• Title/Summary/Keyword: security rule

Search Result 286, Processing Time 0.031 seconds

A Design of SERDL(Security Evaluation Rule Description Language) and Rule Execution Engine for Evaluating Security of IPv6 Network (IPv6 네트워크 계층의 보안성 평가를 위한 평가규칙 표기 언어 및 평가 수행기의 설계)

  • Kwon, Hyeok-Chan;Kim, Sang-Choon
    • The KIPS Transactions:PartC
    • /
    • v.11C no.4
    • /
    • pp.471-484
    • /
    • 2004
  • Recently. many projects have been actively implementing IPsec on the various Operating Systems for security of IPv6 network. But there is no existing tool that checks the IPsec-based systems, which provide IPsec services, work Properly and provide their network security services well In the IPv6 network. In this paper, we design SERDL(Security Evaluation Rule Description Language) and rule execution tool for evaluating security of the IPv6 network, and we provide implementation details. The system Is divided into following parts : User Interface part, Rule Execution Module part, DBMS part and agent that gathering information needed for security test.

A Rule Protecting Scheme with Symmetric Cryptosystem for Intrusion Detection System (암호화 기법을 적용한 침입 탐지 시스템의 룰 보호 기법)

  • Son Hyung-Seo;Kim Hyun-Sung;Bu Ki-Dong
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.14 no.6
    • /
    • pp.3-13
    • /
    • 2004
  • Kvarnstrom et al. ${in}^{[10]}$ proposed a rule protection scheme by using one-way hash function to protect rules in security systems over ubiquitous environment. Son et at. ${in}^{[5-6]}$ also prooposed a rule protection scheme for Snort, which is one of the most common IDS. These schemes provide security only for the header information but not for its contents. To solve this problem, this paper presents a scheme based on the symmetric cryptosystem over Snort not only for the header information but also contents. This paper uses the key management based on PCMCIA security module proposed ${by}^{[12]}$ for the symmetric cryptosystem. Our scheme could be adjusted to other security systems, which use the rule based detection.

A Study on the Importer Security Filing and Additional Carrier Requirements(10+2 rule) in U.S. (미국 관세청의 선적전 추가 보안관련 정보 제출법안(10+2 Rule)에 관한 연구)

  • Song, Seon-Uk
    • International Commerce and Information Review
    • /
    • v.10 no.4
    • /
    • pp.395-416
    • /
    • 2008
  • The advance information for oceangoing cargoes destined to th United States enable CBP to evaluate the potential risk of smuggling WMD and to facilitate the prompt release of legitimate cargo following its arrival in the Unites States. On January 1, 2008, CBP promulgate regulations, also known as 10+2 rule, to require the electronic transmission of additional data elements for improved high-risk targeting, including appropriate security elements of entry data for cargo destined to the United States by vessel prior to loading of such cargo on vessels at foreign seaports. The potential impact to an importer's international supply chain will be as follows ; Firstly, importers will take incremental supply chain costs and filing costs. Secondly, anticipate delay in shipment of containerized cargo. Thirdly, importers could be charged fines if they fail to file and file inaccurate or missing data. Companies exporting to the United States should be interested in 10+2 rule, analyze their current processes and procedures to ensure that they are prepared to handle the additional filing requirements of 10+2 rule. And they should focus on how 10+2 impacts their supply chain in terms of costs and sourcing. They will be necessary to revise service legal agreements with their forwarders, customs brokers or carriers in order to meet filing requirements of 10+2 rule.

  • PDF

Rule Protecting Scheme for Snort

  • Son, Hyeong-Seo;Lee, Sung-Woon;Kim, Hyun-Sung
    • Proceedings of the Korea Society of Information Technology Applications Conference
    • /
    • 2005.11a
    • /
    • pp.259-262
    • /
    • 2005
  • This paper addresses the problem of protecting security policies in security mechanisms, such as the detection policy of an Intrusion Detection System. Unauthorized disclosure of such information might reveal the fundamental principles and methods for the protection of the whole network. In order to avoid this risk, we suggest two schemes for protecting security policies in Snort using the symmetric cryptosystem, Triple-DES.

  • PDF

Smart Contract's Hierarchical Rules Modularization and Security Mechanism (스마트 컨트랙트의 계층형 규칙 모듈화와 보안 메커니즘)

  • An, Jung Hyun;Na, Sung Hyun;Park, Young B.
    • Journal of the Semiconductor & Display Technology
    • /
    • v.18 no.1
    • /
    • pp.74-78
    • /
    • 2019
  • As software becomes larger and network technology develops, the management of distributed data becomes more popular. Therefore, it is becoming increasingly important to use blockchain technology that can guarantee the integrity of data in various fields by utilizing existing infrastructure. Blockchain is a distributed computing technology that ensures that servers participating in a network maintain and manage data according to specific agreement algorithms and rules to ensure integrity. As smart contracts are applied, not only passwords but also various services to be applied to the code. In order to reinforce existing research on smart contract applied to the blockchain, we proposed a dynamic conditional rule of smart contract that can formalize rules of smart contract by introducing ontology and SWRL and manage rules dynamically in various situations. In the previous research, there is a module that receives the upper rule in the blockchain network, and the rule layer is formed according to this module. However, for every transaction request, it is a lot of resources to check the top rule in a blockchain network, or to provide it to every blockchain network by a reputable organization every time the rule is updated. To solve this problem, we propose to separate the module responsible for the upper rule into an independent server. Since the module responsible for the above rules is separated into servers, the rules underlying the service may be transformed or attacked in the middleware. Therefore, the security mechanism using TLS and PKI is added as an agent in consideration of the security factor. In this way, the benefits of computing resource management and security can be achieved at the same time.

A Design and Implementation of A Rule-based Security Evaluation System for W Security Engine (IP Security 엔진을 위한 규칙기반 보안평가 시스템의 설계 및 구현)

  • Gwon, Hyeok-Chan;Hyeon, Jeong-Sik;Kim, Sang-Chun;Na, Jae-Hun;Son, Seung-Won
    • The KIPS Transactions:PartC
    • /
    • v.9C no.3
    • /
    • pp.367-374
    • /
    • 2002
  • IPsec offers not odd Internet security service such as Internet secure communication and authentication but also the safe key exchange and anti-replay attack mechanism. Recently IPsec is implemented on the various operating systems. But there is no existing tool that checks the servers, which provide IPsec services, work properly and provide their network security services well. In this paper, we design and implement the rule based security evaluation system for IPsec engine. This system operated on Windows and UNX platform. We developed the system using Java and C language.

Development of Rule-Based Malicious URL Detection Library Considering User Experiences (사용자 경험을 고려한 규칙기반 악성 URL 탐지 라이브러리 개발)

  • Kim, Bo-Min;Han, Ye-Won;Kim, Ga-Young;Kim, Ye-Bun;Kim, Hyung-Jong
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.30 no.3
    • /
    • pp.481-491
    • /
    • 2020
  • The malicious URLs which can be used for sending malicious codes and illegally acquiring private information is one of the biggest threat of information security field. Particularly, recent prevalence of smart-phone increases the possibility of the user's exposing to malicious URLs. Since the way of hiding the URL from the user is getting more sophisticated, it is getting harder to detect it. In this paper, after conducting a survey of the user experiences related to malicious URLs, we are proposing the rule-based malicious URL detection method. In addition, we have developed java library which can be applied to any other applications which need to handle the malicious URL. Each class of the library is implementation of a rule for detecting a characteristics of a malicious URL and the library itself is the set of rule which can have the chain of rule for deteciing more complicated situation and enhancing the accuracy. This kinds of rule based approach can enhance the extensibility considering the diversity of malicious URLs.

The Main Substance and Some Problems of 24 hours Advance Cargo Manifest Declaration Rule (선적 24시간전 적하목록전송규칙(24 Hours Rules)의 주요내용과 문제점)

  • Han, Sang-Hyun;Eom, Kwang-Yeol
    • The Journal of Information Technology
    • /
    • v.8 no.1
    • /
    • pp.95-112
    • /
    • 2005
  • This paper will look into the Main Substance and Some Problems of 24 hours Advance Cargo Manifest Declaration Rule, focuses on the Policy implication of Korea's and counter measures of our parties concerned about 24-hour advance vessel manifest rule. The 24-hour rule requires cargo owners to submit cargo manifest information to U.S. Customs 24 hours before vessel sailing from the final foreign port to a U.S. port. Cargo manifest information must be complete, accurate, and timely. As of February 2, 2003 manifest information can be submitted by paper or electronically. Cargo descriptions must be at a level of detail consistent with Harmonized Tariff Schedule (HTS) codes used by U.S. Customs. HTS codes are 10 digits. Electronic submissions are made via the Automated Manifest System (AMS) run by U.S. Customs.

  • PDF

Rule-Based Framework for user level delegation model in Role Based Access Control (역할기반 접근제어에서의 사용자 수준의 위임기법에 대한 Rule-Based Framework)

  • 박종화
    • The Journal of Information Technology
    • /
    • v.4 no.3
    • /
    • pp.139-154
    • /
    • 2001
  • In current role-based systems, security officers handle assignments of users to roles. This may increase management efforts in a distributed environment because of the continuous involvement from security officers. The technology of role-based delegation provides a means for implementing RBAC in a distributed environment with empowerment of individual users. The basic idea behind a role-based delegation is that users themselves may delegate role authorities to other users to carry out some functions on behalf of the former. This paper presents a rule-based framework for user-level delegation model in which a user can delegate role authority by creating new delegation roles. Also, a rule-based language for specifying and enforcing the policies is introduced.

  • PDF

A Detection Rule Exchange Mechanism for the Collaborative Intrusion Detection in Defense-ESM (국방통합보안관제체계에서의 협업 침입탐지를 위한 탐지규칙 교환 기법)

  • Lee, Yun-Hwan;Lee, Soo-Jin
    • Convergence Security Journal
    • /
    • v.11 no.1
    • /
    • pp.57-69
    • /
    • 2011
  • Many heterogeneous Intrusion Detection Systems(IDSs) based in misuse detection technique including the self-developed IDS are now operating in Defense-ESM(Enterprise Security Management System). IDS based on misuse detection may have different capability in the intrusion detection process according to the frequency and quality of its signature update. This makes the integration and collaboration with other IDSs more difficult. In this paper, with the purpose of creating the proper foundation for integration and collaboration between heterogeneous IDSs being operated in Defense-ESM, we propose an effective mechanism that can enable one IDS to propagate its new detection rules to other IDSs and receive updated rules from others. We also prove the performance of rule exchange and application possibility to defense environment through the implementation and experiment.