• Title/Summary/Keyword: information security system

Search Result 6,599, Processing Time 0.029 seconds

Research on security technology to respond to edge router-based network attacks (Edge 라우터 기반 네트워크 공격에 대응하는 보안기술 연구)

  • Hwang, Seong-Kyu
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.26 no.9
    • /
    • pp.1374-1381
    • /
    • 2022
  • Existing research on security technology related to network attack response has focused on research using hardware network security technology, network attacks that wiretap and wiretap network packets, denial of service attack that consumes server resources to bring down the system, and network by identifying vulnerabilities before attack. It is classified as a scanning attack. In addition, methods for increasing network security, antivirus vaccines and antivirus systems have been mainly proposed and designed. In particular, many users do not fully utilize the security function of the router. In order to overcome this problem, it is classified according to the network security level to block external attacks through layered security management through layer-by-layer experiments. The scope of the study was presented by examining the security technology trends of edge routers, and suggested methods and implementation examples to protect from threats related to edge router-based network attacks.

A Review of Security and Privacy of Cloud Based E-Healthcare Systems

  • Faiza Nawaz;Jawwad Ibrahim;Maida Junaid
    • International Journal of Computer Science & Network Security
    • /
    • v.24 no.6
    • /
    • pp.153-160
    • /
    • 2024
  • Information technology plays an important role in healthcare. The cloud has several applications in the fields of education, social media and medicine. But the advantage of the cloud for medical reasons is very appropriate, especially given the large volume of data generated by healthcare organizations. As in increasingly health organizations adopting towards electronic health records in the cloud which can be accessed around the world for various health issues regarding references, healthcare educational research and etc. Cloud computing has many advantages, such as "flexibility, cost and energy savings, resource sharing and rapid deployment". However, despite the significant benefits of using the cloud computing for health IT, data security, privacy, reliability, integration and portability are some of the main challenges and obstacles for its implementation. Health data are highly confidential records that should not be made available to unauthorized persons to protect the security of patient information. In this paper, we discuss the privacy and security requirement of EHS as well as privacy and security issues of EHS and also focus on a comprehensive review of the current and existing literature on Electronic health that uses a variety of approaches and procedures to handle security and privacy issues. The strengths and weaknesses of some of these methods were mentioned. The significance of security issues in the cloud computing environment is a challenge.

An Architecture Design of Military Operation System Utilizing Cellular Networks (군작전 효율화를 위한 셀룰라망 연동구조 설계)

  • Kim, Jae-Cheol;Kim, In-Taek
    • Journal of National Security and Military Science
    • /
    • s.9
    • /
    • pp.257-282
    • /
    • 2011
  • In this paper, we propose an architecture design of military operation system utilizing cellular networks. The main contribution of this paper is to provide a cost-effective military operation solution for ground forces, which is based on IT(information technology). By employing the cellular phones of officers' and non-commissioned officers' as the tools of operational communication, the proposed system can be constructed in the minimum duration and be built on the four components: command and control system, gateway, security system, and terminal(cell phone). This system is most effective for the warfare of limited area, but the effectiveness does not decrease under the total war covering the whole land of Korea. For the environmental change of near future, expanded architecture is also provided to utilize the functionalities of smart phones.

  • PDF

A Study on the Supply Chain Security and Risk Management Strategies of Global Companies (글로벌 기업의 공급사슬보안 및 위험관리전략에 관한 연구)

  • Yang, Jung-Ho
    • Management & Information Systems Review
    • /
    • v.27
    • /
    • pp.149-172
    • /
    • 2008
  • Since the 9/11 terror attack, the event which caused supply chain disruption, supply chain security has becomes more important than ever before. Furthermore, such company's logistics strategies conflicting supply chain security as increased global sourcing, JIT manufacturing are increasing supply chain vulnerability. It could burden for global companies to strengthen supply chain security because not only it requires additional investment cost but also changes of companiy's global logistics strategy. However, on the other hand, supply chain visibility and resilience can be improved through supply chain security. In addition, it allows companies to stabilize supply chain structure as well as rapid and flexible response to market demand. The key issue is balancing between efficiency and supply chain security. To do this, identifying risk elements under the supply chain and assessing vulnerability of each supply chain components should be performed before developing efficient supply chain security management system without obstructing supply chain efficiency.

  • PDF

A Study on ESM(Enterprise Security Management) System Standard (통합 보안 관리 시스템 표준화에 대한 연구)

  • 소우영
    • Convergence Security Journal
    • /
    • v.2 no.2
    • /
    • pp.109-121
    • /
    • 2002
  • As the development of information technology and thus the growth of security incidents, there has been increasing demand on developing a system for centralized security management, also known as Enterprise Security Management(ESM), uniting functions of various security systems such as firewall, intrusion detection system, virtual private network and so on. Unfortunately, however, developers have been suffering with a lack of related standard. Although ISTF recently announced firewall system and intrusion detection system log format, it still needs for truly efficient ESM further development of the related standard including event and control messaging. This paper analyses ISTF standard and further suggests an additional event and control messaging standard for firewall and intrusion detection systems. It is expected that this effort would be helpful for the development of ESM and further related standard.

  • PDF

A study on the functional restructuring of the security system for the reduction of the amount of carbon dioxide (탄소량 감축을 위한 보안 시스템의 기능적 구조 개선에 관한 연구)

  • Jeon, Jeong Hoon
    • Convergence Security Journal
    • /
    • v.13 no.3
    • /
    • pp.39-46
    • /
    • 2013
  • Recently, the problem of global warming has become a globally important issues. and To solve these problems, has been receiving increasing attention for the Green IT. In these situation, IT techniques are evolving with variety services and hacking techniques. so, it is inevitable to the use of a many and diverse secure system. As a result, Carbon Dioxide emissions are expected to increase. Therefore, in this paper is analyzed the factors of security system's $CO_2$ emissions through Experiments and A case study. and is proved that is reducing $CO_2$ emissions by improving the functional restructuring of the security system. In a future, this paper is expected to serve as a valuable Information for security network design and performance improvements and to reduce Carbon Emissions in the Field of IT.

A practical challenge-response authentication mechanism for a Programmable Logic Controller control system with one-time password in nuclear power plants

  • Son, JunYoung;Noh, Sangkyun;Choi, JongGyun;Yoon, Hyunsoo
    • Nuclear Engineering and Technology
    • /
    • v.51 no.7
    • /
    • pp.1791-1798
    • /
    • 2019
  • Instrumentation and Control (I&C) systems of nuclear power plants (NPPs) have been continuously digitalized. These systems have a critical role in the operation of nuclear facilities by functioning as the brain of NPPs. In recent years, as cyber security threats to NPP systems have increased, regulatory and policy-related organizations around the world, including the International Atomic Energy Agency (IAEA), Nuclear Regulatory Commission (NRC) and Korea Institute of Nuclear Nonproliferation and Control (KINAC), have emphasized the importance of nuclear cyber security by publishing cyber security guidelines and recommending cyber security requirements for NPP facilities. As described in NRC Regulatory Guide (Reg) 5.71 and KINAC RS015, challenge response authentication should be applied to the critical digital I&C system of NPPs to satisfy the cyber security requirements. There have been no cases in which the most robust response authentication technology like challenge response has been developed and applied to nuclear I&C systems. This paper presents a challenge response authentication mechanism for a Programmable Logic Controller (PLC) system used as a control system in the safety system of the Advanced Power Reactor (APR) 1400 NPP.

A Closer Look on Challenges and Security Risks of Voice Over Internet Protocol Infrastructures

  • Omari, Ahmed H. Al;Alsariera, Yazan A.;Alhadawi, Hussam S.;Albawaleez, Mahmoud A.;Alkhliwi, Sultan S.
    • International Journal of Computer Science & Network Security
    • /
    • v.22 no.2
    • /
    • pp.175-184
    • /
    • 2022
  • Voice over Internet Protocol (VoIP) has grown in popularity as a low-cost, flexible alternative to the classic public switched telephone network (PSTN) that offers advanced digital features. However, additional security vulnerabilities are introduced by the VoIP system's flexibility and the convergence of voice and data networks. These additional challenges add to the normal security challenges that a VoIP system's underlying IP data network infrastructure confront. As a result, the VoIP network adds to the complexity of the security assurance task faced by businesses that use this technology. It's time to start documenting the many security risks that a VoIP infrastructure can face, as well as analyzing the difficulties and solutions that could help guide future efforts in research & development. We discuss and investigate the challenges and requirements of VoIP security in this research. Following a thorough examination of security challenges, we concentrate on VoIP system threats, which are critical for present and future VoIP deployments. Then, towards the end of this paper, some future study directions are suggested. This article intends to guide future scholars and provide them with useful guidance.

Joint Virtual User Identification and Channel Security En/Decoding Method for Ad hoc Network

  • Zhang, Kenan;Li, Xingqian;Ding, Kai;Li, Li
    • International Journal of Computer Science & Network Security
    • /
    • v.22 no.11
    • /
    • pp.241-247
    • /
    • 2022
  • Ad hoc network is self-organized network powered by battery. The reliability of virtual user identification and channel security are reduced when SNR is low due to limited user energy. In order to solve this problem, a joint virtual user identification and channel security en/decoding method is proposed in this paper. Transmitter-receiver-based virtual user identification code is generated by executing XOR operation between orthogonal address code of transmitter and pseudo random address code of receiver and encrypted by channel security code to acquire orthogonal random security sequence so as to improve channel security. In order to spread spectrum as well as improve transmission efficiency, data packet is divided into 6-bit symbols, each symbol is mapped with an orthogonal random security sequence. Subspace-based method is adopted by receiver to process received signal firstly, and then a judgment model is established to identify virtual users according to the previous processing results. Simulation results indicate that the proposed method obtains 1.6dB Eb/N0 gains compared with reference methods when miss alarm rate reaches 10-3.

An Analysis on Role of Stakeholders for Security System in Smart Healthcare Environment (스마트 의료환경에서 보안체계 구축을 위한 이해관계자 역할 분석)

  • Kim, Yanghoon;Jeong, Wonwho
    • The Journal of Society for e-Business Studies
    • /
    • v.24 no.1
    • /
    • pp.17-27
    • /
    • 2019
  • With the occurrence of the 4th Industrial Revolution, environmental change is happening in the healthcare industry as overall flow of Industry heads to ICT-based business environment. Healthcare Industry, which has the characteristic of public goods, is requiring a reliability and continuity of healthcare industry, however, the introduction of security is being delayed due to the problem of compatibility and extendability of existing system. Accordingly, in this research, we have built a section and role for stakeholders to be concerned in order to induce, analyze and introduce a needed security technology for rapidly building a security system in a smart healthcare environment. We have suggested a possibility of extendability regarding a multi-dimensional effort of stakeholders for establishing a healthcare security system.