• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.6 no.4
• /
• pp.53-66
• /
• 1996

World Wide Web is a total solution for multi-media data transmission on Internet. Because of its characteristics like ease of use, support for multi-media data and smart graphic user interface, WWW has extended to cover all kinds of applications. The Secure Information Center(SIC) is a data transmission system using conventional cryptography between client and server on WWW. It's main function is to support the encryption of sending data. For encryption of data IDEA(International Data Encryption Algorithm) is used and for authentication mechanism MD5 hash function is used. Since Secure Information Center is used by many users, conventional cryptosystem is efficient in managing their secure interactions. However, there are some restrictions on sharing of same key and data transmission between client and server, for example the risk of key exposure and the difficulty of key sharing mechanisms. To solve these problems, the Secure Information Center provides encryption mechanisms and key management policies.

• Journal of Fisheries and Marine Sciences Education
• /
• v.6 no.2
• /
• pp.130-142
• /
• 1994

To investigate the effective scheme to secure the specialized instructors in the governmental officials training facilities, the authors made a survey on the opinion concerning the dispatching service system of officials as instructors to the Fisheries Officials Training Institute on the fisheries specialized officials in the Fisheries Agency and its affiliated organization. The obtained results can be summarized as follows : 1. The exiting personnel management system has a lot of difficulties to secure the specialized instructors. Even though the difficulties may be solved by inviting part-time instructors to some extent, it is remote from the goal. The active utilization of dispatching service system of specialized officials to the Institute as instructors during the limited term will be effective rather than re-arrangement of personnel system or amendment of laws and ordinances to secure the specialized instructors. 2. The response of specialized officials who are objected in the present survey on the dispatching service system to the Institute appeared to be affirmative considerably, and then the dispatching service system may be expected of high efficiency in its realization.

• Fire Science and Engineering
• /
• v.28 no.2
• /
• pp.98-104
• /
• 2014

The fire servant's three shift working system tried out from 2009, and the performance rate of the fire servant's three shift working system is currently 98%. The Domestic study on fire servant's three shift working system is very elementary and puerile level, and its study is almost zero. Accordingly, this study aimed to sort through problems and prior task of the three shift working system implementation, and to suggestion for effectiveness secure of Fire servant's three shift working system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.2
• /
• pp.55-70
• /
• 2006

In this paper, we propose a new access control security architecture for supporting flexibility in Secure Operating Systems. By adding virtual access control system layer to the proposed security architecture, various access control models such as MAC, DAC, and RBAC can be applied to Secure Operating Systems easily. The proposed security architecture is designed to overcome the problem of Linux system's base access control system. A policy manager can compose various security models flexibly and apply them to Operating Systems dynamically. Also, the proposed architecture is composed of 3 modules such as access control enforcement, access control decision, and security control. And access control models are abstracted to hierarchy structure by virtual access control system. And, we present the notation of policy conflict and its resolution method by applying various access control model.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.04a
• /
• pp.562-564
• /
• 2004

Jini 구조의 네트웍 기능은 분산응용을 위하여 간단하면서도 유연한 네트웍 환경을 제공하고 있다. 이를 통하여 이동에이전트 시스템의 동적인 등록 및 위치 파악의 기능과 에이전트의 활동에 유용한 서비스들의 동적 제공이 용이하게 지원되어 이동에이전트 시스템 개발에 널리 사용되고 있다. 본 논문에서는 Jini 기반의 이동에이전트 시스템인 JMoblet 시스템을 썬 마이크로시스템에서 새롭게 제시한 Jini 2.0 보안모델을 적용하여 보안성이 강화된 안전한 JMoblet 시스템으로 확장하였다. 또한 에이전트 간 통신 시, 안전한 통신패러다임을 제시하였다.

• Journal of Korea Multimedia Society
• /
• v.17 no.6
• /
• pp.706-715
• /
• 2014

It is used to lead to serious structural vulnerability of the system security of security-critical system when we have quickly developed software system according to urgent release schedule without appropriate security planning, management, and assurance processes. The Data Set and Provider of DataSnap, which is a middleware of Delphi XE2 of the Embarcadero Technologies Co., certainly help to develop an easy and fast-paced procedure, but it is difficult to apply security program and vulnerable to control software system security when the connection structure Database-DataSnap server-SQL Connection-SQL Data set-Provider is applied. This is due to that all kinds of information of Provider are exposed on the moment when DataSnap Server Port is sure to malicious attackers. This exposure becomes a window capable of running SQL Command. Thus, it should not be used Data Set and Provider in the DataSnap Server in consideration of all aspects of security management. In this paper, we study on the verification of the security vulnerabilities for Client and Server DataSnap in Dlephi XE2, and we propose a secure coding method to improve security vulnerability in the DataSnap server system.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.8 no.6
• /
• pp.89-95
• /
• 2008

The introduction of wireless information technology gives rise to new mobile services in all kinds of areas of out daily life. Mobile healthcare system is a production of composite ICT (Information and Communication Technology) which focused on signal sensing, processing, and communication in wireless environment. The mobile and wireless revolution promises not only expanded access to patient health information, but also improved patient care. In this paper, we describe a surrogate host based mobile healthcare information system which utilized Grid computing for real-time ECG signal processing. The surrogate host provides seamless interface between mobile device and Medical Grid portal. The security extension of GSI (Grid Security Infrastructure) allows mobile users to access Grid portal in a secure and convenient manner. The presented system architecture can be used as a secure enterprise mobile healthcare system for hospital physicians.

• The KIPS Transactions:PartC
• /
• v.11C no.3
• /
• pp.327-336
• /
• 2004

There is a need for content providers and operators to control the usage of downloaded digital contents. Digital Rights Management(DRM) is the means to control the usage of the digital contents once it has been downloaded. Therefore, appropriate security mechanism is required. The mobile DRM system Is same as the general DRM system. We use encryption technology to package digital contents. In case of Mobile DRM system, secure distribution and secure keeping of packaging encryption key is important. In this paper, we design and implement DRM system on the Mobile Environments following on OMA(Open Mobile Alliance) DRM Model. We considered being a secure DRM system to contain appropriate security solution.

• The KIPS Transactions:PartC
• /
• v.10C no.4
• /
• pp.387-396
• /
• 2003

Many studies have been done on secure kernel and encryption filesystem for system security. Secure kernel can protect user or system data from unauthorized and/or illegal accesses by applying various access control policy like ACL, MAC, RBAC and so on, but cannot protect user or system data from stealing backup media or disk itself. In addition to access control policy, there are many studies on encryption filesystem that encrypt file data within system level. However few studies have been done on combining access control policy and encryption filesystem. In this paper we proposed a new encryption filesystem that provides a transparency to the user by integrating encryption service into virtual filesystem layer within secure kernel that has various access control policies. Proposed encryption filesystem can provide a simple encryption key management architecture by using encryption keys based on classes of MAC policy and overcome a limit of physical data security of access control policy for stealing.

• Proceedings of the KSRS Conference
• /
• 2004.10a
• /
• pp.712-715
• /
• 2004

War game Simulation System is a simulation system of military operation. In order to ensure all of the data that are running are secure, this system has to emphasize the security policy. In this paper, we analyze the running environment and the weakness of the security about exiting system. For improving the weakness, we design and implement this security system that is consisted of three components: Authentication System, Encryption System and Network Security System. Therefore, we can apply War game Simulation System to security system and improve the secure performance of this one.