• Title/Summary/Keyword: 보안 중요도

Search Result 2,301, Processing Time 0.024 seconds

A Study of Secure Group Key Management Based on Key-Chain for Multicast Data Transmission (멀티캐스트 전송을 위한 키 체인 기반의 안전한 그룹 키 관리방안 연구)

  • Kim, Bo-Seung;Kim, Jeong-Jai;Lee, Ki-Young;Shin, Yong-Tae
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.11 no.9
    • /
    • pp.3495-3501
    • /
    • 2010
  • Because the application simultaneously to transmit large amounts of data (Video conferencing, Internet broadcasting, Online games etc.) to multiple users increases, the importance and utilization of group communication was greater. So the security was recognized as a important issue. To provide security in multicast environment, A study of single group management server using protocol based on Key Tree Scheme was proposed. But the paper proposes secure group key management scheme to be a relatively low-overhead. Therefore proposed paper is demonstrated to be excellent by comparing the effectiveness of existing and proposed group key management scheme.

A Study on Test Module of Smart Cards in Electronic Payment Systems (전자지불시스템에서 이용되는 스마트카드의 시험 모듈 구성에 대한 연구)

  • 김윤정;이기한
    • The Journal of Society for e-Business Studies
    • /
    • v.9 no.1
    • /
    • pp.303-320
    • /
    • 2004
  • Smart card is a useful tool used in electronic payment systems and it is very important to test whether a smart card operates correctly. In this paper, we analyze previous researches on testing smart cards, such as ISO/IEC and KS standard documents, and Guideline of Card Quality Test. We also propose the functional test results done on the Highpassplus card of Korea Highway Corporation. By testing the Hipgpassplus card we can get card systems with reliable functionality and security. Furthermore, this can help developing more reliable security systems. The test results of the Highpassplus card proposed in this paper are the first research on testing smart cards in services in Korea and we expect that the test methods of smart card will be advanced based on our results.

  • PDF

CipherSuite Setting Problem of SSL Protocol and It's Solutions (SSL 프로토콜의 CipherSuite 설정 문제점과 해결 방안)

  • Lee, Yun-Young;Hur, Soon-Haeng;Park, Sang-Joo;Shin, Dong-Hwi;Won, Dong-Ho;Kim, Seung-Joo
    • The KIPS Transactions:PartC
    • /
    • v.15C no.5
    • /
    • pp.359-366
    • /
    • 2008
  • As the use of Internet and information communication technology is being generalized, the SSL protocol is essential in Internet because the important data should be transferred securely. While the SSL protocol is designed to defend from active attack such as message forgery and message alteration, the cipher suite setting can be easily modified. If the attacker draw on a malfunction of the client system and modify the cipher suite setting to the symmetric key algorithm which has short key length, he should eavesdrop and cryptanalysis the encrypt data. In this paper, we examine the domestic web site whether they generate the security session through the symmetric key algorithm which has short key length and propose the solution of the cipher suite setting problem.

The Operation of Administration Tool for Relatinships Management in the RBAC Security System (RBAC 보안시스템에서 관계관리를 위한 관리도구 동작)

  • 오석균;김성열
    • Proceedings of the Korea Society for Industrial Systems Conference
    • /
    • 1999.12a
    • /
    • pp.373-377
    • /
    • 1999
  • Role Based Access Control(RBAC) reduces the cost of administering access control policies as well as making the process less error-prone. The administration tool is most important component in the concept of RBAC. The administration tool for the RBAC security system is required the consistency of a relationships between user and role in the RBAC Database. In this paper, we propose formal specification in order to manage user-role and role-role relationships. The proposed formal specification leads to the consistency requirements for the RBAC database which are defined as a set of relationship. This paper can easily derive the implementation of the RBAC administration tool by formal specification of operations.

  • PDF

Design of OTP based on Mobile Device using Voice Characteristic Parameter (음성 특징 파라메터를 이용한 모바일 기반의 OTP 설계)

  • Cha, Byung-Rae;Kim, Nam-Ho;Kim, Jong-Won
    • Journal of Advanced Navigation Technology
    • /
    • v.14 no.4
    • /
    • pp.512-520
    • /
    • 2010
  • As the applications based on Mobile and Ubiquitous becoming more extensive, the communication security issues of those applications are appearing to be the most important concern. Therefore, every part of the system should be thoroughly designed and mutually coordinated in order to support overall security of the system. In this paper. we propose new technique which uses the voice features in order to generate Mobile One Time Passwords(OTPs). Voice is considered to be one of the powerful personal authentication factors of biometrics and it can be used for generating variable passwords for one time use. Also we performed a simulation of homomorphic variability of voice feature points using dendrogram and distribution of voice feature points for proposed password generation method.

A Fingerprint_based User Authentication Protocol for Wireless LAN Environment (무선랜 환경에서의 지문을 이용한 사용자 인증 프로토콜)

  • Jung Seung-Hwan;Lee Sung-Ju;Shin Hyun-Sup;Chung Yong-Wha;Kim Tae-Sup;Oh Ryong;Cho Choong-Ho;Lee Nam-Il
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 2006.06a
    • /
    • pp.258-261
    • /
    • 2006
  • 네트워크 기술이 발전함에 따라 유/무선 네트워크가 통합되기 시작하였고, 궁극적으로 언제/어디서나 컴퓨터를 사용한 수 있는 유비쿼터스 컴퓨팅 시대가 도래 할 것으로 예상된다. 최근에는 공공장소에서 고속의 무선 인터넷 접속에 대한 욕구가 커지면서 무선랜에 대한 관심이 많아지고 있다. 무선랜 환경에서 중요한 보안문제 중 하나는 승인된 사용자에게만 접속을 허용하는 것이다. 특히, 유선 네트워크와 다르게 무선 네트워크 환경에서는 Access Point(AP)가 설치되어 있는 곳이면 누구나 깁게 AP를 통해 네트워크를 이용할 수 있기 때문에 접속에 관한 보안의 중요성이 강조되고 있다. 본 논문에서는 무선랜 환경에서 안전하게 사용자를 인증하고 서비스를 제공하기 위해 지문을 이용한 사용자 인증 프로토콜을 제안한다.

  • PDF

Classification of ICS abnormal behavior in terms of security (보안측면에서의 산업제어시스템 비정상 행위 분류)

  • Na, Jung-Chan;Cho, Hyun-Sook
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.2
    • /
    • pp.329-337
    • /
    • 2013
  • Cyber threats of the ICS(Industrial Control System) has been researched on the level to the threat to the network service as well as a specific system, even if the extent of damage was not intended. Although some range of "security" just include the protection of systems against the deliberate attacks of terrorists or cyber hackers, often more damage is done by carelessness, and equipment failures than by those deliberate attacks. This paper presented a taxonomy for classifying all abnormal behaviors of ICS, including deliberate attacks, inadvertent mistakes, equipment failures, and software problems. The classification criteria of ICS abnormal behaviors was selected to highlight commonalities and important features of deliberate attacks as well as inadvertent actions.

Robust Digital Watermarking Using Chaotic Sequence (카오스 시퀀스를 이용한 견고한 디지털 워터마킹)

  • 김현환;정기룡
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.7 no.4
    • /
    • pp.630-637
    • /
    • 2003
  • This paper proposed a new watermarking algorithm using chaotic sequence instead of conventional M-sequence for protecting copyright to the author. Robustness and security is very important for watermarking process. We use multi-threshold value according to the human visual system for improving robustness of watermarking to each subband images coefficient differently after wavelet transform. And then, we embedded watermark image to original image by multi-watermark weights which are made by random sequence generator. We detect watermark image from the difference data which is made from each wavelet subband images. We also simulate the efficiency from the various possible attacks. Chaotic sequence is better than M-sequence, because the one is very easy to make sequence and the chaotic sequence is changed easy according to the initial value. So, the chaotic sequence has the better security than the conventional M-sequence.

A Secure Intrusion Detection System for Mobile Ad Hoc Network (모바일 Ad Hoc 네트워크를 위한 안전한 침입 탐지 시스템)

  • Shrestha, Rakesh;Lee, Sang-Duk;Choi, Dong-You;Han, Seung-Jo;Lee, Seong-Joo
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.13 no.1
    • /
    • pp.87-94
    • /
    • 2009
  • The intrusion detection system is one of the active fields of research in wireless networks. Intrusion detection in wireless mobile Ad hoc network is challenging because the network topologies are dynamic, lack centralization and are vulnerable to attacks. Detection of malicious nodes in an open ad-hoc network in which participating nodes do not have previous security association has to face number of challenges which is described in this paper. This paper is about determining the malicious nodes under critical conditions in the mobile ad-hoc network and deals with security and vulnerabilities issues which results in the better performance and detection of the intrusion.

Hierarchical Delegation Model for Network Security Management (네트워크 보안 관리를 위한 계층적 위임 모델)

  • 이강희;송병욱;배현철;김장하;김상욱
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2004.04a
    • /
    • pp.238-240
    • /
    • 2004
  • 본 논문에서는 대규모 네트워크 보안관리를 위한 계층적인 위임 모델을 제시한다. 대규모 네트워크는 라우터, 방화벽, 침입 탐지 시스템, 웹 서버 등의 수많은 구성요소로 이루어진 네트워크들의 집합이며, 각 네트워크마다의 독립적인 지역 정책들로 관리되어 서로간의 협동이 이루어질 수 없기 때문에 이를 효과적으로 통제하고 일괄적으로 관리하기 위해 계층적인 위임 모델이 사용되어야 한다. 제시하는 모델의 중요 구성 요소로는 관리 서버. 정책 설정 고 수준 언어 고 수준 언어 컴파일러, 도메인 서버. 인터프리터, 정책 관리 데이터베이스가 있다. 관리 서버에서 정책 설정 고 수준 언어를 사용하여 세밀하고 정교한 정책을 작성할 수 있고, 이 정책을 고 수준 언어 컴파일러를 통하여 최하위 노드들에게 적절하고 간결한 형태로 만들어낸다. 각 도메인 서버는 이 결과를 하위의 도메인 서버나 인터프리터에게 전달하면서 Keynote 신뢰 관리 시스템을 이용하여 권한을 위임한다. 그리고 인터프리터는 정책을 라우터, 방화벽, 웹 서버 등의 하위 노드에 맞는 실제 룰로 변환하녀 상위 관리 서버에서 전달한 정책을 적용하게 된다. 정책을 적용한 결과를 상위로 전달하여 데이터베이스를 구축한 뒤 후에 작성된 정책이 기존의 정책과 충돌하는지 검사에 이용하고, 충돌한다면 협상 과정을 거쳐 정책에 순응할 수 있는 결과를 도굴하게 된다. 또한 네트워크에서 많은 새로운 형태들의 노드가 추가될 수 있는데, 각각의 인터프리터만 추가함으로서 다양한 하위 노드를 충족시킬 수 있는 확장성을 제공한다.

  • PDF