• Proceedings of the Korea Information Processing Society Conference
• /
• 2004.05a
• /
• pp.1079-1082
• /
• 2004

이동 에이전트는 자율적으로 수행이 가능한 능동적인 객체이지만 이동 에이전트 서버에 의해서 수행되기 때문에 서버에 대한 보안상 취약점을 가진다. 이와 관련하여 다양한 연구가 진행되었고 일정한 조건 안에서 안전한 방법들이 제안되었다. 그 중에는 여러 서버를 중첩하지 않고 순회하는 조건에서 안전한 수행 결과를 보장하는 방법이 있다 [10,11]. 이 방법은 신뢰 서버를 기점으로 에이전트가 자유롭게 순회를 하고 그 결과를 체인화하여 저장하는 방법이다. 본 논문에서 중첩된 순회를 가능하게 하며, 중요한 의사 결정을 안전하게 수행할 수 있는 이동 에이전트를 위한 베이스캠프를 제안한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.3
• /
• pp.109-116
• /
• 2007

In this paper, we analyse the security of the variant of Self-Shrinking generator proposed by Chang et al. against a guess-and-determine attack. This variant, which we call SSG-XOR is claimed to have better cryptographic properties than the Self-Shrinking generator in a practical setting. But we show that SSG-XOR is weaker than the Self-Shrinking generator from the viewpoint of guess-and-determine attack.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2022.01a
• /
• pp.273-276
• /
• 2022

정보통신 기술의 발달은 보안 위협의 증가라는 결과를 함께 가져왔고 국내뿐만 아니라 국외로도 보안 정책 관리에 대한 필요성이 지속적으로 강조되었다. 본 논문에서는 여러 보안 장비 중 방화벽 정책 관리를 도울 수 있는 보조 시스템을 개발하였다. 이를 위해 오픈소스 방화벽 솔루션을 가상 환경에 구축하고 방화벽 정책을 추출 및 분석하여 미 동작 정책과 중복 정책을 식별하였다. 이러한 점검 보조 도구를 정책 관리에 이용한다면 낮은 이해도로 인한 Human Error의 발생을 가능한 줄이고 그 결과, 외부 위협의 최소화를 이룰 것이라 기대한다.

• Review of KIISC
• /
• v.33 no.6
• /
• pp.45-49
• /
• 2023

뉴스페이스 시대가 도래하고 양자컴퓨터로 기존 암호체계의 파훼가 수월해진 오늘날 인공위성의 보안모듈은 고성능의 상용 부품을 필요로 한다. 본 연구에서는 PE와 Al의 복합소재를 활용하여 내방사선 능력이 적은 상용 부품을 사용한 인공위성 탑재 보안모듈의 차폐 방안을 제시하였다. 기존의 Al 단일 소재로 제작된 차폐 하우징의 성능과 경제성을 개선하기 위해 PE와 Al의 복합소재를 연구하였다. 이를 위해 OMERE를 통해 저궤도 위성의 임무 환경을 분석하여 PE와 Al 복합소재의 우주방사선 차폐성능과 Al 단일 소재의 우주방사선 차폐성능을 PHITS와 SRIM을 이용하여 비교분석하였다. 연구 결과, PE와 Al의 복합소재를 활용한 차폐 하우징은 가볍고 경제적인 장점을 가지며, 성능도 크게 향상됨을 확인하였다. 이러한 연구 결과는 보안모듈에 한정되지 않고 위성 부품의 차폐에 새로운 가능성을 제시함으로써, 전반적인 우주산업 발전과 위성의 임무 수행 실패율 감소에 기여할 수 있다.

• Journal of Digital Convergence
• /
• v.19 no.2
• /
• pp.105-115
• /
• 2021

The purpose of this study is to present the effect of differences in individual coping and organizational homogeneity culture on information security compliance from an exploratory perspective. The study divided groups into individual coping (task-oriented, emotion-oriented) and organizational homogeneity culture (homogeneity, heterogeneity), confirms the difference in information security for each group through cross-design and presents a multiple mediation model between information security factors. As a result of the study, in the coping dimension, the average of the security compliance factors was higher in the emotion-oriented than the task-oriented, and in the homogeneity culture dimension, the average of the security compliance factors was higher in the homogeneity than the heterogeneity. Additionally, social influence and involvement had a multiple mediation effect on the relationship between information security awareness and compliance intention. The implications of this study were to confirm the difference in the effect of individual decision-making styles on security compliance according to the organizational culture differences. The results suggest the necessity of applying a customized information security compliance model for each organization and individual characteristics.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.17 no.5
• /
• pp.913-926
• /
• 2022

As information is recognized as a core competency of organizations, organizations are increasingly investing in policies and technologies for information security(IS). Recently, as information exposure accidents by people have occurred continuously, interest in IS behaviors of organization insiders is increasing. This study aims to confirm the effect of the IS environment and support structure established by the organization on the intention of individuals to comply with IS. We conducted a survey of employees in organizations with IS policies and tested the hypothesis using the structural equation of AMOS 22.0 and Process 3.1 using 421 samples. As a result of the analysis, authentic leadership and justice climate, which are factors that build an IS environment, and communication and feedback, which are factors supporting IS compliance, have a positive effect on employees' compliance intention. In addition, authentic leadership, punishment, communication, and feedback were found to reinforce the positive impact of IS justice climate. As the study suggested the overall structural design direction to be pursued to reinforce insider's IS behavior, and the results help to achieve the IS goal.

• Journal of Navigation and Port Research
• /
• v.40 no.4
• /
• pp.213-222
• /
• 2016

Recently, as cases of organizations' information disclosure occur continuously, it is urgent to manage security of information and establish measures to enhance security of information by an organization itself. Especially, members of an organization should be prepared with measures for information security, and an organization should do its efforts to raise its members' awareness toward information security. I set a research model to verify what effects an organization's fulfillment of regulations to secure information brings to performance of information security and selected members from maritime and port organizations and financial and insurance institutes as sample. Results of the analysis to identify factors affecting information security performance among members of maritime and port organizations are as follows. Firstly, I found that the factors affecting information security awareness are information security attitude and information security standards. Secondly, the factor giving influence on information security policy of an organization was found to be information security standards. In contrast, information security punishments and information security training were verified not to give influence on compliance of information security policy. Thirdly, information security awareness was identified to give significant influence on compliance of information security policy, information security competence and information security behavior. Fourthly, compliance of information security policy was verified to be those factors that give influence on information security competence and information security behavior. Lastly, information security competence and information security behavior were found to be such factors that give influence on information security performance.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.2
• /
• pp.382-389
• /
• 2018

Recently cyber attacks can cause serious damage on various information systems. Log data analysis would be able to resolve this problem. Security log analysis system allows to cope with security risk properly by collecting, storing, and analyzing log data information. In this paper, a security log analysis system is designed and implemented in order to analyze security log data using the Logstash in the Elasticsearch, a distributed search engine which enables to collect and process various types of log data. The Kibana, an open source data visualization plugin for Elasticsearch, is used to generate log statistics and search report, and visualize the results. The performance of Elasticsearch-based security log analysis system is compared to the existing log analysis system which uses the Flume log collector, Flume HDFS sink and HBase. The experimental results show that the proposed system tremendously reduces both database query processing time and log data analysis time compared to the existing Hadoop-based log analysis system.

• The Journal of the Korea Contents Association
• /
• v.16 no.2
• /
• pp.243-250
• /
• 2016

Recently, with the rise of the mobile device, from mobile devices the user who owns the security, speed up the implementation of the guarantee management environment as businesses and individual equipment for the effcient management of the existing system, but the introduction of the MDM MDM App management features administrators to register the App until you can't prvent the security threat. Therefore, this paper addresses these issues in order to improve the security of your application for the control system. The proposed system is a function of the MDM authentication technology to design analysis, and system architecture to help prevent information disclosure within the design and implementation of Mobile-based application control system. Implementation of the control system to assess the security of the international common criteria security evaluation complete the test scenarios on the basis of the test items. An average of 40% of the test results to verify the results of this enhanced security.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.9
• /
• pp.99-107
• /
• 2010

This paper showed that the integrated system to fortify security was much more efficient than the respective system through the analysis of problems from Firewall and IPS system in the existing security systems. The results of problem analysis revealed that there were the delay of processing time and lack of efficiency in the existing security systems. Accordingly, their performance was evaluated by using the separated Firewall, IPS system, and the integrated system. The result of evaluation shows that the integrated security system this paper suggested is five times faster than the existing one in terms of processing speed of response. This paper demonstrated the excellence of the proposed security system is also more than fivefold in session handling per second and six times process speeding in the CPU processing performance. In addition, several security policies are applied, and it provided a fact that it gave an excellent performance when it comes to protecting from harmful traffic attacks. In conclusion, this paper emphasized that fortifying the integrated security system was more efficient than fortifying the existing one considering in various respects such as cost, management, time, space and so on.