• Convergence Security Journal
• /
• v.5 no.1
• /
• pp.1-9
• /
• 2005

XML is the most common tool for data processing and data transmission in web applications. Policies are extensively used in all online business solutions and it is recognized that abinary decision such as 'yes/no' for access requests is not enough. In this paper, a method is developed to convert policy rules with provisions and obligations in logic formula formats into XML formats. The primary purpose is to enable security policy programmers to write flexible authorization policies in XML and to implement them easily. General syntaxes are defined to specify information for users, objects and actions in XML formats and an XML DTD is developed to specify authorization rules with these three components. To support various security features such as data transcoding and non-repudiation depending on data in addition to access control based on authorization policies, studies for specifying them in XML policy rules will be performed in the future.

• Convergence Security Journal
• /
• v.23 no.2
• /
• pp.103-113
• /
• 2023

In recent years, Unmanned Aerial Vehicles (UAV) have been widely used in various industries. However, as the depend ence on UAV increases rapidly, concerns about the security and safety of UAV are growing. Currently, various vulnerabili ties such as stealing the control right of the UAV or the right to communicate with the UAV in the web application are being disclosed. However, there is a lack of research related to the security of UAV. Therefore, in this paper, a study was conducted to determine whether the packet data was normal or abnormal by collecting packet data of an unmanned aerial vehicle in a HITL(Hardware In The Loop) simulation environment similar to the real environment. In addition, this paper proposes a method for reducing computational cost in the modeling process and increasing the ease of data interpretation, a machine learning-based anomaly detection model that detects abnormal data by learning only normal data, and optimized hyperparameter values.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.155-167
• /
• 2012

Cloud computing service is a next generation IT service which has pay-per-use billing model and supports elastically provisioning IT infra according to user demand. However it has many potential threats originating from outsourcing/supporting service structure that customers 'outsource' their own data and provider 'supports' infra, platform, application services, the complexity of applied technology, resource sharing and compliance with a law, etc. In activation of Cloud service, we need objective assessment standard to ensure safety and reliability which is one of the biggest obstacles to adopt cloud service. So far information security management system has been used as a security standard for a security management and IT operation within an organization. As for Cloud computing service it needs new security management and assessment different from those of the existing in-house IT environment. In this paper, to make a Information Security Management System considering cloud characteristics key components from threat management system are drawn and all control domain of existing information security management system as a control components are included. Especially we designed service security management to support service usage in an on-line self service environment and service contract and business status.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.181-192
• /
• 2017

Internet of Things includes the whole process of collected information generated from a variety of objects, as well as analyzing and sharing it, and providing useful information services to people. This study seeks ways to improve security and safety in the areas of service security technology, ID management technology and service access control, all of which take place in the IoT environment. We have implemented the services that can design and issue C&C (Certificate and Capability) service token authentication, which is based on a public key, to improve the service security. In addition, we suggest LCRS (Left Child-Right Sibling) resource model management for the efficient control of resources when generating the resource services from the data collected from node devices. We also implemented an IoT services platform to manage URL security of the resource services and perform access control for services.

• Journal of Internet Computing and Services
• /
• v.17 no.5
• /
• pp.131-139
• /
• 2016

This paper presents a workflow validation method for data-intensive graphical workflow models using real-time workflow tracing mode on data-intensive workflow designer. In order to model and validate workflows, we try to divide as modes have editable mode and tracing mode on data-intensive workflow designer. We could design data-intensive workflow using drag and drop in editable-mode, otherwise we could not design but view and trace workflow model in tracing mode. We would like to focus on tracing-mode for workflow validation, and describe how to use workflow tracing on data-intensive workflow model designer. Especially, it is support data centered operation about control logics and exchange variables on workflow runtime for workflow tracing.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.5 no.1
• /
• pp.51-64
• /
• 1995

In distributed environments, the DB secure models have been being studied to include the multi-level mechanism which is effective to control access according to the level of the data value. These mechanisms have the problems. The first, it is impossible to maintain the global data which is protected in the multi-level mechanism. The second, the access and the relation of the data is not clear due to the access revocation between the local data and the global's. In this paper, we proposed the mechanism using shema. The mechanism doesn't have the access revocation, and provides the protection of the data and the control to the global data.

• Journal of Institute of Control, Robotics and Systems
• /
• v.19 no.4
• /
• pp.299-305
• /
• 2013

The complexity and severe nonlinearity of multi-machine power systems make it difficult to design a control input for voltage regulation using modern control theory. This paper presents a model-based PID control scheme for the regulation of the bus voltage to a desired value. To this end, a fourth-order linear system is constructed using input and output data obtained using the TSAT (Transient Security Assessment Tool); the input is assumed to be applied to the grid through the STATCOM (STATic synchronous COMpensator) and the output from the grid is a bus voltage. On the basis of the model, it is identified as to which open-loop poles of the system make the response to a step input oscillatory. To reduce this oscillatory response effectively, a model-based PID control is designed in such a way that the oscillatory poles are no longer problematic in the closed loop. Simulation results show that the proposed PID control dampens the response effectively.

• Journal of the Korea Computer Industry Society
• /
• v.3 no.3
• /
• pp.351-362
• /
• 2002

Today, management object using SNMP is not only covered network but also more privacy object like personal or billing data. To enforce security management, view-based access control model is introduced in SNMPv3. However, they are not designed to enforce more privacy object such as purpose and increase complexity of user management. Task-based access control can provide enhanced security service using purpose binding and leverage the complexity of user management using purpose of task.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1477-1484
• /
• 2015

With the growth of financial industry with smartphone, interest on user authentication using smartphone has been arisen in these days. There are various type of biometric user authentication techniques, but gait recognition using accelerometer sensor in smartphone does not seem to develop remarkably. This paper suggests the method of user authentication using accelerometer sensor embedded in smartphone. Specifically, calibrate the sensor data from smartphone with 3D-transformation, extract features from transformed data and do principle component analysis, and learn model with using gaussian mixture model. Next, authenticate user data with confidence interval of GMM model. As result, proposed method is capable of user authentication with accelerometer sensor on smartphone as a high degree of accuracy(about 96%) even in the situation that environment control and limitation are minimum on the research.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.97-105
• /
• 2022

This paper explains trends in security technologies for ICS. Since ICS is usually applied to large-scale national main infrastructures and industry fields, minor errors caused by cyberattack could generate enormous economic cost. ICS has different characteristic with commonly used IT systems, so considering security threats of ICS separately with IT is needed for developing modern security technology. This paper introduce framework for ICS that analyzes recent cyberattack tactics & techniques and find out trends in Intrusion Detection System (IDS) which is representative technology for ICS security, and analyzes AI technologies used for IDS. Specifically, this paper explains data collection and analysis for applying AI techniques, AI models, techniques for evaluating AI Model.