• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.295-303
• /
• 2023

As the cloud computing market grows, a variety of cloud services are now reliably delivered. Administrative agencies and public institutions of South Korea are transferring all their information systems to cloud systems. It is essential to develop security solutions in advance in order to safely operate cloud services, as protecting cloud services from misuse and malicious access by insiders and outsiders over the Internet is challenging. In this paper, we propose a zero trust model for cloud storage services that store sensitive data. We then verify the effectiveness of the proposed model by operating a cloud storage service. Memory, web, and network forensics are also performed to track access and usage of cloud users depending on the adoption of the zero trust model. As a cloud storage service, we use Amazon S3(Simple Storage Service) and deploy zero trust techniques such as access control lists and key management systems. In order to consider the different types of access to S3, furthermore, we generate service requests inside and outside AWS(Amazon Web Services) and then analyze the results of the zero trust techniques depending on the location of the service request.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.10
• /
• pp.1391-1396
• /
• 2021

The boundary-based security system has the advantage of high operational efficiency and easy management of security solutions, and is suitable for denying external security threats. However, since it is operated on the premise of a trusted user, it is not suitable to deny security threats that occur from within. A zero trust access control model was proposed to solve this problem of the boundary-based security system. In the zero trust access control model, the security requirements for real-time security event monitoring must be satisfied. In this study, we propose a monitoring method for the most basic file access among real-time monitoring functions. The proposed monitoring method operates at the kernel level and has the advantage of fundamentally preventing monitoring evasion due to the user's file bypass access. However, this study focuses on the monitoring method, so additional research to extend it to the access control function should be continued.

• Journal of Internet Computing and Services
• /
• v.23 no.4
• /
• pp.65-72
• /
• 2022

In this paper, a zero trust-based complex biometric authentication was proposed in a passwordless environment. The linkage of FIDO 2.0 (Fast IDENTITY Online) transaction authentication platforms was designed in conjunction with metaverse. In particular, it was applied with the location information of a smart terminal according to a geomagnetic sensor, an accelerator sensor, and biometric information for multi-factor authentication(MFA). At this time, a FIDO transaction authentication platform was presented for adaptive complex authentication with user's environment through complex authentication with secondary authentication based on situational awareness such as illuminance and temperature/humidity. As a result, it is possible to authenticate secondary users based on zero trust with behavior patterns such as fingerprint recognition, iris recognition, face recognition, and voice according to the environment. In addition, it is intended to check the linkage result of the FIDO platform for complex integrated authentication and improve the authentication accuracy of the linkage platform for transaction authentication using FIDO2.0.

• Korean Journal of Culture and Social Issue
• /
• v.27 no.3
• /
• pp.285-303
• /
• 2021

The purpose of this study was to investigate the reliability and validity of the Korean version of the zero-sum belief scale among a sample of Korean adults. The original scale was developed by Różycka-Tran, Boski, and Wojciszke (2015) based on the Belief in a Zero-Sum Game (BZSG) model. A total of 508 participants (252 college students and 256 non-student adults) completed an online survey comprised of the scales of zero-sum belief, social trust, subjective socioeconomic status, individualistic-collectivistic tendencies, and social comparison orientation. Results of the exploratory factor analysis and the confirmatory factor analysis indicated that zero-sum belief scale has one factor. The internal consistency of the zero-sum belief scale was good. The Zero-sum belief scale did not have a significant relationship with social trust and subjective socioeconomic status. However, the scale was positively associated with vertical individualistic and vertical collectivistic tendencies and negatively associated with horizontal collectivistic tendencies. There was no significant relationship between zero-sum belief and horizontal individualistic tendencies, but there was a significant positive relationship between zero-sum belief and social comparison orientation. However, the results from the college student sample and the non-student adult sample were different. Lastly, this study could facilitate future research on zero-sum belief in South Korea, and future studies are needed to reveal the predictors and effects of zero-sum belief.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.11
• /
• pp.1478-1481
• /
• 2019

As core technologies(IoT, 5G, Cloud, Bigdata, AI etc) leading the Fourth Industrial Revolution promote smart convergence across the national socio-economic infrastructure, the threat of new forms of cyber attacks is increasing and the possibility of massive damage is also increasing. Reflecting this trend, cyber security is expanding from simple information protection to CPS(Cyber Physical System) protection that combines safety and security that implements hyper-connectivity and ultra-reliability. This study introduces the recent evolution of cyber attacks and looks at the next generation cyber security technologies based on the conceptual changes of cyber security technologies such as SOAR(Security Orchestration, Automation and Response) and Zero Trust.

• Journal of applied mathematics & informatics
• /
• v.16 no.1_2
• /
• pp.125-142
• /
• 2004

We analyze the convergence properties of Powell's UOBYQA method. A distinguished feature of the method is its use of two trust region radii. We first study the convergence of the method when the objective function is quadratic. We then prove that it is globally convergent for general objective functions when the second trust region radius p converges to zero. This gives a justification for the use of p as a stopping criterion. Finally, we show that a variant of this method is superlinearly convergent when the objective function is strictly convex at the solution.

• Korean Journal of Culture and Social Issue
• /
• v.28 no.3
• /
• pp.307-329
• /
• 2022

This study aimed to explore factors which can predict interpersonal tolerance and intolerance. Specifically, the study examined whether tolerance and intolerance would be explained by demographic variables, social desirability, empathy (cognitive empathy and affective empathy), fear of compassion for others, social trust, and zero-sum belief. Participants in the study were 445 adults (218 males and 227 females) who completed an online survey. Data were analyzed by using hierarchical regression analyses to control the effects of demographic variables and social desirability. The results indicated that tolerance was explained by gender, subjective socioeconomic status, social desirability, cognitive empathy, and social trust. In addition, intolerance was predicted by social desirability, fears of compassion for others, and zero-sum belief. It means that the constructs of tolerance and intolerance are distinct, and different factors predict tolerance and intolerance, respectively. Therefore, it would be necessary to develop realistic ways to promote tolerance and to prevent intolerance at the same time in order to achieve co-existence in a multicultural and diverse society.

• KIPS Transactions on Computer and Communication Systems
• /
• v.12 no.6
• /
• pp.189-196
• /
• 2023

Today, in the era of the 4th industrial revolution based on the paradigm of hyper-connectivity, super-intelligence, and superconvergence, the remote work environment is becoming central based on technologies such as mobile, cloud, and big data. This remote work environment has been accelerated by the demand for non-face-to-face due to COVID-19. Since the remote work environment can perform various tasks by accessing services and resources anytime and anywhere, it has increased work efficiency, but has caused a problem of incapacitating the traditional boundary-based network security model by making the internal and external boundaries ambiguous. In this paper, we propse a method to improve the limitations of the traditional boundary-oriented security strategy by building a security model centered on core components and their relationships based on the zero trust idea that all actions that occur in the network beyond the concept of the boundary are not trusted.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.447-448
• /
• 2021

The boundary-based security architecture has the advantage of easy deployment of security solutions and high operational efficiency. The boundary-based security architecture is easy to detect and block externally occurring security threats, but is inappropriate to block internally occurring security threats. Unfortunately, internal security threats are increasing in frequency. In order to solve this problem, a zero trust model has been proposed. The zero trust model requires a real-time monitoring function to analyze the behavior of a subject accessing various information resources. However, there is a limit to real-time monitoring of file access of a subject confirmed to be trusted in the system. Accordingly, this study proposes a method to monitor user's file access in real time. To verify the effectiveness of the proposed monitoring method, the target function was verified after the demonstration implementation. As a result, it was confirmed that the method proposed in this study can monitor access to files in real time.

• Convergence Security Journal
• /
• v.24 no.1
• /
• pp.27-34
• /
• 2024

Network separation is an important policy that Cyber Incident prevent cyber and protect data. Recently, the IT environment is changing in software development, such as remote work, using the cloud, and using open sources. Due to these changes, fintech companies' development productivity and efficiency are lowering due to network separation regulations, and the demand for easing network separation continued. The government revised the regulations electronic financial supervision(hereafter EFS) in response to needs for mitigation of network separation in the IT environment and fintech companies. Some amendments to the EFS, which took effect on 01/01/2023, mitigate network separation only for research and development purposes in cloud environments. If software developed in a cloud development environment is applied to an operating system through a distribution system the existing perimeter-based security model will not satisfaction the network separation conditions. In this Study, we would like to propose a way to maintain the DevOps system in a network separation environment by Using the zero trust security system.