• Title/Summary/Keyword: information security system

Search Result 6,598, Processing Time 0.037 seconds

Configuration Management for Multi-Level Security Information Technology Systems (IT 시스템의 다중 수준 보안을 위한 관리 환경 연구)

  • Kim, Jeom-Goo
    • Convergence Security Journal
    • /
    • v.10 no.4
    • /
    • pp.39-48
    • /
    • 2010
  • In a complex, secure IT system environment there will be groups of data that be segregated from one another, yet reside on the same system. Users of the system will have varying degrees of access to specific data. The Configuration Management(CM) of the information architecture, the physical architecture, user privileges and application security policies increases the complexity for operations, maintenance and security staff. This pager describes(current work to merge the capabilities of a network CM toll with those of a Computer Aided System Engineering(CASE) tool. The rigour of Systems Engineering(SE) modelling techniques can be used to deal with the complexities of multi-level information security. The SE logical and physical models of the same system are readily tailorable to document the critical components of both the information architecture and physical architecture that needs to be managed. Linking a user-friendly, physical CM tool with the extended capabilities of a CASE tool provide the basis for improved configuration management of secure IT systems.

A Building Method of High Availability Protection Architecture in Next Generation Network (NGN) Information Security System (차세대통신망(NGN) Infrastructure에서의 정보보호시스템 고가용성 차단구조 설계)

  • Noh, Si-Choon;Bang, Kee-Chun
    • Journal of Digital Contents Society
    • /
    • v.8 no.4
    • /
    • pp.483-489
    • /
    • 2007
  • The high availability of information security system shall be primarily studied in relation to the Next Generation Network(NGN) Information Security infrastructure, because it is very important to maintain availability at each moment as a variety of intrusions occur continuously. The high availability of the security system can be realized with the topology and configuration properly defined to fully utilize the recovery function of the security system in the thoroughly planned optimized method. The active-active high availability on the NGN information security infrastructure system in is assured by letting the failover mechanism operate upon the entire structure through the structural design and the implementation of functions. The proposed method reduces the system overload rating due to trouble packets and improves the status of connection by SNMP polling trap and the ICMP transport factor by ping packet.

  • PDF

A Policy-based Secure Framework for Constructing Secure Networking (안전한 네트워크 구성을 위한 정책기반 보안 프레임워크)

  • 박상길;장종수;손승원;노봉남
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.27 no.8C
    • /
    • pp.748-757
    • /
    • 2002
  • Cyber-terror trials are increased in nowadays and these attacks are commonly using security vulnerability and information gathering method by variable services grew by the continuous development of Internet Technology. IDS's application environment is affected by this increasing Cyber Terror. General Network based IDS detects intrusion by signature based Intrusion Detection module about inflowing packet through network devices. Up to now security in network is commonly secure host, an regional issue adopted in special security system but these system is vulnerable intrusion about the attack in globally connected Internet systems. Security mechanism should be produced to expand the security in whole networks. In this paper, we analyzer the DARPA's program and study Infusion Detection related Technology. We design policy security framework for policy enforcing in whole network and look at the modules's function. Enforcement of security policy is acted by Intrusion Detection system on gateway system which is located in network packet's inflow point. Additional security policy is operated on-line. We can design and execute central security policy in managed domain in this method.

Design and Implementation of Security Solution Structure to Enhance Inside Security in Enterprise Security Management System (통합보안관리 시스템에서 내부 보안을 향상시킨 보안 솔루션 구조의 설계 및 구현)

  • Kim Seok-Soo;Kang Min-Gyun
    • The Journal of the Korea Contents Association
    • /
    • v.5 no.6
    • /
    • pp.360-367
    • /
    • 2005
  • Corporation's computerization developed by diffusion of internet, and dysfunction of Information is increasing greatly with virus, computing network infringement. Therefore, the today, corporation security is more and more emphasized. Security solution by that importance of security rises so is developing together Security solution is developing to ESM system in existing single system and important thing is function of each security solution and optimizing design of policy. Existent security policy taking a serious view security from external invasion but security of interior the importance rise the today. Accordingly, must construct ESM system of new structure for this. This paper proposes and embodied integration security administration system that solidify interior security utilizing IDS. Experiment external IP and ID access and analyzed the result.

  • PDF

A Design of an Energy-saving Doorbell with Blinking Light Function using IoT Technology (IoT 기술을 활용한 에너지 절약형 전등점멸 초인종 설계)

  • You, Ho-Gyun;Kim, Ye-Eun;Kim, Hee-Jeong;Jang, Woo-Hee;Kook, Joongjin;Lee, Kwangjae
    • The Transactions of the Korean Institute of Electrical Engineers P
    • /
    • v.67 no.2
    • /
    • pp.90-93
    • /
    • 2018
  • This paper is a system that visually informs the hearing impaired to visit other people by blinking the light of a room using the IoT(Internet of Things) technology. The system combines the power of home-use lights with low-power IoT devices to provide visual notifications. Using a current sensor, this system can track user location and then turns on and off the light in that room only to save energy. The proposed idea can create a society that is equal to everyone and can live more conveniently.

Design and Implementation of HomeNetworking Middleware Security System (홈네트워킹 미들웨어 보안 시스템 설계 및 구현)

  • Lee, Ho-Sang;Lee, Jeong-Kyun;Lee, Ki-Young
    • Proceedings of the IEEK Conference
    • /
    • 2005.11a
    • /
    • pp.1079-1082
    • /
    • 2005
  • In this paper, a secure system is studied and designed for omenetworking middleware based on sensor network security algorithm. Many sensor networks have mission-critical tasks, so it is clear that security needs to be taken into account at design procedure. First, We study homenetworking middleware model in Jini. And we design a security system is applied by SPINS algorithm for moddleware model. Then we firgure out proper secrecy, authentication, broadcast authentication mechanisms in this model.

  • PDF

Security Verification of Wireless Remote Control System Using CPN (CPN을 이용한 무선원격제어시스템의 안전성 검증)

  • 이문구
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.13 no.5
    • /
    • pp.81-90
    • /
    • 2003
  • Existing web-based system management software solutions show some limitations in time and space. Moreover, they possess such as shortcomings unreliable error message announcements and difficulties with real-time assistance suppers and emergency measures. In order to solve these deficiencies, Wireless Remote Control System was designed and implemented. Wireless Remote Control System is able to manage and monitor remote systems by using mobile communication devices for instantaneous control. The implementation of Wireless Remote Control System leads to these security Problems as well as solutions to aforementioned issues with existing web-based system management software solutions. Therefore, this paper has focused on the security matters related to Wireless Remote Control System. The designed security functions include mobile device user authentication and target system access control. For security verification of these security functions introduced CPN(Coloured Petri Nets) which is capable of expressing every possible state for each stage. And then in this paper was verified its security through PI(Place Invariant) based on CPN(Coloured Petri Nets). The CPN expression and analysis method of the proposed security function can also be a useful method for analyzing other services in the future.

Policy-based Network Security with Multiple Agents (ICCAS 2003)

  • Seo, Hee-Suk;Lee, Won-Young;Yi, Mi-Ra
    • 제어로봇시스템학회:학술대회논문집
    • /
    • 2003.10a
    • /
    • pp.1051-1055
    • /
    • 2003
  • Policies are collections of general principles specifying the desired behavior and state of a system. Network management is mainly carried out by following policies about the behavior of the resources in the network. Policy-based (PB) network management supports to manage distributed system in a flexible and dynamic way. This paper focuses on configuration management based on Internet Engineering Task Force (IETF) standards. Network security approaches include the usage of intrusion detection system to detect the intrusion, building firewall to protect the internal systems and network. This paper presents how the policy-based framework is collaborated among the network security systems (intrusion detection system, firewall) and intrusion detection systems are cooperated to detect the intrusions.

  • PDF

A Secure Mobile Agent Transfer Protocol in Mobile Agents Based E-Commerce System (이동 에이전트 기반 저자사걸 시스템에서의 안전한 이동 에이전트 전송 프로토콜)

  • Han, Seung-Wan;Im, Hyeong-Seok
    • The Transactions of the Korea Information Processing Society
    • /
    • v.7 no.5S
    • /
    • pp.1657-1665
    • /
    • 2000
  • Mobile agents based e-commerce system has many advantage than traditional e-commerce-information gathering on goods, price settlement and payment, delivery of the goods purchased, and so on. However, due to the security vulnerability that stems from mobile agent's mobility, mobile agents based e-commerce system has additional security problems. Therefore, in order to do e-commerce securely in th system, first of al the security issues on mobile agents must be addressed. It this paper, we propose a mobile agent transfer protocol that provides confidentiality and integrity of mobile agent in transit and mutual authentication for communicating hosts. We further show the security of the protocol against many possible attacks. Also, we suggest the location management mechanism of mobile agents based on the trust center. This mechanism is capable of finding their locations transparently and detecting mobile agent clones.

  • PDF

An Implementation of ESM with the Security Correlation Alert for Distributed Network Environment (분산 환경에서 정보보호 연관 경고 메시지를 이용한 ESM 구현)

  • 한근희;전상훈;김일곤;최진영
    • Journal of KIISE:Computing Practices and Letters
    • /
    • v.10 no.2
    • /
    • pp.199-208
    • /
    • 2004
  • In this paper, we propose and implement SIA System for filtering redundant alert messages and dividing them into four statuses. Also, we confirm that our system can find and analyze vulnerability types of network intrusion by attackers in a managed network, so that it provides very effective means for security managers to cope with security threats in real time.