• Title/Summary/Keyword: Security design

Search Result 3,411, Processing Time 0.035 seconds

Design and Implementation of a Crypto Processor and Its Application to Security System

  • Kim, Ho-Won;Park, Yong-Je;Kim, Moo-Seop
    • Proceedings of the IEEK Conference
    • /
    • 2002.07a
    • /
    • pp.313-316
    • /
    • 2002
  • This paper presents the design and implementation of a crypto processor, a special-purpose microprocessor optimized for the execution of cryptography algorithms. This crypto processor can be used fur various security applications such as storage devices, embedded systems, network routers, etc. The crypto processor consists of a 32-bit RISC processor block and a coprocessor block dedicated to the SEED and triple-DES (data encryption standard) symmetric key crypto (cryptography) algorithms. The crypto processor has been designed and fabricated as a single VLSI chip using 0.5 $\mu\textrm{m}$ CMOS technology. To test and demonstrate the capabilities of this chip, a custom board providing real-time data security for a data storage device has been developed. Testing results show that the crypto processor operates correctly at a working frequency of 30MHz and a bandwidth o1240Mbps.

  • PDF

Design and Implementation of SIP Testing Simulator for Security Management (보안관리를 위한 SIP 시험 시뮬레이터 설계 및 구현)

  • Jang, Sung-Man;Kill, Min Wook;Lee, Geuk;Kim, Kuinam J.
    • Convergence Security Journal
    • /
    • v.3 no.3
    • /
    • pp.99-107
    • /
    • 2003
  • One of the most important part in next generation VoIP is security management. When we develop a protocol stack based on SIP (Session Initiation Protocol), it is necessary to develop test scenario, test environment, adaptation test technology for security test of the system. In this paper, we design and implement security test environment and test program for SIP. This system also can be used as a fundamental system when someone develop a communication system based on SIP.

  • PDF

Design and Implementation of Certificate Revocation List Acquisition Method for Security of Vehicular Communications

  • Kim, Hyun-Gon
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.37 no.7C
    • /
    • pp.584-591
    • /
    • 2012
  • Distributing a Certificate Revocation List (CRL) quickly to all vehicles in the system requires a very large number of road side units (RSUs) to be deployed. In reality, initial deployment stage of vehicle networks would be characterized by limited infrastructure as a result in very limited vehicle to infrastructure communication. However, every vehicle wants the most recent CRLs to protect itself from malicious users and malfunctioning equipments, as well as to increase the overall security of the vehicle networks. To address this challenge, we design and implement a nomadic device based CRL acquisition method using nomadic device's communication capability with cellular networks. When a vehicle could not directly communicate with nearby RSUs, the nomadic device acts as a security mediator to perform vehicle's security functions continuously through cellular networks. Therefore, even if RSUs are not deployed or sparsely deployed, vehicle's security threats could be minimized by receiving the most recent CRLs in a reasonable time.

A Methodology for Integrating Security into the Automotive Development Process (자동차 개발 프로세스에서의 보안 내재화 방법론)

  • Jeong, Seungyeon;Kang, Sooyoung;Kim, Seungjoo
    • KIPS Transactions on Software and Data Engineering
    • /
    • v.9 no.12
    • /
    • pp.387-402
    • /
    • 2020
  • Conventional automotive development has mainly focused on ensuring correctness and safety and security has been relatively neglected. However, as the number of automotive hacking cases has increased due to the increased Internet connectivity of automobiles, international organizations such as the United Nations Economic Commission for Europe(UNECE) are preparing cybersecurity regulations to ensure security for automotive development. As with other IT products, automotive cybersecurity regulation also emphasize the concept of "Security by Design", which considers security from the beginning of development. In particular, since automotive development has a long lifecycle and complex supply chain, it is very difficult to change the architecture after development, and thus Security by Design is much more important than existing IT products. The problem, however, is that no specific methodology for Security by Design has been proposed on automotive development process. This paper, therefore, proposes a specific methodology for Security by Design on Automotive development. Through this methodology, automotive manufacturers can simultaneously consider aspects of functional safety, and security in automotive development process, and will also be able to respond to the upcoming certification of UNECE automotive cybersecurity regulations.

A Design of SERDL(Security Evaluation Rule Description Language) and Rule Execution Engine for Evaluating Security of IPv6 Network (IPv6 네트워크 계층의 보안성 평가를 위한 평가규칙 표기 언어 및 평가 수행기의 설계)

  • Kwon, Hyeok-Chan;Kim, Sang-Choon
    • The KIPS Transactions:PartC
    • /
    • v.11C no.4
    • /
    • pp.471-484
    • /
    • 2004
  • Recently. many projects have been actively implementing IPsec on the various Operating Systems for security of IPv6 network. But there is no existing tool that checks the IPsec-based systems, which provide IPsec services, work Properly and provide their network security services well In the IPv6 network. In this paper, we design SERDL(Security Evaluation Rule Description Language) and rule execution tool for evaluating security of the IPv6 network, and we provide implementation details. The system Is divided into following parts : User Interface part, Rule Execution Module part, DBMS part and agent that gathering information needed for security test.

A Study on the Design and Implementation of Algorithm for Next Generation Cyber Certificate Security (차세대 사이버 인증 보안을 위한 알고리즘의 설계 및 구현에 관한 연구)

  • Lee, Chang-Jo;Kim, Sang-Bok
    • Convergence Security Journal
    • /
    • v.6 no.3
    • /
    • pp.69-78
    • /
    • 2006
  • ID security policy is generally formulated from the input of many members of an organization, including security officials, line managers, and ID resource specialists. However, policy is ultimately approved and issued by the organization's senior management. In environments where employees feel inundated with policies, directives, guidelines and procedures, an ID security policy should be introduced in a manner that ensures that management's unqualified support is clear. This paper will discuss Next Generation Cyber Certificate security policy in terms of the different types program-level and issue-specific, components, and Design and Implementation of Security Algorithm Simulation based on 4GL, PowerBuilder7.0.

  • PDF

Security Audit System for Secure Router

  • Doo, So-Young;Kim, Ki-Young
    • 제어로봇시스템학회:학술대회논문집
    • /
    • 2005.06a
    • /
    • pp.1602-1605
    • /
    • 2005
  • An audit tracer is one of the last ways to defend an attack for network equipments. Firewall and IDS which block off an attack in advance are active way and audit tracing is passive way which analogizes a type and a situation of an attack from log after an attack. This paper explains importance of audit trace function in network equipment for security and defines events which we must leave by security audit log. We design and implement security audit system for secure router. This paper explains the reason why we separate general audit log and security audit log.

  • PDF

Design of Command Security Mechanism for the Satellite Using Message Authentication Code (메세지 인증 코드 기법을 이용한 위성명령 보안 메카니즘 설계)

  • Hong, K.Y.;Park, W.S.;Lee, H.J.;Kim, D.K.
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 1994.11a
    • /
    • pp.99-107
    • /
    • 1994
  • For the secure control of the communication satellite, security mechanisms should be employed on the ground station as well as on the spacecraft. In this paper, we present a security architecture fur the spacecraft command security of the communication satellite. An authentication mechanism is also proposed using message authentication code (MAC) based on the Data Encryption Standard (DES) cryptosystem.

  • PDF

Design and Implementation of Mobile Security Equipment System (이동형 보안장비 시스템의 설계 및 구현)

  • Kang, Young-Gu;Yang, Hae-Sool
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.11 no.6
    • /
    • pp.2062-2071
    • /
    • 2010
  • This research has been started with the goal of design and implementation of more innovative next generation security equipment system by understanding and reviewing the technological trend and status of security equipment system. The importance of environmental protection and management is ever increasing recently. Various types of equipment and system solutions are used according to the development of CCTV technology, but more efficient environmental protection and management are not in place because of situational restrictions such as expensive equipment and hard to install. Next generation security equipment system is designed and implemented to compensate and innovate these problem, and it is expected to utilize more effectively with lower cost through this research. In addition, methodology to inquire this system is proposed for security equipment system solution.

Role Based Petri-Net : Role Based Expression Model for an Efficient Design of Attack Scenarios (Role Based Petri Net : 공격 시나리오의 효율적 설계를 위한 역할 기반 표현 모델)

  • Park, Jun-Sik;Cho, Jae-Ik;Moon, Jong-Sub
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.1
    • /
    • pp.123-128
    • /
    • 2010
  • Graph expression of attack scenarios is a necessary method for analysis of vulnerability in server as well as the design for defence against attack. Although various requirement analysis model are used for this expression, they are restrictive to express combination of complex scenarios. Role Based Petri Net suggested in this paper offer an efficient expression model based role on Petri Net which has the advantage of concurrency and visuality and can create unknown scenarios.