• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1197-1213
• /
• 2014

Due to the increase in size of the computer network, the network security systems such as a firewall, IDS, IPS generate much more vast amount of information related to network security. So detecting signs of hidden security threats has become more difficult. Security personnels' 'Network Security Situational Awareness(NSSA)' is effectively determining the security situation of overall computer network on the basis of the relation between the security events that occur in the several views. The process of situational awareness is divided into three stages of the 'identification,' 'understanding' and 'prediction'. And 'identification' and 'understanding' are prerequisites for 'predicting' and the following appropriate responses. But 'identification' and 'understanding' in the vast amount of information became more difficult. In this paper, we propose Honeycomb security situational awareness visualization system that is designed to help NSSA in large-scale networks by using visualization techniques known effective to the 'identification' and 'understanding' stages. And we identified the empirical effects of this system on the basis of the 'VAST Challenge 2012' data.

• Journal of Information Technology Services
• /
• v.15 no.4
• /
• pp.63-72
• /
• 2016

Critical infrastructure has been operating in a closed environment with a completely separate information system and in the private area. However, with the current ICT environment changes due to convergence and open platforms it has increased the threats and risks to critical infrastructure. The importance of cyber security is increasing in the infrastructure control system, such as the outbreak of Ukraine blackout in 2015 by a malicious code called 'black energy'. This thesis aims to recognize the importance and necessity of protecting the critical infrastructure service, designing a security framework reflecting environmental and characteristic changes, and analyzing the management system suitable for a security framework. We also propose a theoretical basis for constructing a new security framework by comparing and analyzing seven international security management system standards, such as NIST 800-82 and IEC 62443-2-1, which are used in the control system. As a result, the environment surrounding critical infrastructure changes with the characteristics of connectivity, openness, and finality was studied, and as a response to this, many scholars and institutions present critical infrastructure security frameworks as cycle enhancement type structures, risk management structures, and management domain expansion structures. In response, the security framework encompassing these structures, CISF (Critical Infrastructure Security Framework), was designed. Additionally, through the security related international standard and criterion analysis, as a newly designed security standard suitable for CISF, IEC 62443-2-1 is reviewed and suggestions are made.

• Journal of Convergence for Information Technology
• /
• v.10 no.12
• /
• pp.91-99
• /
• 2020

The aim of this study to assess the effect of information security policy awareness, information security involvement, compliance behavioral intention on information security behavior The research method is composed of a cross-sectional design of reward and fairness. This paper focuses on the process of organizational policy on the information security compliance intention in the individual decision-making process. As a result, the reward had a significant effect on compliance behavioral intention, and it was found that influence of the psychological reward-based condition was greater than the material reward-based condition. The fairness had a significant effect on information security policy awareness, information security involvement, information security behavior, and it was found that influence of the equity-based condition was greater than the equality-based condition. The exploration model was verified as a multiple mediation model. In addition, the discussion presented the necessary research direction from the perspective of synergy by the cultural environment of individuals and organizations.

• Journal of the Korea Computer Graphics Society
• /
• v.9 no.2
• /
• pp.1-9
• /
• 2003

Information assurance(IA) refers to methodologies to protect engineering information by ensuring its availability, confidentiality, integrity, non-repudiation, authentication, access control, etc. In collaborative design, IA techniques are needed to protect intellectual property, establish security privileges and create "need to know" protections on critical features. Aside from 3D watermarking, research on how to provide IA to distributed collaborative engineering teams is largely non-existent. This paper provides a framework for information assurance within collaborative design, based on a technique we call role-based viewing. Such role-based viewing is achieved through integration of multi-resolution geometry and security models. 3D models are geometrically partitioned, and the partitioning is used to create multi-resolution mesh hierarchies. Extracting an appropriately simplified model suitable for access rights for individual designers within a collaborative design environment is driven by an elaborate access control mechanism.

• Korean Journal of Computational Design and Engineering
• /
• v.14 no.4
• /
• pp.254-260
• /
• 2009

Most commercial PDM (product data management) systems, which have been released recently by overseas famous software vendors, are still expensive and heavy to apply to small and medium enterprises (SMEs). Proposed in this paper are an architecture and functions of collaborative BOM (bill-of-material) management system (cBOM-MS) which supports the internal BOM management by BOM Navigator, provides SMEs with constructing the collaborative BOM via Collaborative BOM Portal, and proposes an interface to extract BOM automatically from commercial CAD systems. In the design of cBOM-MS, BOM Navigator and cBOM Portal are positioned separately to reinforce the information security about product data during product development process.

• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.2101-2105
• /
• 2003

Recently the number of Internet users has very sharply increased, and the number of intrusions has also increased very much. Consequently, security products are being developed and adapted to prevent systems and networks from being hacked and intruded. Even if security products are adapted, however, hackers can still attack a system and get a special authorization because the security products cannot prevent a system and network from every instance of hacking and intrusion. Therefore, the researchers have focused on an active hacking prevention method, and they have tried to develop a traceback system that can find the real location of an attacker. At present, however, because of the characteristics of Internet - diversity, anonymity - the real-time traceback is very difficult. To over-come this problem the Network-based Real-Time Connection Traceback System (NRCTS) was proposed. But there is a security problem that the victim system can be hacked during the traceback. So, in this paper, we propose modified NRCTS with connection redirection technique. We call this traceback system as Connection Redirected Network-based Real-Time Connection Traceback System (CR-NRCTS).

• The Journal of Society for e-Business Studies
• /
• v.6 no.1
• /
• pp.17-33
• /
• 2001

EC(Electronic Commerce) which is done on the virtual space through Internet has strong point like independence from time and space. On the contrary, it also has weak point like security problem because anybody can access easily to the system due to open network attribute of Internet, Therefore, we need the solutions that protect the EC security problem for safe and useful EC activity. One of these solutions is the implementation of strong cipher system. YK2(Young Ku King) cipher system proposed in this paper is good solution for the EC security and it overcome the limit of current block cipher system using 128 bits key length for input, output, encryption key and 32 rounds. Moreover, it is designed for the increase of time complexity by adapting more complex design for key scheduling algorithm regarded as one of important element effected to encryption.

• Journal of electromagnetic engineering and science
• /
• v.17 no.3
• /
• pp.159-164
• /
• 2017

This article proposes a design of chipless RFID tag with dipole array structure that is fully printable using conductive ink. The proposed tags encode data based on spectral signature modulations. The reading range is considerably increased (2 m) while maintaining low transmission power (1 mW). Several prototype chipless RFID tags were fabricated and measured in the SHF and UHF bands. The proposed dipole array structure enhances the antenna gain of the passive tags and contributes to overcoming the low conductivity of conductive ink. In order to verify the utility of our proposal, the tags are manufactured on paper, using conductive ink, for the purpose of economic mass production.

• Journal of information and communication convergence engineering
• /
• v.8 no.1
• /
• pp.71-76
• /
• 2010

Scalable video coding (SVC) has been standardized as an extension of the H.264/AVC standard. SVC allows straightforward adaptation of video streams by providing layered bit streams. In this paper, we propose a SVC video-based multicasting system preserving scalable security which is able to provide a SVC video service while maintaining information security. In order to maintain information security between a server and a client during all transmission time, the proposed system immediately performs a packet filtering process without decoding with respect to encrypted data received in a routing device, thereby reducing an amount of calculations and latency.

• Annual Conference of KIPS
• /
• 2017.04a
• /
• pp.295-298
• /
• 2017

최근 국가연구개발사업은 개방형 연구환경으로 변화되어지고 있다. 이러한 변화는 연구개발 자원 및 시간 절감, R&D 투자효과 증대 등 긍정적인 효과를 동반하지만 연구 수행 과정, 연구성과물 유출과 같은 역기능이 발생하고 있다. 따라서 본 연구에서는 연구환경 변화에 따른 연구성과물 유출 가능성을 줄이기 위해서 자체적으로 보안관리 및 평가를 할 수 있는 연구보안 수준측정 모형을 설계하고자 한다. 이는 연구기관의 보안 수준 파악과 향상을 위해 유용하게 활용될 것으로 기대된다.