• Journal of Information Processing Systems
• /
• v.12 no.4
• /
• pp.688-710
• /
• 2016

Our approach permits to capitalize the expert's knowledge as business rules by using an agent-based platform. The objective of our approach is to allow experts to manage the daily evolutions of business domains without having to use a technician, and to allow them to be implied, and to participate in the development of the application to accomplish the daily tasks of their work. Therefore, the manipulation of an expert's knowledge generates the need for information security and other associated technologies. The notion of cryptography has emerged as a basic concept in business rules modeling. The purpose of this paper is to present a cryptographic algorithm based approach to integrate the security aspect in business rules modeling. We propose integrating an agent-based approach in the framework. This solution utilizes a security agent with domain ontology. This agent applies an encryption/decryption algorithm to allow for the confidentiality, authenticity, and integrity of the most important rules. To increase the security of these rules, we used hybrid cryptography in order to take advantage of symmetric and asymmetric algorithms. We performed some experiments to find the best encryption algorithm, which provides improvement in terms of response time, space memory, and security.

• Knowledge Management Research
• /
• v.19 no.4
• /
• pp.119-131
• /
• 2018

In this paper, I research the issue of information security for medical information system of each parties. The outflow of the Personal medical information can lead to problems of medical systems and disadvantage to an individual. In this paper, we research the information security based on a blockchain. In addition, I have analyzed blockchain. I suggest a medical information system framework that can help to keep the privacy of patients by using a blockchain network. Also, In this paper try to explain using private blockchain for medical system. Blockchain can keep the integrity and transparency of the medical records. This research, shows how can build the private blockchain for medical records and how to get the integrity of Data from Private Blockchain and Distuributed Ledger Technology.

• Journal of Digital Contents Society
• /
• v.11 no.1
• /
• pp.79-89
• /
• 2010

The government and companies build a DDoS correspondence system hastily to protect assets from cyber threats. It has become more and more intelligent and advanced such as DDoS attack. However, when outbreaks of the social incidents such as 7.7 DDoS attack(2009.7.7) or cases of the direct damage occurred, information security systems(ISS) only become the issue in the short term. As usual, sustained investment about ISS is a negative recognition. Since the characteristic of ISS is hard to recognize the effectiveness of them before incidents occurs. Also, results of incidents occurred classify attack and detection. Detailed and objective measurement criterion to measure effectiveness and efficiency of ISS is not existed. Recently, it is progress that evaluation and certification about for the information security management system(ISMS). Since these works propose only a general guideline, it is difficult to utilize as a result of ISMS improvement for organization. Therefore, this paper proposes a framework to develop main criteria by a correspondence strategy and process. It is able to detailed and objective measurements.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.2
• /
• pp.807-810
• /
• 2005

Constructed network test environment of wireless base for confidentiality guarantee of data and safe transmission that is transmited at Mobile node of Wireless Network environment in this paper. And, progressed research about IKEv2's Multiple-Key Exchange mechanism for efficient security transmission that use IPSec that is built-in to basis to IPv6 of Mobile environment. Have several key to single terminal to solve that is seam at hand off packet transmission process of Mobile Node in Wireless Network and Re-setting for Key and Re-exchange problem that happen frequently and studied technology that move. Key exchange protocol that is used for an experiment loads basically in MIPv6 and used IKEv2 protocol that is used for management and distribution of reliable encryption key between both end. Using network simulator of SSFNet(Scalable Simulation Framework Network Models) in this paper Key exchange delay value of IKEv2's security transmission analyzing comparison Performance measure and studied about problem and improvement way accordingly.

• Journal of Digital Convergence
• /
• v.17 no.11
• /
• pp.233-240
• /
• 2019

In order to predict and respond to cyber attacks, a number of security companies quickly identify the methods, types and characteristics of attack techniques and are publishing Security Intelligence Reports(SIRs) on them. However, the SIRs distributed by each company are huge and unstructured. In this paper, we propose a framework that uses five analytic techniques to formulate a report and extract key information in order to reduce the time required to extract information on large unstructured SIRs efficiently. Since the SIRs data do not have the correct answer label, we propose four analysis techniques, Keyword Extraction, Topic Modeling, Summarization, and Document Similarity, through Unsupervised Learning. Finally, has built the data to extract threat information from SIRs, analysis applies to the Named Entity Recognition (NER) technology to recognize the words belonging to the IP, Domain/URL, Hash, Malware and determine if the word belongs to which type We propose a framework that applies a total of five analysis techniques, including technology.

• The Research Journal of the Costume Culture
• /
• v.10 no.5
• /
• pp.473-484
• /
• 2002

The purpose of this study is to analyze the window display in the department stores in Daejeon. The framework of execution, colors, illumination, and kinds and colon of mannequins of the window display in four department stores in Daejeon were analyzed based on the photographs of displays from January to October in 2001. The results were as follows: First, in the framework of execution, each department store used mostly the triangle-framework during four seasons, which was a fundamental framework. Its characteristics were a sense of security, three-dimensional effect, and balance. It was the most suitable framework fur the mannequins and toruso. Second, a color scheme for commodities was all no-coloring scheme in each four seasons. The color of background was mostly white which harmonized well with the colors of commodities and lights. The plan for the color scheme of window display should always executed on the commodities, and the colors should be harmonized to produce the best display effect. Moreover, when commodities had two colors, the color of background should be in one simple color that manifest the commodities, or that is secondary color to the main color of commodities. Third, all department stores used all same illumination. Lack of illumination, management, and expense incured ineffective production of the display. Fourth, mostly, real mannequins with white or skin colors were used, and the toruso was next used in department stores. The set was limited because many companies had not made new sets for the display. Therefore, new sets including mannequins should be actively developed to produce effective display.

• Smart Media Journal
• /
• v.8 no.2
• /
• pp.94-98
• /
• 2019

In this paper, we developed the tools enabling to manage the IoT systems owned by managers. Since equipment agents consists based on open-source block-chain framework, we can secure the invariance on data and furthermore can locate the resources by searching the AP connected to the equipments. Also the manager can trace the connecting details on equipments from their block-chain accounts. In addition, we work on the possibility of protecting ARP poisoning attacks by removing the credibility on additional ARP requests being generated during the process of network creation.

• Asia pacific journal of information systems
• /
• v.24 no.3
• /
• pp.345-370
• /
• 2014

The notion of technological adoption such as Radio Frequency Identification (RFID) has been examined in various domains such as supply chain management, inventory management and health care. However, there are several unanswered questions surrounding how this technology is adopted in disaster management. This study attempts to explore the potential of RFID in disaster management. The notion of Task-Technology Fit (TTF) is deemed suitable for this purpose and thus used as the theoretical framework that is further validated by employing multiple case studies. The empirical findings indicate that there are six key factors influencing the decision to adopt RFID in disaster management. Some relate to aspects of RFID when it is put into practice, namely cost, compatibility, standardisation, implementation and locatability; while the other key factor relates to privacy and security aspect of information. It is hoped that the findings of this research will inform disaster management organizations to better plan the adoption of RFID for their operations.

• Journal of Internet Computing and Services
• /
• v.15 no.3
• /
• pp.91-100
• /
• 2014

While IT security investment of organizations has been increased, the amount of the monetary loss of organizations caused by IT security breaches did not decrease as much as their expectation. Also, from surveys, it was discovered that the poor usage of their security budget thwarted the improvement of the organization's security level. In this paper, to resolve the poor usage of security budget of organizations, we propose a comprehensive economic model for determining the optimal amount of investment in security solutions, including the proactive security solutions(PSSs) and the reactive security solutions(RSSs). Using the proposed analytical model under different parameters of security solutions, we show the optimal condition to maximize the expected net benefits from IT security investment of organizations. Also, we verify the common belief that the optimal level of investment in security solutions is an increasing function of vulnerability. Through simulations, we find the optimal level of IT security investment, given parameters of different characteristics of security solutions.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.544-547
• /
• 2002

최근 들어 인적 보안위험과 같이 단기간에 변화가 심한 위험이 증가하고 있어 이에 대한 관리가 요구되고 있다. 그러나, 기존 위험평가만으로는 이러한 보안위험에 대한 적절한 평가 및 관리가 어려우므로 이에 대한 보완이 필요하다. 이에 기존에 적용된 보안관리 도구에 의해 생성되는 온라인 데이터를 이용하여, 이러한 위험에 대한 평가를 지속적으로 실시할 수 있는 보안관리 체계를 제안한다. 이를 통해 조직내 보안위험 수준을 감내할 수 있는 수준으로 유지할 수 있도록 한다.