• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.1
• /
• pp.23-30
• /
• 2008

Attempt to protect personal computer from hacking, virus, worm, and the troy wooden horse is progressed variously. Nevertheless, it is very difficult fer public users to understand configurations to enhance security stability in windows based personal computer, and many security problem is due to there lack of recognize about information accessability, various kind of configuration, these necessity, and efficiency. Accordingly, it is demandded to develop an efficient system to protect networks and personal computer with automated method. In this paper, we derive problems of personal computer by analyzing various vulnerableness and policy on security, through which we design and implement the system to solve various windows system problem conveniently.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1219-1230
• /
• 2012

Recently, lots of users are using wireless LAN providing authentication and confidentiality with security mechanism such as WEP, WPA. But, weakness of each security mechanism was discovered and attack methods that user's information was exposed or modified to the third parties with it and abused by them were suggested. In this paper, we analyzed architecture of security mechanisms in wireless LAN and performed PSK cracking attack and cookie session hijacking attack with the known vulnerability. And, an improved 4-way handshake mechanism which can counter PSK cracking attack and a cookie replay detection mechanism which can prevent cookie session hijacking attack were proposed. Proposed mechanisms are expected to apply to establish more secure wireless LAN environment by countering existing vulnerability.

• The Journal of Industrial Distribution & Business
• /
• v.13 no.9
• /
• pp.1-9
• /
• 2022

Purpose: This study evaluates the ability to improve the economic welfare of rural communities in Indonesia by using the inequality measures of the distribution of information between leaders and their people as a variable that weakens the capacity of increasing the welfare. Research Design, Data, and Methodology: The research designed by developing an instrument using data validity and reliability testing. Before, primary data collected through interviews, questionnaires, observation, and documentation on the selected respondents. Then, the research method used is mixed methods research, in which quantitative and qualitative methods combined. Result: The finding from this study is that there is an inequality measure in the form of a high gap between the score of information distribution obtained by the village government compared to the score of the community, which has led to the welfare of the village which is still at a moderate level and not ready to become a prosperous society. Conclusion: The weakness of the village community is related to two things, namely the behavior and knowledge of the community about the issues, so the implication is that there must be a strong effort from the central government to ensure that technology is more evenly distributed to all villagers.

• Journal of Information Technology Services
• /
• v.21 no.5
• /
• pp.65-79
• /
• 2022

The smart factory has spread to small and mid-size enterprises (SMEs) under the leadership of the government. Smart factory consists of a work area, an operation management area, and an industrial control system (ICS) area. However, each site is combined with the IT system for reasons such as the convenience of work. As a result, various breaches could occur due to the weakness of the IT system. This study seeks to discover the items and vulnerabilities that SMEs who have difficulties in information security due to technology limitations, human resources, and budget should first diagnose and check. First, to compare the existing domestic and foreign smart factory vulnerability classification systems and improve the current classification system, the latest smart factory vulnerability information is collected from NVD, CISA, and OWASP. Then, significant keywords are extracted from pre-processing, co-occurrence network analysis is performed, and the relationship between each keyword and vulnerability is discovered. Finally, the improvement points of the classification system are derived by mapping it to the existing classification system. Therefore, configuration and maintenance, communication and network, and software development were the items to be diagnosed and checked first, and vulnerabilities were denial of service (DoS), lack of integrity checking for communications, inadequate authentication, privileges, and access control in software in descending order of importance.

• Journal of Korean Library and Information Science Society
• /
• v.37 no.1
• /
• pp.193-219
• /
• 2006

This study analyzes 47 articles dealing with refugees in library and information science field. The subjects of these articles are such various as the cases of refugee service in libraries and information centers, the library service guidance for refugees, information resources of refugees and forced migration study, and information need and Information seeking behavior of refugees. However, the research of this area has such limitations and weakness as the small scale of articles about refugees, the scarcity of professional researchers, the deficient studies concentrating refugees directly, and the unprepared research methods. Tn particular, there was no article about refugee which was produced by the library and information science field in South Korea. Urgently needed is the research of information needs and information seeking behavior of North Korean refugees considering the recent influx of North Korean refugee into South Korea.

• Journal of Digital Convergence
• /
• v.12 no.2
• /
• pp.513-518
• /
• 2014

According to the development of IT technology, various new technologies are being produced. As the complexity of the information system like using the network and convergence devices is increasing, threat and vulnerability against various security problems are increasing even though new IT services provide the convenience of users' accessibility to services. In order to secure the safety of information system, the weakness is being removed through the information protection vulnerability analysis starting from information and communication service construction stage and the system is being prepared for pre-inspection activities about whether the information protection measures were established and applied. In this paper, introduction and current status of each country about advanced check-up systems in the information system are to be identified. Progress direction about the advanced pre-inspection system which is driven by Korea Internet Security Agency and its activation plan to secure the safety are to be suggested.

• Journal of the Korean Society for information Management
• /
• v.37 no.2
• /
• pp.333-352
• /
• 2020

This study aimed to analyze research trends of 'digital divide' in Library and Information Science. To this end, we coded research subjects with 11 subcategories, and research objectives with 4 subcategories, and research methods with 4 subcategories, and constructed keyword networks to which a pathfinder algorithm was applied. As a result of the analysis, 79.5% of studies are on the disabled, multicultural families, and the elderly among information vulnerable groups, and it was found to be concentrated in specific groups. In addition, digital divide related studies have been actively conducted for the purpose of resolving information vulnerabilities such as people with disabilities. We also found that these studies focused on verifying the effectiveness by designing and applying treatments such as informatization education, information utilization, and reading programs. Lastly, the most frequently used research method in the digital divide was found to use case studies or questionnaires simultaneously with literature research.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.6
• /
• pp.1194-1203
• /
• 2004

The RR protocole, proposed in IETF mip6 WG and standardized by RFC 3775 at lune 2004, send a message 'Binding Update' that express MN's location information to CN safety and update location information. Standard RR protocole has some problems with initiating the protocol by the MN; it causes to increases in communication load in the home network, to increases communication delay between MN and CN. Also, is connoting vulnerability to against attacker who are on the path between CN and HA in security aspect. This paper proposes doing to delegate MN's location information update rights by HA new location information update method. That is, When update MN's location information to HA, Using MN's private key signed location information certificate use and this certificate using method that HA uses MN's location information at update to CN be. It decreases the route optimization overhead by reducing the number of messages as well as the using location information update time. Also, remove security weakness about against attacker who are on the path between CN and HA.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.11
• /
• pp.2067-2072
• /
• 2016

Recently, due to the development of attack techniques that can circumvent existing information protection systems, continuous threats in a form unrecognized by the user have threatened information assets. Therefore, it is necessary to support the prompt responses to anticipated attempts of APT attacks, bypass access attacks, and encryption packet attacks, which the existing systems have difficulty defending against through a single response, and to continuously monitor information protection systems with a defense strategy based on Indicators of Attack (IOA). In this paper, I suggest a centralized intelligent information protection system to support the intelligent response to a violation by discerning important assets through prevention control in a performance impact assessment about information properties in order to block the attack routes of APT; establishing information control policies through weakness/risk analyses in order to remove the risks in advance; establishing detection control by restricting interior/exterior bypass networks to server access and monitoring encrypted communications; and lastly, performing related corrective control through backup/restoration.

• Proceedings of the IEEK Conference
• /
• 2004.08c
• /
• pp.519-523
• /
• 2004

In this paper we challenge the user Authentication using KerberosV5 authentication protocol in WPKI environment. This paper is the security structure that defined in a WAP forum and security and watches all kinds of password related technology related to the existing authentication system. It looks up weakness point on security with a problem on the design that uses wireless public key based structure and transmission hierarchical security back of a WAP forum, and a server client holds for user authentication of an application layer all and all, and it provides one counterproposal. Therefore, We offer authentication way solution that connected X.509 V3 with using WIM for complement an authentication protocol KerberosV5 and its disadvantages.