• Title/Summary/Keyword: Information Security Check

Search Result 298, Processing Time 0.021 seconds

A study for improving passenger service level at the airport security checks by using simulation (시뮬레이션을 이용한 공항 보안검색 시스템 개선으로 이용객 서비스 수준제고 방안 연구)

  • Choi, Sanggyun;Lee, Chulung
    • Journal of the Korea Society of Computer and Information
    • /
    • v.18 no.3
    • /
    • pp.59-68
    • /
    • 2013
  • In this study, airport security check process is analyzed to modeling a simulation. Simulation is compared with real security system to verify. Utilizing verified simulation, spends time in the current security check is calculated and suggests alternatives. Considering the movement of passengers and security check system of all four cases the results yielded by the experiment. The results show that security check time decreased significantly to 20.8%. The simulation was developed in this study; including the introduction of a new security system at security check can be used as a decision support tool is expected.

A study of the ISCS(Information Security Check Service) on performance measurement model and analysis method (정보보호 안전진단 성과관리 측정 모델 및 성과 분석 방안 연구)

  • Jang, Sang-Soo;Shin, Seung-Ho;Noh, Bong-Nam
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.6
    • /
    • pp.127-146
    • /
    • 2010
  • This report has continuously improved in Information Security Level of Information Communication Service Companies which are applicable to Information Security Safety Inspection System. Also, it presents a decided methodology after verified propriety and considered the pre-research or expropriation by being developed the way of Information Security Safety Result Measurement. Management territory weighted value was established and it was given according to the point of view and the strategy target and the and outcome index to consider overall to a measurement item. Accordingly, an outome to the Information Security Check Service is analyzed by this paper and measurement model and oucome analysis methodology are shown with this, and gives help to analyze an outcome. Also it make sure the the substantial information security check service will be accomplished, prevent a maintenance accident beforehand and improve an enterprise outcome independently by institutional system performance securement and enterprise.g corporate performance.

A Study on the Vulnerability of Using Intermediate Language in Android: Bypassing Security Check Point in Android-Based Banking Applications (안드로이드 뱅킹 어플리케이션 내 중간언어 분석을 통한 보안 검사 지점 우회 취약점 연구)

  • Lee, Woojin;Lee, Kyungho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.3
    • /
    • pp.549-562
    • /
    • 2017
  • In recent years, as the proportion of mobile banking has become bigger with daily usage of mobile banking, security threats are also increasing according to the feeling. Accordingly, the domestic banking system introduces security solution programs in the banking application and sets security check points to ensure the stability of the application in order to check whether it is always executed. This study presents a vulnerability of inactivity bypassing mobile vaccine program operation checkpoints using the intermediate language statically and dynamically analysis when decompiling the android banking applications of major banks in Korea. Also, through the results, it identifies possible attacks that can be exploited and suggest countermeasures.

Development of Vulnerability Scanner using Search Engine (검색엔진을 이용한 취약점 분석 시스템 개발)

  • Joo, Bok-Gyu;Min, Beung-Woo;Chang, Moon-Suk;Ahn, Chang-Kyum;Yang, Dong-Hyuk
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.9 no.1
    • /
    • pp.19-24
    • /
    • 2009
  • In these days, security threat is ever increasing as computer systems and networking is everywhere. This paper is on the development of security scanner using search engine, with which site managers can easily check security vulnerability on their systems. Our security server automatically collects security-related information on the Internet, and indexes them in the database. To check the vulnerability of a customer server, the client system collects various system-specific information, and sends necessary queries to our security server for vulnerability checking. Up-to-date and site-specific vulnerability information is retrieved through the viewer, which allows the customer effectively to check and respond to security threat on client systems.

  • PDF

An Audit Model for Information Security of Hospital Information System (병원정보시스템에서의 정보보호를 위한 감리모형)

  • Yu, Wan Hee;Han, Ki Joon;Kim, Dong Soo;Kim, Hee Wan
    • Journal of Digital Convergence
    • /
    • v.12 no.7
    • /
    • pp.133-145
    • /
    • 2014
  • Recently, Hospital information systems have the large databases by wide range offices for hospital management, health care to improve the quality of care. However, hospital information systems for information security measures are insufficient. Therefore, when we construct the hospital information system, we have to audit the information security measures for them, and we have to manage the ISMS(Information Security Management System) to maintain the information protection level through the risk managements. In this paper, we suggested the hospital information security audit model for the protection of health information privacy by the current hospital information systems, information security management system(ISMS), and hospital information security requirements and threats. We derived the check items compared with ISO27799 reflected the characteristics of the hospital. We classified the security domains as the physical, technical, administrative domain, and derived the check items for information security. We also designed the check lists by mapping the ISO27799 risk management process to improve the security and efficiency simultaneously. Our model by the five-point scale survey of IT experts was verified the suitability with the average of 4.91 points.

A Study on the Method of Checking the Level of Information Security Management Using Security Maturity Model (보안성숙도 모델을 활용한 정보보호 관리수준 점검방법에 관한 연구)

  • Lee, Sang-kyu;Kim, In-seok
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.6
    • /
    • pp.1585-1594
    • /
    • 2018
  • In recent years The importance of information security management for securing information collection and analysis, production and distribution is increasing. Companies are assured of confidence in information security through authentication of information Security Management System. However, level assessment and use of domains that make up the management system is limited. On the other hand, the security maturity model is able to diagnose the level of information protection of the enterprise step by step. It is also possible to judge the area to be improved urgently. It is a tool to support goal setting according to the characteristics and level of company. In this paper, C2M2, which is an example of security maturity model, is compared and analyzed with Korea Information Security Management System certification. Benchmark the model to check the level of information security management and derive the priority among the items that constitute the detailed area of information security measures of ISMS certification. It also look at ways to check the level of information security management step by step.

Response to Security Threats through Importance Analysis of NFT Service Provider Security Level Check Items (NFT 서비스 제공자 보안 수준 점검 항목 중요도 분석을 통한 보안 위협 대응)

  • Dong Sung Im
    • Journal of Platform Technology
    • /
    • v.11 no.5
    • /
    • pp.126-135
    • /
    • 2023
  • Demand for NFT is expanding along with Blockchain. And cyber security threats are also increasing. Therefore, this study derives security level inspection items by analyzing status related to NFT security such as NFT features, security threats, and compliance for the purpose of strengthening NFT security. Based on this, the relative importance was confirmed by applying it to the AHP model. As a result of the empirical analysis, the priority order of importance was found in the order of Security management system establishment and operation, encryption, and risk management, etc. The significance of this study is to reduce NFT security incidents and improve the NFT security management level of related companies by deriving NFT-related security level check items and demonstrating the research model. And If you perform considering relative importance of the NFT check items, the security level can be identified early.

  • PDF

Refunds Reusable Online Electronic Check System (거스름의 재사용이 가능한 온라인 전자수표시스템)

  • 김상진;최이화;오희국
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.11 no.1
    • /
    • pp.73-85
    • /
    • 2001
  • Electronic check schemes are more efficient than electronic coin scheme with respect to computational costs and the amount of information exchanged. In spite of these, difficulties in making a refund reusable and in representing the face value of a check have discouraged its development. In this paper, a new online electronic check system is presented, which solves the above problems. This system uses the partially blind signature to provide user anonymity and to represent the face value of a check. The partially blind signature enables us to make the format of refunds and initially withdrawn checks identical. Thus, it allows refunds to be reused to buy goods without any limitatiosn. Both initially withdrawn checks and refunds in our system guarantee untraceability as well as unlinkability. We also use a one-time secret key as the serial number of a check to increase the efficiency of payments. The presented check system also provides multiple offline shopping sessions to minimize the number of online messages handled by a bank. During the multiple offline shopping session, we use a one-way accumulator to provide non-repudiation service. We also analyze our new systems our new system\`s security, efficiency, and atomicity.

Advanced Information Security Management Evaluation System

  • Jo, Hea-Suk;Kim, Seung-Joo;Won, Dong-Ho
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.5 no.6
    • /
    • pp.1192-1213
    • /
    • 2011
  • Information security management systems (ISMSs) are used to manage information about their customers and themselves by governments or business organizations following advances in e-commerce, open networks, mobile networks, and Internet banking. This paper explains the existing ISMSs and presents a comparative analysis. The discussion deals with different types of ISMSs. We addressed issues within the existing ISMSs via analysis. Based on these analyses, then we proposes the development of an information security management evaluation system (ISMES). The method can be applied by a self-evaluation of the organization and an evaluation of the organization by the evaluation committee. The contribution of this study enables an organization to refer to and improve its information security levels. The case study can also provide a business organization with an easy method to build ISMS and the reduce cost of information security evaluation.

Security Check Scheduling for Detecting Malicious Web Sites (악성사이트 검출을 위한 안전진단 스케줄링)

  • Choi, Jae Yeong;Kim, Sung Ki;Min, Byoung Joon
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.2 no.9
    • /
    • pp.405-412
    • /
    • 2013
  • Current web has evolved to a mashed-up format according to the change of the implementation and usage patterns. Web services and user experiences have improved, however, security threats are also increased as the web contents that are not yet verified combine together. To mitigate the threats incurred as an adverse effect of the web development, we need to check security on the combined web contents. In this paper, we propose a scheduling method to detect malicious web pages not only inside but also outside through extended links for secure operation of a web site. The scheduling method considers several aspects of each page including connection popularity, suspiciousness, and check elapse time to make a decision on the order for security check on numerous web pages connected with links. We verified the effectiveness of the security check complying with the scheduling method that uses the priority given to each page.