• Title/Summary/Keyword: Security design

Search Result 3,411, Processing Time 0.037 seconds

An Object-Oriented Analysis and Design Methodology for Secure Database Design -focused on Role Based Access Control- (안전한 데이터베이스 설계를 위한 객체지향 분석·설계 방법론 -역할기반 접근제어를 중심으로-)

  • Joo, Kyung-Soo;Woo, Jung-Woong
    • Journal of the Korea Society of Computer and Information
    • /
    • v.18 no.6
    • /
    • pp.63-70
    • /
    • 2013
  • In accordance with the advancement of IT, application systems with various and complex functions are being required. Such application systems are typically built based on database in order to manage data efficiently. But most object-oriented analysis design methodologies for developing web application systems have not been providing interconnections with the database. Since the requirements regarding the security issues increased, the importance of security has become emphasized. However, since the security is usually considered at the last step of development, it is difficult to apply the security during the whole process of system development, from the requirement analysis to implementation. Therefore, this paper suggests an object-oriented analysis and design methodology for secure database design from the requirement analysis to implementation. This object-oriented analysis and design methodology for secure database design offers correlations with database that most existing object-oriented analysis and design methodologies could not provide. It also uses UMLsec, the modeling language, to apply security into database design. In addition, in order to implement security, RBAC (Role Based Access Control) of relational database is used.

Study on security requirements for the web based operation system of a shipping company (웹 기반 해운 선사 운영시스템 보안 요구사항 연구)

  • Chung, Up;Moon, Jongsub
    • Journal of Internet Computing and Services
    • /
    • v.23 no.1
    • /
    • pp.49-68
    • /
    • 2022
  • The operation system of a shipping company is still maintaining the mainframe based terminal access environment or the client/server based environment. Nowadays shipping companies that try to migrate it into a web-based environment are increasing. However, in the transition, if the design is processed by the old configuration and knowledge without considering the characteristics of the web-based environment and shipping business, various security vulnerabilities will be revealed at the actual system operation stage, and system maintenance costs to fix them will increase significantly. Therefore, in the transition to a web-based environment, a security design must be carried out from the design stage to ensure system safety and to reduce security-related maintenance costs in the future. This paper examines the characteristics of various threat modeling techniques, selects suitable modeling technique for the operation system of a shipping company, applies data flow diagram and STRIDE threat modeling technique to shipping business, derives possible security threats from each component of the data flow diagram in the attacker's point of view, validates the derived threats by mapping them with attack library items, represents the attack tree having various attack scenarios that attackers can attempt to achieve their final goals, organizes into the checklist that has security check items, associated threats and security requirements, and finally presents 23 security requirements that can respond to threats. Unlike the existing general security requirements, the security requirements presented in this paper reflect the characteristics of shipping business because they are derived by analyzing the actual business of a shipping company and applying threat modeling technique. Therefore, I think that the presented security requirements will be of great help in the security design of shipping companies that are trying to proceed with the transition to a web-based environment in the future.

A Study on Design Elements of Main Control Room in Nuclear Power Plants by Analyzing Space Characteristics (원자력발전소 주제어실의 공간특성에 따른 디자인 요소에 관한 연구)

  • Lee, Seung-Hoon;Lee, Tae-Yeon
    • Korean Institute of Interior Design Journal
    • /
    • v.19 no.6
    • /
    • pp.249-256
    • /
    • 2010
  • For guaranteeing for security of nuclear power plant, ergonomic factors have been applied to design of main control room, core area for management and control of nuclear power plant, but design elements for performance of operators have been ignored. As the behaviors of operators are important for security of nuclear power plant, space design which makes them pleasant psychologically and makes them maintain attention on security equipments ceaselessly is required. Therefore, the purpose of this study is to analyze space characteristics of main control rooms according to regulations of nuclear power plant and general guidelines of space design, and to offer basic data for designing of main control room which makes operators pleasant psychologically and physically. At first, theoretical issues related with design of main control room are reviewed and several premises of space are developed by abstracting design elements from common space and regulations of nuclear power plant and, then integrating each design elements interactively. In short, the improvement of system environment based on human-machine interface space has brought about perceptual, cognitive, and spatial changes and has realized next generation of main control rooms. And, differences and similarities between ordinary space and main control room, which ergonomic sizes and regulations are applied and is VDT environment based on LDP, are discussed in relation to 13 design elements and 17 space premise.

Development and Application of Elementary Information Security Education STEAM Program through Simulation Hacking Play Activities (모의해킹 놀이 활동을 통한 초등 정보보호교육 STEAM 프로그램 개발 및 적용)

  • Park, Namje
    • Journal of The Korean Association of Information Education
    • /
    • v.20 no.3
    • /
    • pp.273-282
    • /
    • 2016
  • The new STEAM program suggested in this paper aims at helping students to have interest in information security engineering experts and to design their career creatively through the project on future promising career. The program was designed to help teachers and students understand the jobs and capabilities required for information security experts through direction and execution of the information security expert project. Teaching tools of information security through simulation hacking play activities based on hexagon cell is designed to provide students with the chance to indirectly experience the job of a computer security expert through an unplugged education. Because the content of cyber security is unfamiliar and difficult to understand, the program is designed to allow students to access the key principle of the job, rather than to describe the technical part. Using this program, students will be able to communicate with each other to solve the problems, to have interest in computer security experts, and to design their careers in a creative manner.

Design and Implementation of HomeNetworking Middleware Security System (홈네트워킹 미들웨어 보안 시스템 설계 및 구현)

  • Lee, Ho-Sang;Lee, Jeong-Kyun;Lee, Ki-Young
    • Proceedings of the IEEK Conference
    • /
    • 2005.11a
    • /
    • pp.1079-1082
    • /
    • 2005
  • In this paper, a secure system is studied and designed for omenetworking middleware based on sensor network security algorithm. Many sensor networks have mission-critical tasks, so it is clear that security needs to be taken into account at design procedure. First, We study homenetworking middleware model in Jini. And we design a security system is applied by SPINS algorithm for moddleware model. Then we firgure out proper secrecy, authentication, broadcast authentication mechanisms in this model.

  • PDF

Implementation of IPSec Cryptographic Processor Based AMBA Architecture (AMBA(Advanced Microcontroller Bus Architecture) 기반의 IPSec 암호 프로세서의 구현)

  • Hwang, Jae-Jin;Choi, Myung-Ryul
    • Proceedings of the KIEE Conference
    • /
    • 2004.11c
    • /
    • pp.123-125
    • /
    • 2004
  • The importance for Internet security has being increased and the Internet Protocol Security (IPSec) standard, which incorporates cryptographic algorithms, has been developed as one solution to this problem. IPSec provides security services in IP-Layer using IP Authentication Header (AH) and IP Encapsulation Security Payload (ESP). In this paper, we propose IPSec cryptographic processor design based AMBA architecture. Our design which is comprised Rijndael cryptographic algorithm and HAMC-SHA-1 authentication algorithm supports the cryptographic requirements of IP AH, IP ESP, and any combination of these two protocols. Also, our IPSec cryptographic processor operates as AMBA AHB Slave. We designed IPSec cryptographic processor using Xilinx ISE 5.2i and VHDL, and implemented our design using Xilinx's FPGA Vertex XCV600E.

  • PDF

Design of Phone Card IC with Security and Self-test Features (자체 테스트 및 보안기능을 갖는 공중전화 카드 IC 설계)

  • Park, Tae-Geun
    • Journal of the Institute of Electronics Engineers of Korea SD
    • /
    • v.37 no.1
    • /
    • pp.60-66
    • /
    • 2000
  • This paper proposes a design of phone card IC with the self-test features and the hardware and software security functions. We design and verify the proposed functions with modeling the terminal system environment. The proposed phone card IC provides instructions and a non-volatile memory block containing the manufacturer / issuer / user information, the unit (money) value, and the security key. The self-test functions are designed to improve the test time degradation due to a serial I/O communication. Also some security features are implemented using hardware and software approaches.

  • PDF

Information Security Activities of The Design Phase (설계단계의 정보보호 활동)

  • Shin, SY;Kim, DK;Lee, CW;Lee, HC;Lee, TW;Park, KH
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2016.10a
    • /
    • pp.745-746
    • /
    • 2016
  • The design phase is a process that is embodied to be interpreted and implemented in a requirement of the system information in the analysis phase. In the design phase, the design privacy, information security test plan is established, activities are carried out.

  • PDF

Design of Financial Information Security Model based on Enterprise Information Security Architecture (전사적 정보보호 아키텍처에 근거한 금융 정보보호 모델 설계)

  • Kim, Dong Soo;Jun, Nam Jae;Kim, Hee Wan
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.6 no.4
    • /
    • pp.307-317
    • /
    • 2010
  • The majority of financial and general business organizations have had individual damage from hacking, worms, viruses, cyber attacks, internet fraud, technology and information leaks due to criminal damage. Therefore privacy has become an important issue in the community. This paper examines various elements of the information security management system and discuss about Information Security Management System Models by using the analysis of the financial statue and its level of information security assessment. These analyses were based on the Information Security Management System (ISMS) of Korea Information Security Agency, British's ISO27001, GMITS, ISO/IEC 17799/2005, and COBIT's information security architecture. This model will allow users to manage and secure information safely. Therefore, it is recommended for companies to use the security management plan to improve the companies' financial and information security and to prevent from any risk of exposing the companies' information.

Design of Security Management System

  • Kim Seok-Soo;Soh Woo-Young
    • International Journal of Contents
    • /
    • v.1 no.2
    • /
    • pp.22-25
    • /
    • 2005
  • Enterprise security management system: Enterprise Security Management (EMS) is centralized integrated management of other kind of security solutions such as intrusion cutoff system, intrusion detection system and virtual private network. With the system, it is possible to establish security policies for entire IT system through interlocking of solutions. A security system of company network is progressing as a ESM(Enterprise Security Management) in existing security solution foundation. The establishment of the security policy is occupying very important area in ESM of the security system. We tried to analyze existing ESM system for this and designed security solution structure for enhancing the inside security. We applied implementing directly IDS system and tested. This test set the focus about inside security

  • PDF