• 제어로봇시스템학회:학술대회논문집
• /
• 2004.08a
• /
• pp.926-931
• /
• 2004

In this paper, we proposed security management architecture that combines programmable network technology and policy based network management technology to manage efficiently heterogeneous security systems. By using proposed security management architecture, a security administrator can manage heterogeneous security systems using security policy, which is automatically translated into a programmable security policy and executed on programmable middleware of security system. In addition, programmable middleware that has the features of programmable network can reduce excessive management traffic. We showed that the programmable middleware could reduce the load of management traffic by comparing processing time between the proposed architecture and PBNM architecture.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.10C
• /
• pp.1033-1044
• /
• 2003

In this paper, we propose security management architecture that manages efficiently security systems that are produced by different companies and programmable middleware that can reduce the load of management traffic. The proposed architecture applies programmable networks technology to policy based network management (PBNM). The proposed architecture manages and cooperates various security systems using security policy. Also, the programmable middleware provides convenience of management and reduces the overhead of a policy server by translating security policy into execution command. In addition, using programmable middleware, an administrator can manage various security systems that are produced by different companies. We showed that the programmable middleware could reduce the load of management traffic by comparing processing time for enforcing and transferring of policies/messages between the proposed architecture and PBNM architecture.

• Journal of KIISE:Information Networking
• /
• v.30 no.6
• /
• pp.776-786
• /
• 2003

Security Evaluation System is a system that evaluates the security of the entire enterprise network domain which consists of various components and that supports a security manager or a Security Management System in making decisions about security management of the enterprise network based on the evaluation. It helps the security manager or the security management system to make a decision about how to change the configuration of the network to prevent the attack due to the security vulnerabilities of the network. Security Evaluation System checks the “current status” of the network, predicts the possible intrusion and supports decision-making about security management to prevent the intrusion in advance. In this paper we analyze the requirements of the Security Evaluation System that automates the security evaluation of the enterprise network which consists of various components and that supports decision-making about security management to prevent the intrusion, and we propose a design for it which satisfies the requirements.

• The KIPS Transactions:PartC
• /
• v.8C no.5
• /
• pp.573-584
• /
• 2001

Policy-Based Network Management (PBNM) architecture is to meet various needs of network users and to provide effective management facilities in distributed and large scale networks to network managers. In PBNM, network managers perform network management operations by stipulating a set of rules rather than control each network component. On the other hand, providing security services such as authentication, privacy of messages as well as a new flexible and extensible administration framework, SNMPv3 enables network managers to monitor and control the operation of network components more secure way than ever before. Despite of its enhanced security services, SNMPv3 has difficulties in managing distributed, large-scaled network because it does not provide centralized security management facilities. In this paper, we propose a new security model called Role-based Security Management model (RSM) with security management policy to support scalable and centralized security management for SNMP-based networks. Also, the structure and the operation of the security system as well as the efficiency analysis of RSM in terms of security management are also described.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.8B
• /
• pp.525-534
• /
• 2005

This paper proposes the architecture and the methods of security network management for auto-configuration of security systems by extending the existing policy-based network management architecture. The architecture and the methods proposed in this paper enable a security management sewer to automatically decide the best-suited security policy to apply to a security system and the most effective and efficient security system to perform security policy rule, based on the role and capability information of security systems and the role and time information of security policy. For integrated control of network system and security system, this paper also proposes SNMP protocol based security network topology map generator. To show the excellence of the proposed architecture and methods, we simulate and evaluate the automatic response against attacks.

• 제어로봇시스템학회:학술대회논문집
• /
• 2005.06a
• /
• pp.1586-1589
• /
• 2005

GUMF (Global User Management Framework) that is proposed in this research can be applied to next generation network such as BcN (Broadband convergence Network), it is QoS guaranteed security framework for user that can solve present Internet's security vulnerability. GUMF offers anonymity for user of service and use the user's real-name or ID for management of service and it is technology that can realize secure QoS. GUMF needs management framework, UMS (User Management System), VNC (Virtual Network Controller) etc. UMS consists of root UMS in country dimension and Local UMS in each site dimension. VNC is network security equipment including VPN, QoS and security functions etc., and it achieves the QoSS (Quality of Security Service) and CLS(Communication Level Switching) functions. GUMF can offer safety in bandwidth consumption attacks such as worm propagation and DoS/DDoS, IP spoofing attack, and current most attack such as abusing of private information because it can offer the different QoS guaranteed network according to user's grades. User's grades are divided by 4 levels from Level 0 to Level 3, and user's security service level is decided according to level of the private information. Level 3 users that offer bio-information can receive secure network service that privacy is guaranteed. Therefore, GUMF that is proposed in this research can offer profit model to ISP and NSP, and can be utilized by strategy for secure u-Korea realization.

• 제어로봇시스템학회:학술대회논문집
• /
• 2005.06a
• /
• pp.1594-1597
• /
• 2005

A rapid development and a wide use of the Internet have expanded a network environment. Further, the network environment has become more complex due to a simple and convenient network connection and various services of the Internet. However, the Internet has been constantly exposed to the danger of various network attacks such as a virus, a hacking, a system intrusion, a system manager authority acquisition, an intrusion cover-up and the like. As a result, a network security technology such as a virus vaccine, a firewall, an integrated security management, an intrusion detection system, and the like are required in order to handle the security problems of Internet. Accordingly, a router, which is a key component of the Internet, controls a data packet flow in a network and determines an optimal path thereof so as to reach an appropriate destination. An error of the router or an attack against the router can damage an entire network. This paper relates to a method for RSMS (router security management system) for secure networking based on a security policy. Security router provides functions of a packet filtering, an authentication, an access control, an intrusion analysis and an audit trail in a kernel region. Security policy has the definition of security function against a network intrusion.

• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.2174-2177
• /
• 2003

Internet is exposed to network attacks as Internet has a security weakness. Network attacks which are virus, system intrusion, and deny of service, put Internet in the risk of hacking, so the damage of public organization and banking facilities are more increased. So, it is necessary that the security technologies about intrusion detection and controlling attacks minimize the damage of hacking. Router is the network device of managing traffic between Internets or Intranets. The damage of router attack causes the problem of the entire network. The security technology about router is necessary to defend Internet against network attacks. Router has the need of access control and security skills that prevent from illegal attacks. We developed integrated security management framework for secure networking and kernel-level security engine that filters the network packets, detects the network intrusion, and reports the network intrusion. The security engine on the router protects router or gateway from the network attacks and provides secure networking environments. It manages the network with security policy and handles the network attacks dynamically.

• International Journal of Contents
• /
• v.1 no.2
• /
• pp.22-25
• /
• 2005

Enterprise security management system: Enterprise Security Management (EMS) is centralized integrated management of other kind of security solutions such as intrusion cutoff system, intrusion detection system and virtual private network. With the system, it is possible to establish security policies for entire IT system through interlocking of solutions. A security system of company network is progressing as a ESM(Enterprise Security Management) in existing security solution foundation. The establishment of the security policy is occupying very important area in ESM of the security system. We tried to analyze existing ESM system for this and designed security solution structure for enhancing the inside security. We applied implementing directly IDS system and tested. This test set the focus about inside security

• Journal of Digital Convergence
• /
• v.11 no.2
• /
• pp.43-50
• /
• 2013

Recently, Cyber threats that is doing intelligence and sophistication from the organization's information assets to secure order technical disciplines, as well as managerial and environmental sectors, such as mind-response system is must established. In this paper, possible to analyze the case for the theory in network security, such as the logical network and physical network separation suitable for the corporate environment and constantly respond and manage the Information Security Management Model A secure network design is proposed. In particular, the proposed model improvements derived from the existing network, network improvements have been made in order to design improved ability to respond to real-time security and central manageability, security threats, pre-emptive detection and proactive coping, critical equipment in the event of a dual hwalreu through applied features such as high-availability, high-performance, high-reliability, ensuring separation of individual network security policy integrated management of individual network, network security directional.