• The Journal of the Korea institute of electronic communication sciences
• /
• v.9 no.1
• /
• pp.137-142
• /
• 2014

Industrial control system (ICS) is a computer based system which are typically used in nation-wide critical infra-structure facilities such as electrical, gas, water, wastewater, oil and transportation. In addition, ICS is essentially used in industrial application domain to effectively monitor and control the remotely scattered systems. The highly developed information technology (IT) and related network techniques are continually adapted into domains of industrial control system. However, industrial control system is confronted significant side-effects, which ICS is exposed to prevalent cyber threats typically found in IT environments. Therefore, cyber security vulnerabilities and possibilities of cyber incidents are dramatically increased in industrial control system. The vulnerabilities that may be found in typical ICS are grouped into Policy and Procedure, Platform, and Network categories to assist in determining optimal mitigation strategies. The order of these vulnerabilities does not necessarily reflect any priority in terms of likelihood of occurrence or severity of impact. Firstly, corporate security policy can reduce vulnerabilities by mandating conduct such as password usage and maintenance or requirements for connecting modems to ICS. Secondly, platfom vulnerabilities can be mitigated through various security controls, such as OS and application patching, physical access control, and security software. Thirdly, network vulnerabilities can be eliminated or mitigated through various security controls, such as defense-in-depth network design, encrypting network communication, restricting network traffic flows, and providing physical access control for network components.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.4
• /
• pp.57-66
• /
• 2011

We implemented the document DRM applying role based access control(RBAC) mechanism for preventing the information leakage of a document which is transmitted in network environment. It must prevent to access document not related to user role and duty, and must allow operation to document for improving security, considering user role and security level according to a document importance. We improved the security of document DRM by adding to the access control module applying RBAC for satisfying security requirements. Though the user access document, our system allows operation authorizations to document by the user's role & security level and the security attribute of RBAC. Our system prevents indiscriminate access to the documents by user who is not associated with the role, and prevents damage the confidentiality and integrity.

• Journal of Power Electronics
• /
• v.12 no.3
• /
• pp.410-417
• /
• 2012

In this paper, a direct current control method based on a one-cycle controller (DCOCC) for double frequency buck converters (DF buck) is proposed. This control method can make the average current through the high frequency and low frequency inductors of a DF buck converter equal. This is similar to the average current control method. However, the design of the loop compensator is much easier when compared with the average current control. Since the average current though the high frequency and low frequency inductors is equivalent, the current stress of the high frequency switches and the switch losses are minimized. Therefore, the efficiency of the DF buck converter is improved. Firstly, the operation principle of DCOCC is described, then the small signal models of a one cycle controller and a DF buck converter are presented based on the state space average method. Eventually, a system block diagram of the DCOCC controlled DF buck is established and the compensator is designed. Finally, simulation and experiment results are given to verify the correction of the theory analysis.

• International journal of advanced smart convergence
• /
• v.4 no.1
• /
• pp.1-10
• /
• 2015

Automotive Theft has been an obstinate problem around the world. Design and manufacture of anti-theft systems have become more and more complex due to the rise in complexity of theft in the system. Most of the anti-theft systems available in the market, are the alarm types which audibly deter some thieves away but do not prevent one's car from being stolen and even are not good enough to meet the growing complexity of theft in the country. This paper presents a simple and an efficient anti-theft system which provides improved security by the use of efficient access mechanisms and immobilization systems. This security system can immobilise an automobile and its key auto systems through remote control when it is stolen. It hence deters thieves from committing the theft. It also effectively prevents stealing of key auto systems for reselling by introducing four layers of security features written in the form of firmware and embedded on the Electronic Control Units (ECUs). The particulars of system design and operation are defined in the paper. The experimental outcomes show that this system is practicable and the owner can steadily control his vehicle within a few seconds.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.7 no.3
• /
• pp.79-94
• /
• 1997

OMG (Object Management Group) published a security service specification, called CORBA (Common Object Request Broker Architecture) security reference model because the integration of security and object-oriented techniques was critical for successful deployment of distributed object systems. The CORBA security reference model treats access control as an implementation independent semantic concept but has incomplete semantics of the access control function. Because of such imcompleteness it is difficult for the system administrator and the CORBA security implementor to have the same understanding for the meaning of access control in the CORBA security. We propose a formal model for access control the CORBA security using the formal description language, which is called Z language based on typed set theory. The proposed model provides concrete semantics of the access control function to both the system administrator and the implementor.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.1
• /
• pp.49-57
• /
• 2017

With the prevalence of mobile devices, many organizations introduce MDM BYOD and try to increase the level of security with them. However, device control of mobile devices in application level cannot be a solution against the fundamental problems. In this paper, we propose a more flexible and more secure method to control the hardware devices using Linux Security Module in the kernel level with the mandatory access control.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.3-12
• /
• 2004

Secure operating system is a special operating system that integrates some security functions(i.e. access control, user authentication, audit-trail and etc.) with normal operating system in order to protect system from various attacks. But it doesn't consider my security of network traffic. To guarantee the security of the whole system, network traffic must be protected by a certain way and IPsec is a representative technology for network security. However, it requires administrator's carefulness in managing security policies and the key management mechanism is very heavy as well as complicated. Moreover, it doesn't have a suitable framework for delivery of security information for access control mechanism. So we propose a simple trusted channel mechanism for secure communication between secure operating systems. It provides confidentiality md authentication for network traffic and ability to deliver security information. It is implemented at the kernellevel of IP layer and the simplicity of the mechanism can minimize the overhead of trusted channel processing.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.3
• /
• pp.463-478
• /
• 2024

The limitations of previous research on improving security vulnerabilities in power generation control systems were analyzed, and as an alternative, a cyber security information sharing model is proposed. Understanding the operational characteristics of power generation control systems, we examined the concepts and policies of cyber security information sharing, analyzing practical implementation cases. We presented effective policies and technological approaches that can be applied to power generation control systems, and their efficacy was verified through a model evaluation to validate their impact.

• Journal of the Korean Institute of Illuminating and Electrical Installation Engineers
• /
• v.24 no.4
• /
• pp.50-56
• /
• 2010

Supervisory Control and Data Acquisition Systems (SCADAs) is real-time monitor and control systems. SCADA systems are used to monitor or control chemical and transportation processes, in municipal water supply systems, electric power generation, transmission and distribution, gas and oil pipelines, and other distributed processes. SCADA refers to a large-scale distributed system. The supervisory control system is placed on top of a real time control system to control external processes. Emerging security technologies and security devices are decreasing the vulnerability of the power system against cyber threats. Dealing with these threats and analyzing vulnerabilities is an important task for equipment such as RTU, IED and FEP. To reduce such risks, we develop such a SCADA testbed. This paper presents the development of a testbed designed to assess the vulnerabilities SCADA networks(including serial communication).

• Proceedings of the KIEE Conference
• /
• 2003.11c
• /
• pp.868-870
• /
• 2003

In this paper, I have implemented the security system using shell script that periodically checking the security elements of unix system for security it transmit to a monitoring server and monitoring many clients. Agent of client executing by crontab scheduler, Environment of server to receive data use restricted TFTP in SunOS. And then, Because of using shell script, apply shell to system with flexible, control performance, and can meet on a sudden situation.