• Title/Summary/Keyword: Unauthorized Access

Search Result 171, Processing Time 0.021 seconds

Mandatory Access Control Protection Profile for Secure Operating System (보안 운영체제를 위한 강제적 접근 제어 보호 프로파일)

  • Ko Young Woong
    • Journal of the Korea Society of Computer and Information
    • /
    • v.10 no.1 s.33
    • /
    • pp.141-148
    • /
    • 2005
  • Nowadays, it is possible to access sharing data from unauthorized People. Access control prevents unauthorized access to computing resource, information resources, and communication resources. It is very important to defend the critical system resources from the unauthorized. The importance of this study is to develop Protection Profile for Mandatory Access Control (MAC) that satisfies TCSEC assurance level B2. protection profile for MAC will help developers to use reference for the development of requirements and formulating security specification.

  • PDF

A System Unauthorized Access using MAC Address and OTP (MAC Address와 OTP를 이용한 비인가 접근 거부 시스템)

  • Shin, Seung-Soo;Jeong, Yoon-Su
    • Journal of Digital Convergence
    • /
    • v.10 no.3
    • /
    • pp.127-135
    • /
    • 2012
  • This study improves the existing user identification method using user ID and password. The new protocol protecting unauthorized access is designed and developed using user's ID, password, and OTP for user certification as well as MAC address for computer identification on networks. The safety on trials of unauthorized certification is tested and analyzed for four types following the criterion of information acquisition.

A Method for Detecting Unauthorized Access Point over 3G Network (3G망을 사용하는 인가되지 않은 AP 탐지 방법)

  • Kim, I-luk;Cho, Jae-Ik;Shon, Tae-Shik;Moon, Jong-Sub
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.2
    • /
    • pp.259-266
    • /
    • 2012
  • Malicious rogue AP has been used for variety attacks such as packet sniffing and Man-In-The-Middle Attack. It is used for the purpose of data leakage via 3G network within companies, and the unauthorized AP could be a reason of security incidents even though it is not intended. In this paper, we propose the method for detecting unauthorized access point over 3G networks throughout the RTT (Round Trip Time) value for classification. Through the experiments, we show that the method can classify the AP which is installed by normal way and the AP over 3G networks successfully.

Access Control for Secure Access Path (안전한 접근 경로를 보장하기 위한 접근 제어)

  • Kim, Hyun-Bae
    • Journal of The Korean Association of Information Education
    • /
    • v.1 no.2
    • /
    • pp.57-66
    • /
    • 1997
  • The primary purpose of security mechanisms in a computer systems is to control the access to information. There are two types of access control mechanisms to be used typically. One is discretionary access control(DAC) and another is mandatory access control(MAC). In this study an access control mechanism is introduced for secure access path in security system. The security policy of this access control is that no disclosure of information and no unauthorized modification of information. To make this access control correspond to security policy, we introduce three properties; read, write and create.

  • PDF

Study on the scheme to reinforce military security system based on location information (위치정보를 이용한 군 보안체계 강화 방안)

  • Kim, Yun Young;Namkung, Seung Pil
    • Convergence Security Journal
    • /
    • v.15 no.3_1
    • /
    • pp.83-90
    • /
    • 2015
  • Current PKI system will confront more dangerous elements in the wireless network. Accordingly, this study suggests a plan to strengthen authentication system plan with using access control and encryption to the location. Locational information collecting devices such as GPS and sensor are utilized to create a new key for authentication and collect locational information. Such a key encodes data and creates an authentication code for are access control. By using the method suggested by this study, it is possible to control access of a military secret from unauthorized place and to protect unauthorized user with unproposed technique. In addition, this technique enables access control by stage with utilizing the existing PKI system more wisely.

Device Authentication System in IoT environment (IoT 환경의 단말 인증 시스템)

  • Dong-Yeon, Kang;Ji-Soo, Jeon;Sung-Hwa, Han
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.27 no.1
    • /
    • pp.97-102
    • /
    • 2023
  • IoT is being used in a lot of industry domain such as smart home, smart ocean, smart energy, and smart farm, as well as legacy information services. For a server, an IoT device using the same protocol is a trusted object. Therefore, a malicious attacker can use an unauthorized IoT device to access IoT-based information services and access unauthorized important information, and then modify or extract it to the outside. In this study, to improve these problems, we propose an IoT device authentication system used in IoT-based information service. The IoT device authentication system proposed in this study applies identifier-based authentication such as MAC address. If the IoT device authentication function proposed in this study is used, only the authenticated IoT device can access the server. Since this study applies a method of terminating the session of an unauthorized IoT device, additional research on the access deny method, which is a more secure authentication method, is needed.

Implement IoT device Authentication System (IoT 단말 인증 시스템 구현)

  • Kang, Dong-Yeon;Jeon, Ji-Soo;Han, Sung-Hwa
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2022.10a
    • /
    • pp.344-345
    • /
    • 2022
  • ogy is being used in many fields, such as smart farms, smart oceans, smart homes, and smart energy. Various IoT terminals are used for these IoT services. Here, IoT devices are physically installed in various places. A malicious attacker can access the IoT service using an unauthorized IoT device, access unauthorized important information, and then modify it. In this study, to solve these problems, we propose an authentication system for IoT devices used in IoT services. The IoT device authentication system proposed in this study consists of an authentication module mounted on the IoT device and an authentication module of the IoT server. If the IoT device authentication system proposed in this study is used, only authorized IoT devices can access the service and access of unauthorized IoT devices can be denied. Since this study proposes only the basic IoT device authentication mechanism, additional research on additional IoT device authentication functions according to the security strength is required.IoT technol

  • PDF

A Study of Network 2-Factor Access Control Model for Prevention the Medical-Data Leakage (의료 정보유출 방지를 위한 네트워크 이중 접근통제 모델 연구)

  • Choi, Kyong-Ho;Kang, Sung-Kwan;Chung, Kyung-Yong;Lee, Jung-Hyun
    • Journal of Digital Convergence
    • /
    • v.10 no.6
    • /
    • pp.341-347
    • /
    • 2012
  • Network Access Control system of medical asset protection solutions that installation and operation on system and network to provide a process that to access internal network after verifying the safety of information communication devices. However, there are still the internal medical-data leakage threats due to spoof of authorized devices and unauthorized using of users are away hours. In this paper, Network 2-Factor Access Control Model proposed for prevention the medical-data leakage by improving the current Network Access Control system. The proposed Network 2-Factor Access Control Model allowed to access the internal network only actual users located in specific place within the organization and used authorized devices. Therefore, the proposed model to provide a safety medical asset environment that protecting medical-data by blocking unauthorized access to the internal network and unnecessary internet access of authorized users and devices.

Development of Security Metric of Network Access Control (네트워크 접근제어 시스템의 보안성 메트릭 개발)

  • Lee, Ha-Yong;Yang, Hyo-Sik
    • Journal of Digital Convergence
    • /
    • v.15 no.6
    • /
    • pp.219-227
    • /
    • 2017
  • Network access control should be able to effectively block security threats to the IT infrastructure, such as unauthorized access of unauthorized users and terminals, and illegal access of employees to internal servers. From this perspective, it is necessary to build metrics based on relevant standards to ensure that security is being met. Therefore, it is necessary to organize the method for security evaluation of NAC according to the related standards. Therefore, this study builds a model that combines the security evaluation part of ISO / IEC 15408 (CC: Common Criteria) and ISO 25000 series to develop security metric of network access control system. For this purpose, we analyzed the quality requirements of the network access control system and developed the convergence evaluation metric for security of the two international standards. It can be applied to standardization of evaluation method for network access control system in the future by constructing evaluation model of security quality level of network access control system.

A Multi-Level Access Control Scheme on Dynamic Multicast Services (동적 멀티캐스트 서비스상의 다단계 접근통제 기법)

  • 신동명;박희운;최용락
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.12 no.6
    • /
    • pp.47-58
    • /
    • 2002
  • The access control techniques, which can control unauthorized members to access to multicast service, have not been studied very often while there are a lot of on-going study on secure multicast architecture, multicast key distribution and sender authentication scheme have been studied. Multi level access control scheme in multicast can be used in a remote secure conference or to provide graduated multimedia services to each customers. In fact, multicast network has its own virtual networks according to different security levels. However, Early schemes are not effective when it protects unauthorized access in multi-access network environment. Furthermore this scheme does not provide us with hierarchical access control mechanism. This paper, therefore, proposes hierarchical access control scheme to provide the effectiveness in network layer by security level comparison. And we also suggests hierarchical key distribution scheme for multi level access control in application layer and effective hierarchical key renewal scheme in dynamic multicast environment which is easy to join and leaving the multicast group.