• Journal of information and communication convergence engineering
• /
• v.6 no.3
• /
• pp.348-352
• /
• 2008

In distributed computing paradigm, mobile surrogate systems migrates from on host in a network to another. However, Mobile surrogate system have not gained wide acceptance because of security concerns that have not been suitably addressed yet. In this paper, we propose a security framework based on Grid Proxy Gateway for mobile Grid service. The current Grid Security Infrastructure is extended to mobile computing environments. The surrogate host system designed for mobile Personal Digital Assistant (PDA) users can access the certified host and get his proxy credential to launch remote job submission securely.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.05a
• /
• pp.467-470
• /
• 2011

최근 7.7 DDoS 사건과 해킹 사건 등으로 국가기관의 정보보호에 관한 중요성이 대두되고 있고, 정보보호 관련 법률이 국회에서 논의되고 있다. 하지만 국회사무처의 정보보호컨설팅 결과 61.2점으로 매우 낮게 평가 되었으며, H/W, S/W분야의 평가에서도 보안성이 취약한 것으로 나타났다. 본 논문은 입법지원 기관인 국회사무처의 인터넷 네트워크와 사용 시스템 등에 대한 관리적, 기술적, 물리적 보안 요소에 대한 현황을 기밀성, 가용성, 무결성 등의 보안기준에 따라 파악하고, 이를 분석한다. 그리고 입법지원 기관이 갖추어야 할 인터넷 네트워크와 사용 시스템 등에 대한 보안 강화를 위한 설계를 연구한다. 본 연구를 통해 입법지원기관의 보안 현황을 분석하고, 사회적인 책임기관으로서 역할과 보안 강화를 위한 자료를 제공하고자 한다.

• Journal of the Optical Society of Korea
• /
• v.14 no.4
• /
• pp.451-457
• /
• 2010

Increasing demands on the safety of public train services have led to the development of various types of security monitoring systems. Most of the surveillance systems are focused on the estimation of crowd level in the platform, thereby yielding too many false alarms. In this paper, we present a novel security monitoring system to detect critically dangerous situations such as when a passenger falls from the station platform, or when a passenger walks on the rail tracks. The method is composed of two stages of detecting dangerous situations. Objects falling over to the dangerous zone are detected by motion tracking. 3D depth information retrieved by the stereo vision is used to confirm fallen events. Experimental results show that virtually no error of either false positive or false negative is found while providing highly reliable detection performance. Since stereo matching is performed on a local image only when potentially dangerous situations are found; real-time operation is feasible without using dedicated hardware.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2006.05a
• /
• pp.187-190
• /
• 2006

TETRA system provides the radio authentication service which permits only authorized radio to access network. Radio authentication is the process which checks the sameness of authentication-key(K) by challenge-response protocol between radio and authentication center. This paper analyzes authentication-key generation/delivery/injection model in TETRA authentication system and analyzes the threat of clone radio caused by authentication-key exposure.

• Annual Conference of KIPS
• /
• 2019.10a
• /
• pp.401-404
• /
• 2019

최근 국가기반시설 산업제어시스템은 시나리오를 기반으로 시뮬레이션 훈련을 진행한다. 그러나 국내 ICS 보안 기술은 외부 경계 보호에 중점을 둔 시나리오가 대다수였기 때문에 내부에서 발생할 수 있는 시나리오 가이드라인이 상대적으로 부족하고 이를 평가하는 기준 또한 제대로 정의되어 있지 않다. 내부 공격이 증가함에 따라 국내에서도 사회공학적 기법에 초점을 둔 시뮬레이션 훈련을 진행할 필요가 있다. 이에 본 논문은 NEI 08-09 의 운영·관리항목 중 가장 빈번하게 발생하는 위협을 바탕으로 한 시나리오 및 구성요소를 개발하고, 이를 평가할 수 있는 명확한 기준을 제시하여 효과적인 비상대응 훈련을 수행할 수 있도록 한다.

• Journal of the Korea Society of Computer and Information
• /
• v.7 no.3
• /
• pp.74-79
• /
• 2002

In this paper, we designed the Policy-based ESM(Enterprise Security Management) for network security in Internet. First, we consider the existed network management and present ESM. And then analyze existent systems and drew consideration items at system design. This paper applied to PBNM technology in order to improve security network management.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.7
• /
• pp.65-72
• /
• 2009

This paper proposed VCR cryptographic algorithm that adapted in TCP/IP protocol architecture and wire/wireless communication network environments. we implemented by hardware chip level because proposed VCR cryptographic algorithm perform scalable & reconfigurable operations into the security system. Proposed VCR cryptographic algorithm strengthens security vulnerability of TCP/IP protocol and is very profitable real-time processing and encipherment of high-capacity data and multi-user communication because there is important purpose to keep security about many user as that have variable round numbers function in network environments.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.5
• /
• pp.1471-1483
• /
• 2023

One of the fastest-growing mobile services accessible today is mobile payments. For the safety of this service, the Near Field Communication (NFC) technology is used. However, NFC standard protocol has prioritized transmission rate over authentication feature due to the proximity of communicated devices. Unfortunately, an adversary can exploit this vulnerability with an antenna that can eavesdrop or alter the exchanged messages between NFC-enabled devices. Many researchers have proposed authentication methods for NFC connections to mitigate this challenge. However, the security and privacy of payment transactions remain insufficient. We offer a privacy-preserving, anonymity-based, safe, and efficient authentication protocol to protect users from tracking and replay attacks to guarantee secure transactions. To improve transaction security and, more importantly, to make our protocol lightweight while ensuring privacy, the proposed protocol employs a secure offline session key generation mechanism. Formal security verification is performed to assess the proposed protocol's security strength. When comparing the performance of current protocols, the suggested protocol outperforms the others.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.7C
• /
• pp.997-1006
• /
• 2004

The rapid expansion of the Internet has provided users with a diverse range of services. Most Internet users create many different IDs and passwords to subscribe to various Internet services. Thus, the SSO system has been proposed to supplement vulnerable security that may arise from inefficient management system where administrators and users manage a number of ms. The SSO system can provide heightened efficiency and security to users and administrators. Recently commercialized SSO systems integrate a single agent with the broker authentication model. However, this hybrid authentication system cannot resolve problems such as those involving user pre-registration and anonymous users. It likewise cannot provide non-repudiation service between joining objects. Consequently, the hybrid system causes considerable security vulnerability. Since it cannot provide security service for the agent itself, the user's private information and SSO system may have significant security vulnerability. This paper proposed an authentication model that integrates a broker authentication model, out of various authentication models of the SSO system, with a multi-agent system. The proposed method adopts a secure multi-agent system that supplements the security vulnerability of an agent applied to the existing hybrid authentication system. The method proposes an SSO authentication model that satisfies various security requirements not provided by existing broker authentication models and hybrid authentication systems.

• Annual Conference of KIPS
• /
• 2022.11a
• /
• pp.210-212
• /
• 2022

4차 산업혁명의 시대적 요구에 따라 스마트워크, 원격진료, 메타버스 등 원격 접속 기반의 사회 인프라 환경이 확산되고 있으며, 코로나19는 이와 같은 원격접속 환경을 가속화하였다. 원격 접속 환경에서는 공간, 시간, 단말 등의 제약으로부터 비교적 자유롭게 기업 내부의 중요 자원 및 서비스를 이용할 수 있기 때문에 노동 생산성을 증대시킨다는 이점은 있으나, 충분히 검증받지 않은 작업 환경이기 때문에 보안적 측면에서는 문제를 야기시킬 수 있다. 또한 전통적인 정보보호 관리체계에서는 원격접속 환경은 허용하지 않거나 최소화한다는 기본 사상을 바탕으로 설계되어 있기 정보보호 전략적 한계가 존재한다. 본 논문에서는 이와 같은 정보보호 전략적 한계를 개선하기 위해 제로 트러스트 아키텍처 기반의 정보보호 관리체계 구축에 대한 방안을 제언한다.