• 제목/요약/키워드: life security

검색결과 1,279건 처리시간 0.025초

과학기술 중심 국방혁신을 위한 데이터 가치 기반 보안정책 발전 방향 (Improving the Security Policy Based on Data Value for Defense Innovation with Science and Technology)

  • 박흥순
    • 융합보안논문지
    • /
    • 제23권1호
    • /
    • pp.109-115
    • /
    • 2023
  • 미래 국방은 세계 안보정세의 불확실성 가속화, 국내 사회·경제적 여건 제한 등 다양하고 도전적인 환경에 직면하고 있다. 이에 우리 국방부는 인공지능, 드론, 로봇 등 과학기술 기반의 국방혁신으로 당면한 문제점과 위협요인에 대응하려 하고 있다. 인공지능 기반의 첨단과학기술 도입을 위해서는 클라우드, 5G와 같은 IT기반 환경 위에 데이터를 융합하고 활용하는 것이 필수적이다. 하지만 기존의 전통적인 보안 정책은 주로 시스템 중심의 보안으로 일률적인 보안 통제수단을 적용하는 등 데이터공유 및 활용에 어려움이 있다. 본 연구는 데이터 가치 평가 및 데이터 수명주기 관리에 대한 이론적 배경을 바탕으로 데이터가치 기반의 국방 보안정책으로 패러다임 전환을 제안한다. 이를 통해 데이터 기반의 업무 활성화 및 AI기반 과학기술중심의 국방혁신 구현에 도움이 될 것으로 기대한다.

A Novel Security Scheme with Message Level Security for Hybrid Applications

  • Ma, Suoning;Joe, Inwhee
    • 한국정보처리학회:학술대회논문집
    • /
    • 한국정보처리학회 2016년도 춘계학술발표대회
    • /
    • pp.215-217
    • /
    • 2016
  • With the popularity of smart device, mobile applications are playing more and more important role in people's daily life, these applications stores various information which greatly facilitate the user's daily life. However due to the frequent transmission of data in the network also increases the risk of data leakage, more and more developers began to focus on how to protect user data. Current mainstream development models include Native development, Web development and Hybrid development. Hybrid development is based on JavaScript and HTML5, it has a cross platform advantages similar to Web Apps and a good user experience similar to Native Apps. In this paper according to the features of Hybrid applications, we proposed a security scheme in Hybrid development model implements message-level data encryption to protect user information. And through the performance evaluation we found that in some scenario the proposed security scheme has a better performance.

자동차 공급망 위험관리(A-SCRM) 방안 연구 (A Study on Supply Chain Risk Management of Automotive)

  • 김동원;한근희;전인석;최진영
    • 정보보호학회논문지
    • /
    • 제25권4호
    • /
    • pp.793-805
    • /
    • 2015
  • 현대의 자동차는 안전필수(Safety Critical) 시스템이기 때문에 차량의 안전성을 보장하는 것은 물론 초 연결사회를 지향하는 사물인터넷 기술의 발전과 자동차의 스마트화 됨에 따른 자동차 보안문제가 대두됨에 따라 자동차 소프트웨어와 공급망에서의 보증 방안과 공급망에서 발생할 수 있는 위험을 식별, 평가 및 통제하기 위한 위험관리 방안이 필요하다. 본 논문에서는 자동차 Life-Cycle 내에서 이해관계자 별 위험관리(A-SCRM, Automotive Supply Chain Risk Management) 방법을 연구 제안한다.

통합정보보호시스템의 최적 품질 확보를 위한 최소개발비용 탐색에 관한 연구 (A Study on Optimal Developmental Cost for Quality Factors of Integrated Information Security Systems)

  • 박유진;최명길
    • 산업경영시스템학회지
    • /
    • 제33권3호
    • /
    • pp.1-9
    • /
    • 2010
  • To protect information resources, many organizations including private corporate and government employ integrated information security systems which provide the functions of intrusion detection, firewall, and virus vaccine. So, in order to develop a reliable integrated information security system during the development life cycle, the managers in charge of the development of the system must effectively distribute the development resources to the quality factors of an integrated information security system. This study suggests a distribution methodology that minimizes the total cost with satisfying the minimum quality level of an integrated information security system by appropriately assigning development resources to quality factors considered. To achieve this goal, we identify quality factors of an integrated information system and then measure the relative weights among the quality factors using analytic hierarchy process (AHP). The suggested distribution methodology makes it possible to search an optimal solution which minimizes the total cost with satisfying the required quality levels of processes by assigning development resources to quality factors during the development life cycle.

특수섬유를 이용한 보안용지의 개발 (Use of New Fibers for the Development of Security Paper)

  • 정선영;길상혁;김영욱;서영범
    • 펄프종이기술
    • /
    • 제44권1호
    • /
    • pp.16-23
    • /
    • 2012
  • Use of security papers for monetary papers, gift certificates, and lottery tickets increases every year. As the use of security papers increase, there are more possibility of counterfeits. In this study, we used unique fibers from the sea to increase the difficulties against counterfeiting. The red algae fibers give opacity as much as calcium carbonates, and have unique shape in length ($500{\sim}900\;{\mu}m$) and width ($1{\sim}4\;{\mu}m$) to be discerned from other natural fibers such as wood and cotton fibers. We mixed red algae fibers to wood fibers in a series of fixed ratios to make single and multiply papers for making security papers. Paper with dyed red algae fibers were also used. Paper made without fillers gave enough opacity for printing when red algae fibers were used more than 20% of the fiber furnish. Those properties may allow red algae fibers to be a potential candidate for fiber raw materials of security paper.

Virtual World-Based Information Security Learning: Design and Evaluation

  • Ryoo, Jungwoo;Lee, Dongwon;Techatassanasoontorn, Angsana A.
    • Journal of Information Science Theory and Practice
    • /
    • 제4권3호
    • /
    • pp.6-27
    • /
    • 2016
  • There has been a growing interest and enthusiasm for the application of virtual worlds in learning and training. This research proposes a design framework of a virtual world-based learning environment that integrates two unique features of the virtual world technology, immersion and interactivity, with an instructional strategy that promotes self-regulatory learning. We demonstrate the usefulness and assess the effectiveness of our design in the context of information security learning. In particular, the information security learning module implemented in Second Life was incorporated into an Introduction to Information Security course. Data from pre- and post- learning surveys were used to evaluate the effectiveness of the learning module. Overall, the results strongly suggest that the virtual world-based learning environment enhances information security learning, thus supporting the effectiveness of the proposed design framework. Additional results suggest that learner traits have an important influence on learning outcomes through perceived enjoyment. The study offers useful design and implementation guidelines for organizations and universities to develop a virtual world-based learning environment. It also represents an initial step towards the design and explanation theories of virtual world-based learning environments.

IoT 종단간 보안을 위한 ECQV 인증서 기반의 보안 메커니즘 (ECQV Certificate Based Security Mechanism for End-to-End Security in IoT)

  • 연한별;박창섭
    • 융합보안논문지
    • /
    • 제17권1호
    • /
    • pp.53-61
    • /
    • 2017
  • IoT 기술은 점차 발전하고 있으며 관련 서비스와 기술들이 생활 곳곳에 스며들고 있다. 이러한 IoT 기술은 사용자의 삶을 편하게 해주지만 양날의 검처럼 큰 위협 또한 가지고 있다. 때문에 보안의 중요성이 떠오르며 관련 연구들이 활발하게 진행되고 있다. 기존에 진행되는 연구들은 네트워크 아키텍처 관점에서 종단간 보안을 위해 DTLS를 사용하며 특히 성능이 제약된 기기에 생기는 부하를 줄이는 데 초점이 맞춰져 있다. 본 논문에서는 역시 네트워크 관점에서 DTLS 프로토콜의 부하를 줄이기 위해 기존의 X.509 인증서가 아닌 경량화된 인증서인 ECQV 인증서를 사용하는 DTLS 프로토콜을 제안한다. 또한 제안기법을 실제로 구현하고 기존의 보안 모드인 PSK, RPK 모드와 비교 및 분석한다.

The Importance of Ethical Hacking Tools and Techniques in Software Development Life Cycle

  • Syed Zain ul Hassan;Saleem Zubair Ahmad
    • International Journal of Computer Science & Network Security
    • /
    • 제23권6호
    • /
    • pp.169-175
    • /
    • 2023
  • Ethical hackers are using different tools and techniques to encounter malicious cyber-attacks generated by bad hackers. During the software development process, development teams typically bypass or ignore the security parameters of the software. Whereas, with the advent of online web-based software, security is an essential part of the software development process for implementing secure software. Security features cannot be added as additional at the end of the software deployment process, but they need to be paid attention throughout the SDLC. In that view, this paper presents a new, Ethical Hacking - Software Development Life Cycle (EH-SDLC) introducing ethical hacking processes and phases to be followed during the SDLC. Adopting these techniques in SDLC ensures that consumers find the end-product safe, secure and stable. Having a team of penetration testers as part of the SDLC process will help you avoid incurring unnecessary costs that come up after the data breach. This research work aims to discuss different operating systems and tools in order to facilitate the secure execution of the penetration tests during SDLC. Thus, it helps to improve the confidentiality, integrity, and availability of the software products.

가구 식품불안정 상태와 정신건강 및 건강 관련 삶의 질과의 연관성 (Association of Mental Health and Health-Related Quality of Life with Household Food Insecurity Status among a Representative Korean Population)

  • 김유진;박종은;김소영;박종혁
    • 보건행정학회지
    • /
    • 제32권2호
    • /
    • pp.216-227
    • /
    • 2022
  • Background: Food insecurity may contribute to mental health indicators such as stress, anxiety, or depression. We investigated whether food insecurity was associated with mental health indicators and health-related quality of life (HRQoL) in a representative sample of the Korean population. Methods: This study enrolled 12,987 adults without a history of medically serious disease from the 2012, 2013, and 2015 Korea National Health and Nutrition Examination Survey. Household food security status was categorized as "food security," "mild food insecurity," and "moderate/severe food insecurity." The association between mental health and HRQoL was evaluated using a multivariate logistic regression model with food security as the reference group. Results: The adjusted odds ratio of adverse mental health or low HRQoL increased significantly in mild or moderate/severe food insecurity compared to food security. In the moderate/severe food insecurity group, it was 1.98% (95% confidence interval [CI], 1.31-2.99) higher for perceived stress, 3.58% (95% CI, 2.44-5.26) higher for depression symptoms, 4.16% (95% CI, 2.68-6.45) higher for suicidal ideation, and 2.81% (95% CI, 1.91-4.15) higher for quality of life. Conclusion: Food insecurity was strongly associated with negative mental health status and poor HRQoL. There is a need for a dietary support program that provides psychosocial support to those experiencing food insecurity.

SW 취약점의 보안성 강화를 위한 진단원의 교육 양성 연구 (Research on Education and Training of the Analyzer for Security Enhancement of SW Vulnerability)

  • 김슬기;박대우
    • 한국정보통신학회논문지
    • /
    • 제21권5호
    • /
    • pp.945-950
    • /
    • 2017
  • 소프트웨어의 취약점으로 인하여, 국가의 사이버 인프라와 실물 금융자산 에 대한 해킹 공격이 발생하고 있다. 소프트웨어는 인터넷 정보제공과 사이버 금융결제 및 사이버 인프라를 통제하고 운영하는, 운영체제 및 실행시스템을 구성하는 필수요소이기 때문이다. 이러한 소프트웨어 취약점을 분석하고, 보안성을 강화해야 사이버 인프라의 보안성이 강화되고, 실제 국가와 국민의 실제 생활에 보안성이 강화된다. 소프트웨어 개발보안 제도 분석과 소프트 웨어 개발보안 진단 분석 및 소프트웨어 취약점의 보안성 강화를 위한 연구를 한다. 또한 소프트웨어 취약점 진단원 양성 및 보수교육을 위한 교재개발과 진단원 시험문제 개발 및 진단원의 파일럿 테스트, 그리고 진단원의 투입인력 비용기준을 연구한다. 본 논문의 연구는 소프트웨어 취약점 진단원을 양성하는 교육과정과 진단가이드를 제시하여, 국가와 국민 생활의 사이버 인프라의 소프트웨어 보안성을 강화하는 데 목적이 있다.