• Convergence Security Journal
• /
• v.20 no.1
• /
• pp.69-75
• /
• 2020

The command control system, like the human brain and nervous system, is a linker that connects the Precision Guided Missile(PGR) in information surveillance and reconnaissance (ISR) and is the center of combat power. In establishing the future command and control system, the ROK military should consider not only technical but also institutional issues. The US Department of Defense establishes security policies, refines them, and organizes them into architectural documents prior to the development of the command and control system. This study examines the security architecture applied to the US military command control system and analyzes the current ROK military-related policies (regulations) to identify security requirements for the future control system. By grouping the identified security requirements, this study identifies and presents field-specific enhancements to existing security regulations.

• Proceedings of the Korea Society for Simulation Conference
• /
• 2003.11a
• /
• pp.119-125
• /
• 2003

Trusted operating systems (OS) provide the basic security mechanisms and services that allow a computer system to protect, distinguish, and separate classified data. This paper proposes a new concept of operating system security enhancement system which uses loadabel security kernel module (LSKM) or dynamic link library(DLL) and specific conditions for operational environment should be assumed.

• Journal of Internet Computing and Services
• /
• v.23 no.4
• /
• pp.95-107
• /
• 2022

With the rapid development of Internet of Things sensor devices and big data processing techniques, Internet of Things sensor-based information systems have been applied in various industries. Depending on the industry in which the information systems are applied, the accuracy of the information derived can affect the industry's efficiency and safety. Therefore, security techniques that protect sensing data from security attacks and enable information systems to derive accurate information are essential. In this paper, we examine security threats targeting each processing step of an Internet of Things sensor-based information system and propose security mechanisms for each security threat. Furthermore, we present an Internet of Things sensor-based information system structure that is robust to security attacks by integrating the proposed security mechanisms. In the proposed system, by applying lightweight security techniques such as a lightweight encryption algorithm and obfuscation-based data validation, security can be secured with minimal processing delay even in low-power and low-performance IoT sensor devices. Finally, we demonstrate the feasibility of the proposed system by implementing and performance evaluating each security mechanism.

• Journal of Korea Multimedia Society
• /
• v.25 no.10
• /
• pp.1433-1447
• /
• 2022

Recently, as the demand for physical security technology to prevent leakage of technical and business information of companies and public institutions increases, the high tech companies are operating X-ray security checkpoints at building entrances to protect their intellectual property and technology. X-ray security checkpoints are operated to detect cameras and storage media that may store or leak important technologies in the bags of people entering and leaving the building. In this study, we propose an X-ray security checkpoint system that automatically detects a storage medium in an X-ray image using a deep learning based object detection method. The proposed system consists of an edge computing unit and a cloud-computing unit. We employ the RetinaNet for automatic storage media detection in the X-ray security checkpoint images. The proposed approach achieved mAP of 95.92% on private dataset.

• KIPS Transactions on Computer and Communication Systems
• /
• v.10 no.5
• /
• pp.145-154
• /
• 2021

Recently, the introduction of Cloud Managing Security Services System to respond to security threats in cloud computing environments is increasing. Accordingly, it is necessary to analyze the security requirements for the Cloud Managing Security Services System. However, the existing research has a problem that does not reflect the virtual environment of the cloud and the data flow of the Cloud Managing Security Services System in the process of deriving the requirements. To solve this problem, it is necessary to identify the information assets of the Cloud Managing Security Services System in the process of threat modeling analysis, visualize and display detailed components of the cloud virtual environment, and analyze the security threat by reflecting the data flow. Therefore, this paper intends to derive the security requirements of the Cloud Managing Security Services System through threat modeling analysis that is an improved existing research.

• Convergence Security Journal
• /
• v.22 no.2
• /
• pp.51-57
• /
• 2022

Recently, the concept of zero trust has been introduced, and it is necessary to strengthen the security elements required for the next-generation security control system. Also, the security paradigm in the era of the 4th industrial revolution is changing. Cloud computing and the cybersecurity problems caused by the dramatic changes in the work environment due to the corona 19 virus continue to occur. And at the same time, new cyber attack techniques are becoming more intelligent and advanced, so a future security control system is needed to strengthen security. Based on the core concept of doubting and trusting everything, Zero Trust Security increases security by monitoring all communications and allowing strict authentication and minimal access rights for access requesters. In this paper, we propose a security enhancement plan in the security control field through a zero trust security model that can understand the problems of the existing security control system and solve them.

• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.101-106
• /
• 2021

To protect financial information, financial companies establish strategies and plans for information security, operate information security management systems, establish and operate information security systems, check vulnerabilities, and secure information. This paper aims to present an information security portal system for financial companies that can gain visibility into various information security activities being undertaken by financial companies and can be integrated and managed. The information security portal system systemizes the activities of the information security department, providing an integrated environment for information security activities to participate from CEOs to executives and employees, not just from the information security department. Through this, it can also be used as information security governance that can be used by top executives to reflect information security in corporate management.

• Proceedings of the KSR Conference
• /
• 2004.06a
• /
• pp.153-158
• /
• 2004

The security system using optical fiber is a system, circulating infrared rays laser pulse on the optical fiber which is attached on the security fence to prevent invasion, which can show invasion position with visible and audible signal on the situation monitor if an invader cut or pull the security fence with minuteness of 10m. The optical fiber can be also applied for the bed structure stability monitoring system of high speed train as well as security system. To apply this system for high speed railroad bed structures, this system will give an alarm if it detect excessive tension, shrinkage, deflection which is beyond the limit of structure, that will prevent serious railroad accident. In this paper, we like to propose that applying this system for security and structure stability can improve confidence and stability on operation of railways

• Korean Security Journal
• /
• no.4
• /
• pp.319-341
• /
• 2001

Most of protecting security activity is carried out by manpower partly by security equipment. The protecting security market and the area of protecting security activity is increasing in spite of change of economic and social environment situation. For more effective protecting security activity, the coordination of electronic equipment and manpower is required. So some application method is suggested throughout the thesis, which is especially focused on new approaching method. The integration of intrusion detecting system, C.C.TV system and Access control system is introduced for general application in chapter III, and some application systems are proposed for protecting security activity in chapter IV. But the security equipment is only aid for manpower, so manpower and equipment should be coordinated well.

• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.107-113
• /
• 2019

Data security is the planning, implementation and implementation of security policies and procedures for the proper audit and authorization of access to and use of data and information assets. In addition, data serviced through internal / external networks, servers, applications, etc. are the core objects of information protection and can be said to focus on the protection of data stored in DB and DB in the category of information security of database and data. This study is a preliminary study to design a proper Data Security Management System (DSMS) model based on the data security certification system and the US Federal Security Management Act (FISMA). And we study the major security certification systems such as ISO27001 and NIST's Cybersecurity Framework, and also study the state of implementation in the data security manager solution that is currently implemented as a security platform for preventing personal data leakage and strengthening corporate security.