• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.28 no.4
• /
• pp.109-115
• /
• 2005

In the study, Methods for operating measures in equipment security to find out dangerousness timely in the system and to need for the prevention and measures. The method for analyzing and reconstructing the causes of accident of equipment in site, and try to save the information of site in real-time and to analyze the state of equipment to look for the factors of accidents. By this analysis, one plan for efficiency of production, Equipment Fault Diagnosis Management and security is integrating and building module of using the Fuzzy Inference based on fuzzy theory. The case study is applied to the industrial electric motors that are necessarily used to all manufacturing equipment. Using the sensor for temperature is attached to gain the site information in real time and to design the hardware module for signal processing. In software, realize the system supervising and automatically saving to management data base by the algorithm based in fuzzy theory from the existing manual input system

• Journal of the Korea Society of Computer and Information
• /
• v.8 no.1
• /
• pp.37-43
• /
• 2003

The growing Internet business has required the acceleration of the development of security components. There are many different kinds of security components that have been developed in accordance with the appearance of various logs. Therefore, it is important that after the logs are collected they become integrated and need to Once the data from the logs have been collected form the IDS/Firewall/Router logs. It needs to be analyzed and formatted for standardization. This paper suggests designs that the log analyzation system could use in analyzing, detecting, and preventing intrusion in the various systems. Once the data has been analyzed it would be possible to Prevent further intrusion as well as trace the intrusion back to the source.

• Proceedings of the CALSEC Conference
• /
• 2001.02a
• /
• pp.305-311
• /
• 2001

Recently, XML(extensible Markup Language) Document is widely accepted as the standard for electronic documents in the electronic commerce. Therefore, a security mechanism for XML documents must be provided In the first place. ESES(ETRI Secure I-commerce Services) provides a system designed specifically for securing XML documents and existing non-XML documents that are exchanged in the Electronic Commerce and is essential to various electronic commerce platform as a fundamental system. In this paper, we provide an overview of these aspects of the ESES and design and implemented the secure I-Commerce Platform to support security services such as authentication, integrity and confidentiality for Electronic Document Interchange.

• The Journal of Society for e-Business Studies
• /
• v.8 no.4
• /
• pp.167-181
• /
• 2003

The contents for multimedia are very activated along to revolution of Internet. So this fact allows the contents for multimedia to be commercialized. These contents , however, included much vulnerability that it is difficult to be commercialized because attackers easily reproduce that. Many developers want to use watermarking method as the technique to protect the contents for multimedia, but it is very vulnerable to use only one method. This paper proposes the Secure DRM system which protects the contents for multimedia using Public Key Infrastructure and steganography methods. The SDRM system is more powerful than general DRM systems in that it has the special feature of watermarking and steganography techniques. We can prevent the attackers from reproducing and stealing the contents illegally, and authenticating users through SDRM systems.

• Proceedings of the CALSEC Conference
• /
• 2003.09a
• /
• pp.261-267
• /
• 2003

This study deals with controversial issues surrounding the today′s cyber-taxation and recommends feasible consumption tax system architecture titled Global Electronic Tax Invoice System (GETI). The GETI is an electronic consumption tax architecture to provide "all-in-one" tax and e-payment services through a trusted third party (TTP). GETI is designed to streamline the overall cyber-taxation process and provide simplified and transparent tax invoice services through an authorized np. To ensure information security, GETI incorporates public Key infrastructure (PKI) based digital certificates and other data encryption schemes when calculating, reporting, paying, and auditing tax in the electronic commerce environment. GETI is based on the OECD cyber-taxation agreement that was reached in January 2001, which established the taxation model for B2B and B2C electronic commerce transactions. For the value added tax systems, tax invoice is indispensable to commerce activities, since they provide documentations to prove the validity of commercial transactions. As paper-based tax invoice systems are gradually phased out and are replaced with electronic tax invoice systems, there is an increasing need to develop a reliable, efficient, transparent, and secured cyber-taxation architecture. To design such architecture, several desirable system attributes were considered -- reliability, efficiency, transparency, and security. GETI was developed with these system attributes in mind.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.4
• /
• pp.81-87
• /
• 2015

Recently, with the development of the ICT environment, the use of the software is growing rapidly. And the number of the web server software used with a variety of users is also growing. However, There are also various damage cases increased due to a software security vulnerability as software usage is increasing. Especially web shell hacking which abuses software vulnerabilities accounts for a very high percentage. These web server environment damage can induce primary damage such like homepage modification for malware spreading and secondary damage such like privacy. Source code weaknesses checking system is needed during software development stage and operation stage in real-time to prevent software vulnerabilities. Also the system which can detect and determine web shell from checked code in real time is needed. Therefore, in this paper, we propose the system improving security for web server by detecting web shell attacks which are invisible to existing detection method such as Firewall, IDS/IPS, Web Firewall, Anti-Virus, etc. while satisfying existing secure coding guidelines from development stage to operation stage.

• Journal of National Security and Military Science
• /
• s.3
• /
• pp.35-72
• /
• 2005

The purpose of this paper is to recommend the Ministry of Defense(MOD) for revolutionizing the current defense education system. As an instructor and an education planning officer of the ROK Army College, for last dozen months, the author has been embarrassed whenever tried to figure out what would be the role, functions, and educational goals of the college. In a nutshell, there has not been any general guidance for educating field grade officers. This unbelievable defect mainly comes from the absence of a responsible organization in the MOD. Even though it has the education branch under the department of personnel affairs, it doesn't have capabilities to design and implement the consistent and valuable education policy. Therefore, the development of defense education should begin with reinforcing the organization and functions of the MOD education branch. We need more experts on education( i.e. Ph.Ds of Education) and experienced specialties on defense education so that we could develop the overall guidance for military professional education. In addition, we need to enact the "defense or military education act" in a tentative name. This will ensure the legitimacy and continuity of defense education guidance initiated by the MOD. In a conclusion, it is senseless to think the blueprint for the Army College out until the preconditions mentioned above are matured. We must begin with rectifying the higher educational system.

• The Journal of Korean Association of Computer Education
• /
• v.7 no.4
• /
• pp.61-66
• /
• 2004

Electronic commerce that use Mobile Phone according as the radio Internet develops rapidly and performance of Mobile Phone develops is activated. It is said that electronic commerce that use these Mobile Phone is M-Commerce. Also, the most important controversial point is data security or an user certification technology at these electronic commerce, there are research reactor WPKI and WTLS about this technology. However, when transmit message again after sign electronic documents in Mobile Phone, if do not encrypt, danger exists to be exposed to outside. Therefore, in this paper, designed system to encipher document that handle and handles user certification applying XML electronic sign technique in Mobile environment. Prevent of XML electronic sign in Mobile environment through this paper, and can stave off danger from outside by enciphering electronic sign document.

• The Transactions of the Korea Information Processing Society
• /
• v.3 no.6
• /
• pp.1534-1541
• /
• 1996

Routing security is the confidentiality of route taken by the data transmitted over communication networks. If the route is detected by an adversary, the probability is high that the data lost or the data can be intercepted by the adversary. Therefore, the route must be protected. To accomplish this, we select an intermediate node secretly and transmit the data using this intermediate node, instead of sending the data to a destination node using the shortest direct path. Furthermore, if we use a number of secret routes from a node to a destination node, data security is much stronger since we can transmit partial data rather than entire data along a secret route. Finally, the idea above is implemented on MRNS Network.

• Convergence Security Journal
• /
• v.8 no.4
• /
• pp.191-197
• /
• 2008

A safe computer environment is necessarily required for computer users, because of a damage is widely increased by a malicious software such as the warm, virus and trojan horse. A general vaccine program can detect after the malicious software intruded. This kinds of the vaccine program show good result against a malicious code which is well known, however, there is no function in the vaccine or not enough ability to detect an application software which a malicious code included. So, this paper proposes an application verification system to decide existence and nonexistence of a malicious code in the application software. The proposed application verification system with a mechanism that grasps the flow type of malicious code, can make a reduction of a damage for computer users before the application software executed.