• Journal of KIISE:Databases
• /
• v.30 no.6
• /
• pp.585-592
• /
• 2003

In the spatial database systems, it is necessary to manage spatial objects that have two or more aspatial information with different security levels on the same layer. If we adapt the polyinstantiation concept of relational database system for these spatial objects, it is difficult to process the representation problem of spatial objects and to solve the security problem that is service denial and information flow by access of subject that has a different security level. To address these problems, we propose a polyinstantiation method for security management of spatial objects in this paper. The proposed method manages secure spatial database system efficiently by creating spatial objects according to user's security level through security-level-conversion-step and polyinstantiation-generation-step with multi-level security policy. Also, in case of user who has a different security level requires secure operations, we create polyinstance for spatial object to solve problems of service denial and information flow.

• Journal of Information Processing Systems
• /
• v.13 no.6
• /
• pp.1613-1627
• /
• 2017

The concept of the Internet of Things (IoT) enables physical objects or things to be virtually accessible for both consuming and providing services. Undue access from irresponsible activities becomes an interesting issue to address. Maintenance of data integrity and privacy of objects is important from the perspective of security. Privacy can be achieved through various techniques: password authentication, cryptography, and the use of mathematical models to assess the level of security of other objects. Individual methods like these are less effective in increasing the security aspect. Comprehensive security schemes such as the use of frameworks are considered better, regardless of the framework model used, whether centralized, semi-centralized, or distributed ones. In this paper, we propose a new semi-centralized security framework that aims to improve privacy in IoT using the parameters of trust and reputation. A new algorithm to elect a reputation coordinator, i.e., ConTrust Manager is proposed in this framework. This framework allows each object to determine other objects that are considered trusted before the communication process is implemented. Evaluation of the proposed framework was done through simulation, which shows that the framework can be used as an alternative solution for improving security in the IoT.

• Convergence Security Journal
• /
• v.17 no.1
• /
• pp.101-109
• /
• 2017

The Internet of things is a system that connects and communicates all sorts of things such as people, objects, and data. It's to create and share information by its own each other. It can be used to enhance the function of private security and has brought about innovative development of private security. The Internet of things is a system that allows devices connected to the Internet to communicate independently of people-objects, objects-objects connected to the Internet. That and can be used in many industries, especially in the private security sector, its value is high. The use of the Internet of things to private security sector can reinforce security zones with always-on surveillance systems, also be enhanced by its own preparedness and response to the situation. However, this study will discusse the application and development of private security in the Internet of things. The practical application of the virtual space is an immediate task and it is also an essential factor in securing security.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.3 no.4
• /
• pp.35-42
• /
• 2010

This paper reviews the current studies about the current secure OS, security module and SELinux, and suggests Linux access control module that uses the user discriminating authentication, security authority inheritance of subjects and objects, reference monitor and MAC class process and real-time audit trailing using DB. First, during the user authentication process, it distinguishes the access permission IP and separates the superuser(root)'s authority from that of the security manager by making the users input the security level and the protection category. Second, when the subjects have access to the objects through security authority inheritance of subjects and objects, the suggested system carries out the access control by comparing the security information of the subjects with that of the objects. Third, this system implements a Reference Monitor audit on every current events happening in the kernel. As it decides the access permission after checking the current MAC security attributes, it can block any malicious intrusion in advance. Fourth, through the real-time audit trailing system, it detects all activities in the operating system, records them in the database and offers the security manager with the related security audit data in real-time.

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.53-59
• /
• 2015

With radical development of information and communication Technology, Internet of Things(IoT) era - all the th ings around us are connected through internet so that it enables objects to exchange data with connected devices a nd is expected to offer new advanced services that goes beyond the value where each existing objects could have o ffered respectively - has come. Concerns regarding security threat are being raised in adopting IoT as the number of internet-connected appliances are rapidly increasing. So, we need to consider how to protect and control countles s objects. This paper covers the role and procedures of existing security control. Futhermore, it provides information about the direction of security control when it comes to IoT.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.3
• /
• pp.617-624
• /
• 2014

A campus network nowadays adapts the security policies in detail and even in variety, along with firewall based access control. Nevertheless, security threats, such as information hacking, intrusion and DoS, are not decreasing yet. This paper proposes an enabling method of discriminative security policies to enforce an adaptive security for security objects on basis of the security elements. The security level of a security devices is decided based on the mapping between the users and the objects. The proposed security policies could improve the security effect in terms of investment in creative campus environment, and aim to provide fast and stable services to users.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.3
• /
• pp.53-60
• /
• 2017

The purpose of this study is to provide empirical and quantitative analysis on user's perceived privacy, security, and user satisfaction when providing visualization information about objects and service provider behaviors that users can not perceive in internet service process. Through previous research, we have examined the importance of privacy and security factors as a key factor to be considered for the characteristics of the Internet of things and the Internet of things. In addition, service blueprint, which is one of the service design methodologies to examine the flow of service usage in providing Internet service of things, was examined. In the flow of things internet service utilization, it is found that the things that are out of the user's cognitive area and the behavior of the service provider take up a large part. Therefore, the hypothesis that the trust of the Internet service security and the satisfaction of the user experience can be improved by providing the security visualization information about the behavior of the object and the invisible service provider in the non-contact aspect of the user and the object. In order to verify the hypothesis, we conducted experiments and questionnaires on the use of virtual objects' internet environment and conducted statistical analysis based on them. As a result, it was analyzed that visual information feedback on non - contact and invisible objects and service provider's behaviors had a positive effect on user's perceived privacy, security, and satisfaction. In addition, we conclude that it can be used as a service design evaluation tool to eliminate psychological anxiety about security and to improve satisfaction in internet service design. We hope that this research will be a great help for the research on application method of service design method in Internet environment of objects.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.8 no.1
• /
• pp.23-37
• /
• 1998

This paper considers the design and management of security MIB for EDI system. EDI system has to establish various securety wervices and mechanisms to protect against security threats. Hence, the EDIsystem requires appropriate security management to monitor and control the security obhects for its security services and mechanisms. In this paper, I identify security objects for management of secueity services defined in the EDIsystem, and propose the design of a security MIB and describe the use of SNMPnetwork management protocol in its management.

• Journal of Digital Convergence
• /
• v.11 no.10
• /
• pp.359-366
• /
• 2013

Due to the development and market expansion of image analysis and recognition technology, video security such as CCTV cameras and digital storage devices, are required for real-time monitoring systems and intelligent video security systems. This includes the development of more advanced technologies. A rotatable PTZ camera, in a CCTV camera system, has a zoom function so you can acquire a precise picture. However it can cause blind spots, and can not monitor two or more moving objects at the same time. This study concerns, the intelligent tracking of multiple moving objects, CCTV systems, and methods of video surveillance. An intelligent video surveillance system is proposed. It can accurately shoot broad areas and track multiple objects at the same time, much more effectively than using one fixed camera for an entire area or two or more PTZ cameras.

• Journal of Information Processing Systems
• /
• v.6 no.3
• /
• pp.359-374
• /
• 2010

The Future Internet that includes Real World Objects and the Internet of Things together with the more classic web pages will move communications from a nodecentric organization to an information-centric network allowing new a paradigm to take place. The 4WARD project initiated some works on the Future Internet. One of them is the creation of a Network of Information designed to enable more powerful semantic searches. In this paper, we propose a security solution for a model of information based on a semantic description and search of objects. The proposed solution takes into account both the access and the management of both objects and their descriptions.