• The Journal of Society for e-Business Studies
• /
• v.17 no.4
• /
• pp.57-68
• /
• 2012

As the functions and technology of IT security solution has been diversified and complicated, it is necessary to make the functions standardized. The common criteria (CC) evaluation and certification scheme was introduced with this background in 2000. For over 10 years after the introduction of CC evaluation and certification scheme, many security solution vendors have developed functions following the security functional requirement in CC. Most of CC evaluators and developers think that CC has helped to enhance the security of the solution. So, it is a right time to prove the affirmative effects of CC in quantity. In this research, we compare two cases, the security status of the solution before and after the experience of CC evaluation, and analyze the results. We made the questionnaire for the domestic solutions vendors. We show that CC has made positive effects on the security of the solution quantitatively using statistical analysis. This research is meaningful security enhancement of domestic security solutions.

• The Transactions of the Korean Institute of Electrical Engineers
• /
• v.43 no.2
• /
• pp.197-205
• /
• 1994

Security of a power system refers to its robustness relative to a set of imminent disturbances (contingencies) during operation. The socially optimal solution for the actuall level of generation/consumption has been well-known spot pricing at shot-run marginal cost. The main disadvantage of this approach arises because serious contingencies occur quite infrequently. Thus by establishing contractual obligations for contingency offering before an actual operation time through decision feedback we can obtain socially optimal level of system security. Under probabilistic precontract pricing the operating point is established at equal incremental cost of the expected short-run and collapse cost of each participant. Rates for power generation/consumption and for an offer to use during a contingency, as well as information on the probability distribution of contingency need for each participant, are derived so that individual optimization will lead to the socially optimal solution in which system security is optimized and the aggregate benefit is maxmized.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.4
• /
• pp.19-24
• /
• 2015

Security has been a major concern in software development. Security tactics are reusable building blocks providing a general solution for recurring security concerns at the architectural level. They are often used together with architectural patterns which provide a general solution for architecting software systems. However, use of security tactics in architectural patterns has been understood only conceptually without concrete understanding of how their involved elements should be structurally and behaviorally co-designed. In this paper, we present model-driven analyses of security tactics in the context of Broker architectural patterns and provide evidences of the analyses in real world case studies.

• Korean Security Journal
• /
• no.16
• /
• pp.265-282
• /
• 2008

This research aims to provide a solution for the improvement of private security according to the change in criminal environment. The main cause of crime can be found in the anti-functional dimensions including value set disorder, social phenomenon variation, information-based, globalization and urbanization. In this environment, the private security sector has dramatically increased in a quantitative viewpoint, but it is insufficient in a qualitative viewpoint. This paper recognized this problem and demonstrates a solution for improvement through classifying elements of private security into relevant legislation, education institutions, security companies and security associations. The analysis result is a follows: First, motivation and satisfaction rate of escort and security related major has shown to be high. However, respondents evaluated the guard educational institution negatively. Second, the motivation of entering into the private security sector for internal staffs has shown to be positive and sound. However, the job satisfaction rate has shown to be low due to excessive competition, negative perception of occupation and low earning. Third, respondents gave an average mark to the Security Association's management and operation. In addition, the mutual-aid project received the same mark. Negative feedbacks were given to the protection of member's interest and to association operation and policy, while positive feedbacks were given to the degree of member's cooperation towards association policies.

• Journal of Information Technology and Architecture
• /
• v.11 no.2
• /
• pp.143-155
• /
• 2014

In recent years, domestic electronics, banking, electricity, services, manufacturing, pharmaceutical, corporate type and malicious hackers is corporate security through the accident occurred and the resulting loss of corporate information and the damage each year is steadily increasing. Many companies have responded to domestic business activities and to protect critical information related to laptops, smart phones, tablets, and introduced a variety of Endpoint security solutions within. However, being introduced to senselessly Endpoint security solution across the over-budget, with the same features and performance, such as conflicts and problems arise, resulting in additional maintenance costs, in an effort to resolve the conflict in the operational security of the IT department's new difficulty in becoming. Here is the introduction and operation of these Endpoint security solutions in order to solve the problem on employees's PC into the center of the information security governance based on Endpoint security solution to provide the process for determining the solutions presented.

• Journal of Digital Convergence
• /
• v.17 no.2
• /
• pp.187-194
• /
• 2019

A security company has been proposed for various healthcare systems. However, there are improvements in order to achieve better efficiency and stability in the various protocols presented. The purpose of this paper is to provide cryptanalysis and solution on Vijayakumar et al.'s secure communication scheme for healthcare system using wearable devices. Especially, it is weak against denial of service attack and it does not provide integrity of the transmitted messages. Thereby, this paper proposes a new secure communication scheme to cope from the problems in Vijayakumar et al.'s scheme. It provides authentication and integrity, which could be the security solution against Vijayakumar et al.'s scheme. Furthermore, it also provides a good computational overhead compared to Vijayakumar et al.'s scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.8 no.3
• /
• pp.63-78
• /
• 1998

Recently, to use the evaluated firewall is recognized as a solution to achieve the security and reliability for government and organizarions in Korea. Results of firewall evaluation using ITSEC(Information Technology Security Evaluation Criteria) and CCPP(Common Criteria Protection Peofile)have been announced. Because there are problems to apply ITSECor CCPP for the firewall evaluation in korea environment, korea government and korea Information security Agency (KISA) decided to develop our own security dvaluation critrtia fir firewalls.As a result of the efforts, Korea firewall security evaluation criteria has been published on Feb. 1998. In this paper, we introduce Korea security evaluation criteria for firewalls. The ceiteria consists of functional and assurance requirements that are compatible with CC Evaluation Assurance Levels(EALs)

• The Journal of the Korea Contents Association
• /
• v.14 no.6
• /
• pp.1-10
• /
• 2014

Through the development of internet mobile devices and online business activation, sensitive data of unspecified user is being easily exposed. In such an open business environment, the outflow of sensitive personal information has often been remarked on recently for which adoption of encryption solution for database became top priority in terms of importance. In 2011, government also legislated for the protection of personal information as an information network law, and is now applying the law to a variety of industries. Firms began to comply with these regulations by establishing various measures for protection of personal information and are now quickly introducing encryption solution to reinforce security of personal information they are managing. In this paper, I present architecture and technological parts that should be considered when introducing security solution.

• ETRI Journal
• /
• v.28 no.3
• /
• pp.320-328
• /
• 2006

Using biometrics to verify a person's identity has several advantages over the present practice of personal identification numbers (PINs) and passwords. To gain maximum security in a verification system using biometrics, the computation of the verification as well as the storing of the biometric pattern has to take place in a smart card. However, there is an open issue of integrating biometrics into a smart card because of its limited resources (processing power and memory space). In this paper, we propose a speaker verification algorithm using a support vector machine (SVM) with a very few features, and implemented it on a 32-bit smart card. The proposed algorithm can reduce the required memory space by a factor of more than 100 and can be executed in real-time. Also, we propose a hardware design for the algorithm on a field-programmable gate array (FPGA)-based platform. Based on the experimental results, our SVM solution can provide superior performance over typical speaker verification solutions. Furthermore, our FPGA-based solution can achieve a speed-up of 50 times over a software-based solution.

• Journal of applied mathematics & informatics
• /
• v.5 no.3
• /
• pp.805-810
• /
• 1998

In this paper we set the stock price model in security market when the price process is a continuous semartingale and find a unigue solution of price process model.