• Title/Summary/Keyword: information security system

Search Result 6,598, Processing Time 0.032 seconds

A Distributed Communication Model and Performance Evaluation for Information Transfer in a Security Policy-based Intrusion Detection System (보안정책 기반 침입탐지시스템에서 정보 전달을 위한 분산 통신 모델과 성능 평가)

  • Jang Jung Sook;Jeon Yong Hee;Jang Jong Soo;Sohn Seung Won
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.29 no.12C
    • /
    • pp.1707-1721
    • /
    • 2004
  • In this paper, we propose a distributed communication model of intrusion detection system(IDS) in which integrated security management at networks level is possible, model it at a security node and distributed system levels, design and implement a simulator. At the node level, we evaluate the transfer capability of alert message based on the analysis of giga-bit security node architecture which performs hardware-based intrusion detection. At the distributed system level, we perform the evaluation of transfer capability of detection and alert informations between components of distributed IDS. In the proposed model, we carry out the performance evaluation considering decision factors of communication mechanism and present the results in order to gain some quantitative understanding of the system.

A Study on Improvement of Inspection Items for Activation of the Information Security Pre-inspection (정보보호 사전점검 활성화를 위한 점검항목 개선 연구)

  • Choi, Ju Young;Kim, JinHyung;Park, Jung-Sub;Park, Choon Sik
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.4
    • /
    • pp.933-940
    • /
    • 2015
  • IT environments such as IoT, SNS, BigData, Cloud computing are changing rapidly. These technologies add new technologies to some of existing technologies and increase the complexity of Information System. Accordingly, they require enhancing the security function for new IT services. Information Security Pre-inspection aims to assure stability and reliability for user and supplier of new IT services by proposing development stage which considers security from design phase. Existing 'Information Security Pre-inspection' (22 domains, 74 control items, 129 detail items) consist of 6 stage (Requirements Definition, Design, Training, Implementation, Test, Sustain). Pilot tests were executed for one of IT development companies to verify its effectiveness. Consequently, for some inspection items, some improvement requirements and reconstitution needs appeared. This paper conducts a study on activation of 'Information Security Pre-inspection' which aims to construct prevention system for new information system. As a result, an improved 'Information Security Pre-inspection' is suggested. This has 16 domains, 54 inspection items, 76 detail items which include some improvement requirements and reconstitution needs.

Implementation of Image Security System for CCTV Using Analysis Technique of Color Informations (색 정보 분석 기법을 이용한 효율적인 CCTV 영상 보안 시스템의 구현)

  • Ryu, Su-Bong;Kang, Min-Sup
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.12 no.5
    • /
    • pp.219-227
    • /
    • 2012
  • This paper describes the design and implementation of an efficient image security system for CCTV using the analysis technique of color informations. In conventional approaches, the compression and encryption techniques are mainly used for reducing the data size of the original images while the analysis technique of color information is first proposed, which eliminates the overlapping part of the original image data in our approach. In addition, security-enhanced CCTV image security system is presented using SSL/VPN tunneling technique. When we use the method proposed in this paper, an efficient image processing is enable for a mount of information, and also security problem is enhanced. Through the implementation results, the proposed method showed that the original image information are dramatically reduced.

Improved Authentication and Data Protection Protocol of Passive RFID Security Tag and Reader (개선된 수동형 RFID 보안태그와 리더의 인증 및 데이터 보호 프로토콜)

  • Yang, Yeon-Hyun;Kim, Sun-Young;Lee, Pil-Joong
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.1
    • /
    • pp.85-94
    • /
    • 2010
  • As an automatic identification technology, in which electronic tags are attached to items and system auto-identifies informations of the items using wireless communication technology, use of RFID system is increasing in various fields. According to that, related security problems are becoming important issue. Up to now, many authentication protocols have been proposed to solve security problem of RFID system. In this paper, We show that the RFID authentication protocols in [9, 10], which are compatible with Type C RFID system in ISO 18000-6 Amd1[8], are vulnerable to a spoofing attack. In addition, we propose improved protocols having small additional cost over the original protocols.

A Study of the Next Generation Ubiquitous Flight Information System and a Design (차세대 유비쿼터스 비행정보 시스템의 연구와 설계)

  • Park, Wan-Soon;Yang, Hae-Sool
    • Journal of the Korea Society of Computer and Information
    • /
    • v.13 no.4
    • /
    • pp.221-230
    • /
    • 2008
  • We Studied current Flight Information System everyone employing, and this paper designed a next generation Ubiquitous Flight Information System. Studied a Ubiquitous Flight Information System regarding AVOD, game TV, cellular phone, cabin Internet use for a customer, and airline and control of Air Traffic Service, Air Traffic Control, in seat reservation, transportation, ticketing and luggage back-tracking and airplanes in earthly service. We Designed for a Next Generation Ubiquitous Flight Information System and for necessary for network security, system security of information security system, and derived from comparative analysis of improvement point and difference to existing Ubiquitous Flight Information System and Next Generation Ubiquitous Flight Information as was based on result of research. Present vision to aerial the result of research world of this paper related industry, and ensure safety and communication efficiency and a customer and flight satisfaction, efficiency, and will reclaim the new horizon to the Flight Information Industry.

  • PDF

Secure OS Technical Development Trend (안전한 운영체제 기술개발 동향)

  • 김재명;이규호;김종섭;김귀남
    • Convergence Security Journal
    • /
    • v.1 no.1
    • /
    • pp.9-20
    • /
    • 2001
  • In the 3rd Wave of information revolution, technical research & development for more rapid and safe information exchange take a sudden turn currently According to a step up in importance and efficiency value of information, it's necessary to research technical development in various field altogether. Especially information security is the very core of essential technology. However most System attacks are based on the weakness of OS, it is difficult to achieve the security goal in the only application level. For the solution of this problem, so many technology researches to serve secure, trust information security in OS itself are activated. Consequently we introduce the tendency of current secure OS development projects of security kernel all over world in this report and inquire into security mechanism of the File Griffin which prevents file system forgery, modification perfectly by performing digital signature certificate on kernel level.

  • PDF

The Design Of Improved Information Security System based on SSL(Secure Socket Layer) For Providing Secure Communication Services (안전한 통신 서비스를 제공하는 향상된 SSL(Secure Socket Layer) 기반 정보보호 시스템의 설계)

  • 유성진
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.25 no.9A
    • /
    • pp.1387-1394
    • /
    • 2000
  • The SSL(Secure Socket Layer) protocol is one of the mechanism widely used in the recent network system. The improved information security mechanism based on the SSL is designed in this paper. There are important four information security services. The first is the authentication service using the Certificate offered from the SSL(Secure Socket Layer), the second is the message confidentiality service using the DES encryption algorithm, the third is the message integrity service using Hash function, and the fourth is Non-repudiation service. Therefore, information could be transferred securely under the information security mechanism including Non-repudiation service especially designed in this paper.

  • PDF

A Study on Threat Containment through VDI for Security Management of Partner Companies Operating at Industrial Control System Facility

  • Lee, Sangdo;Huh, Jun-Ho
    • Annual Conference of KIPS
    • /
    • 2019.10a
    • /
    • pp.491-494
    • /
    • 2019
  • The results from the analysis of recent security breach cases of industrial control systems revealed that most of them were caused by the employees of a partner company who had been managing the control system. For this reason, the majority of the current company security management systems have been developed focusing on their performances. Despite such effort, many hacking attempts against a major company, public institution or financial institution are still attempted by the partner company or outsourced employees. Thus, the institutions or organizations that manage Industrial Control Systems (ICSs) associated with major national infrastructures involving traffic, water resources, energy, etc. are putting emphasis on their security management as the role of those partners is increasingly becoming important as outsourcing security task has become a common practice. However, in reality, it is also a fact that this is the point where security is most vulnerable and various security management plans have been continuously studied and proposed. A system that enhances the security level of a partner company with a Virtual Desktop Infrastructure (VDI) has been developed in this study through research on the past performances of partner companies stationed at various types of industrial control infrastructures and its performance outcomes were statistically compiled to propose an appropriate model for the current ICSs by comparing vulnerabilities, measures taken and their results before and after adopting the VDI.

Implementation of system security platform based on Cortex-M3 (Cortex-M3기반 System 보안 플랫폼 구현에 대한 연구)

  • Park, Jung-kil;Kim, Young-kil
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2016.10a
    • /
    • pp.317-320
    • /
    • 2016
  • In embedded system, if firmware code is opened by other company, must devise hardware copy prevention. That guard valuable product. Not used security IC, Suggested platform is source code open method that prevent core code and hardware copy. And that open firmware code for other company programmer. Suggest system security platform based on Corex-M3. that consist of IAP(In-application programing) and APP(Applicataion). IAP contain core code and security confirm code. APP is implement by other company developer using core function prototype.

  • PDF

A Study on NEIS Vulnerabilities Analyze Tool Supplement (NEIS의 취약성에 관한 연구)

  • Woo, Seung-Ho;Kang Soon-Duk
    • The Journal of Information Technology
    • /
    • v.6 no.4
    • /
    • pp.35-58
    • /
    • 2003
  • We analyze specific supplementation direction(Efficiency, Isolation, convenience, synthesis, variety, security) about system vulnerabilities of the NEIS(National Education Information System) in this research. The efficiency constructs parallel security vulnerabilities diagnosis system NEIS which the security problem prevents and checks.

  • PDF