• Journal of the Korea Society of Computer and Information
• /
• v.19 no.10
• /
• pp.117-124
• /
• 2014

Software Development Security is defined as a sequential procedure such as deleting potential security vulnerability for secure software development, designing or implementing various functions with considering security, and so on. In this paper, we research on domestic or international hacking cases that could damage us mentally or financially. Seventy five percent of Web-site attacks abuses weak points of application programs, or software. We also research on major issues related to software development security with these demerits. And then, we propose public and private laws, regulations, or systems and give some examples with detailed descriptions.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.169-170
• /
• 2014

Most of the attacks will attempt to exploit the vulnerability of the application website(SW). Cases are also frequently at home and abroad, and to be hacked. In this paper, S/W Development Security sees the main issues dealt with. Security-related laws and regulations to look at the system.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.201-202
• /
• 2014

In this paper, we research on domestic or international hacking cases that could damage us mentally or financially. Seventy five percent of Web-site attacks abuses weak points of application programs, or software. We also research on major issues related to software development security with these demerits.

• Journal of the Korea Society of Computer and Information
• /
• v.21 no.11
• /
• pp.79-83
• /
• 2016

In this paper, we define four levels of analysis, design, implementation, and testing of the configuration of the development phase by S/W development life cycle. In particular, it dealt with the stage of the analysis phase to prepare an information system developed intensively. Details of the derivation of the information security requirements, it can be seen that comes from the perspective of confidentiality, integrity, availability and accountability, etc. It dealt with from the first manifestations of the projects planning to final planning to establish information security in activities of the Information Security requirements. As an example exhibited by assessing the information security analysis phase activities of S corporations, it can be seen that the improved sales rise in information security activities.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2014.07a
• /
• pp.81-82
• /
• 2014

국내외로 자주 발생하는 해킹 사례로 인하여 웹 사이트들이 중단되거나 상당한 금전적 피해를 보고 있다. 이러한 웹사이트 공격의 대부분이 응용프로그램(SW)의 취약점을 악용한 것이다. 본 논문에서는 이러한 S/W의 취약점을 이용한 S/W 개발 보안의 주요 이슈를 다루어 본다. 또한 보안 관련법 제도 및 규정 현행 정보 보호 관련 법령은 법률인 정보통신망 이용 촉진 및 정보보호 등에 관한 법률을 기본법으로 하여 분야 및 적용 대상에 따라 산발적인 개별 법규를 두어 각 분야별, 적용 대상별로 정보보호를 위한 규율을 실시하고 있다.

• Journal of KIISE:Computing Practices and Letters
• /
• v.12 no.2
• /
• pp.141-148
• /
• 2006

This paper suggests method of safe security S/W by verifying and its result of formal verification tool. We will survey many formal verification tools and compare features of these tools. And we will suggest what tool is appropriate and methodogoly of developing safe security S/W. The Z/EVES is the most appropriate tool. This paper proposes formal verification of ACS by using RoZ tool which is formal verification tool to create UML model. The specification and verification are executed using Z/EVES tool. These procedures can find weak or wrong point of developed S/W.

• Proceedings of the KIEE Conference
• /
• 1998.07c
• /
• pp.1173-1175
• /
• 1998

This paper presented the development plan of voltage security on-line monitoring system (VSECOMs). VSECOMs consists of voltage security monitoring system and data management system. VSECOMs has the function of bus voltage watch. voltage stability analysis, and voltage security assessment. EMS data on-line acquisition, PSS/E file conversion, and overall data management. VSECOMs is designed with client/server structure. We will seek stable operation of KEPCO's power system by installation of VSECOMs in EMS of KEPCO.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.6 s.44
• /
• pp.211-219
• /
• 2006

As the wireless network is popular and expanded, it is necessary to development the IDS(Intrusion Detection System)/Filtering System from the malicious wireless traffic. We propose the W-Sensor SW which detects the malicious wireless traffic and the W-TMS system which filters the malicious traffic by W-Sensor log in this paper. It is efficient to detect the malicious traffic and adaptive to change the security rules rapidly by the proposed W-Sensor SW. The designed W-Sensor by installing on a notebook supports the mobility of IDS in compare with the existed AP based Sensor.

• Electronics and Telecommunications Trends
• /
• v.35 no.7
• /
• pp.67-76
• /
• 2020

Because of the development and spread of artificial intelligence (AI) technology, new security threats and adverse AI functions have emerged as a real problem in the process of diversifying areas of use and introducing AI-based products and services to users. In response, it is necessary to develop new AI-based technologies in the field of information protection and security. This paper reviews topics such as domestic and international trends on false information detection technology, cyber security technology, and trust distribution platform technology, and it establishes the direction of the promotion of technology development. In addition, the development of international trends in ethical AI guidelines to ensure the human-centered ethical validity of AI development processes and final systems in parallel with technology development are analyzed and discussed. ETRI has developed AI policing technology, information protection, and security technologies as well as derived tasks and implementation strategies to prepare ethical AI development guidelines to ensure the reliability of AI based on its capabilities.

• Journal of Convergence for Information Technology
• /
• v.9 no.1
• /
• pp.142-150
• /
• 2019

This study is a file management security system that encrypts and decrypts computer and cloud data by using Bluetooth based cryptographic module. It is a necessary solution in terms of abuse of personal information and protection of social and national information. We developed H/W and S/W for SFMS(: Safe File Management Security) related Bluetooth module in cloud environment and implemented firmware development, encryption key generation and issuance, client program for system mobile and key management system. In the terminal internal encryption and decryption, SFMS was developed to ensure high security that the hacking itself is not possible because key values exist separately for each file.