• Title/Summary/Keyword: Active Security

Search Result 681, Processing Time 0.038 seconds

Access Policy Transfer Between Active Nodes Using Identities

  • Kim, Young-Soo;Han, Jong-Wook;Seo, Dong-Il;Sohn, Seung-Won
    • 제어로봇시스템학회:학술대회논문집
    • /
    • 2003.10a
    • /
    • pp.2178-2181
    • /
    • 2003
  • Active networks allow active node’s functionality to be extended dynamically through the use of active extensions. This flexible architecture facilitates the deployment of new network protocols and services. However, the active nature of a network also raises serious safety and security concerns. These concerns must be addressed before active networks can be deployed. In this paper we look at how we can control active extension’s access to different active nodes. Specifically, the authentication between active nodes is very important in this case. We use unique identity each node has for transferring access policies between active nodes. In this paper, we suggest a new method of transferring access policies performing authentications using identities between active nodes.

  • PDF

The Study on the Security Model for ActiveX Control Management through Security Authentication (보안 인증을 통한 ActiveX Control 보안 관리 모델에 관한 연구)

  • Park, Sung-Yong;Moon, Jong-Sub
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.19 no.6
    • /
    • pp.113-119
    • /
    • 2009
  • In recent years, to provide visitors with the various and dynamic services, many ActiveX Controls are developed and distributed in most of the web sites such as e-Government Internet banking Portal in Korea. However, unsecure ActiveX Controls may be critical security threats on Internet User. Although hacking incidents increase sharply for these vulnerable ActiveX Controls, there are not enough national security actions or policies. Thus, in this paper we propose the technical method to design 'Security model for ActiveX Control Managemnet through Security Authentication' to be able safe and useful security management in three aspects of development distribution using.

Active Security Management on Active Networks (능동 네트워크 기반의 능동 보안 관리 시스템)

  • 이영석
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.29 no.4C
    • /
    • pp.559-569
    • /
    • 2004
  • It has become more difficult to correspond an cyber attack quickly as a pattern of attack becomes various and complex. And, current security mechanisms just have passive defense functionalities. In this paper, we propose new network security architecture to respond various cyber attacks rapidly and to chase and isolate the attackers through cooperation between security zones. The proposed architecture make possible to deal effectively with cyber attacks such as IP spoofing or DDoS(Distributed Denial of Service) using active packet technology including a mobile sensor on active network. Active Security Management System based on proposed security architecture consists of active security node and active security server in a security zone, and is designed to have more active correspondent than that of existing mechanisms. We implemented these mechanisms in Linux routers and experimented on a testbed to verify realization possibility of Active Security Management System. The experimentation results are analyzed.

A study on optimal security policy using USB security module and Active. (USB 보안 모듈과 Active Directory를 활용한 최적의 보안정책에 관한 연구)

  • An, Su Yong;Lee, Deok Gyu
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2020.11a
    • /
    • pp.475-476
    • /
    • 2020
  • 자체 제작한 프로그램인 USB security module과 Active Directory를 활용하여 서버에서 다수의 클라이언트를 관리할 수 있는 시스템을 구축한다. USB 보안 모듈과 Active Directory의 보안정책을 결합하여 극단적이고 폐쇄적인 강력한 보안을 가능케 하며 보안정책별 효용성을 살펴보고자 한다.

A Cooperative Jamming Based Joint Transceiver Design for Secure Communications in MIMO Interference Channels

  • Huang, Boyang;Kong, Zhengmin;Fang, Yanjun;Jin, Xin
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.4
    • /
    • pp.1904-1921
    • /
    • 2019
  • In this paper, we investigate the problem of secure communications in multiple-input-multiple-output interference networks from the perspective of physical layer security. Specifically, the legitimate transmitter-receiver pairs are divided into different categories of active and inactive. To enhance the security performances of active pairs, inactive pairs serve as cooperative jammers and broadcast artificial noises to interfere with the eavesdropper. Besides, active pairs improve their own security by using joint transceivers. The encoding of active pairs and inactive pairs are designed by maximizing the difference of mean-squared errors between active pairs and the eavesdropper. In detail, the transmit precoder matrices of active pairs and inactive pairs are solved according to game theory and linear programming respectively. Experimental results show that the proposed algorithm has fast convergence speed, and the security performances in different scenarios are effectively improved.

Component Classification and Specification on Active Security Architecture (능동보안 아키텍쳐를 위한 컴포넌트 분류 및 명세방법)

  • 김상영;김재웅;황선명
    • Journal of Korea Multimedia Society
    • /
    • v.7 no.1
    • /
    • pp.113-125
    • /
    • 2004
  • Active networks aim to provide a software framework that enables active network applications to customize the processing their communications. Active security component architecture focuses on the support of reuse system by active security component. The architecture is standard layer to acquire, understand, and assemble component, and it has to support a guideline for component identification, search and customization. In this paper we present the active security architecture as a standard model of discrete active network solution, and we propose the method for component classification and specification.

  • PDF

The Study of technique to find and prove vulnerabilities in ActiveX Control (ActiveX Control 취약점 검사 및 검증 기법 연구)

  • Sohn, Ki-Wook;Kim, Su-Yong
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.15 no.6
    • /
    • pp.3-12
    • /
    • 2005
  • To provide visitors with the various services, Many web sites distribute many ActiveX controls to them because ActiveX controls can overcome limits of HTML documents and script languages. However, PC can become dangerous if it has unsecure ActiveX controls, because they can be executed in HTML documents. Nevertheless, many web sites provide visitors with ActiveX controls whose security are not verified. Therefore, the verification is needed by third party to remove vulnerabilities in ActiveX controls. In this paper, we introduce the process and the technique to fad vulnerabilities. The existing proof codes are not valid because ActiveX controls are different from normal application and domestic environments are different from foreign environments. In this paper, we introduce the technique to prove vulnerabilities in ActiveX control.

A Study on Making of Infrastructure through Utilizing USB Security Module and Active Directory (USB 보안 모듈과 Active Directory를 활용한 인프라 구축에 관한 연구)

  • Nam, Gi Cheol;Lee, Deok Gyu
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2020.11a
    • /
    • pp.65-68
    • /
    • 2020
  • 자체 제작한 프로그램인 USB 보안 모듈과 Active Directory를 활용하여 서버에서 다수의 클라이언트를 관리할 수 있는 인프라를 구축한다. USB 보안 모듈과 기존 소극적인 보안 정책으로 인해 개인 또는 내부망으로 사용하고 있는 Active Directory의 보안 정책을 결합하여 극단적이고 폐쇄적인 강력한 보안 기능을 가능케 하며 그 효용성을 제안 한다.

A Secure Active Packet Transfer using Cryptographic Techniques (암호 기술을 이용한 안전한 능동 패킷 전송)

  • 김영수;나중찬;손승원
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.12 no.2
    • /
    • pp.135-145
    • /
    • 2002
  • Active networks represent a new approach to network architecture. Nodes(routers, switches, etc.) can perform computations on user data, while packets can carry programs to be executed on nodes and potentially change the state of them. While active networks provide a flexible network iufrastructure, they are more complex than traditional networks and raise considerable security problems. Nodes are Public resources and are essential to the proper and contract running of many important systems. Therefore, security requirements placed upon the computational environment where the code of packets will be executed must be very strict. Trends of research for active network security are divided into two categories: securing active nodes and securing active packets. For example, packet authentication or monitoring/control methods are for securing active node, but some cryptographic techniques are for the latter. This paper is for transferring active packets securely between active nodes. We propose a new method that can transfer active packets to neighboring active nodes securely, and execute executable code included in those packets in each active node. We use both public key cryptosystem and symmetric key cryptosystem in our scheme

A Study on The Vulnerabilities and Problems of Security Program (보안 프로그램의 취약성 및 문제점에 관한 연구)

  • Jeon, Jeong Hoon
    • Convergence Security Journal
    • /
    • v.12 no.6
    • /
    • pp.77-84
    • /
    • 2012
  • Recent Security Programs are widely used to improve the security of Client Systems in the Web authentication. Security Program is provide the function of the Keyboard Security and Certificate Management, Vaccines, Firewall. in particular, This Security Program has been used Financial Institutions and Government Agencies, and some private corporate Home Page. and ActiveX is used to install the Security Program. but Security Programs caused by several security vulnerabilities and problems as they appear, are threat to the stability of the Client System. Therefore, This paper will be analyzed through Case Studies and Experiments to the Vulnerabilities and Problems of Security Program and This Is expected to be utilized to further improve the performance of the Security Program and the building of a new Certification Scheme for material in the future.