• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.118-124
• /
• 2021

The article examines the formation of a competitive paradigm of economic security of industrial enterprises in the formation of a circular economy. The basic laws of industrial enterprises are formed, which determined the characteristics of competitive positions and threats. The basic competitive concepts and their application at maintenance of economic safety of the industrial enterprises in the conditions of formation of circular economy are described. Thus, the technological approach to the formation of a competitive paradigm is based on production technologies, opportunities for technological modernization and development of infrastructure and intellectual competencies. The institutional concept reveals the regulatory mechanisms for ensuring competitiveness through the protectionism of national industrial enterprises, standardization and regulation of market imbalances. The innovation-investment approach within the competitive paradigm is also manifested in the creation of competitive advantages due to the presence of active innovative developments and their commercialization, knowledge and competencies of staff, capitalization of intelligence and communications, constant updating of infrastructure and technologies. Collectively, innovation and investment effects on the level of economic security allow industrial enterprises to ensure resilience to increasing competition, the emergence of new market challenges in the formation of a circular economy. A strategic approach to the application of a competitive paradigm to ensure the economic security of industrial enterprises allows you to justify the prospects for development and design behavioral models to predict and assess potential threats. The concept of system management is based on the complexity of threat analysis, the integrity of the economic security system, system-forming functions and patterns of implementation of industrial development tasks in the formation of a circular economy. The application of the described concepts is formalized by the authors through the definition of the basic patterns, directions and characteristics of their impact on the elements of the security system of industrial enterprises in the formation of a circular economy.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.3
• /
• pp.428-434
• /
• 2020

Recently, due to the development of ICT technology, changes to the convergence service platform of information systems are accelerating. Convergence services expanded to cyber systems with 5G communication, IoT, AI, and cloud are being reflected in the real world. However, the field of cybersecurity audit for responding to cyber attacks and security threats and strengthening security technology is insufficient. In this paper, we analyze the international standard analysis of information security management system, security audit analysis and security of related systems according to the expansion of 5G communication, IoT, AI, Cloud based information system security. In addition, we design and study cybersecurity audit checklists and contents for expanding security according to cyber attack and security threat of information system. This study will be used as the basic data for audit methods and audit contents for coping with cyber attacks and security threats by expanding convergence services of 5G, IoT, AI, and Cloud based systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.3-12
• /
• 2004

Secure operating system is a special operating system that integrates some security functions(i.e. access control, user authentication, audit-trail and etc.) with normal operating system in order to protect system from various attacks. But it doesn't consider my security of network traffic. To guarantee the security of the whole system, network traffic must be protected by a certain way and IPsec is a representative technology for network security. However, it requires administrator's carefulness in managing security policies and the key management mechanism is very heavy as well as complicated. Moreover, it doesn't have a suitable framework for delivery of security information for access control mechanism. So we propose a simple trusted channel mechanism for secure communication between secure operating systems. It provides confidentiality md authentication for network traffic and ability to deliver security information. It is implemented at the kernellevel of IP layer and the simplicity of the mechanism can minimize the overhead of trusted channel processing.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.75-87
• /
• 2010

Secure communication has been one of the main challenges in vehicular ad hoc networks(VANET) since broadcast messages from nearby vehicles contain life-critical information for drivers and passengers. So far various secure communication schemes have been proposed to secure the communication in VANET, and they satisfy most security requirements. However most of them need to put trust on roadside units(RSUs), which are usually deployed in unattended area and vulnerable to compromise. In this paper, we propose a secure communication scheme, which does not need to put trust on RSUs. And we adopt a grouping technique to averagely divide the huge burden in the server without jeopardizing the anonymity of users. Moreover we design a complete set of protocols to satisfy common security requirements with a relatively lower hardware requirement. At last, we evaluate the scheme with respect to security requirements, communication overhead, storage overhead and network performance.

• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.99-107
• /
• 2022

The use of smart home appliances and Internet of Things (IoT) devices is growing, enabling new interactions and automation in the home. This technology relies heavily on mobile services which leaves it vulnerable to the increasing threat of hacking, identity theft, information leakage, serious infringement of personal privacy, abnormal access, and erroneous operation. Confirming or proving such security breaches have occurred is also currently insufficient. Furthermore, due to the restricted nature of IoT devices, such as their specifications and operating environments, it is difficult to provide the same level of internet security as personal computers. Therefore, to increase the security on smart home IoT devices, attention is needed on (1) preventing hacking and user authority theft; (2) disabling abnormal manipulation; and (3) strengthening audit records for device operation. In response to this, we present a plan to build a cloud security authentication platform which features security authentication management functionality between mobile terminals and IoT devices.

• International Journal of Computer Science & Network Security
• /
• v.24 no.10
• /
• pp.97-104
• /
• 2024

This paper proposed n approaches to designing local area networks using Prim's MST Algorithm of an organization. Designing the local area network of an organization is a typical problem faced with how we optimally arrange the networks between computers nodes while faced the imperative of area and installment cost. One of the cost parts that value to be considered is the local network cable price. The shorter the aggregate link length of the network, obviously the installation cost will be less. The MST problem has essential applications in network design which is broadly concentrated in the study of literature. The MST problem shows up in the local area network design where computers and other nodes connect them and must be picked most gainfully. The application of Prim's algorithms is shown to the outline design of local area networks in an organization. This Prim's algorithm works by picking the shortest path beginning from the first node until all nodes in the graph are linked. The following research is planned to design a prims algorithm to solve local area network design problems. Our research is analyzed, and intriguing results are gotten. The outcomes got to justify the need to apply this sort of algorithm for benefit and efficiency.

• The Journal of Information Systems
• /
• v.27 no.1
• /
• pp.193-224
• /
• 2018

Purpose Targeting Korean companies listed on Korean securities markets (i.e., KOSPI and KOSDAQ markets), this study aims to shed lights the effects of personal information security breaches on stock prices of information security companies. Interestingly, this study is, to the best of our knowledge, the first to examine the information transfer effect on personal information security breaches of companies. Design / Methodology /Approach To examine the information transfer effect of personal information security breaches, our study employs the event study commonly used in financial studies. To this end, we investigate a variety of events of personal information security breaches of companies listed on the KOPSI stock market and the KOSDAQ market. We collect the total samples of one hundred and twelve with forty seven of events of personal information security breaches by thirty companies and sixty five of information security companies. Findings The principal findings from the empirical study are as follows. First, for companies of personal information security breaches, our event study presents the significantly negative AAR (averaged abnormal return) value on the event day at the 5 % level and the highly significant negative CAAR(cumulative averaged abnormal return) value on the event day and the day after the event day at the 1 % level. The results suggest that personal information breaches significantly contribute to an decrease in value of the information breached companies. The cross sectional regressions in this study estimate the significantly negative coefficient for the ME/BE variable, the proxy for a growth opportunity at the 5 % level. This suggests a reverse relation between the growth opportunity of companies and their value. As for the various samples of the information security companies categorized by physical security, network and system security, security application software, code authentication, system integration, we find the significantly positive AAR on the day after the event day at the 5% level, only for the network and system security-companies. This addresses that the information transfer effect followed by personal information breaches is uniquely observable for companies categorized into network and system companies. The regressions for the network and system companies estimate the significantly positive coefficient for the NS dummy variable (i.e., the dummy of the network and system security companies) at the standard level. This allows us to identify appropriate times needed to make the information transfer effect realized from personal information breached companies to information security companies.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.4
• /
• pp.824-831
• /
• 2005

Past corporaion's network security system is single security solution, or mixed several ways, but there was inefficient system because doing not get into organic link But, constructed more strong security system by ESM enterance on. ESM uses way to integrate of each agent to manage easily various kinds security solution. That is, it is system that connect system of existent VPN, FireWall, IDS and so on configurationally depending on security policy and manage. ESM is security system that is developed more than existent security system. But, practical use of network and the development speed of technology being increasing with the mon faster speed, is heightening the level more as well as dysfunction of information crime and so on. Many improvements are required at ESM system, this research wished to make up for the weak-point in the ESM system about interior security. Studied on structure of security solution that is basis of security policy. VPN, Firewall, IDS's link that is main composition of existing security system analysis, reconstructed. And supplemented security of ESM system itself. Establish imaginary intrusion and comparative analysis access data that apply each Telnet Log analysys IDS existent ESM system and proposed ESM system comparative analysis. Confirm the importance of interior security and inspected security of proposed system.

• Proceedings of the Korean Institute of Communication Sciences Conference
• /
• 2004.07a
• /
• pp.227-227
• /
• 2004

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1291-1300
• /
• 2020

Recently, a deep learning-based non-profiling side-channel analysis was proposed. The deep learning-based non-profiling analysis is a technique that trains a neural network model for all guessed keys and then finds the correct secret key through the difference in the training metrics. As the performance of non-profiling analysis varies greatly depending on the neural network training model design, a correct model design criterion is required. This paper describes the two types of loss functions and eight labeling methods used in the training model design. It predicts the analysis performance of each labeling method in terms of non-profiling analysis and power consumption model. Considering the characteristics of non-profiling analysis and the HW (Hamming Weight) power consumption model is assumed, we predict that the learning model applying the HW label without One-hot encoding and the Correlation Optimization (CO) loss will have the best analysis performance. And we performed actual analysis on three data sets that are Subbytes operation part of AES-128 1 round. We verified our prediction by non-profiling analyzing two data sets with a total 16 of MLP-based model, which we describe.