• Title/Summary/Keyword: Information Security Check System

Search Result 165, Processing Time 0.021 seconds

A study for improving passenger service level at the airport security checks by using simulation (시뮬레이션을 이용한 공항 보안검색 시스템 개선으로 이용객 서비스 수준제고 방안 연구)

  • Choi, Sanggyun;Lee, Chulung
    • Journal of the Korea Society of Computer and Information
    • /
    • v.18 no.3
    • /
    • pp.59-68
    • /
    • 2013
  • In this study, airport security check process is analyzed to modeling a simulation. Simulation is compared with real security system to verify. Utilizing verified simulation, spends time in the current security check is calculated and suggests alternatives. Considering the movement of passengers and security check system of all four cases the results yielded by the experiment. The results show that security check time decreased significantly to 20.8%. The simulation was developed in this study; including the introduction of a new security system at security check can be used as a decision support tool is expected.

A study of the ISCS(Information Security Check Service) on performance measurement model and analysis method (정보보호 안전진단 성과관리 측정 모델 및 성과 분석 방안 연구)

  • Jang, Sang-Soo;Shin, Seung-Ho;Noh, Bong-Nam
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.6
    • /
    • pp.127-146
    • /
    • 2010
  • This report has continuously improved in Information Security Level of Information Communication Service Companies which are applicable to Information Security Safety Inspection System. Also, it presents a decided methodology after verified propriety and considered the pre-research or expropriation by being developed the way of Information Security Safety Result Measurement. Management territory weighted value was established and it was given according to the point of view and the strategy target and the and outcome index to consider overall to a measurement item. Accordingly, an outome to the Information Security Check Service is analyzed by this paper and measurement model and oucome analysis methodology are shown with this, and gives help to analyze an outcome. Also it make sure the the substantial information security check service will be accomplished, prevent a maintenance accident beforehand and improve an enterprise outcome independently by institutional system performance securement and enterprise.g corporate performance.

Development of Vulnerability Scanner using Search Engine (검색엔진을 이용한 취약점 분석 시스템 개발)

  • Joo, Bok-Gyu;Min, Beung-Woo;Chang, Moon-Suk;Ahn, Chang-Kyum;Yang, Dong-Hyuk
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.9 no.1
    • /
    • pp.19-24
    • /
    • 2009
  • In these days, security threat is ever increasing as computer systems and networking is everywhere. This paper is on the development of security scanner using search engine, with which site managers can easily check security vulnerability on their systems. Our security server automatically collects security-related information on the Internet, and indexes them in the database. To check the vulnerability of a customer server, the client system collects various system-specific information, and sends necessary queries to our security server for vulnerability checking. Up-to-date and site-specific vulnerability information is retrieved through the viewer, which allows the customer effectively to check and respond to security threat on client systems.

  • PDF

Refunds Reusable Online Electronic Check System (거스름의 재사용이 가능한 온라인 전자수표시스템)

  • 김상진;최이화;오희국
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.11 no.1
    • /
    • pp.73-85
    • /
    • 2001
  • Electronic check schemes are more efficient than electronic coin scheme with respect to computational costs and the amount of information exchanged. In spite of these, difficulties in making a refund reusable and in representing the face value of a check have discouraged its development. In this paper, a new online electronic check system is presented, which solves the above problems. This system uses the partially blind signature to provide user anonymity and to represent the face value of a check. The partially blind signature enables us to make the format of refunds and initially withdrawn checks identical. Thus, it allows refunds to be reused to buy goods without any limitatiosn. Both initially withdrawn checks and refunds in our system guarantee untraceability as well as unlinkability. We also use a one-time secret key as the serial number of a check to increase the efficiency of payments. The presented check system also provides multiple offline shopping sessions to minimize the number of online messages handled by a bank. During the multiple offline shopping session, we use a one-way accumulator to provide non-repudiation service. We also analyze our new systems our new system\`s security, efficiency, and atomicity.

A Study on the Method of Checking the Level of Information Security Management Using Security Maturity Model (보안성숙도 모델을 활용한 정보보호 관리수준 점검방법에 관한 연구)

  • Lee, Sang-kyu;Kim, In-seok
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.6
    • /
    • pp.1585-1594
    • /
    • 2018
  • In recent years The importance of information security management for securing information collection and analysis, production and distribution is increasing. Companies are assured of confidence in information security through authentication of information Security Management System. However, level assessment and use of domains that make up the management system is limited. On the other hand, the security maturity model is able to diagnose the level of information protection of the enterprise step by step. It is also possible to judge the area to be improved urgently. It is a tool to support goal setting according to the characteristics and level of company. In this paper, C2M2, which is an example of security maturity model, is compared and analyzed with Korea Information Security Management System certification. Benchmark the model to check the level of information security management and derive the priority among the items that constitute the detailed area of information security measures of ISMS certification. It also look at ways to check the level of information security management step by step.

An Audit Model for Information Security of Hospital Information System (병원정보시스템에서의 정보보호를 위한 감리모형)

  • Yu, Wan Hee;Han, Ki Joon;Kim, Dong Soo;Kim, Hee Wan
    • Journal of Digital Convergence
    • /
    • v.12 no.7
    • /
    • pp.133-145
    • /
    • 2014
  • Recently, Hospital information systems have the large databases by wide range offices for hospital management, health care to improve the quality of care. However, hospital information systems for information security measures are insufficient. Therefore, when we construct the hospital information system, we have to audit the information security measures for them, and we have to manage the ISMS(Information Security Management System) to maintain the information protection level through the risk managements. In this paper, we suggested the hospital information security audit model for the protection of health information privacy by the current hospital information systems, information security management system(ISMS), and hospital information security requirements and threats. We derived the check items compared with ISO27799 reflected the characteristics of the hospital. We classified the security domains as the physical, technical, administrative domain, and derived the check items for information security. We also designed the check lists by mapping the ISO27799 risk management process to improve the security and efficiency simultaneously. Our model by the five-point scale survey of IT experts was verified the suitability with the average of 4.91 points.

Refunds Reusable Electronic Check Payment System Using an EC-KCDSA Partially Blind Signature (EC-KCDSA 부분 은닉서명을 이용한 거스름 재사용 가능한 전자수표지불 시스템)

  • 이상곤;윤태은
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.13 no.1
    • /
    • pp.3-10
    • /
    • 2003
  • In this paper, a partially blind signature schemes baled on EC-KCDSA is proposed and we applied it to design an electronic check payment system. Because the proposed partially blind signature scheme uses elliptic curve cryptosystem, it has better performance than any existing schems using RSA cryptosystem. When issuing a refund check, one-time pad secret key is used between the bank and the customer to set up secure channel. So the symmetric key management is not required.

A Study on the Vulnerability of Using Intermediate Language in Android: Bypassing Security Check Point in Android-Based Banking Applications (안드로이드 뱅킹 어플리케이션 내 중간언어 분석을 통한 보안 검사 지점 우회 취약점 연구)

  • Lee, Woojin;Lee, Kyungho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.3
    • /
    • pp.549-562
    • /
    • 2017
  • In recent years, as the proportion of mobile banking has become bigger with daily usage of mobile banking, security threats are also increasing according to the feeling. Accordingly, the domestic banking system introduces security solution programs in the banking application and sets security check points to ensure the stability of the application in order to check whether it is always executed. This study presents a vulnerability of inactivity bypassing mobile vaccine program operation checkpoints using the intermediate language statically and dynamically analysis when decompiling the android banking applications of major banks in Korea. Also, through the results, it identifies possible attacks that can be exploited and suggest countermeasures.

A Design on the Information Security Auditing Framework of the Information System Audit (정보시스템 감리에서의 정보보호 감리모형 설계)

  • Lee, Ji Yong;Kim, Dong Soo;Kim, Hee Wan
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.6 no.2
    • /
    • pp.233-245
    • /
    • 2010
  • This paper proposes security architecture, security audit framework, and audit check item. These are based on the security requirement that has been researched in the information system audit. The proposed information security architecture is built in a way that it could defend a cyber attack. According to its life cycle, it considers a security service and security control that is required by the information system. It is mapped in a way that it can control the security technology and security environment. As a result, an audit framework of the information system is presented based on the security requirement and security architecture. The standard checkpoints of security audit are of the highest level. It was applied to the system introduction for the next generation of D stock and D life insurance company. Also, it was applied to the human resources information system of K institution and was verified. Before applying to institutions, system developers and administrators were educated about their awareness about security so that they can follow guidelines of a developer security. As a result, the systemic security problems were decreased by more than eighty percent.

Response to Security Threats through Importance Analysis of NFT Service Provider Security Level Check Items (NFT 서비스 제공자 보안 수준 점검 항목 중요도 분석을 통한 보안 위협 대응)

  • Dong Sung Im
    • Journal of Platform Technology
    • /
    • v.11 no.5
    • /
    • pp.126-135
    • /
    • 2023
  • Demand for NFT is expanding along with Blockchain. And cyber security threats are also increasing. Therefore, this study derives security level inspection items by analyzing status related to NFT security such as NFT features, security threats, and compliance for the purpose of strengthening NFT security. Based on this, the relative importance was confirmed by applying it to the AHP model. As a result of the empirical analysis, the priority order of importance was found in the order of Security management system establishment and operation, encryption, and risk management, etc. The significance of this study is to reduce NFT security incidents and improve the NFT security management level of related companies by deriving NFT-related security level check items and demonstrating the research model. And If you perform considering relative importance of the NFT check items, the security level can be identified early.

  • PDF