/hacking news of Naver News which is reliable by using text mining were collected and analyzed. First, we checked the number of security news articles for the past seven years and analyzed the trends. Second, after confirming the security/hacking word rankings, we identified major concerns each year. Third, we analyzed the word of each security solution to see which security group is interested. Fourth, after separating the title and the body of the security news, security related words were extracted and analyzed. The fifth confirms trends and trends by detailed security solutions. Lastly, annual revenue and security word frequencies were analyzed. Through this big data news analysis, we will conduct an overall awareness survey on security solutions and analyze many unstructured data to analyze current market trends and provide information that can predict the future.

A Study on Roles of CERT and ISAC for enhancing the Security of Smart Mobile Office (스마트 모바일 오피스 보안을 위한 CERT와 ISAC의 역할)

  • Lee, Keun-Young;Park, Tae-Hyoung;Lim, Jong-In
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.21 no.5
    • /
    • pp.109-127
    • /
    • 2011
  • Mobile Office is a new type of working method in the workplace that can be used at any time or anywhere by connecting to the network with mobile devices. This allows people to do their jobs without their physical presence in their offices to use computers. The elements in mobile office environment are advancing. They include the widespread distribution of the smart phones, the network enhancing strategy in a ubiquitous environment and expansion of the wireless internet; however, there are not enough security guidelines or policies against these threats on the new environment, the mobile office, although there is the revitalization policy of smart work supported by the government. CERT and ISAC, the known security system as of now, could be used for the secure mobile office, In this paper, suggestions are to be provided for strengthening the security of smart mobile office by analysing the functions of CERT and ISAC.

Research on Personal Information Safety Condition and Improvements in Welfare Center for the Disabled (장애인복지관 개인정보보호 실태와 개선 방안)

  • Kim, Sung-Jin;Kweon, Jae-Sook
    • The Journal of the Korea Contents Association
    • /
    • v.10 no.11
    • /
    • pp.262-274
    • /
    • 2010
  • In Welfare Center for the disabled, under the Government's information acceleration plan, the computer system has been developed starting from work standardization in 2001 but it has been emphasized only on the technical and customer convenience side leaving out preparation for the side effects of them. Therefore this article will seek the necessity of personal information protection, legal basis in the Welfare Center for the disabled. Additionally after analyzing current status for the personal security of Welfare Center for the disabled, establishing an alternative plan for personal security policy's way could be addressed. Increasing education for awareness stress of personal information security, and preparing institutional protection apparatus from applying life cycle of personal information would be an alternative plan for personal information protection for Welfare Center for the disabled. Also frequent monitoring of accessing personal information from the computerized system should be achieved. It is impossible to recover damage caused by leak of personal information although post actions are progressed. From this essay, awareness of personal information protection should be newly revised for both the Social Welfare Organization and the Disabled welfare center, and also technical, institutional strategy's action should be arranged.

Study on Designation of Non-Critical Information Processing System for Financial Company Cloud Computing Activation (금융회사 클라우드 활성화를 위한 비중요정보처리시스템 지정방안 연구)

  • Chang, Myong-do;Kim, In-seok
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.4
    • /
    • pp.889-903
    • /
    • 2018
  • Cloud computing has been activated globally due to the demands of the 4th industrial revolution and the efficient use of IT resources, and domestic usage is also increasing due to legislation and related laws. However, domestic financial companies are subject to various regulations due to the importance of their information and the ripple effects of accidents such as outflows. Only non-critical information processing systems that handle non-critical information are allowed to use cloud computing. Financial companies are required to set specific criteria and judgment to distinguish them. In this paper, we propose a method to enable the financial company cloud computing to be more active by specifying the ambiguous non - essential information processing system designation standard and making it easier to designate.

A Study on Web Security using NC Cipher System (NC 암호시스템을 이용한 웹 보안에 관한 연구)

  • 서장원;전문석
    • Proceedings of the IEEK Conference
    • /
    • 2000.11c
    • /
    • pp.55-58
    • /
    • 2000
  • EC, which is done the virtual space through Web, has weakly like security problem because anybody can easily access to the system due to open network attribute of Web. Therefore, we need the solutions that protect the Web security for safe and useful EC. One of these solutions is the implementation of a strong cipher system. NC(Nonpolynomial Complete) cipher system proposed in this paper is advantage for the Web security and it overcomes the limit of the 64 bits cipher system using 128 bits key length for input, output, encryption key and 16 rounds. Moreover, it is designed for the increase of time complexity by adapted more complex design for key scheduling regarded as one of the important element effected to encryption.

  • PDF