• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.4
• /
• pp.125-135
• /
• 2009

Logs from various security system can reveal the attack trials for accessing private data without authorization. The logs can be a kind of confidence deriving factors that a certain IP address is involved in the trial. This paper presents a rule-based expert system for derivation of privacy violation confidence using various security systems. Generally, security manager analyzes and synthesizes the log information from various security systems about a certain IP address to find the relevance with privacy violation cases. The security managers' knowledge handling various log information can be transformed into rules for automation of the log analysis and synthesis. Especially, the coverage of log analysis for personal information leakage is not too broad when we compare with the analysis of various intrusion trials. Thus, the number of rules that we should author is relatively small. In this paper, we have derived correlation among logs from IDS, Firewall and Webserver in the view point of privacy protection and implemented a rule-based expert system based on the derived correlation. Consequently, we defined a method for calculating the score which represents the relevance between IP address and privacy violation. The UI(User Interface) expert system has a capability of managing the rule set such as insertion, deletion and update.

• The Journal of Information Technology
• /
• v.1 no.1
• /
• pp.173-188
• /
• 1998

In this paper we discussed various types of electronic payment schemes that are emerging. Threats vary from malicious hackers attempting to crash a system, to threats to data or transaction integrity. An understanding of the various types of threats can assist a security manager in selecting appropriate cost-effective controls to protect valuable information resources. An overview of many of today's common threats presented in this paper will be useful to mangers studying their own threat environments with a view toward developing solutions specific to their organization. To ensure security on the Internet, several methods have been developed and deployed. They include authentication of users and servers, encryption, and data integrity. Transaction security is critical : without it, information transmitted over the Internet is susceptible to fraud and other misuse. So computer systems represents an Intermediary with the potential to access the flow of information between a user. Security is needed to ensure that intermediaries cannot eavesdrop on transactions, or copy/modify data. Online firms must take additional precautions to prevent security breaches. To protect consumer information, they must maintain physical security of their servers and control access to software passwords and private keys. Techniques such as secret and public-key encryption and digital signatures play a crucial role in developing consumer confidence in electronic commerce.

• International Journal of Computer Science & Network Security
• /
• v.24 no.3
• /
• pp.53-58
• /
• 2024

The Internet of Things (IoT) enables the connection of millions of disparate devices to the World Wide Web. To perform the task, a lot of smart gadgets must work together. The gadgets recognize other devices as part of their network service. Keeping participating devices safe is a crucial component of the internet of things. When gadgets communicate with one another, they require a promise of confidence. Trust provides certainty that the gadgets or objects will function as expected. Trust management is more difficult than security management. This review includes a thorough examination of trust management in a variety of situations.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.9
• /
• pp.3451-3457
• /
• 2010

Cyber security assessment is the process of determining how effectively an entity being assessed meets specific cyber security objectives. Cyber security assessment helps to measure the degree of confidence one has and to identify that the managerial, technical and operational measures work as intended to protect the I&C systems and the information it processes. Recently, needs for cyber security on digitalized nuclear I&C systems are increased. However the overall cyber security program, including cyber security assessment, is not established on those systems. This paper presents the methodology of cyber security assessment which is appropriate for nuclear I&C systems. This methodology provides the qualitative assessments that may formulate recommendations to bridge the security risk gap through the incorporated criteria. This methodology may be useful to the nuclear organizations for assessing the weakness and strength of cyber security on nuclear I&C systems. It may be useful as an index to the developers, auditors, and regulators for reviewing the managerial, operational and technical cyber security controls, also.

• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.156-160
• /
• 2021

Every day brings a new challenge to the humanities. Life nowadays needs accuracy, privacy, integrity, authenticity, and security to run life systems especially the monetary system. Things now differ from previous centuries. Multiple varieties in digital banking have opened the new and most advanced innovations for human beings. The monetary system is going to developed day by day to facilitate the public. Electronic money has amazed the world and gave a challenge to central banking. For this purpose, there will be a need for strict security, information, and confidence. Blockchain technology has opened new gateways. Bitcoin has become the most famous digital currency, which has created a thunderstorm in digital marketing. Blockchain, as a new Financial Technology, has satisfied all the security issues and satisfied doing business in secure ways that encourage investors to invest and keep the world business wheel. Assessment of the sustainability of implementing Bitcoin in financial institutions will be discussed. Every new system has its pros and cons in which a clear vision of what we are about to use can be sought. Through this research paper, a demonstration of the monetary system evolution, the new ways of doing business, some evidence in a form of academic cases will be demonstrated through comparison a table, a suggested method to transfer to the new system in safe mode will be proposed, and a conclusion will be concluded.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.4
• /
• pp.105-118
• /
• 2006

The purpose of this research is twofold. The first is to develop the measures for evaluating performance of fingerprint sensor modules quantitatively and objectively. The second is to present the methodology for evaluating compatibilities among disparate fingerprint sensors. This paper focuses on the performance evaluation not of fingerprint authentication algorithm but of fingerprint sensors. Presented in this paper are several indicators and their measuring schemes such as the actual resolution of fingerprint images, the level of distortion by horizontal and vertical resolutions of fingerprint image, the intensity distribution for various illuminating conditions. Nine commercial sensor modules have been tested and the test results are expressed by using 95% confidence interval based on 50 acquired fingerprint images. The experimental results are compared with the manufacturer's sensor specification.

• Journal of the Society of Disaster Information
• /
• v.8 no.3
• /
• pp.213-222
• /
• 2012

The purpose of this study was to extract the spiritual characteristic factors of the security martial arts qualitatively which are emphasized in guard situation. To get the purpose of this study, 216 people who are students majored in security service, security service professionals, specialists of practical and theoretical security martial arts were selected as participants for this study. The results of this study were as follows. There were divided 4 sub-factors and 20 detailed factors. The spiritual characteristics of the security martial arts were named psychological spirit which was consisted of concentration, self-confidence, self-management, flow, and self-esteem, ethical spirit which was consisted of sacrifice, justice, royalty, peace, and sense of duty, martial arts' spirit which was consisted of courtesy, toughness, defense, balance of mind and body, and bravery, and practical spirit which was consisted of responsibility, cooperation, modesty, determination, and professionalism.

• International Journal of Computer Science & Network Security
• /
• v.23 no.6
• /
• pp.91-98
• /
• 2023

The rapid increase in the use of new technology known as 'blockchain technologies' has addressed many challenges in different areas and provided benefits to users, in this paper we discuss the field of supply chains, improve confidence and transparency between participants and stakeholders significantly also in this paper we Compare between different blockchain frameworks focusing on most popular frameworks. Moreover, we proposed a model in the supply chain using a blockchain framework, the proposed supply chain model included many different resources that help to exchange information over the network. The proposed model also includes smart contracts that maintain all rules for transactions. using blockchain technology information such as transaction details, time and money are recorded and stored within the system from the beginning of the transaction entry.

• Journal of Korean Society for Quality Management
• /
• v.41 no.4
• /
• pp.649-657
• /
• 2013

Purpose: In this study, the actual situation of domestic firms vulnerable to industrial security competence will be discussed. And accordingly be discussed for effective response measures. Methods: Using a structured questionnaire by mail, fax, e-mail and fill method was used respondents. By the end of '10 R&D Center, which holds 15,247 companies(population) among the 95% level of confidence, tolerance ${\pm}3%$ p-level corporate type, sector, region extraction method stratified multi-level companies were investigated through the final 1529. Results: The average level of industrial security capabilities 43.8%(out of 100) is very weak, so urgent and positive response measures also need to be investigated sought. Conclusion: we propose the effective management framework and improvement plans to prevent illegal industrial leakage are to be made.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.363-374
• /
• 2015

Instrumentation and control(I&C) system has been mainly designed and operated based on analog technologies in existing Nuclear Power Plants(NPPs). However, As the development of Information Technology(IT), digital technologies are gradually being adopted in newly built NPPs. I&C System based on digital technologies has many advantages but it is vulnerable to cyber threat. For this reason, cyber threat adversely affects on safety and reliability of I&C system as well as the entire NPPs. Therefore, the software equipped to NPPs should be developed with cyber security attributes from the initiation phase of software development life cycle. Moreover through cyber security assessment, the degree of confidence concerning cyber security should be measured and if managerial, technical and operational work measures are implemented as intended should be reviewed in order to protect the I&C systems and information. Currently the overall cyber security program, including cyber security assessment, is not established on I&C systems. In this paper, we propose cyber security assessment methods in the Software Development Life Cycle by drawing cyber security activities and assessment items based on regulatory guides and standard technologies concerned with NPPs.