• 제목/요약/키워드: information security system

Search Result 6,598, Processing Time 0.031 seconds

Mobile IPv6 Session Key Distribution Method At Radius-based AAAv6 System

  • Lee Hae Dong;Choi Doo Ho;Kim Hyun Gon
    • Proceedings of the IEEK Conference
    • /
    • 2004.08c
    • /
    • pp.581-584
    • /
    • 2004
  • Currently, there are many subscriber access networks: PSTN, ADSL, Cellular Network, IMT200 and so on. To these service providers that provide above network service, it is important that they authenticate and authorize legal subscribers and account for their usage. At present, There exist the several protocols that Support AAA(Authentication, Authorization and Accounting) service : RADIUS, Diameter, TACACS+. Nowadays, RADIUS has used for AAA service widely. It has been extended to support other access network environment. So, we extend RADIUS to support environment of Mobile IPv6. Mobile IPv6 uses IPsec as a security mechanism, basically. But, IPsec is a heavy security technology for small, portable, mobile device. Especially, it is serious at IKE, the subset of IPsec. IKE is a key distribution protocol that distributes the key to the endpoints of IPsec. In t:lis paper, we extend RADIUS to support environment of Mobile IPv6 and simplify the IKE phase of IPsec by AAA system distributing the keys by using its security communication channel. Namely, we propose the key distribution method for IPsec SA establishment between mobile node and home agent. The suggested method was anticipated to be effective at low-power, low computing deyice. Finally, end users feel the faster authentication.

  • PDF

The survey on Intelligent Security System in the age of Big Data (빅데이터 시대의 지능형 보안시스템에 관한 연구)

  • Kim, Ji Hyun;Lee, Dong-hoon
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2012.10a
    • /
    • pp.776-779
    • /
    • 2012
  • Recently one of the hot topics of IT field is big data. The security's meaning changed a lot, so security tools which were used to protect the limit area traditionally, now don't have any effectiveness. In the age of Cloud Computing, big data will do the best work. This paper discusses the technology related to big data and the intelligent security system utilizing big data.

  • PDF

A Rule Protecting Scheme with Symmetric Cryptosystem for Intrusion Detection System (암호화 기법을 적용한 침입 탐지 시스템의 룰 보호 기법)

  • Son Hyung-Seo;Kim Hyun-Sung;Bu Ki-Dong
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.14 no.6
    • /
    • pp.3-13
    • /
    • 2004
  • Kvarnstrom et al. ${in}^{[10]}$ proposed a rule protection scheme by using one-way hash function to protect rules in security systems over ubiquitous environment. Son et at. ${in}^{[5-6]}$ also prooposed a rule protection scheme for Snort, which is one of the most common IDS. These schemes provide security only for the header information but not for its contents. To solve this problem, this paper presents a scheme based on the symmetric cryptosystem over Snort not only for the header information but also contents. This paper uses the key management based on PCMCIA security module proposed ${by}^{[12]}$ for the symmetric cryptosystem. Our scheme could be adjusted to other security systems, which use the rule based detection.

Fault Tree Analysis and Fault Modes and Effect Analysis for Security Evaluation of IC Card Payment Systems (IC카드 지불결제 시스템의 보안성 평가를 위한 고장트리 분석(FTA)과 고장유형과 영향 분석(FMEA))

  • Kim, Myong-Hee;Jin, Eun-Ji;Park, Man-Gon
    • Journal of Korea Multimedia Society
    • /
    • v.16 no.1
    • /
    • pp.87-99
    • /
    • 2013
  • The demands of IC card payment system has been increased according to the rapid advancement of the IT convergence application technologies. Recently IC card payment systems are in demands of the usage space at anytime and anywhere by developing the wireless communication technology and its related multimedia processing technology. Therefore the security of IC card payment system becomes more important and necessary. There are many fault analysis methods to evaluate the security and safety of information systems according to their characteristics and usages. However, the only assessment method to evaluate the security of information systems is not enough to analyse properly on account of the various types and characteristics of information systems by the progress of IT convergence and their applications. Therefore, this paper proposes an integrative method of the Fault Tree Analysis (FTA) and Fault Modes and Effect Analysis/Criticality (FMEA/C) based on criticality to evaluate and improve the security of IC card payment system as an illustration.

For Improving Security Log Big Data Analysis Efficiency, A Firewall Log Data Standard Format Proposed (보안로그 빅데이터 분석 효율성 향상을 위한 방화벽 로그 데이터 표준 포맷 제안)

  • Bae, Chun-sock;Goh, Sung-cheol
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.30 no.1
    • /
    • pp.157-167
    • /
    • 2020
  • The big data and artificial intelligence technology, which has provided the foundation for the recent 4th industrial revolution, has become a major driving force in business innovation across industries. In the field of information security, we are trying to develop and improve an intelligent security system by applying these techniques to large-scale log data, which has been difficult to find effective utilization methods before. The quality of security log big data, which is the basis of information security AI learning, is an important input factor that determines the performance of intelligent security system. However, the difference and complexity of log data by various product has a problem that requires excessive time and effort in preprocessing big data with poor data quality. In this study, we research and analyze the cases related to log data collection of various firewall. By proposing firewall log data collection format standard, we hope to contribute to the development of intelligent security systems based on security log big data.

A Study on Security Requirements of Shipboard Combat System based on Threat Modelling (위협 모델링 기반 함정 전투체계 보안 요구사항에 관한 연구)

  • Seong-cheol Yun;Tae-shik Shon
    • Journal of the Korea Institute of Military Science and Technology
    • /
    • v.26 no.3
    • /
    • pp.281-301
    • /
    • 2023
  • The shipboard combat system is a key system for naval combat that supports a command and control process cycle consisting of Detect - Control - Engage in real time to ensure ship viability and conduct combat missions. Modern combat systems were developed on the basis of Open Architecture(OA) to maximize acceptance of latest technology and interoperability between systems, and actively introduced the COTS(Commercial-of-the-shelf). However, as a result of that, vulnerabilities inherent in COTS SW and HW also occurred in the combat system. The importance of combat system cybersecurity is being emphasized but cybersecurity research reflecting the characteristics of the combat system is still lacking in Korea. Therefore, in this paper, we systematically identify combat system threats by applying Data Flow Diagram, Microsoft STRIDE threat modelling methodology. The threats were analyzed using the Attack Tree & Misuse case. Finally we derived the applicable security requirements which can be used at stages of planning and designing combat system and verified security requirements through NIST 800-53 security control items.

A Study on the Human Vulnerability Classification System for People-Centric Security (인간중심보안을 위한 인적취약점 분류체계에 관한 연구)

  • Jungjun Park;Seongjin Ahn
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.33 no.3
    • /
    • pp.561-575
    • /
    • 2023
  • The information security industry has seen a wide variety of growth over the past few decades. In particular, various solutions have been proposed in terms of technology, management, and institutional aspects. Nevertheless, it should be notedthat security accidents continue to occur every year. This proves that there are limitations to various business changes in the digital era as existing security is being promoted with technology-oriented and prevention-oriented policies. Thus, people-centric security (PCS) has recently become a hot topic in order to escape the limitations of traditional securityapproaches. Through the concept of information security violations, PCS strategic principles, and expert interviews, this studyaims to present a fundamental security incident response plan by classifying human-caused vulnerabilities into 5 categories and classifying them into 21 detailed components.

Influence on Information Security Behavior of Members of Organizations: Based on Integration of Theory of Planned Behavior (TPB) and Theory of Protection Motivation (TPM) (조직구성원들의 정보보안행동에 미치는 영향: 보호동기이론(PMT)과 계획된 행동이론(TPB) 통합을 중심으로)

  • Jeong, hye in;Kim, seong jun
    • Korean Security Journal
    • /
    • no.56
    • /
    • pp.145-163
    • /
    • 2018
  • Recently, security behavior of members of organizations has been recognized as a critical part of information security at the corporate level. Leakage of customers' information brings more attention to information security behavior of organizations and the importance of a task force. Research on information breach and information security is actively conducted of personal behavior toward security threats or members of organizations who use security technology. This study aims to identify factors of influence on information security behavior of members of organizations and to empirically find out how these factors affect information security behavior through behavior toward attitude, subjective norm and perceived behavior control. On the basis of the research, this study will present effective and efficient ways to foster information security activities of members of organizations. To this end, the study presented a research model that applied significant variables based on integration of Theory of Planned Behavior (TPB) and Theory of Protection Motivation (TPM). To empirically verify this research model, the study conducted a survey of members of organizations who had security-related work experience at companies. So, it is critical for members of organizations to encourage positive word of mouth (WOM) about information security behavior. Results show that based on the integration of TPM and TPB, perceived vulnerability, perceived severity, perceived efficiency and perceived barriers of information security behavior of members of organizations had significant influences on mediating variables such as behavior toward attitude, subjective norm, perceived behavior control and intention. They also had significant influences on organization information security behavior which is a dependent variable. This study indicates companies should introduce various security solutions so that members of the organizations can prevent and respond to potential internal and external security risks. In addition, they will have to take actions to inspect vulnerability of information system and to meet security requirements such as security patches.

A Study on the Public Shared Mobility Service Improvement os Traffic Safety by Strengthening the Authentication System (민간 공유 모빌리티 인증 시스템 강화에 따른 교통 안전성 개선 연구)

  • So-Eun Park;Ji-Won Jang;Seo-Yeon Ham
    • Annual Conference of KIPS
    • /
    • 2023.05a
    • /
    • pp.185-186
    • /
    • 2023
  • 본 시스템은 도로교통법에 위반하는 개인 이동형 장치의 사용을 억제하기 위한 기술적 방안으로서 서비스 가입 절차에서의 자격 조건 인증을 강화하고 사용 가능한 편법을 제거하는 장치를 마련하여 시민들에게 안전한 도로를 제공하는데 의의를 둔다.

An Analysis of the Security Threats and Security Requirements for Electric Vehicle Charging Infrastructure (전기자동차 충전 인프라에서의 보안위협 및 보안요구사항 분석)

  • Kang, Seong-Ku;Seo, Jung-Taek
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.5
    • /
    • pp.1027-1037
    • /
    • 2012
  • With response to the critical issue of global warming, Smart Grid system has been extensively investigated as next efficient power grid system. Domestically, Korean is trying to expand the usage of Electric Vehicles (EVs) and the charging infrastructure in order to replace the current transportation using fossil fuels holding 20% of overall CO2 emission. The EVs charging infrastructures are combined with IT technologies to build intelligent environments but have considerable number of cyber security issues because of its inherent nature of the technologies. This work not only provides logical architecture of EV charging infrastructures with security threats based on them but also analyses security requirements against security threats in order to overcome the adversarial activities to Smart Grid.