• Title/Summary/Keyword: information security system

Search Result 6,599, Processing Time 0.033 seconds

Implementation of Secure Linux OS based on Kernel (커널 기반의 보안 리눅스 운영체제 구현)

  • 박태규;임연호
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.11 no.4
    • /
    • pp.33-43
    • /
    • 2001
  • This paper presents a secure Linux OS in which multi-level security functions are implemented at the kernel level. Current security efforts such as firewall or intrusion detection system provided in application-space without security features of the secure OS suffer from many vulnerabilities. However the development of the secure OS in Korea lies in just an initial state, and NSA has implemented a prototype of the secure Linux but published just some parts of the technologies. Thus our commercialized secure Linux OS with multi-level security kernel functions meets the minimum requirements for TCSEC B1 level as well kernel-mode encryption, real-time audit trail with DB, and restricted use of root privileges.

A Study on the Measures for the Development of Electronic Security in the 4th Industrial Revolution Era (4차 산업혁명 시대 Electronic Security 발전 방안에 관한 연구)

  • Kim, Min Su
    • Convergence Security Journal
    • /
    • v.20 no.3
    • /
    • pp.109-114
    • /
    • 2020
  • Currently, in the 4th industrial revolution era(4IR), the convergent infrastructure has been established by actively utilizing data based on the existing digital technological innovation in the 3rd industrial revolution. Thus, the technological innovation based on the knowledge-information society needs to put innovative efforts for creating new business models in various areas. Thus, this study aims to present an Electronic Security Framework by suggesting the Cyber-Physical Security System(CPSS) that could more accurately predict and efficiently utilize it based on structured data obtained by collecting, analyzing, and processing an enormous amount of unstructured data which is a core technology distinguished from the 3rd industrial revolution.

Implementation of Embedded Biometrics Technologies : A Case of a Security Token for Fingerprints (임베디드 생체 인식 기술 구현 : 지문 보안 토큰 사례)

  • 김영진;문대성;반성범;정용화;정교일
    • Journal of the Institute of Electronics Engineers of Korea CI
    • /
    • v.40 no.6
    • /
    • pp.39-46
    • /
    • 2003
  • Biometric technologies using biometric information like fingerprints features are in wide use for the secure user authentication in many services including log-in of computer systems, entrance ID and E-commercial security. Nowadays, biometric technologies are ported into small embedded systems like security tokens or smart cards due to the merit of being secure and automatic in comparison with the previous method in user authentication such as using a PIN. In this paper, the security token developed as an embedded system and tile user authentication system implemented and tested using fingerprints information are described. Communications between the security token and tile host are tested and verified with USB. And, execution time and runtime memory on tile security token board was measured and performance improvement was described. In addition, requisites for the transit from the security token to the match-on-card was mentioned.

FDANT-PCSV: Fast Detection of Abnormal Network Traffic Using Parallel Coordinates and Sankey Visualization (FDANT-PCSV: Parallel Coordinates 및 Sankey 시각화를 이용한 신속한 이상 트래픽 탐지)

  • Han, Ki hun;Kim, Huy Kang
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.30 no.4
    • /
    • pp.693-704
    • /
    • 2020
  • As a company's network structure is getting bigger and the number of security system is increasing, it is not easy to quickly detect abnormal traffic from huge amounts of security system events. In this paper, We propose traffic visualization analysis system(FDANT-PCSV) that can detect and analyze security events of information security systems such as firewalls in real time. FDANT-PCSV consists of Parallel Coordinates visualization using five factors(source IP, destination IP, destination port, packet length, processing status) and Sankey visualization using four factors(source IP, destination IP, number of events, data size) among security events. In addition, the use of big data-based SIEM enables real-time detection of network attacks and network failure traffic from the internet and intranet. FDANT-PCSV enables cyber security officers and network administrators to quickly and easily detect network abnormal traffic and respond quickly to network threats.

A Study on the Real-time Cyber Attack Intrusion Detection Method (실시간 사이버 공격 침해사고 탐지방법에 관한 연구)

  • Choi, Jae-Hyun;Lee, Hoo-Jin
    • Journal of the Korea Convergence Society
    • /
    • v.9 no.7
    • /
    • pp.55-62
    • /
    • 2018
  • Recently, as the threat of cyber crime increases, the importance of security control to cope with cyber attacks on the information systems in the first place such as real-time detection is increasing. In the name of security control center, cyber terror response center and infringement response center, institutional control personnel are making efforts to prevent cyber attacks. Especially, we are detecting infringement accident by using network security equipment or utilizing control system, but it's not enough to prevent infringement accident by just controlling based on device-driven simple patterns. Therefore, the security control system is continuously being upgraded, and the development and research on the detection method are being actively carried out by the prevention activity against the threat of infringement. In this paper, we have defined the method of detecting infringement of major component module in order to improve the problem of existing infringement detection method. Through the performance tests for each module, we propose measures for effective security control and study effective infringement threat detection method by upgrading the control system using Security Information Event Management (SIEM).

A Study on Evaluation Method of IDC in the Wire/Wireless Integrated Environment (유.무선 통합환경에서의 IDC 평가방법에 관한 연구)

  • Lee, Jea-Pyuing;Park, Jin-Seok;Lee, Man-Woo;Kim, Sun-Gohn
    • Proceedings of the Korea Contents Association Conference
    • /
    • 2006.11a
    • /
    • pp.599-603
    • /
    • 2006
  • Korea Information Security Agency has executed the certification system for the information security management since 2002 and examines the conformance of the IDCs'total management system including the technical and the physical protection measure. However, this certification system has the standard only for the IDC in the wire/wireless segregated and the evaluation method for the wire/wireless integrated has not been suggested yet. This paper is on the basis of "Accumulation Information Communication Facility Secure Principle", guidelines of Wireless LAN security operation, the existing principles and recommendations of the information security and the data on IDC environment. And the paper suggests the IDC network model in the wire/wireless integrated and the IDC evaluation method.

  • PDF

Secure Camera Network System for Intelligent Surveillance Systems Based on Real-Time Video (실시간 영상 기반의 지능형 보안 관제 시스템을 위한 안전한 카메라 네트워크 시스템)

  • Yang, Soo-mi;Ko, Eun-kyung
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.40 no.6
    • /
    • pp.1102-1106
    • /
    • 2015
  • To provide social security and for cooperative smart camera context awareness processing, each camera stores and exchange context data. For a specific event, measured values with other context data is stored RDB. RDB is transformed to ontology RDF file and is used for context reasoning. Interoperability between smart cameras conforms to ONVIF and constitutes intelligent surveillance system. To guarantee the confidentiality and integrity, securiy techniques are adopted. Security overhead between agents is analyzed in the prototype system implemented.

A Study on the Performance Evaluation based on Modular Face Recognition System (모듈화된 얼굴인식 시스템을 이용한 성능 시험에 관한 연구)

  • Hong Tae-Hwa;Moon Hyeon-Joon;Shin Yong-Nyuo;Lee Dong-Geun;Kim Jae-Sung
    • Journal of the Institute of Electronics Engineers of Korea SC
    • /
    • v.42 no.4 s.304
    • /
    • pp.35-44
    • /
    • 2005
  • Face recognition out of biometrics is considerable interesting due to high performance and accessibility in applications to security such as access control and banking service. Therefore, a study on the protocol of the performance test is an important issue to understand the art-of state and to show a direction in future works, in addtion to developing algorithms. We present a design criterion for the performance test protocol of face recognition system and show the result of experiment executed on identification and verification scenario based on PCA algorithm and XM2VTS DB

A Case Study on Program Outcomes Assessment of Information Security Program for Engineering Education Accreditation (공학교육인증을 위한 정보보호학 프로그램의 학습성과 평가에 관한 연구)

  • Chung, Weonil;Oh, Soo-Hyun;Kim, Hwankoo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.3
    • /
    • pp.777-785
    • /
    • 2016
  • Engineering education accreditation addresses evaluation for program outcomes according to educational objectives and assessment process, which students are expected to obtain by the time of graduation in order to train international competitive engineers with continuous quality improvement in engineering programs. This paper shows a case study of a program outcomes assessment system including performance criteria, evaluation process, document system and continuous quality improvement process and an achievement evaluation by the assessment system for program outcomes in Information Security Program of Hoseo university.

Implementation of file Access Control Module Using on Windows XP (윈도우 XP 기반의 파일 정책 모듈 설계 및 구현)

  • 성경
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.8 no.6
    • /
    • pp.1204-1211
    • /
    • 2004
  • As the development of information telecommunication technology and thus the information sharing and opening is accelerated, f system is exposed to various threatener and the avrious security incident is rasing its head with social problem. As countermeasure, to protect safely and prepare in the attack for a system from a be latent security threat, various security systems are been using such as IDS, Firewall, VPN etc.. But, expertise or expert is required to handle security system. The module, implemented in this paper, is based on Windows XP, like Linux and Unix, and has effect integrity and non-repudiation for a file.