The KIPS Transactions:PartC (정보처리학회논문지C)

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

Implementation of Security Policies of ONSU-MF(One Network Security Unit-Multi Function) and OSD-MD(One Security Device-Multi Defense)

ONSU-MF(One Network Security Unit-Multi Function)기법과 OSD-MD(One Security Device-Multi Defense)기법 기반의 보안정책 구현

  • 서우석 (숭실대학교 컴퓨터학과) ;
  • 이규안 (서울중앙지방검찰청 첨단범죄수사2부) ;
  • 전문석 (숭실대학교 컴퓨터학부)
  • Received : 2011.05.18
  • Accepted : 2011.08.08
  • Published : 2011.10.31
Download PDF
⟨ Previous Next ⟩

Abstract

This study is meaningful in that it standardizes various security and defense policies and devices, newly defines characteristics of defense policies and defense techniques, and specify and report various kinds of security polities and devices in order for administrators or users to add and apply the policies when introducing new security policies including the implementation of existing network infra and applying additionally. Therefore, this study aims to divide the policies into ONSU-MF(One Network Security Unit-Multi Function) that classifies one network security device-based policies and OSD-MD(One Security Device-Multi Defense), which implements various security methods by using one security device, and suggest network security infra improvement mechanism through the standardization implementation technique integrating the two methods.

본 논문은 다양한 보안방어 정책과 기기들이 산재해 있으나, 이를 표준화하여, 각 방어정책의 특성과 방어기법을 새롭게 정의함으로써 기존 네트워크 인프라 구현을 포함한 새로운 보안정책 도입 및 추가 구현 시 관리자 또는 사용자가 손쉽게 정책을 추가하고 바로 적용 가능하도록 각 보안 분야별 정책과 기기를 명세 보고서화 하는데 의의가 있다. 따라서 하나의 네트워크 보안기기를 기반으로 부여 가능한 정책들을 분류하는 ONSU-MF(One Network Security Unit-Multi Function)기법과 하나의 보안기기로 다양한 보안방안을 구현하는 OSD-MD(One Security Device-Multi Defense)기법으로 구분하고 이를 통합한 표준화 구현기법을 통해 향후 네트워크 보안 인프라 개선 메커니즘을 제안코자 한다.

Keywords

References

  1. Rahul Kumar, Rahul Karanam and Rahul Chowdary Bobba, Raghunath. S, "DDOS DEFENCE MECHANISM", IEEE computer society-2009 International Conference on Future Networks, pp.245-257, 2009.
  2. Hoon Ko and Carlos Ramos, "A Study on Security Framework for Ambient Intelligence Environment", IEEE computer society-2009 Fifth International Conference on Wireless and Mobile Communications, pp.93-98, 2009.
  3. Young-Hwan Cha and Hae-Sool Yang, "Development of Security Evaluate Model and Test Methodology of Enterprise Security Manageent (ESM) Product", The Journal of the Korea Contents Association, Vol.10, No.6, pp.156-165, 2010. https://doi.org/10.5392/JKCA.2010.10.6.156
  4. Walter Wong and Pekka Nikander, "Secure Naming in Information-centric Networks", Association for Computing Machinery, 2010.
  5. 인터넷침해대응센터, "인터넷 침해사고 동향 및 분석 월보", 2010년 10월호, pp.2, pp.30, 2010. 10.
  6. Sourav Kumar Dandapat, Bivas Mitraand Niloy Ganguly, Romit Roy Choudhury, "Fair Bandwidth Allocation in Wireless Network Using Max-Flow", Association for Computing Machinery, pp.407-408, 2010.
  7. Zhen YE, Weiwei SHI and Dayong YE, "DDoS Defense Using TCP_IP Header Analysis and Proactive Tests", IEEE computer society-2009 International Conference on Information Technology and Computer Science, pp.548-552, 2009.
  8. Woo-Sung Chun and Dea-Woo Park, "A Study on N-IDS Detection and Packet Analysis regarding a DoS attack", Journal of the Korea society of computer and information, Vol.13, No.6, pp.217-224, 2008.