• Title/Summary/Keyword: Secure Development

Search Result 1,883, Processing Time 0.026 seconds

(An HTTP-Based Application Layer Security Protocol for Wireless Internet Services) (무선 인터넷 서비스를 위한 HTTP 기반의 응용 계층 보안 프로토콜)

  • 이동근;김기조;임경식
    • Journal of KIISE:Information Networking
    • /
    • v.30 no.3
    • /
    • pp.377-386
    • /
    • 2003
  • In this paper, we present an application layer protocol to support secure wireless Internet services, called Application Layer Security(ALS). The drawbacks of the two traditional approaches to secure wireless applications motivated the development of ALS. One is that in the conventional application-specific security protocol such as Secure HyperText Transfer Protocol(S-HTTP), security mechanism is included in the application itself. This gives a disadvantage that the security services are available only to that particular application. The other is that a separate protocol layer is inserted between the application and transport layers, as in the Secure Sockets Layer(SSL)/Transport Layer Security(TLS). In this case, all channel data are encrypted regardless of the specific application's requirements, resulting in much waste of network resources. To overcome these problems, ALS is proposed to be implemented on top of HTTP so that it is independent of the various transport layer protocols, and provides a common security interface with security applications so that it greatly improves the portability of security applications. In addition, since ALS takes advantages of well-known TLS mechanism, it eliminates the danger of malicious attack and provides applications with various security services such as authentication, confidentiality integrity and digital signature, and partial encryption. We conclude this paper with an example of applying ALS to the solution of end-to-end security in a present commercial wireless protocol stack, Wireless Application Protocol.

A Study on the Development Strategy of Offshore Oil Resource in China (중국의 해외 석유자원 개발 전략에 관한 연구)

  • Lee, Choong-Bae;Noh, Jin-Ho
    • International Commerce and Information Review
    • /
    • v.13 no.3
    • /
    • pp.119-142
    • /
    • 2011
  • Competitions for secure oil are intense around the world due to the limited oil reserves. The situations are becoming more serious as China has participated in the competition. This paper aims to investigate China's offshore oil development strategies to balance the supply and demand of oil and then suggest its policy implications. A surging increase of oil demand due to the rapid economic growth as well as the stagnation in domestic oil output has turned China into a net oil importer since 1993. Therefore, China has placed a significant priority on securing long-term stability of its offshore oil to cope with the rapid growing demand. It has taken a variety of strategies to secure stable oil resource such as development of offshore oil resource, increasing the number of oil importing countries. China with the highest foreign exchange reserve of approximately $3 trillion as of 2010, has considered to employ foreign exchange reserves while making a huge amount of investment to secure oil resource. China has pursued several policies such as loan to oil production country for securing oil, foreign direct investment on offshore oil development, M&A of oil exploration and production companies and geographical diversification of oil importing countries. China has promoted offensive strategies for securing oil resource rather than cooperation with other countries. Thus, China should find a trade-off point for recovering relationship with international society while developing and investing renewable energy for long-term future. It will also address some implications for Korea, which has to prepare new strategies of overseas oil development.

  • PDF

Proxy Re-encryption based Secure Electronic Transaction (프록시 재암호화 기반의 안전한 전자지불시스템)

  • Go, Woong;Kwak, Jin
    • The Journal of Korean Association of Computer Education
    • /
    • v.15 no.1
    • /
    • pp.73-85
    • /
    • 2012
  • Presently, Enhanced electronic financial service are offered used open network due to development of IT and financial transactions. The protocol in this environments such as SET, SSL/TLS, and so on are electronic transaction protocol to perform electronic payment securely and efficiently. However, most users still does not know accurately how to use and potential problems. It especially has key management problem about generate session key for purchase products or payment. To solve this problem, we propose proxy re-encryption based secure electronic transaction to transmit payment and order information without addition session key.

  • PDF

Examination of Transaction Secure Safety of Block Chain (블록체인 안전성 확보를 위한 거래 검토)

  • Choi, Heesik;Cho, Yanghyun
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.15 no.1
    • /
    • pp.77-86
    • /
    • 2019
  • Comparative analysis to secure safety of Blockchain Many investors have invested in virtual currency such as bit coins as a new investment due to increased popularity of virtual currency around the world. Also, virtual currency such as bit coin has a security technology and it has been relatively proved. popularity of virtual currency is rising as a new investment alternative because of this reason. This paper focused on the block chain's transparency and security of distributed ledger technology, which is relatively safe without third party's intervention. Many governments and companies around the world are developing and working on block chain technological development to introduce due to these reasons However, there are some suggestion that block chain has minor risks to its security. In this paper, it will examine security vulnerabilities from importance of security of Blockchain which relates to transactions of Bitcoin which stored by governments and companies around the world. This paper will propose measure which will improve safety and efficiency of Blockchain technology such as the existing Blockchain method, Blockchain proposal, traceability and awareness about hacking.

Secure and Efficient Package Management Techniques in Closed Networks (폐쇄망에서의 안전하고 효율적인 소프트웨어 패키지 관리 방안)

  • Ahn, Gun-Hee;An, Sang-Hyuk;Lim, Dong-Kyun;Jeong, Su-Hwan;Kim, Jaewoo;Shin, Youngjoo
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.11 no.4
    • /
    • pp.119-126
    • /
    • 2022
  • In this paper, we present important factors and methodologies that we have to follow for secure and efficient package management systems in a closed network. By analyzing previous works, we present several security considerations for the existing package management systems. Based on the consideration, we propose guidelines regarding the use of package management systems in the closed network. More specifically, we propose the development of new package management tools, utilization of physical storage media, utilization of local backup repositories, package updates, and downgrade batches for secure and efficient package management.

Development of Cement Liquid Waterproofing Spouting Equipment (시멘트 액체방수 뿜칠장비의 개발)

  • Kim, Han-Sic;Ha, Jung-Soo;Lee, Young-Do
    • Proceedings of the Korean Institute of Building Construction Conference
    • /
    • 2022.11a
    • /
    • pp.145-146
    • /
    • 2022
  • The demand for a construction method capable of securing a safety environment and improving quality is increasing. There is a high risk of falling when working at a high place in an environment where it is difficult to secure visibility, such as an underground space, and there is a risk of falling if cement liquid waterproof materials are transferred to the top of the scaffold by manpower. In addition, when working on a high place in a poor environment, the quality uniformity of the upper part of the wall is deteriorated. In addition, as waterproof technicians gradually age and decrease, it is difficult to secure them, so it is urgent to prepare countermeasures against the shortage of waterproof technicians. Therefore, the purpose of this study is to develop cement liquid waterproof spouting construction equipment that can secure uniform quality of construction areas to prevent accidents and ensure safety of workers, improve work efficiency and quality due to improvement of work environment. The adhesion performance of the cement liquid waterproof material could be improved by about 20% in accordance with the use of the equipment.

  • PDF

Maternal Early Parent Attachment and Social Interest: The Effect of Attachment Anxiety and Attachment Avoidance (어머니의 초기부모애착과 사회적 관심: 애착 불안과 애착 회피를 중심으로)

  • Ha Yeoung, Min
    • Human Ecology Research
    • /
    • v.62 no.1
    • /
    • pp.69-80
    • /
    • 2024
  • This study explored the relationship between maternal early parental attachment (EPA) and social interest. The participants were 311 mothers with elementary schoolchildren who lived in the Daegu-Gyeongbuk area. Data were collected through an online questionnaire provided on the portal site and analyzed using k-means clustering, t-test, One-Way ANOVA, and Pearson's correlation using IBM SPSS Statistics 21 for Windows and, RMSEA, TLI, NFI and CFI using IBM SPSS AMOS 18 for Windows. The principal results were as follows. Firstly, mothers' EPA anxiety and avoidance had a negative influence on social interest. Secondly, social interest was found to be significantly higher among mothers with a secure attachment style than among mothers with an insecure attachment style. Thirdly, significant differences were observed in levels of social interest among mothers with secure, preoccupied, dismissive, and disorientated attachment styles. A Scheffé post-hoc test revealed that social interest was significantly higher among mothers with a secure attachment style than among mothers with a disorientated attachment style. The experience of relationships with caregivers early in life is therefore important in the development of social interest.

Secure Coding for SQL Injection Prevention Using Generative AI

  • Young-Bok Cho
    • Journal of the Korea Society of Computer and Information
    • /
    • v.29 no.9
    • /
    • pp.61-68
    • /
    • 2024
  • In this paper, Generative AI is a technology that creates various forms of content such as text, images, and music, and is being utilized across different fields. In the security sector, generative AI is poised to open up new possibilities in various areas including security vulnerability analysis, malware detection and analysis, and the creation and improvement of security policies. This paper presents a guide for identifying vulnerabilities and secure coding using ChatGPT for security vulnerability analysis and prediction, considering the application of generative AI in the security domain. While generative AI offers innovative possibilities in the security field, it is essential to continuously pursue research and development to ensure safe and effective utilization of generative AI through in-depth consideration of ethical and legal issues accompanying technological advancements.

Evaluation of Software Diagnostics for Secure Operational Environment in Nuclear I&C systems (원전 계측제어 시스템 보안성환경을 위한 진단기능 평가)

  • Yoo, Sung Goo;Seul, Namo
    • Journal of the Institute of Electronics and Information Engineers
    • /
    • v.53 no.8
    • /
    • pp.107-112
    • /
    • 2016
  • Safety Critical Instrumentation and Control Systems perform those functions to maintain nuclear power plants' parameters within acceptable limits established for a design basis events and anticipated operating occurrence to ensure safety function. Those digitalized systems shall protect inadvertent and non-malicious behavior to ensure the reliable operation of systems, known as a Secure Development and Operational Environment(SDOE). SDOE would be established through managerial and technical controls. The objective of this paper is to evaluate the effectiveness of Cyclic Redundancy Checksum diagnostic, which is one of technical controls for SDOE, that can confirm the integrity of software of I&C systems to establish the secure environment. The results of this assessment would be the practical implementation of design and safety review of nuclear I&C systems.

Open Source Software Security Issues and Applying a Secure Coding Scheme (오픈 소스의 소프트웨어 보안 문제 및 시큐어 코딩 적용방안)

  • Kim, Byoungkuk
    • KIISE Transactions on Computing Practices
    • /
    • v.23 no.8
    • /
    • pp.487-491
    • /
    • 2017
  • Open source software allows the users to freely use, copy, distribute and modify source code without any particular limitations, and this offers the advantages of low entry cost, fast and flexible development, compatibility, reliability and safety. The emergence of many useful open source projects has the advantage of achieving high levels of output with lower costs and time commitment for software development. However, this also increases the risks caused by the security vulnerabilities of the used open source software. There is still no separate process to verify security in using open source software. In this paper, we analyze the security weakness in open source and propose a secure coding scheme in adopting open source, which is known to be highly reliable from a security point of view.