• 정보보호학회논문지
• /
• 제18권6A호
• /
• pp.97-106
• /
• 2008

Quality of Protection(QoP)은 보안을 제공해야 하는 네트워크들을 평가할 수 있는 기준을 제공하고, 해당 네트워크의 보안 정책에 대한 보안의 강도를 정량화하여 해당 네트워크 시스템의 안정성을 판단할 수 있도록 해준다. 현실적으로, 네트워크에서 적용되는 보안 메커니즘의 안전성과 시스템에서 지원되어야 하는 성능이 반드시 비례하는 것은 아니다. 그렇기 때문에 보안은 적절한 수준에서 적용되는 환경에 맞게 정의되어야 하며, 네트워크의 사용 목적에 맞는 보안 정책을 택하여 사용해야 한다. 무선 네트워크들이 발전함에 따라 안전한 무선네트워크 서비스를 제공하기 위해 다양한 보안 서비스들이 정의되고 있다. 본 논문에서는 무선 네트워크 환경에서의 적절한 보안 정책을 선택할 수 있도록 기존에 연구된 QoP모델의 효용함수 구성에 흐름 기반의 비정상 트래픽 탐지 알고리즘을 통해 객관적으로 구성한 HVM을 도입하고, 총 이익함수의 구성에 상대적 가중치를 도입함으로써 기존에 연구된 QoP모델의 취약점을 보완한다.

• 한국멀티미디어학회논문지
• /
• 제13권8호
• /
• pp.1212-1220
• /
• 2010

국내의 사용자 프로그램으로 Port Redirection 서버를 통해 주소 변환 정보를 받아 사용자의 트래픽을 변환시키는 기술은 미비하다. 일반적으로 네트워크 장비에서 구현되는 기술로써 네트워크 장비를 경유하여 입출력되는 트래픽에 대해 특수한 목적으로 활용하는 네트워크 기술의 일부이다. 이러한 특수 목적을 달성하기 위한 L4 Switch 장비와 네트워크 구조에 따라 여러 대의 추가적인 비용들이 발생한다. 이러한 문제점을 개선하기 위하여 단말기의 Network Layer에서 L4 스위치의 Redirection기능을 구현하여 네트워크 구조에 관계없이 원하는 Traffic을 한 곳으로 집중시켜 통제와 모니터링을 중앙 집중하여 관리할 필요성이 있다. 따라서, 본 논문에서는 Client 단에서의 Protocol Redirection을 통한 트래픽의 중앙통제시스템을 제안하고자 한다.

• 대한전기학회논문지:시스템및제어부문D
• /
• 제55권7호
• /
• pp.303-312
• /
• 2006

This paper proposes the architecture and protocol of a data communication network for the safety system in nuclear power plants. First, we establish four design criteria with respect to determinability, reliability, separation and isolation, and verification/validation. Next we construct the architecture of the safety network for the following systems: PPS (Plant Protection System), ESF-CCS (Engineered Safety Features-Component Control System) and CPCS (Core Protection Calculator System). The safety network consists of 12 sub-networks and takes the form of a hierarchical star. Among 163 communication nodes are about 1600 origin-destination (OD) pairs created on their traffic demands. The OD pairs are allowed to exchange data only during the pre-assigned time slots. Finally, the communication protocol is designed in consideration of design factors for the safety network. The design factors include a network topology of star, fiber-optic transmission media, synchronous data transfer mode, point-to-point link configuration, and a periodic transmission schedule etc. The resulting protocol is the modification of IEEE 802.15.4 (LR-WPAN) MAC combined with IEEE 802.3 (Fast Ethernet) PHY. The MAC layer of IEEE 802.15.4 is simplified by eliminating some unnecessary (unctions. Most importantly, the optional TDMA-like scheme called the guaranteed time slot (GTS) is changed to be mandatory to guarantee the periodic data transfer. The proposed protocol is formally specified using the SDL. By performing simulations and validations using Telelogic Tau SDL Suite, we find that the proposed safety protocol fits well with the characteristics and the requirements of the safety system in nuclear power plants.

• International Journal of Computer Science & Network Security
• /
• 제22권8호
• /
• pp.380-384
• /
• 2022

To have a complete and comprehensive understanding of the research subject and to form an integrated legal framework for it, I have sought comprehensively to cover the major written literature on the issue under consideration. I also benefitted from a wide range of research and academic studies pertaining to the same topic, although that literature did not specifically address the issue of consumer rights in electronic contracting in the Saudi e-commerce system. Rather, it addressed only the civil and criminal protection of the consumer in e-commerce. I have divided the reviewed literature into two sections according to the sources.

• Journal of Electrical Engineering and Technology
• /
• 제10권3호
• /
• pp.740-754
• /
• 2015

This paper focuses on the reverse blocking busbar protection scheme with aim to improve the speed of its operation and at the same time to increase operational reliability, flexibility and stability of the protection during external and internal faults by implementation of the extended functionality provided by the IEC61850 standard-based protective Intelligent Electronic Devices (IEDs). The practical implementation of the scheme by the use of IEC 61850 standard communication protocol is investigated. The proposed scheme is designed for a radial type of a distribution network and is modeled and simulated in the DigSILENT software environment for various faults on the busbar and its outgoing feeders. A laboratory test bench is built using three ABB IEDs 670 series that are compliant with the IEC 61850 standard, CMC 356 Omicron test injection device, PC, MOXA switch, and a DC power supplier. Two types of the reverse blocking signals between the IEDs in the test bench are considered: hard wired and Ethernet communication by using IEC 61850 standard GOOSE messages. Comparative experimental study of the operational trip response speeds of the two implementations for various traffic conditions of the communication network shows that the performance of the protection scheme for the case of Ethernet IEC 61850 standard-based communication is better.

• 한국정보통신학회논문지
• /
• 제22권5호
• /
• pp.818-828
• /
• 2018

현재 네트워크 정보보호를 위하여 다양한 보안 시스템들이 개발되어 활용되고 있다. 보안 솔루션을 도입하는 것만으로 보안상의 위험을 상당수 방지할 수 있지만, 보안 솔루션은 그 목적과 기능에 따라 적절한 형태로 사용되어야 충분한 가치가 발휘될 수 있다. 정보보호시스템에 많이 사용되는 보안 솔루션으로는 방화벽, IDS, IPS 등이 있다. 그러나 다양한 정보보호시스템을 도입하고 있더라도 이를 우회하여 공격하는 기법은 항상 존재한다. 본 논문에서는 정보보호시스템에서 우회공격 기법에 대한 대응 방안과 우회 공격 기법을 훈련에 적용할 수 있는 효과적인 훈련 시나리오를 제안한다. 제안한 대응 훈련 시나리오의 유효성을 검증하기 위해 GNS3 네트워크 시뮬레이터를 사용하였으며, VirtualBox를 이용하여 가상 운영체제를 구축하였다. 제안하는 네트워크 정보보호시스템을 우회하는 공격에 대한 대응훈련 시나리오는 실제 공격에 대응하는데 매우 효과적으로 활용될 수 있다.

• Nuclear Engineering and Technology
• /
• 제53권1호
• /
• pp.121-130
• /
• 2021

Cascading failure is the main cause of large blackouts in electrical power systems; this paper analyzes a cascading failure in Hanbit nuclear power plant unit two (2) caused by a circuit breaker (CB) operation failure. This malfunction has been expanded to the loss of offsite power (LOOP). In this study, current practices are reviewed and then the methodologies of how to prevent cascading failures in protection power systems are introduced. An overview on the implementation of IEC61850 GOOSE messaging-based zone selective interlocking (ZSI) scheme as key solution is proposed. In consideration of ZSI blocking time, all influencing factors such as circuit breaker opening time, relay I/O response time and messages travelling time in the communication network should be taken into account. The purpose of this paper is to elaborate on the effect of cascading failure in NPP electrical power protection system and propose preventive actions for this failures. Finally, the expected advantages and challenges are elaborated.

• 대한전기학회논문지:전력기술부문A
• /
• 제48권7호
• /
• pp.847-854
• /
• 1999

The setting of protective relays, which is critical to the power system security and reliability, requires a huge volume of data processing and repetitive calculation. Since it has been performed by relay engineers manually, it is vulnerable to human errors, its computerization has been pursued, in which the efficient management of the data is the key to the success. The database for power system protection must accommodate not only the power system network data but also a variety of protective devices. Also its information should be able to be viewed and updated with easy by operators and by computer programs. This paper describes several existing database designs for power system protection, their advantages and disadvantages. Also this paper has identified the required function and designed the database for the KEPCO power system data structure for the benefit of the relay setting process, etc..

• 전기학회논문지
• /
• 제60권1호
• /
• pp.43-49
• /
• 2011

A distance relay scheme is commonly used for backup protection. This scheme, called a step distance protection, is comprised of 3 steps for graded zones having different operating time. As for the conventional step distance protection scheme, Zone 2 can exceed the ordinary coverage excessively in case of a transformer protection relay especially. In this case, there can be overlapped protection area from a backup protection relay and, therefore, malfunctions can occur when any fault occurs in the overlapped protection area. Distance relays and overcurrent relays are used for backup protection generally, and both relays have normally this problem, the maloperation, caused by a fault in the overlapped protection area. Corresponding to an IEEE standard, this problem can be solved with the modification of the operating time. On the other hand, in Korea, zones are modified to cope with this problem in some specific conditions. These two methods may not be obvious to handle this problem correctly because these methods, modifying the common rules, can cause another coordination problem. To overcome this problem clearly, this paper describes an improved backup protection coordination scheme using an IEC 61850-based distance relay for transformer backup protection. IEC 61850-based IED(Intelligent Electronic Device) and the network system based on the kernel 2.6 LINUX are realized to verify the proposed method. And laboratory tests to estimate the communication time show that the proposed coordination method is reliable enough for the improved backup protection scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제5권11호
• /
• pp.1976-1996
• /
• 2011

Cognitive radio (CR) MAC protocol provides access control of unused spectrum resources without causing interference to primary users. To achieve this goal, in this paper a TDMA based cooperative multi-channel cognitive radio MAC (MCR-MAC) protocol is proposed for wireless ad hoc networks to provide reliable protection for primary users by achieving cooperative detection of incumbent system signals around the communication pair. Each CR node maintains transmission opportunity schedules and a list of available channels that is employed in the neighbor discovery period. To avoid possible signal collision between incumbent systems and cognitive radio ad hoc users, we propose a simple but efficient emergency notification message exchanging mechanism between neighbor CR nodes with little overhead. Our simulation results show that the proposed MCR-MAC can greatly reduce interference with primary users and remarkably improve the network throughput.