• Title/Summary/Keyword: security component

Search Result 405, Processing Time 0.037 seconds

Separation of Concerns Security Model of Component using Grey Box (그레이박스를 사용한 컴포넌트의 관심사 분리 보안 모델)

  • Kim, Young-Soo;Jo, Sun-Goo
    • Journal of the Korea Society of Computer and Information
    • /
    • v.13 no.5
    • /
    • pp.163-170
    • /
    • 2008
  • As the degree of dependency and application of component increases, the need to strengthen security of component is also increased as well. The component gives an advantage to improve development productivity through its reusable software. Even with this advantage, vulnerability of component security limits its reuse. When the security level of a component is raised in order to improve this problem, the most problematic issue will be that it may extend its limitation on reusability. Therefore, a component model concerning its reusability and security at the same time should be supplied. We suggest a Separation of Concerns Security Model for Extension of Component Reuse which is integrated with a wrapper model and an aspect model and combined with a reuse model in order to extend its security and reusability by supplying information hiding and easy modification, and an appropriate application system to verify the model's compatibility is even constructed. This application model gives the extension of component function and easy modification through the separation of conceits, and it raise its security as doll as extends its reusability.

  • PDF

Component Classification and Specification on Active Security Architecture (능동보안 아키텍쳐를 위한 컴포넌트 분류 및 명세방법)

  • 김상영;김재웅;황선명
    • Journal of Korea Multimedia Society
    • /
    • v.7 no.1
    • /
    • pp.113-125
    • /
    • 2004
  • Active networks aim to provide a software framework that enables active network applications to customize the processing their communications. Active security component architecture focuses on the support of reuse system by active security component. The architecture is standard layer to acquire, understand, and assemble component, and it has to support a guideline for component identification, search and customization. In this paper we present the active security architecture as a standard model of discrete active network solution, and we propose the method for component classification and specification.

  • PDF

Protection of Information Sovereignty as an Important Component of the Political Function of the State

  • Zadorozhnia, Halyna;Mykhtunenko, Viktoriia;Kovalenko, Hanna;Kuryliuk, Yurii;Yurchenko, Liubov;Maslennykova, Tetiana
    • International Journal of Computer Science & Network Security
    • /
    • v.21 no.9
    • /
    • pp.151-154
    • /
    • 2021
  • State information policy is an important component of foreign and domestic policy of the country and covers all spheres of society. The rapid development of the information sphere is accompanied by the emergence of fundamentally new threats to the interests of the individual, society, state and its national security. The article considers the components of the state information policy to ensure information security of the country and identifies the main activities of public authorities in this area. Internal and external information threats to the national security of Ukraine and ways to guarantee the information security of the country are analyzed. Information security is seen as a component of national security, as well as a global problem of information protection, information space, information sovereignty of the country and information support of government decisions. Approaches to ensure the process of continuity of the information security system of the state in order to monitor new threats, identify risks and levels of their intensity are proposed.

Framework of Security Development Method based on Component (컴포넌트기반 보안개발방법의 프레임워크)

  • Hong, Jin-Keun
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.11 no.3
    • /
    • pp.926-930
    • /
    • 2010
  • This paper is about a development framework, which is required to develop of security system is based on component. With applying of SDLC(system development life cycle) of information system, the application of information security products DLC is required at this point of time. In this paper, we review NIST requirement specification of development method, requirement criteria of SDLC in each stage, and major security guidelines of risk assessment. Also we are reviewed major security element of SDLC, and to aid understanding of security framework based on component, present the relationship fo security design and DFD in respect of spoofing for the outside entity based on threat tree STRIDE.

Decision on Replacing Security Components for Infer]nation Systems (정보시스템 도입에 따른 보안기능 컴포넌트 대체 수준 의사결정)

  • Choi Myeonggil;Kim Hyunwoo;Kim Eunhye;Kim Sehun
    • Proceedings of the Korean Operations and Management Science Society Conference
    • /
    • 2004.10a
    • /
    • pp.147-157
    • /
    • 2004
  • Enterprises and governments currently utilize COTS based information systems which are a kind of component based systems. Especially, COTS are widely utilized as information security systems and information systems including information security functions. This paper suggests an appropriate adaptation level of security functional components and a cost effective priority among them. To make a cost effective decision on adapting security functional components, this paper develops a hierarchical model of information security technologies and analyzes findings through multiple decision-making criteria.

  • PDF

A Cause-Effect Model for Human Resource Management (정보시스템의 효율적인 인적자원 관리를 위한 Cause-Effect, Model의 활용)

  • Lee, Nam-Hoon;In, Hoh;Lee, Do-Hoon
    • Convergence Security Journal
    • /
    • v.6 no.4
    • /
    • pp.161-169
    • /
    • 2006
  • According to the development of information system, many information system and application soft-ware are develop. However, cyber attack and incident have more increased to the development of them. To defend from cyber attack and incident, many organizations has run information security systems, such as Intrusion Detection System, Firewall, VPN etc, and employed information Security person till now But they have many difficulty in operating these information security component because of the lack of organizational management and analysis of each role. In this paper, We propose the formal Cause-Effect Model related with the information security system and administrative mission per each security. In this model, we regard information system and information system operator as one information component. It is possible to compose the most suitable information component, such as information system, human resource etc., according to the analysis of Cause-Effect Model in this paper. These analysis and approaching methodology can make effective operation of each limited resource in organization and effective defense mechanism against many malicious cyber attack and incident.

  • PDF

A Component Model for Managing Covid-19 Crisis

  • Taweel, Faris M.
    • International Journal of Computer Science & Network Security
    • /
    • v.21 no.7
    • /
    • pp.365-373
    • /
    • 2021
  • Covid-19 posed a serious threat to public health worldwide, especially in the absence of vaccines or medicines. The only viable strategies to combat a virus with a high infection rate were to apply lock-down strategies, transport ban, social and physical distancing. In this work, we provide a domain-specific component model for crisis management. The model allows for building a plan for managing Covid-19 crisis and use the plan as a template to generate a system specific for managing that crisis. The crisis component model is derived from X-MAN II, a generic component model that we have developed for the aircraft industry

Design and Implementation of the Security Components in Ultra-Lightweight Mobile Computing Environment (초경량 이동 컴퓨팅 환경에서의 보안 컴포넌트 설계 및 구현)

  • Park, Rae-Young;You, Yong-Duck;Lee, Young-Seok
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.32 no.4C
    • /
    • pp.454-461
    • /
    • 2007
  • The next-generation computer is the ultra-lightweight mobile computer that communicates with peripheral handhold devices and provides dynamically the services appropriate to user. To provide the dynamic services on the ultra-lightweight mobile computer, security problem for user or computer system information should be solved and security mechanism is necessary for the ultra-lightweight mobile computing environment that has battery limit and low performance. In this paper, the security mechanism on the component based middleware for the ultra-lightweight mobile computer was implemented using RC-5 cipher algorithm and SHA-1 authentication algorithm. The security components are dynamically loaded and executed into the component based middleware on the ultra-lightweight mobile computer.

A Novel Black Box Approach For Component Adaptation Technique

  • Jalender, B.;Govardhan, Dr. A.
    • International Journal of Computer Science & Network Security
    • /
    • v.22 no.2
    • /
    • pp.81-90
    • /
    • 2022
  • There are several ways to improve software performance by using existing software. So, the developments of some programs are the most promising ways. However, traditional part programming studies usually assume that the components are recycled "as is". Existing models of component objects only provide limited support for partial adjustments, namely white box technologies ( copy-paste & inheritance) and the black-box methods (such as mixing and encapsulation). These technologies have problems related to recovery, efficiency, implementation of indirect costs, or their own problems. This paper suggests as JALTREE, The Black Box adaptation technology, which allows us for the implementation of previous components, but we need configurable the interface types, for measuring the adaptability. In this article we discussed the types of adjustments including component interfaces and component composition. An example of customizing JALTREE and component can be illustrated in several examples

A Preliminary Exploration on Component Based Software Engineering

  • Basha, N Md Jubair;Ganapathy, Gopinath;Moulana, Mohammed
    • International Journal of Computer Science & Network Security
    • /
    • v.22 no.9
    • /
    • pp.143-148
    • /
    • 2022
  • Component-based software development (CBD) is a methodology that has been embraced by the software industry to accelerate development, save costs and timelines, minimize testing requirements, and boost quality and output. Compared to the conventional software development approach, this led to the system's development being completed more quickly. By choosing components, identifying systems, and evaluating those systems, CBSE contributes significantly to the software development process. The objective of CBSE is to codify and standardize all disciplines that support CBD-related operations. Analysis of the comparison between component-based and scripting technologies reveals that, in terms of qualitative performance, component-based technologies scale more effectively. Further study and application of CBSE are directly related to the CBD approach's success. This paper explores the introductory concepts and comparative analysis related to component-based software engineering which have been around for a while, but proper adaption of CBSE are still lacking issues are also focused.