• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.9B
• /
• pp.1342-1349
• /
• 2010

Full-mesh IPSec tunnels, which constitute a black network, are required so that the dynamically changing PT (Plain Text) networks can be reachable across the black network in military environments. In the secure and mobile black networks, dynamically re-configuring IPSec tunnels and security policy database (SPD) is very difficult to manage. In this paper, for the purpose of solving mobility and security issues in military networks, we suggest the relating main technologies in association with DMIDP (Dynamic Multicast-based IPSec Discovery Protocol) based on existing IPSec ESP (Encapsulating Security Payload) tunnels and IPSec key managements. We investigate the main parameters of the proposed DMIDP techniques and their operational schemes which have effects on mobility and analyze operational effectivemess of the DMIDP with proposed parameters.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.6
• /
• pp.1364-1370
• /
• 2005

There are many security models for database systems using policy-based access control. RBAC (Role-based Access Control) is used for complementing MAC (Mandatory Access Control) and DAC (Discretionary Access Control) and is for performing flexibly security policies meet applied environment. We implemented the database security system that applies DAC, MAC, and RBAC to meet security requirements of users. However, security policies are constructed redundantly whenever security policies are needed to each user in this system. Even though the proposed security system can flexibly control more complicated 'read' access to various data sizes for individual users, it is obvious that there is a possibility that a new policy can be a duplication of existing policies. In this paper, we introduce the problem of policy duplication and propose the policy management module. With this proposed module, constructed policies are checked for duplication and deleted or merged with existing policies.

• Journal of Digital Convergence
• /
• v.11 no.2
• /
• pp.317-322
• /
• 2013

Mobile cloud environment is recently becoming popular due to Internet access through various environments. Driven by computer performance improvement and service development, the demand for mobile cloud is increasing and accordingly the damage is on the rise. Therefore, it needs to conduct a study on problems of security necessary in large database that occurs in mobile cloud services. Although various security solutions limiting database access, security strategies about new user environments should be analyzed. This study analyzes weakness of safe data access through database management in mobile cloud environment and examines security requirements for safe data management. In addition, this study looks into threatening factors of security in cloud services and then draws security requirements about safer access control. A study on system application and evaluation of security requirements about access control is required.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.1
• /
• pp.43-54
• /
• 2001

In this paper we study the use of polyinstantiation for spatial data, for the purpose of solving cover in topology channel in multilevel secure spatial database systems. Spatial database system with topological structure has a number of spatial analysis function using spatial data and neighbored one\`s each other. But. it has problems that information flow is occurred by topological relationship in spatial database systems. Geographic Information System(CIS) must be needed mandatory access control because there ,are many information flow through positioning information And topological relationship between spatial objects. Moreover, most GIS applications also graphe user interface(GUI). In addressing these problems, we design the MLS/SRDM(Multi Level Security/Spatial Relational Data Model) and propose polyinstantiation for spatial data for solving information flow that occurred by toplogical relationship of spatial data.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.125-134
• /
• 2008

A great number of RFID authentication protocols have been proposed for the secure RFID system. These are typically divided into three types according to primitive that they use : Hash-based, Re-encryption based, and XORing-based protocol. The well-known attacks in RFID system are eavesdropping. impersonating, location tracking, and so on. However, existing protocols could not provide security against above attacks, or it was not efficient to search for tags on database. Therefore, in this paper we present a protocol which is secure against above attacks by using hash function and makes Database search tags easily by attaining the state information of previous session through the shared values with all tags and database.

• Journal of Korea Multimedia Society
• /
• v.24 no.1
• /
• pp.58-66
• /
• 2021

The user's password must be encrypted one-way through the hash function and stored in the database. Widely used hash functions such as MD5 and SHA-1 have also been found to have vulnerabilities, and hash functions that are considered safe can also have vulnerabilities over time. Salt enhances password security by adding it before or after the password before putting it to the hash function. In the case of the existing Salt, even if it is randomly assigned to each user, once it is assigned, it is a fixed value in a specific column of the database. If the database is exposed to an attacker, it poses a great threat to password cracking. In this paper, we suggest variable-dynamic Salt that dynamically changes according to the user's password during the login process. The variable-dynamic Salt can further enhance password security during login process by making it difficult to know what the Salt is, even if the database or source code is exposed.

• Journal of Service Research and Studies
• /
• v.5 no.1
• /
• pp.57-70
• /
• 2015

This paper develop curnel based high speed packet filtering imbedded gateway and firewall using cloud database. This study develop equipment include of predict function through bigdata analysis using cloud system. This equipment include intrusion prevention for network attack, and include system security function of L7 switch based contents. This study can improve security level of little company and general family. This study can pioneer a new market. This study can develop high perfomance switch and replacement of existing security equipment. This study proposed new next generation algorithm for constuction of high performance system from low specifications.

• Journal of National Security and Military Science
• /
• s.1
• /
• pp.269-310
• /
• 2003

AS Extensible Markup Language(XML) is emerging as the data format of the Internet era, there are increasing needs to efficiently transform between database and XML documents. In this paper, we propose a schema transformation method from relational database to XML database. To transform the schema, we represent input schema as Entity-Relationship diagram. Entity-Relationship model translator scans the input Entity-Relationship diagram using BFS (breadth First Search) and translates the diagram into hierarchical structure model. The XML Schema generator produces XML Scema code using the transformed hierarchical structure model. The proposed method has a merit that having reusability facility of XML Schema property in comparison with existing researches.

• Journal of Electrical Engineering and information Science
• /
• v.2 no.5
• /
• pp.89-99
• /
• 1997

The application for real-time database systems must satisfy timing constraints. Typically the timing constraints are expressed in the form of deadlines which are represented by priorities to e used by schedulers. In any real-time applications, since the system maintains sensitive information to be shared by multiple users with different levels of security clearance, security is another important requirement. As more advanced database systems are being used in applications that need to support timeliness while managing sensitive information, protocols that satisfy both requirements need to be developed. In this appear, we proposed a new priority-driven secure multiversion locking (PSMVL) protocol for real-time secure database systems. The schedules produced by PSMVL are proven to e one-copy serializable. We have also shown tat the protocol eliminates covert channels and priority inversions. The details of the protocol, including the compatibility matrix and the version selection algorithms are presented. the results of the performance comparisons of our protocol with other protocols are described.

• The Journal of the Korea Contents Association
• /
• v.11 no.2
• /
• pp.61-68
• /
• 2011

Due to the rapid development of the Internet, many companies in a variety of applications to users open an unspecified number of the current business environment, security of personal information about recent issues are often mentioned in terms of its importance may be the company's top priority. The government recently on personal information strengthening measures on information communications network law enacted into law which is applicable to various industries. Companies to protect the personal information of various measures to comply with these regulations, and arrange your personal information for internal management to enhance security fast security solution has been introduced. The number of used data is stored in the DBMS in terms of compliance with these regulations at the same time effectively to ensure data security and encryption measures, access control, audit, each separated by an implementation of the solution and how it compares with the best Database security plan allows you to explore as a this paper's security checklist.