• Convergence Security Journal
• /
• v.7 no.4
• /
• pp.123-131
• /
• 2007

Recently, various threat and security incident are occurred for unspecified individuals, and this problem increases as the rapid of information sharing through Internet. The using of Information Security System such as IDS, Firewall, VPN etc. makes this problem minimal. However, professional knowledge or skill is needed in that case, normal user can't operate the Information Security System. This paper designs and implements File Access Control Module(FACM) to use easily for normal user against malicious threats and attacks. The FACM can exclude from malicious threats and attacks based on operation system rather than detection of threats and attacks. The FACM is working not only Windows System but also Linux System, and the FACM has effect on access control, integrity and non-repudiation for a file with an access control over files on the each OS that are used by multi-user.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1305-1311
• /
• 2016

The smart factory, a combination of ICT technology to the entire production process of a product, means can you intelligent factory is to achieve such reduction and process improvement of the production cost. To implement the smart factory, inevitably must have an internal equipment connections to the external network, this is by equipment which is operated by the existing closure network is exposed to the outside network, the security vulnerability so that gender is increased. In order to solve this problem, it is possible to apply security solutions that are used in normal environments. However, it is impossible to have just completely blocking security threats that can occur in a smart factory network. Further, considering the economic damage that can occur during security breach accident, which cannot be not a serious problem. Therefore, in this paper, a look to know the security measures that can be applied to smart factory, to introduce the main fusion security technology necessary to smart factory dedicated security gateway.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.10
• /
• pp.5260-5275
• /
• 2019

In the process of constructing the traditional offensive and defensive game theory model, these are some shortages for considering the dynamic change of security risk problem. By analysing the critical indicators of the incomplete information game theory model, incomplete information attack and defense game theory model and the mathematical engineering method for solving Bayes-Nash equilibrium, the risk-averse income function for information assets is summarized as the problem of maximising the return of the equilibrium point. To obtain the functional relationship between the optimal strategy combination of the offense and defense and the information asset security probability and risk probability. At the same time, the offensive and defensive examples are used to visually analyse and demonstrate the incomplete information game and the Harsanyi conversion method. First, the incomplete information game and the Harsanyi conversion problem is discussed through the attack and defense examples and using the game tree. Then the strategy expression of incomplete information static game and the engineering mathematics method of Bayes-Nash equilibrium are given. After that, it focuses on the offensive and defensive game problem of unsafe information network based on risk aversion. The problem of attack and defense is obtained by the issue of maximizing utility, and then the Bayes-Nash equilibrium of offense and defense game is carried out around the security risk of assets. Finally, the application model in network security penetration and defense is analyzed by designing a simulation example of attack and defense penetration. The analysis results show that the constructed income function model is feasible and practical.

• Korean Security Journal
• /
• no.13
• /
• pp.169-192
• /
• 2007

School Violence is one of the most serious problems faced by Korean. As this serious problem becomes social issue in nation, many researchers have tried to find out the most effective solution of that problem and the reasons for why prevention of school violence are failed in such mind-hurting activities. The government and NGO proposed many the alternative to prevent the school violence. But the effectiveness of the alternatives art questionable. Last year Busan Metropolitan Police Agency and Busan Education Administration proposed new alternative in united cooperation which is namely Administration proposed new alternative in united cooperation which is namely 'school police' for school violence. School Police is composed of the retired teachers and ex-police officer, to do a prevention activity of school violence, which is expected to effectively curtail school violence in the assigned school. It is first networking try to prevent of school violence as a team of police and teachers in Korea. But the type of Korean school police system is different from American's school police, like as LASPD which is of sworn police officers. Korean school police is to employ a kind of school liaison officers. Though 'School Police System' got good reaction from students and citizen in Busan, It has some defects to be solved in future. So it hard to note that their efforts have been successful in curtailing the prevalence of school violence. In this paper, I present the new type of new 'Social Security Network Model' for school violence by repairing of 'korean school police system'. The problem of the school violence is not the problem of the school but the problem of society. In such viewpoints, It is important to plan a security network model which is participate in police officers, teachers, community and government. To prevent school violence effectively, I propose this new social security network model which based on theory of Community Oriented Policing, aggressive policing and CPTED technique.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.6
• /
• pp.2595-2618
• /
• 2018

In this paper, we investigate secure communication with the presence of multiple eavesdroppers (Eves) in a two-tier downlink dense heterogeneous network, wherein there is a macrocell base station (MBS) and multiple femtocell base stations (FBSs). Each base station (BS) has multiple users. And Eves attempt to wiretap a macrocell user (MU). To keep Eves ignorant of the confidential message, we propose a physical-layer security scheme based on cross-layer cooperation to exploit interference in the considered network. Under the constraints on the quality of service (QoS) of other legitimate users and transmit power, the secrecy rate of system can be maximized through jointly optimizing the beamforming vectors of MBS and cooperative FBSs. We explore the problem of maximizing secrecy rate in both non-colluding and colluding Eves scenarios, respectively. Firstly, in non-colluding Eves scenario, we approximate the original non-convex problem into a few semi-definite programs (SDPs) by employing the semi-definite relaxation (SDR) technique and conservative convex approximation under perfect channel state information (CSI) case. Furthermore, we extend the frame to imperfect CSI case and use the Lagrangian dual theory to cope with uncertain constraints on CSI. Secondly, in colluding Eves scenario, we transform the original problem into a two-tier optimization problem equivalently. Among them, the outer layer problem is a single variable optimization problem and can be solved by one-dimensional linear search. While the inner-layer optimization problem is transformed into a convex SDP problem with SDR technique and Charnes-Cooper transformation. In the perfect CSI case of both non-colluding and colluding Eves scenarios, we prove that the relaxation of SDR is tight and analyze the complexity of proposed algorithms. Finally, simulation results validate the effectiveness and robustness of proposed scheme.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.23-32
• /
• 2023

Container-based virtualization has attracted many attentions as an alternative to virtual machine technology because it can be used more lightly by sharing the host operating system instead of individual guest operating systems. However, this advantage may owe some vulnerabilities. In particular, excessive resource use of some containers can affect other containers, which is known as the noisy neighbor problem, so that the important property of isolation may not be guaranteed. The noisy neighbor problem can threat the availability of containers, so we need to consider the noisy neighbor problem as a security problem. In this paper, we investigate vulnerabilities on guarantee of isolation incurred by the noisy neighbor problem in container-based virtualization. For this we first analyze the structure of container-based virtualization environments. Then we present vulnerabilities in 3 functional layers and general directions for solutions with limitations.

• International Journal of Computer Science & Network Security
• /
• v.24 no.3
• /
• pp.12-22
• /
• 2024

The travelling salesman problem is very famous and very difficult combinatorial optimization problem that has several applications in operations research, computer science and industrial engineering. As the problem is difficult, finding its optimal solution is computationally very difficult. Thus, several researchers have developed heuristic/metaheuristic algorithms for finding heuristic solutions to the problem instances. In this present study, a new hybrid genetic algorithm (HGA) is suggested to find heuristic solution to the problem. In our HGA we used comprehensive sequential constructive crossover, adaptive mutation, 2-opt search and a new local search algorithm along with a replacement method, then executed our HGA on some standard TSPLIB problem instances, and finally, we compared our HGA with simple genetic algorithm and an existing state-of-the-art method. The experimental studies show the effectiveness of our proposed HGA for the problem.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1997.11a
• /
• pp.265-273
• /
• 1997

Intranet is an enterprise network using Internet protocols as communication standard and HTML as content standard. The Internet is like a house built on information water. It has a lot of strong points as a future enterprise network. However, companies wish to have confidence in its functional and economic effectiveness and security before adopting it. The security issue especially is a problem to solve inevitably. Enterprises will hold back to adopt Intranet unless there are enough security counter plans and countermeasures against vulnerabilities of Intranet(it is the wise decision !). Nevertheless the researches related to Intranet has been concentrated on techniques for building it. In this paper, we focus the security aspect of Intranet. Intranet security must be considered on the whole from structure design to users' services. We propose a security-based Intranet structure and security management system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.1 no.1
• /
• pp.47-65
• /
• 1991

An ID-based scheme provides a very efficient solution to the key distribution problem, since it can solve bothe the authentication problem and the communication complexity problem in a public key scheme. Especilly, and ID-Based ndninterative key distribution system plays an crucial roie in the one-way communication environment such as secure electronic mail, owing to its noninteractiveness. This paper aims at analyzing the previously proposed scheme s and providing possible improvements. It also demonstraes that the Maurey-Yacobi's scheme presented in Eurocry'91 is not secure, and provikdes an countemeasure to overcome the security problem.

• Journal of KIISE:Databases
• /
• v.30 no.6
• /
• pp.585-592
• /
• 2003

In the spatial database systems, it is necessary to manage spatial objects that have two or more aspatial information with different security levels on the same layer. If we adapt the polyinstantiation concept of relational database system for these spatial objects, it is difficult to process the representation problem of spatial objects and to solve the security problem that is service denial and information flow by access of subject that has a different security level. To address these problems, we propose a polyinstantiation method for security management of spatial objects in this paper. The proposed method manages secure spatial database system efficiently by creating spatial objects according to user's security level through security-level-conversion-step and polyinstantiation-generation-step with multi-level security policy. Also, in case of user who has a different security level requires secure operations, we create polyinstance for spatial object to solve problems of service denial and information flow.