• Title/Summary/Keyword: life security

Search Result 1,283, Processing Time 0.033 seconds

Improving the Security Policy Based on Data Value for Defense Innovation with Science and Technology (과학기술 중심 국방혁신을 위한 데이터 가치 기반 보안정책 발전 방향)

  • Heungsoon Park
    • Convergence Security Journal
    • /
    • v.23 no.1
    • /
    • pp.109-115
    • /
    • 2023
  • The future outlook for defense faces various and challenging environments such as the acceleration of uncertainty in the global security landscape and limitations in domestic social and economic conditions. In response, the Ministry of National Defense seeks to address the problems and threats through defense innovation based on scientific and technological advancements such as artificial intelligence, drones, and robots. To introduce advanced AI-based technology, it is essential to integrate and utilize data on IT environments such as cloud and 5G. However, existing traditional security policies face difficulties in data sharing and utilization due to mainly system-oriented security policies and uniform security measures. This study proposes a paradigm shift to a data value-based security policy based on theoretical background on data valuation and life-cycle management. Through this, it is expected to facilitate the implementation of scientific and technological innovations for national defense based on data-based task activation and new technology introduction.

A Novel Security Scheme with Message Level Security for Hybrid Applications

  • Ma, Suoning;Joe, Inwhee
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2016.04a
    • /
    • pp.215-217
    • /
    • 2016
  • With the popularity of smart device, mobile applications are playing more and more important role in people's daily life, these applications stores various information which greatly facilitate the user's daily life. However due to the frequent transmission of data in the network also increases the risk of data leakage, more and more developers began to focus on how to protect user data. Current mainstream development models include Native development, Web development and Hybrid development. Hybrid development is based on JavaScript and HTML5, it has a cross platform advantages similar to Web Apps and a good user experience similar to Native Apps. In this paper according to the features of Hybrid applications, we proposed a security scheme in Hybrid development model implements message-level data encryption to protect user information. And through the performance evaluation we found that in some scenario the proposed security scheme has a better performance.

A Study on Supply Chain Risk Management of Automotive (자동차 공급망 위험관리(A-SCRM) 방안 연구)

  • Kim, Dong-won;Han, Keun-hee;Jeon, In-seok;Choi, Jin-yung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.4
    • /
    • pp.793-805
    • /
    • 2015
  • Due to the rise of automotive security problems following automotive safety and the progress of the internet technology leading to a hyper-connected society, guaranteeing the safety of automotive requires security plans in the supply chain assurance and automotive software, and risk management plans for identifying, evaluating, and controlling the risks that may occur from the supply chain since the modern automotive is a Safety Critical system. In this paper, we propose a study on Automotive Supply Chain Risk Management (A-SCRM) procedures by person interested within the automotive Life-Cycle.

A Study on Optimal Developmental Cost for Quality Factors of Integrated Information Security Systems (통합정보보호시스템의 최적 품질 확보를 위한 최소개발비용 탐색에 관한 연구)

  • Park, You-Jin;Choi, Myeong-Gil
    • Journal of Korean Society of Industrial and Systems Engineering
    • /
    • v.33 no.3
    • /
    • pp.1-9
    • /
    • 2010
  • To protect information resources, many organizations including private corporate and government employ integrated information security systems which provide the functions of intrusion detection, firewall, and virus vaccine. So, in order to develop a reliable integrated information security system during the development life cycle, the managers in charge of the development of the system must effectively distribute the development resources to the quality factors of an integrated information security system. This study suggests a distribution methodology that minimizes the total cost with satisfying the minimum quality level of an integrated information security system by appropriately assigning development resources to quality factors considered. To achieve this goal, we identify quality factors of an integrated information system and then measure the relative weights among the quality factors using analytic hierarchy process (AHP). The suggested distribution methodology makes it possible to search an optimal solution which minimizes the total cost with satisfying the required quality levels of processes by assigning development resources to quality factors during the development life cycle.

Use of New Fibers for the Development of Security Paper (특수섬유를 이용한 보안용지의 개발)

  • Jung, Sun-Young;Gil, Sang-Hyuk;Kim, Young-Wook;Seo, Yung-Bum
    • Journal of Korea Technical Association of The Pulp and Paper Industry
    • /
    • v.44 no.1
    • /
    • pp.16-23
    • /
    • 2012
  • Use of security papers for monetary papers, gift certificates, and lottery tickets increases every year. As the use of security papers increase, there are more possibility of counterfeits. In this study, we used unique fibers from the sea to increase the difficulties against counterfeiting. The red algae fibers give opacity as much as calcium carbonates, and have unique shape in length ($500{\sim}900\;{\mu}m$) and width ($1{\sim}4\;{\mu}m$) to be discerned from other natural fibers such as wood and cotton fibers. We mixed red algae fibers to wood fibers in a series of fixed ratios to make single and multiply papers for making security papers. Paper with dyed red algae fibers were also used. Paper made without fillers gave enough opacity for printing when red algae fibers were used more than 20% of the fiber furnish. Those properties may allow red algae fibers to be a potential candidate for fiber raw materials of security paper.

Virtual World-Based Information Security Learning: Design and Evaluation

  • Ryoo, Jungwoo;Lee, Dongwon;Techatassanasoontorn, Angsana A.
    • Journal of Information Science Theory and Practice
    • /
    • v.4 no.3
    • /
    • pp.6-27
    • /
    • 2016
  • There has been a growing interest and enthusiasm for the application of virtual worlds in learning and training. This research proposes a design framework of a virtual world-based learning environment that integrates two unique features of the virtual world technology, immersion and interactivity, with an instructional strategy that promotes self-regulatory learning. We demonstrate the usefulness and assess the effectiveness of our design in the context of information security learning. In particular, the information security learning module implemented in Second Life was incorporated into an Introduction to Information Security course. Data from pre- and post- learning surveys were used to evaluate the effectiveness of the learning module. Overall, the results strongly suggest that the virtual world-based learning environment enhances information security learning, thus supporting the effectiveness of the proposed design framework. Additional results suggest that learner traits have an important influence on learning outcomes through perceived enjoyment. The study offers useful design and implementation guidelines for organizations and universities to develop a virtual world-based learning environment. It also represents an initial step towards the design and explanation theories of virtual world-based learning environments.

ECQV Certificate Based Security Mechanism for End-to-End Security in IoT (IoT 종단간 보안을 위한 ECQV 인증서 기반의 보안 메커니즘)

  • Yeon, Han-Beol;Park, Chang seop
    • Convergence Security Journal
    • /
    • v.17 no.1
    • /
    • pp.53-61
    • /
    • 2017
  • IoT technology is evolving and related services and technologies are spreading throughout the life. These IoT technologies make life easier for users, but they also have big threats like double-edged swords. Therefore, the importance of security is emerging and related researches are actively proceeding. Existing researches have focused on reducing the computational load on the constrained devices, performing the DTLS for the end-to-end security from a network architecture perspective. In this paper, we propose a DTLS protocol that uses ECQV certificate instead of existing X.509 certificate to reduce the load of DTLS protocol from the network perspective. In addition, the proposed scheme is implemented and compared with PSK and RPK modes.

The Importance of Ethical Hacking Tools and Techniques in Software Development Life Cycle

  • Syed Zain ul Hassan;Saleem Zubair Ahmad
    • International Journal of Computer Science & Network Security
    • /
    • v.23 no.6
    • /
    • pp.169-175
    • /
    • 2023
  • Ethical hackers are using different tools and techniques to encounter malicious cyber-attacks generated by bad hackers. During the software development process, development teams typically bypass or ignore the security parameters of the software. Whereas, with the advent of online web-based software, security is an essential part of the software development process for implementing secure software. Security features cannot be added as additional at the end of the software deployment process, but they need to be paid attention throughout the SDLC. In that view, this paper presents a new, Ethical Hacking - Software Development Life Cycle (EH-SDLC) introducing ethical hacking processes and phases to be followed during the SDLC. Adopting these techniques in SDLC ensures that consumers find the end-product safe, secure and stable. Having a team of penetration testers as part of the SDLC process will help you avoid incurring unnecessary costs that come up after the data breach. This research work aims to discuss different operating systems and tools in order to facilitate the secure execution of the penetration tests during SDLC. Thus, it helps to improve the confidentiality, integrity, and availability of the software products.

Association of Mental Health and Health-Related Quality of Life with Household Food Insecurity Status among a Representative Korean Population (가구 식품불안정 상태와 정신건강 및 건강 관련 삶의 질과의 연관성)

  • Kim, Yu-Jin;Park, Jong Eun;Kim, So Young;Park, Jong-Hyock
    • Health Policy and Management
    • /
    • v.32 no.2
    • /
    • pp.216-227
    • /
    • 2022
  • Background: Food insecurity may contribute to mental health indicators such as stress, anxiety, or depression. We investigated whether food insecurity was associated with mental health indicators and health-related quality of life (HRQoL) in a representative sample of the Korean population. Methods: This study enrolled 12,987 adults without a history of medically serious disease from the 2012, 2013, and 2015 Korea National Health and Nutrition Examination Survey. Household food security status was categorized as "food security," "mild food insecurity," and "moderate/severe food insecurity." The association between mental health and HRQoL was evaluated using a multivariate logistic regression model with food security as the reference group. Results: The adjusted odds ratio of adverse mental health or low HRQoL increased significantly in mild or moderate/severe food insecurity compared to food security. In the moderate/severe food insecurity group, it was 1.98% (95% confidence interval [CI], 1.31-2.99) higher for perceived stress, 3.58% (95% CI, 2.44-5.26) higher for depression symptoms, 4.16% (95% CI, 2.68-6.45) higher for suicidal ideation, and 2.81% (95% CI, 1.91-4.15) higher for quality of life. Conclusion: Food insecurity was strongly associated with negative mental health status and poor HRQoL. There is a need for a dietary support program that provides psychosocial support to those experiencing food insecurity.

Research on Education and Training of the Analyzer for Security Enhancement of SW Vulnerability (SW 취약점의 보안성 강화를 위한 진단원의 교육 양성 연구)

  • Kim, Seul-gi;Park, Dea-woo
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.21 no.5
    • /
    • pp.945-950
    • /
    • 2017
  • Due to the vulnerability of the software, there is a hacking attack on the country's cyber infrastructure and real financial assets. Software is an integral part of the operating system and execution system that controls and operates Internet information provision, cyber financial settlement and cyber infrastructures. Analyzing these software vulnerabilities and enhancing security will enhance the security of cyber infrastructures and enhance the security of actual life in the actual country and people. Software development security system analysis and software development Security diagnosis analysis and research for enhancing security of software vulnerability. In addition, we will develop a textbook for the training of software vulnerability diagnosis and maintenance education, develop pilot test problems, pilot test of diagnostic staff, The purpose of this study is to enhance the software security of the cyber infrastructures of national and national life by presenting curriculum and diagnosis guide to train the software vulnerability examiner.