• Proceedings of the Korean Information Science Society Conference
• /
• 2003.10a
• /
• pp.682-684
• /
• 2003

With the explosive rapid expansion of computer using during the past few years, security has become a crucial issue for modem computer systems. Today, there are many intrusion detection systems (IDS) on the Internet. A variety of intrusion detection techniques and tools exist in the computer security community such as enterprise security management system (ESM) and system integrity checking tools. However, there is a potential problem involved with intrusion detection systems that are installed locally on the machines to be monitored. If the system being monitored is compromised, it is quite likely that the intruder will after the system logs and the intrusion logs while the intrusion remains undetected. In this project KIT-I, we adopt remote logging server (RLS) mechanism, which is used to backup the log files to the server. Taking into account security, we make use of the function of SSL of Java and certificate authority (CA) based key management. Furthermore, Support Vector Machine (SVM) is applied in our project to detect the intrusion activities.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.83-102
• /
• 2024

Recently, as the use of the cloud increases year by year and remote work within the enterprise has become one of the new types of work, the security of the cloud-based remote work environment has become important. The introduction of zero trust is required due to the limitations of the existing perimeter security model that assumes that everything in the internal network is safe. Accordingly, NIST and DoD published standards related to zero trust architecture, but the security requirements of that standard describe only logical architecture at the abstract level. Therefore, this paper intends to present more detailed security requirements compared to NIST and DoD standards by performing threat modeling for OpenStack clouds. After that, this research team performed a security analysis of commercial cloud services to verify the requirements. As a result of the security analysis, we identified security requirements that each cloud service was not satisfied with. We proposed potential threats and countermeasures for cloud services with zero trust, which aims to help build a secure zero trust-based remote working environment.

• Journal of Computing Science and Engineering
• /
• v.5 no.4
• /
• pp.331-337
• /
• 2011

Recently, Virtual Desktop Infrastructure (VDI) has been widely adopted to ensure secure protection of enterprise data and provide users with a centrally managed execution environment. However, user experiences may be restricted due to the limited functionalities of thin clients in VDI. If thick client devices like laptops are used, then data leakage may be possible due to malicious software installed in thick client mobile devices. In this paper, we present Data Firewall, a security framework to manage and protect security-sensitive data in thick client mobile devices. Data Firewall consists of three components: Virtual Machine (VM) image management, client VM integrity attestation, and key management for Protected Storage. There are two types of execution VMs managed by Data Firewall: Normal VM and Secure VM. In Normal VM, a user can execute any applications installed in the laptop in the same manner as before. A user can access security-sensitive data only in the Secure VM, for which the integrity should be checked prior to access being granted. All the security-sensitive data are stored in the space called Protected Storage for which the access keys are managed by Data Firewall. Key management and exchange between client and server are handled via Trusted Platform Module (TPM) in the framework. We have analyzed the security characteristics and built a prototype to show the performance overhead of the proposed framework.

• Convergence Security Journal
• /
• v.7 no.2
• /
• pp.81-89
• /
• 2007

Mobile computing environment that support so that can offer employees inside information that enterprise has always improves business productivity and fetches efficiency enlargement. In this paper, limit model that can process ERP information by real-time as easy and convenient always utilizing radio network and PDA, Mobile camera based on Mobile vision concept. Calculable information between seller and customer is supplied supplying real-time brand image and information by practical use of Enterprise Resource Planning doing based on Mobile. Technical development and commercialization that utilize mobility, enforcement stronghold, portability etc. that is advantage of Mobile communication are required. In this paper, mobility of precious metals.jewel field that use portable terminal equipment taking advantage of a Mobile technology is secured. Constructed Mobile vision system that satisfy photography and bar-code scan at the same time from Mobile camera.

• Journal of Digital Contents Society
• /
• v.9 no.3
• /
• pp.491-498
• /
• 2008

The leakage of sensitive information by an insider within the organization becomes a serious threat nowadays. Sometimes, these insider threats are more harmful to an organization than external attack. Companies cannot afford to continue ignoring the potential of insider attacks. The purpose of this study is to design an integrated log analysis system that can detect various types of information leakages. The system uses threat rules generated through risk analysis, and monitors every aspect of the online activities of authorized insider. Not only should system have the ability to identify abnormal behavior, they should also be able to predict and even help to prevent potential risk. The system is composed of three modules, which are log collector, log analyzer and report generator.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.8
• /
• pp.1797-1804
• /
• 2015

Integrated log management system can help to predict the risk of security and contributes to improve the security level of the organization, and leads to prepare an appropriate security policy. In this paper, we have designed and implemented a Hadoop-based log analysis system by using distributed database model which can store large amount of data and reduce analysis time by automating log collecting procedure. In the proposed system, we use the HBase in order to store a large amount of data efficiently in the scale-out fashion and propose an easy data storing scheme for analysing data using a Hadoop-based normal expression, which results in improving data processing speed compared to the existing system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.4
• /
• pp.39-50
• /
• 2005

An evaluation demand and a market growth regarding evaluation and certification are increasing because the importance of information Security is gradually rising to solve the information disfunction. Therefore, it is necessary the cost-effect evaluation management of the Information Security System(ISS). In this paper, we propose the Semi-automated Evaluation Workflow Management System(Sa-EWMS) based on the Common Criteria(CC) which performs and manages evaluation work through the procedure when evaluator evaluates the Information Security System(ISS). The Sa-EWMS is solving a problem of consumption of time and effort and performing efficient evaluation, it is playing a significant role that traces workflow process of each work of the Engines and controls performance. It will be able to use useful the private evaluation enterprise which confront in an evaluation demand and a market growth.

• Journal of Korea Game Society
• /
• v.5 no.1
• /
• pp.41-44
• /
• 2005

This paper is model can be useful and capable of automatically collecting and classifying the various information about a wide range of security incidents such as hackings, worms, spyware, cyber-terror, network espionage and information warfare from firewall, IDS, VPN and so on. According to them Internet game and an automated/integrated computer emergency response system can perform an attack assessment and an early warning for any incidents based on Enterprise Security Management environment.

• International Journal of Computer Science & Network Security
• /
• v.21 no.4
• /
• pp.41-46
• /
• 2021

The article studies the implementation of automation in the education process as a convenient interface of a document management system, on the one hand, which makes it easy to navigate the program, requiring from the user only a small amount of any special skills in working with electronic computers, on the other hand, it provides to the user operational information about all the data of interest to him, taking into account the access rights given to this or that information, stored in the enterprise database.

• Journal of Korea Society of Industrial Information Systems
• /
• v.11 no.5
• /
• pp.198-206
• /
• 2006

It is a time honored value proposition that in rapidly changing business environment, only proactive and active companies will survive. Enterprise resource planning(ERP) system has been a competitive necessity. However, small and medium companies in Korea still need practical guidelines regarding on successful ERP implementation, especially in process issue identification and business goal setting. This case study investigates how Secui.com as an information security company founded in 2000 implemented an ERP system from the strategic perspective. Also it proposes the guidelines of how to establish an information system infrastructure and realize the benefits of IS-based management by ERP implementation.