• Title/Summary/Keyword: information security system

Search Result 6,598, Processing Time 0.03 seconds

An Information Security Model for Digital Contents (디지털 콘텐츠의 정보보호 분석 모델)

  • Yoon, Seuk-Kyu;Jang, Hee-Seon
    • Convergence Security Journal
    • /
    • v.10 no.3
    • /
    • pp.9-14
    • /
    • 2010
  • The network architecture and analysis model for evaluating the information security are presented to distribute the reliable and secure multimedia digital contents. Using the firewall and IDS, the function of the proposed model includes the security range, related data collection/analysis, level evaluation and strategy proposal. To develop efficient automatic analysis tool, the inter-distribution algorithm and network design based on the traffic analysis between web-server and user are needed. Furthermore, the efficient algorithm and design of DRM/PKI also should be presented before the development of the automatic information security model.

An Improved Cancelable Fingerprint Template Encryption System Research

  • Wang, Feng;Han, Bo;Niu, Lei;Wang, Ya
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.11 no.4
    • /
    • pp.2237-2253
    • /
    • 2017
  • For the existing security problem based on Fuzzy Vault algorithm, we propose a cancelable fingerprint template encryption scheme in this paper. The main idea is to firstly construct an irreversible transformation function, and then apply the function to transform the original template and template information is stored after conversion. Experimental results show it effectively prevents the attack from fingerprint template data and improves security of the system by using minutiae descriptor to encrypt abscissa of the vault. The experiment uses public FVC2004 fingerprint database to test, result shows that although the recognition rate of the proposed algorithm is slightly lower than the original program, but the improved algorithm security and complexity are better, and therefore the proposed algorithm is feasible in general.

Scheduling Computational Loads in Single Level Tree Network

  • Cui, Run;Sundaram, Suresh;Kim, Hyoung-Joong
    • 한국정보통신설비학회:학술대회논문집
    • /
    • 2009.08a
    • /
    • pp.131-135
    • /
    • 2009
  • This paper is the introduction of our work on distributed load scheduling in single-level tree network. In this paper, we derive a new calculation model in single-level tree network and show a closed-form formulation of the time for computation system. There are so many examples of the application of this technology such as distributed database, biology computation on genus, grid computing, numerical computing, video and audio signal processing, etc.

  • PDF

A Study on Security System of Document Image using Mixing Algorithm (합성 방식을 이용한 문서 화상의 보안 체계 연구)

  • 허윤석;김일경;박일남
    • The Journal of Information Technology
    • /
    • v.2 no.2
    • /
    • pp.89-105
    • /
    • 1999
  • In this paper, we present a countermeasure for a various trouble occurred in secure communication of document image. We Propose a security system for transmission of document image using mixing algorithm that the third party cannot conceive secure transmission of information instead of existing scheme which depend on crypto-degree of security algorithm, itself. For this, RM, DM and RDM algorithm for mixing of secure bits are proposed and applied to digital signature for mixing for secure document and mixing for non-secure document by secure document. Security system for document image involves not only security scheme for document image transmission itself, but also digital signature scheme. The transmitter embeds secretly the signatures onto secure document, embeds it to non-secure document and transfers it to the receiver. The receiver makes a check of any forgery on the signature and the document. Because the total amount of transmitted data and the image quality are about the same to those of the original document image, respectively, the third party cannot notice the fact that signatures and secure document are embedded on the document image. Thus, the probability of attack will be reduced.

  • PDF

Security measures of Information and Communication infrastructure of Water Resources Field (댐·보 등 수자원분야 정보통신기반시설 보안대책)

  • Yu, Se-Hwan;Jang, Dong-bae
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2013.05a
    • /
    • pp.1034-1037
    • /
    • 2013
  • ICT infrastructure is electronic control systems or communication network related to national security, public administration, defense, policing, finance. Water resources sector has been building a system of control that can be performed electronically, communications, management, energy, and other work-related. Water resources sector has been a paradigm shift in water management and the control system is integrated into a single network. The control system security vulnerabilities are exposed - other control networks, business networks, linking with outside agencies, etc. Cyber terrorist society can cause a huge mess economically, The importance of security for control systems is becoming. In this paper, ICT infrastructure - the water resources in the field of control systems will analysis security measures.

  • PDF

A Study on adopting cloud computing in the military (국방 클라우드 컴퓨팅 도입에 관한 보안체계 연구)

  • Jang, Worl-Su;Choi, Jung-Young;Lim, Jong-In
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.3
    • /
    • pp.645-654
    • /
    • 2012
  • The South Korean Defense Ministry is planning and pushing forward to conduct a cloud computing pilot project in 2012. Taking into consideration the high-level security necessary in the military as well as wartime duties, if not designed properly, this project may anticipate severe damage to national security and interest. In particular, despite the fact that vulnerability due to inter-Korean confrontation and regular security-related incidents have been triggered, unconditionally conducting a cloud computing pilot project without reviewing not only violates security regulations but also causes various security-related side effects in and outside South Korea. Therefore, this thesis found conditions for conduct of this project by suggesting duties that can apply cloud computing as well as security technology, administration, post-accident matters and conditions for legally solving cloud computing in the military.

Website Falsification Detection System Based on Image and Code Analysis for Enhanced Security Monitoring and Response (이미지 및 코드분석을 활용한 보안관제 지향적 웹사이트 위·변조 탐지 시스템)

  • Kim, Kyu-Il;Choi, Sang-Soo;Park, Hark-Soo;Ko, Sang-Jun;Song, Jung-Suk
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.5
    • /
    • pp.871-883
    • /
    • 2014
  • New types of attacks that mainly compromise the public, portal and financial websites for the purpose of economic profit or national confusion are being emerged and evolved. In addition, in case of 'drive by download' attack, if a host just visits the compromised websites, then the host is infected by a malware. Website falsification detection system is one of the most powerful solutions to cope with such cyber threats that try to attack the websites. Many domestic CERTs including NCSC (National Cyber Security Center) that carry out security monitoring and response service deploy it into the target organizations. However, the existing techniques for the website falsification detection system have practical problems in that their time complexity is high and the detection accuracy is not high. In this paper, we propose website falsification detection system based on image and code analysis for improving the performance of the security monitoring and response service in CERTs. The proposed system focuses on improvement of the accuracy as well as the rapidity in detecting falsification of the target websites.

Study to detect and block leakage of personal information : Android-platform environment (개인정보 유출 탐지 및 차단에 관한 연구 : 안드로이드 플랫폼 환경)

  • Choi, Youngseok;Kim, Sunghoon;Lee, Dong Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.4
    • /
    • pp.757-766
    • /
    • 2013
  • The Malicious code that targets Android is growing dramatically as the number of Android users are increasing. Most of the malicious code have an intention of leaking personal information. Recently in Korea, a malicious code 'chest' has appeared and generated monetary damages by using malicious code to leak personal information and try to make small purchases. A variety of techniques to detect personal information leaks have been proposed on Android platform. However, the existing techniques are hard to apply to the user's smart-phone due to the characteristics of Android security model. This paper proposed a technique that detects and blocks file approaches and internet connections that are not allowed access to personal information by using the system call hooking in the kernel and white-list based approach policy. In addition, this paper proved the possibility of a real application on smart-phone through the implementation.

Analysis of Information Assurance Schemes for New Korean Information Assurance Scheme (새로운 한국형 정보보증 제도 개발을 위한 기존의 정보보증 제도의 분석)

  • Ha, Soo-Cheol;Lee, Gang-Soo
    • Journal of National Security and Military Science
    • /
    • s.9
    • /
    • pp.207-240
    • /
    • 2011
  • There are many information assurance schemes(i.e., evaluation criteria and methodology) for security assurance of information systems, since the security is one of the most important characteristics in the modem information systems. However, there are confusions among schemes and redundancies of assurance. In this paper, we survey and classify conventional information assurance schemes by view points of assurance targets, life-cycles and nations. We propose three new information assurance schemes as the result of survey. Those are as follows: the schemes of the assurance on the requirement itself which is evaluated and certificated after standardizing the security requirements about the organizations and the applications, on the developing information system, and on the accreditation and certification about new information system. This will be helpful to set up a security assurance of National Defense.

  • PDF