• Journal of KIISE:Computing Practices and Letters
• /
• v.9 no.3
• /
• pp.311-321
• /
• 2003

A current firewall or IDS (intrusion detection system) of the network level suffers from many vulnerabilities in internal computing servers. For a secure Linux implementation using system call hooking, this paper defines two requirements such as the multi-level security function of TCSEC B1 and a prevention of hacking attacks. This paper evaluates the secure Linux implemented in terms of the mandatory access control, anti-hacking and performance overhead, and thus shows the security, stability and availability of the multi-level secure Linux. At the kernel level this system protects various hacking attacks such as using Setuid programs, inserting back-door and via-attacks. The performance degradation is an average 1.18% less than other secure OS product.

• Journal of Advanced Navigation Technology
• /
• v.14 no.2
• /
• pp.247-252
• /
• 2010

According to IT technology has evolved, a lot of information are moving through network. The correct internet users can obtain useful information. But incorrect users expose information and cause various damage for malicious purpose. To solve this problem, various information security products are being developed. For development of secure information security product, the development process should be secure. Also evaluation system is being used about product evaluation and security module for the assurance of secure product. In this paper, we proposed assurance system for secure development of information security product. Therefore this paper proposed more secure product development and assurance scheme.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.267-270
• /
• 2013

Hacking damage is increasing year by year in the Internet payment service credit card applying the digital signature method of PKI-based first domestic, secure payment, was 180 million won in 2012. Revenues have soared for phishing that Smishing using smartphone after entering 2013. Hacking accident to the secure payment system using Smishing has occurred took over personal information and financial direct damage. In this paper, we analyzed for Smishing, to prevent the damage of secure payment using Smishing to study the hacking attack of secure payment. In addition, it would be studies to allow through the smartphone, online payment safer and more convenient.

• Journal of Digital Convergence
• /
• v.13 no.1
• /
• pp.257-262
• /
• 2015

The ministry of security and public administration provide the secure coding guide that can remove the vulnerability of applications and defend cyber attack from the coding step because cyber attack like the hacking about 75% abusing the vulnerability of applications. In this paper we find the oder of priority and did the criticality analysis used by AHP about 7 items in the secure coding which the ministry of security and public administration provide. The result is decided that 'exception handling' is the most important item. There is no secure coding items in software supervision currently, therefore the result of the research will make good use audit standards in the process of the software development.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.8
• /
• pp.1855-1860
• /
• 2010

This paper describes construction of web services system for secure message transmission appling web services standards. This system composes single sign on module, SSL module and secure message module. We applied these modules to price comparison site. Single sign on module used SAML standards. This module was designed, in order to provide authentication and authorization. As SSL module processes message encryption among end to end, messages of this system are secure. Secure message module is designed according to WS-Security standards and processes authentication, XML signature and XML encryption.

• Journal of Internet Computing and Services
• /
• v.4 no.5
• /
• pp.87-96
• /
• 2003

The additional mechanism is required to set up a secure connection among the communication subjects in the internet environment. Each entity should transfer and receive the encrypted and hashed data to guarantee the data integrity. Also, the mutual authentication procedure should be processed using a secure communication protocol. Although the OpenSSL which implements the TLS is using by many developers and its stability and performance are proved, it has a difficulty in using because of its large size. So, this paper designs and implements the secure communication which the users can use easily by modification works of OpenSSL library API. We proved the real application results using the client/server case which supports a secure communication using the implemented API.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.12
• /
• pp.944-953
• /
• 2013

Recently, a storage media is becoming smaller and storage capacity is also becoming larger than before. However, important data was leaked through a small storage media. To solve these serious problem, many security companies manufacture secure USBs with secure function, such as data encryption, user authentication, not copying data, and management system for secure USB, etc. But various attacks, such as extracting flash memory from USBs, password hacking or memory dump, and bypassing fingerprint authentication, have appeared. Therefore, security techniques related to secure USBs have to concern many threats for them. The basic components for a secure USB are secure authentication and data encryption techniques. Though existing secure USBs applied password based user authentication, it is necessary to develop more secure authentication because many threats have appeared. And encryption chipsets are used for data encryption however we also concern key managements. Therefore, this paper suggests mutual device authentication based on PUF (Physical Unclonable Function) between USBs and the authentication server and key management without storing the secret key. Moreover, secure USB is systematically managed with metadata and authentication information stored in authentication server.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.3
• /
• pp.879-890
• /
• 2000

Designing a multilevel database application is a complex process, and the entities and their associated security levels must be represented using an appropriate model unambiguously. It is also important to capture the semantics of a multilevel databse application as accurate and complete as possible. Owing to the focus of the IDEA Methodology for designing the non-secure database applications on the data-intensive systems, the Object Model describes the static structure of the objects in an application and their relationships. That is, the Object Model in the IDEA Methodology is an extended Entity-Relationship model giving a static description of objects. The IDEA Methodology has not been developed the multilevel secure database applications, but by using an existing methodology we could take advantage of the various techniques that have already been developed for that methodology. That is, this way is easier to design the multilevel secure schema than to develop a new model from scratch. This paper adds the security features 새？ Object Model in the IDEA Methodology, and presents the transformation from this model to a multilevel secure object oriented schema. This schema will be the preliminary work which can be the general scheme for the automatic mapping to the various commercial multilevel secure database management system such as Informix-Online/Secure, Trusted ORACLE, and Sybase Secure SQL Server.

• Journal of the Korea Computer Industry Society
• /
• v.3 no.9
• /
• pp.1235-1244
• /
• 2002

This paper proposes a group key management protocol for a secure of all the multicast user in PIM-SM multicast group communication. With prosed architect, subgroups for multicast secure group management will be divided by RP (Rendezvous-Point) unit and each RP has a subgroup manager. Each subgroup manager gives a secure key to it's own transmitter md the transmitter compress the data with it's own secure key from the subgroup manager. Before the transmitter send the data to receiver, the transmitter prepare to encrypt a user's service by sending a encryption key to the receiver though the secure channel, after choking the user's validity through the secure channel. As the transmitter sending a data after then, the architecture is designed that the receiver will decode the received data with the transmitter's group key. As a result, the transmitting time is shortened because there is no need to data translation by group key on data sending and the data transmition is possible without new key distribution at path change to SPT (Shortest Path Tree) of the router characteristic. Additionally, the whole architecture size is samller than the other multicast secure architecture by using the conventional PIM-SIM routing structure without any additional equipment.

• The KIPS Transactions:PartC
• /
• v.9C no.3
• /
• pp.323-330
• /
• 2002

Multicast services are gradually diversified and used widely. Proportionately, they become the center of attackers' attention and there are growing possibilities of an intelligence leak. Therefore, research related to secure multicast should be required to provide multicast service efficiently. This paper presents the architecture for secure multicast which provides efficient group management mechanism in group consists using member's dynamic join and leave. This architecture can provide secure multicast services to many users with regard to security aspects in one-to-many communication. The simulation results show that the proposed architecture achieves an efficient group management and a secure data transmission with low latency compared with the other existing secure multicast architecture.