• Korean Security Journal
• /
• no.3
• /
• pp.273-305
• /
• 2000

The knowledge substitutes the traditional factors of production - land, labor, and capital - and has become one of the most important new resources. The Internet Knowledge Society is where the knowledge is the major source of development and competition. Now more than 350mi11ion computers are connected to internet servers and the internet users are more than 250mi11ion. The purpose of this paper is to propose some key factors for implementing the Police Knowledge Management System(PKMS) based on Intranet. With Information Technology(IT), the police administrative system will be much more efficient. Introducing the If into the system is critical for restructuring the police administrative system. This paper concludes as follows : ■ Knowledge is divided into tacit and explicit one. Knowledge process is divided into acquisition, accumulation, distribution and creation of knowledge. ■ The IntraNet is composed of Web server, FTP server, electric-mail server, and is constructed security system to safety. ■ All policemen are bound to serve as a new knowledge worker. ■ Police organization needs to operate data management system. The organization also needs to the Police Knowledge Management Center(PKMC). And the Police Chief Knowledge Officers(PCKO) needs to be appointed to manage the PKMC. ■ An information and knowledge infrastructure(various databases are the most important factor) should be established within the organization to promote the self-directed management, the interactive communication, and the learning ability of the members.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.6
• /
• pp.29-46
• /
• 2002

We generally use SSL/TLS protocol utilizing X.509 v3 certificates so as to provide a secure means in establishment an confidential communication and the support of the authentication service. SPKI/SDSI was motivated by the perception that X.509 is too complex and incomplete. This thesis focuses on designing a secure server and an implementation of the prototype which has two main modules, one is to support secure communication and RBAC, not being remained in the SPKI/SDSI server which was developed by the existing Geronimo project and the other is to wholly issue name-certificate and authorization-cerificate. And the demonstration embodied for our sewer is outlined hereafter.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.841-849
• /
• 2012

Cloud computing that provides IT service and computer resource based on internet is now getting attention. However, the encrypted data can be exposed because it is saved in cloud server, even though it is saved as an encrypted data. In this paper, user certification protocol is proposed to prevent from illegally using of secret data by others while user who locates different physical position is providing secret data safely. The proposed protocol uses one way hash function and XOR calculation to get user's certification information which is in server when any user approaches to particular server remotely. Also it solves user security problem of cloud.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1315-1324
• /
• 2012

Security visualization is a form of the data visualization techniques in the field of network security by using security-related events so that it is quickly and easily to understand network traffic flow and security situation. In particular, the security visualization that detects the abnormal situation of network visualizing connections between two endpoints is a novel approach to detect unknown attack patterns and to reduce monitoring overhead in packets monitoring technique. However, the session-based visualization doesn't notice a difference between normal traffic and attacks that they are composed of similar connection pattern. Therefore, in this paper, we propose an efficient session-based visualization method for analyzing and detecting between normal server activities and attacks by using the IP address splitting and port attributes analysis. The proposed method can actually be used to detect and analyze the network security with the existing security tools because there is no dependence on other security monitoring methods. And also, it is helpful for network administrator to rapidly analyze the security status of managed network.

• Convergence Security Journal
• /
• v.7 no.3
• /
• pp.1-6
• /
• 2007

It is important to manage and correctly evaluate the performance of server in order to improve he performance of server. That is, with the aim of finding whether resources are properly utilized, it is a method to improve both software and hardware aspects. Conventional method in evaluating the server performance involved installing software between server and client and generating the load and by simulating the process, it evaluated the handing efficiency of work load generated per packet volume. Therefore, this paper aims to pro-vide precise measurement method by distinguishing the characteristics of web server and the users' usage pattern and by evaluating the work load management through applying various standards. Specially, it presents the evaluation method from web service of personal and business.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.2
• /
• pp.11-20
• /
• 2008

Three-party key exchange protocol is a cryptographic protocol which permits two clients share a common session key using different passwords by the help of a trusted server. In a three-party key exchange protocol, an user remember only one password which shared with a trusted server for establish a common key with another user. The trusted server should participate in an execution of the protocol between two clients. This impose heavy burden on the server when many users want to establish a session key using the protocol. In this paper, we propose a three-party key exchange protocol based on a smart card which reduce the computational complexity and communication overhead for the trusted server. In our protocol, the server does not participate in an key exchange procedure between two clients.

• International Journal of Computer Science & Network Security
• /
• v.24 no.4
• /
• pp.60-66
• /
• 2024

Host's data during transmission. Data tempering results in loss of host's sensitive information, which includes number of VM, storage availability, and other information. In the distributed cloud environment, each server (computing server (CS)) configured with Local Resource Monitors (LRMs) which runs independently and performs Virtual Machine (VM) migrations to nearby servers. Approaches like predictive VM migration [21] [22] by each server considering nearby server's CPU usage, roatative decision making capacity [21] among the servers in distributed cloud environment has been proposed. This approaches usage underlying server's computing power for predicting own server's future resource utilization and nearby server's resource usage computation. It results in running VM and its running application to remain in waiting state for computing power. In order to reduce this, a decentralized decision making hybrid model for VM migration need to be proposed where servers in decentralized cloud receives, future resource usage by analytical computing system and takes decision for migrating VM to its neighbor servers. Host's in the decentralized cloud shares, their detail with peer servers after fixed interval, this results in chance to tempering messages that would be exchanged in between HC and CH. At the same time, it reduces chance of over utilization of peer servers, caused due to compromised host. This paper discusses, an roatative decisive (RD) approach for VM migration among peer computing servers (CS) in decentralized cloud environment, preserving confidentiality and integrity of the host's data. Experimental result shows that, the proposed predictive VM migration approach reduces extra VM migration caused due over utilization of identified servers and reduces number of active servers in greater extent, and ensures confidentiality and integrity of peer host's data.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.5 s.37
• /
• pp.133-140
• /
• 2005

The whole network system is paralyzed due to excess event of security server once in a while. If that happens, We have to analyze the cause of events, the time will require when we deal with a matter All the while, ACU(ACCESS CONTROL UNIT) and security server are off, We can not treat about information retrieval of people who come to building with real time. In this paper, we suggested classification algorithm in order to prevent of information explosion.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.14 no.6
• /
• pp.678-686
• /
• 2004

This paper presents a new method to securely conduct online sealed-bid auctions with a single auctioneer server The sealed-bid auctions have several vulnerable security problems when they are performed on the Internet. One of such problems is the trust establishment between an auctioneer and bidders who participate in an auction. Several online sealed-bid auction methods have been developed to address this trust problem. The proposed method solves the security problems that would happen in the sealed-bid auction using a blind signature scheme and a contract signature protocol. It prevents the auctioneer from illegally manipulating the bidders' bidding information, repudiating the reception of some bid, manipulating the auction period, and illegally adding or deleting bids. In addition, it keeps the bidders from modifying the bidding information after issuing their bid and doing intentional mistake to invalidate their own bid. The method can be easily implemented using the multiagent architecture.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.16 no.3
• /
• pp.99-105
• /
• 2021

The cloud computing evolution has brought us increasing necessity to manage virtual resources. For this reason, Kubernetes has developed to realize autonomous resource management in a large scale. It provides cloud computing infrastructure to handle cluster creations and deletions in a secure virtual computing environment. In the paper, we provide a monitoring scheme in which users can observe securely encrypted protocols while each Kubernetes component exchanges their packets. Eventually, users can utilize the proposed scheme for debugging as well as monitoring.