• Journal of the Korea Society of Computer and Information
• /
• v.14 no.2
• /
• pp.1-8
• /
• 2009

Today the use of RFID is extended in medical. circulation market, manufacture, security field, etc. Besides, the book-lending and the attendance management system are on an increasing trend in the use of RFID The developed dormitory management system is composed of a support program, a room management program, a manager program, and a mobile program etc.. In the support program a student(or a manager) can see his(or all member's) entrance and exit history. The room management program decides whether a student can enter the dormitory or not and manages the use of the power after or inquiring a RFID's input tag information into database server. The manager program is able to input and modify a room state and the fixtures information in the room required to operate the room management program, to set up and retrieve a student's entrance and exit information and a room state information. The mobile program enables a manager to check student's identity whether he is in or out, and the manager can know the personal information of being out in detail.

• The Journal of Industrial Distribution & Business
• /
• v.11 no.2
• /
• pp.33-39
• /
• 2020

Purpose: The purpose of this study is that victims of technology leaks and people concerned about leaks complain of stress over security concerns. However, there are no psychological treatments among the government's comprehensive plans to prevent technology leaks. Therefore, the government intends to present education methods using the NLP (Neuro Linguistic Program), a collective counseling technique, to heal the psychological injury of the victims. Psychological counseling methods include cognitive behavioral therapy, psychoanalytic behavioral therapy, humanism therapy, art therapy, and other psychological therapies. Among them, NLP (Neuro Linguistic Programming) method was used. NLP has three concepts: neuron, language, and programming, and is used as a general method for group counseling. Research design, data and methodology: In relation to composition, Chapter 1 explained the purpose and necessity of the study, Chapter 2 explained the types of psychological counseling and NLPs to help understand the study, introduced the prior study related to the development of collective counseling programs through NLP, and Chapter 3 developed a security psychological counseling education program. In addition, FGI(Focus Group Interview) was conducted for professionals. Results: Corporate counseling considered most in this study should satisfy client, counselor and manager differently from individual counseling. For this purpose, the result was composed of 11 times. In order to derive personal problems for clients, they consisted of finding, loving, expressing, and emancipating self. And, It solved the leakage anxiety to suggest a professional solution for the counselor. In addition, this course helps them become familiar with counseling techniques for becoming a good security administrator. Lastly, it was configured to leave the result for the manager to suggest the organizational development method through this training. The implication of this study is to derive psychological counseling methods for security officers. Most companies in the field of security counseling complain about technology leakage stress. There is currently no psychotherapy support project under the policy. And It was developed because it can expect sales improvement from security consultation. Conclusions: In conclusion, the results were organized to be left to the manager so that he could suggest how to develop the organization through this time.

• Convergence Security Journal
• /
• v.2 no.2
• /
• pp.19-27
• /
• 2002

This paper proposes a group key management protocol for a secure of all the multicast user in PIM-SM multicast group communication. Each subgroup manager gives a secure key to it's own transmitter and the transmitter compress the data with it's own secure key from the subgroup manager. Before the transmitter send the data to receiver, the transmitter prepares to encrypt a user's service by sending a encryption key to the receiver though the secure channel, after checking the user's validity through the secure channel. As the transmitter sending a data after then, the architecture is designed that the receiver will decode the received data with the transmitter's group key. Therefore, transmission time is shortened because there is no need to data translation by the group key on data sending and the data transmition is possible without new key distribution at path change to shortest path of the router characteristic.

• Convergence Security Journal
• /
• v.2 no.1
• /
• pp.99-107
• /
• 2002

This paper proposes a group key management protocol for a secure of all the multicast user in PIM-SM multicast group communication under electronic commerce. Each subgroup manager gives a secure key to it's own transmitter and the transmitter compress the data with it's own secure key from the subgroup manager. Before the transmitter send the data to receiver, the transmitter prepares to encrypt a user's service by sending a encryption key to the receiver though the secure channel, after checking the user's validity through the secure channel. As the transmitter sending a data after then, the architecture is designed that the receiver will decode the received data with the transmitter's group key. Therefore, transmission time is shortened because there is no need to data translation by the group key on data sending and the data transmition is possible without new key distribution at path change to shortest path of the router characteristic.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.1
• /
• pp.17-27
• /
• 2020

Many users are using password managers in order to conveniently manage several usernames and passwords needed to access the web sites. The password manager encrypts and stores several passwords on the server, and the user accesses the server to receive the password information. Thus, if an attacker can sniff a message between the password manager and the server and decrypt the message content, or if an attacker can steal the computer's memory and decrypt the message content, then all the passwords will be exposed to the attacker. In this paper, we analyze the client-server communications and encryption process of password mangers and show there is a serious vulnerability in memory attack.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.07a
• /
• pp.43-46
• /
• 2003

At SIC 2001, Popescu proposed m efficient group signature scheme for large groups［1］. However, this paper shows that his scheme is to be insecure by presenting a signature forgery. Using our attack, anyone (not necessarily a group member) can forge a signature on a message m, and sine the attacker doesn't have to be the group member, the revocation manager cannot reveal the identity of the signer. Additionally, we modify Popescue's scheme to prevent the forgeary.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.10c
• /
• pp.370-372
• /
• 2004

본 논문에서는 개방형 운영체제인 리눅스상에서 package streaming service를 제공하는 Network Streaming Service(통칭 NSS)를 설계하는 문제를 다룬다. NSS는 client가 serve 측에 설치된 소프트웨어 package를 마치 client 자신의 local disk상에 이미 인스톨된 패키지를 실행하는 것처럼 동작하도록 해준다. NSS는 client측의 NSS Mounter, Package Streaming Consumer, NSS Configurator와 server측의 NSS Load Balancer, Package Streaming Supplier, NSS Manager, Accounting & Security Manager로 구성되며 local disk caching과 background prefetching 기능을 사용하여 향상된 서비스를 제공한다.

• 제어로봇시스템학회:학술대회논문집
• /
• 2005.06a
• /
• pp.1545-1549
• /
• 2005

According as computer is supplied in a lot of homes and offices and Internet use increases, various service based on the Internet. Including wireless PDA in the future, many devices such as Internet telephone, TV, refrigerator and oven will be connected on the Internet and Internet address exhaustion will be raised to serious problem gradually. Today, the IPv4 address exhaustion problem has been solved partially using NAT (Network Address Translation) however, the transition to next Generation Internet will be accelerated because of advantages such as mobility, security service, QoS, and abundant IP addresses. In IPv6, all hosts are designed to create and set their address automatically without manager's intervention using Neighbor Discovery Protocol. But, when an IPv6 host sets its address automatically, there are serious security vulnerabilities. In this paper, we analysis security vulnerabilities in auto-configuration and provide security requirements for secure auto-configuration.

• The KIPS Transactions:PartC
• /
• v.11C no.5
• /
• pp.577-584
• /
• 2004

Recently many company has been cracked by crackers information security and everyday new computer virus come out. so e-trade partners should prevent the disasters. A few studies researched e-trade securities broadly but the new trend in information security division especially focused on electronic payment, EDI, Transportation, Contracts, Insurances and that of subjects have been researched through interdisciplinary evolution. Our research e-trade security on three part, First system attack, second is data attack and third is business attack. the attacks have theirs own solution, so e-trade company use this solution timely and powerfully. It is the most important thing to prepare the cracking with securities system. also manager should catch recent hacking technologies. The research results propose that e-trade firms should use information security policies and securities systems that including H/W and S/W. therefore manager's security mind is very important and also using electronic commerce securities device and should be considered exploiting solutions by each special usage according to e-trade company' environments.

• Convergence Security Journal
• /
• v.21 no.3
• /
• pp.13-23
• /
• 2021

The attacker's techniques and tools are becoming intelligent and sophisticated. Existing Anti-Virus cannot prevent security accident. So the security threats on the endpoint should also be considered. Recently, EDR security solutions to protect endpoints have emerged, but they focus on visibility. There is still a lack of detection and responsiveness. In this paper, we use real-world EDR event logs to aggregate knowledge-based MITRE ATT&CK and autoencoder-based anomaly detection techniques to detect anomalies in order to screen effective analysis and analysis targets from a security manager perspective. After that, detected anomaly attack signs show the security manager an alarm along with log information and can be connected to legacy systems. The experiment detected EDR event logs for 5 days, and verified them with hybrid analysis search. Therefore, it is expected to produce results on when, which IPs and processes is suspected based on the EDR event log and create a secure endpoint environment through measures on the suspicious IP/Process.