• Journal of the Korea Convergence Society
• /
• v.11 no.10
• /
• pp.37-44
• /
• 2020

Due to the recent COVID 19 pandemic, public institutions are increasingly working from home. Working in public institutions is rapidly changing into a smart work environment where time and space constraints disappear. However, many public institutions currently lack a security model for an efficient smart work environment due to the physical network separation system that separates the Internet network and the business network. Therefore, in this paper, we describe the current limitations for implementing smart work in a physical network separation environment of public institutions, and propose a security model necessary for a work environment to supplement them. As a related study, explain SSL VPN and explain smart work business model through security model research of SDP (Software Defined Perimeter), RDP (Remote Desktop Protocol), and VDI (Virtual Desktop Infrastructure) to overcome the security limitations of SSL VPN. As a result, we intend to propose a security model for a smart work environment suitable for public institutions while complying with the physical network separation security guide.

• Convergence Security Journal
• /
• v.6 no.2
• /
• pp.61-69
• /
• 2006

For the efficient business, the telecommunication providers should have an attention for the minimization of the basic setup cost to implement the network infrastructure. Furthermore, the provision of the quality of service (QoS) to the service users is crucial for the service providers and vendors. In this paper, we propose the new algorithm to provide the user's QoS under the various traffic in the broadband convergence network. Using the NS-2 network simulator, we evaluate the QoS for the proposed algorithm, and compare those with the results of the previous differentiated service network.

• International Journal of Computer Science & Network Security
• /
• v.22 no.4
• /
• pp.131-138
• /
• 2022

A Mobile Ad-hoc Network (MANET) is a collection of moving nodes that communicate and collaborate without relying on a pre-existing infrastructure. In this type of network, nodes can freely move in any direction. Routing in this sort of network has always been problematic because of the mobility of nodes. Most existing protocols use simple routing algorithms and criteria, while another important criterion is path selection. The existing protocols should be optimized to resolve these deficiencies. 'Particle Swarm Optimization (PSO)' is an influenced method as it resembles the social behavior of a flock of birds. Genetic algorithms (GA) are search algorithms that use natural selection and genetic principles. This paper applies these optimization models to the OLSR routing protocol and compares their performances across different metrics and varying node sizes. The experimental analysis shows that the Genetic Algorithm is better compared to PSO. The comparison was carried out with the help of the simulation tool NS2, NAM (Network Animator), and xgraph, which was used to create the graphs from the trace files.

• Journal of Information Technology Services
• /
• v.15 no.2
• /
• pp.157-167
• /
• 2016

Task environment for enterprises and public institutions are moving into cyberspace-based environment and structing the LTE wireless network. The applications "App" operated in the LTE wireless network are mostly being developed with Android-based. But Android-based malwares are surging and they are the potential DDoS attacks. DDoS attack is a major information security threat and a means of cyber attacks. DDoS attacks are difficult to detect in advance and to defense effectively. To this end, a DMZ is set up in front of a network infrastructure and a particular server for defensive information security. Because There is the proliferation of mobile devices and apps, and the activation of android diversify DDoS attack methods. a DMZ is a limit to detect and to protect against DDoS attacks. This paper proposes an information security method to detect and Protect DDoS attacks from the terminal phase using a Preemptive military strategy concept. and then DDoS attack detection and protection app is implemented and proved its effectiveness by reducing web service request and memory usage. DDoS attack detection and protecting will ensure the efficiency of the mobile network resources. This method is necessary for a continuous usage of a wireless network environment for the national security and disaster control.

• Convergence Security Journal
• /
• v.13 no.4
• /
• pp.11-17
• /
• 2013

All u-Health system has security vulnerabilities. This vulnerability locally(local) or network(network) is on the potential risk. Smart environment of health information technology, Ad-hoc networking, wireless communication environments, u-health are major factor to increase the security vulnerability. u-health care information systems user terminal domain interval, interval public network infrastructure, networking section, the intranet are divided into sections. Health information systems by separating domain specific reason to assess vulnerability vulnerability countermeasure for each domain are different. u-Healthcare System 5 layers of security risk assessment system for domain-specific security vulnerability diagnosis system designed to take the security measures are needed. If you use this proposed model that has been conducted so far vaguely USN-based health information network security vulnerabilities diagnostic measures can be done more systematically provide a model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.6
• /
• pp.89-103
• /
• 2001

Through the increment of requirement for group oriented communication services, the multicast infrastructure based on a wire and wireless network has become a widely discussed researching topic. However the research of the security properties safety, efficiency and scaleability in a multicast structure, has not been enough. In this study, we propose a scalable secure multicast key management structure based on PKI(Public Key Infrastructure), IPSec, domain subgroup and structural two mode scheme to provide a integrated multicast service. Also we discuss and propose the digital nominative group signature a refreshing method for satisfying the security and trusty on the network. At the base of this work we certify to the usability of new proposed scheme from comparing it with conventional schemes in the part of safety, efficiency and scaleability.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.1
• /
• pp.860-863
• /
• 2005

Ad-Hoc networks are a new generation of networks offering unrestricted mobility without any underlying infrastructure. Primary applications of Ad-Hoc networks are in military, tractical and other security sensitive operations, where the environment is hostile. Hence, security is a critical issue. In this paper, we ahve identified certain misbehaviors caused by mallicious node for reactive routing protocol. We also discuss the intrusion detection and intrusion prevention model to prevent several identified attacks in the networks

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.461-463
• /
• 2021

With the recent increase in remote access due to network expansion, cloud infrastructure expansion, and telecommuting, the need to be vigilant not only from external access but also from internal access is increasing. Because of this, a new network security model called zero trust is attracting attention. In this paper, we will briefly introduce the concept of zero trust and examine strategies for applying zero trust according to various business environments.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.11
• /
• pp.2874-2892
• /
• 2013

Since security plays an important role in several ZigBee applications, such as Smart Energy and medical sensor applications, ZigBee Specification includes various security mechanisms to protect ZigBee frames and infrastructure. Among them, the Join and Leave operations of ZigBee are investigated in this paper. The current Join-Leave operation is protected by the network key (a kind of group key). We claim it is not adequate to employ the network key for such purpose, and propose a new Join-Leave operation protected by the application link key (a kind of pairwise key), which is based on a more efficient key management scheme than that of ZigBee. Hence, the original Join operation consists of a total of 12 command frames, while the new Join operation consists of only 6 command frames. In particular, the security of the proposed Join-Leave operation is equivalent to or better than that of the original Join-Leave operation. The new Join-Leave operation is extensively analyzed in terms of security and efficiency, and compared with the original Join-Leave operation of ZigBee.

• International Journal of Computer Science & Network Security
• /
• v.24 no.7
• /
• pp.123-127
• /
• 2024

Cloud computing services has gained increasing popularity in recent years for supporting various on demand and scalable services for IT consumers where there is a need of less investment towards infrastructure. While storage architecture of cloud enjoys a more robust and fault-tolerant cloud computing network, such architecture also poses a number of security challenges especially when applied in applications related to social networks, Financial transactions, etc. First, as data are stored and maintained by individual virtual machines so Cloud resources are prone to hijacked. Such attacks allow attackers to create, modify and delete machine images, and change administrative passwords and settings successfully. hence, it is significantly harder to ensure data security. Second, Due to dynamic and shared nature of the Cloud, data may be compromised in many ways. Last but not least, Service hijacking may lead to redirect client to an illegitimate website. User accounts and service instances could in turn make a new base for attackers. To address the above challenges, we propose in this paper a distributed data access control scheme that is able to fulfil fine-grained access control over cloud data and is resilient against strong attacks such as compromise and user colluding. The proposed framework exploits a novel cryptographic primitive called attribute-based encryption (ABE), tailors, and adapts it for cloud computing with respect to security requirements