• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.464-466
• /
• 2021

Currently, most companies have security solutions such as firewalls or WAF (Web Application Firewall) for web services, cloud systems, and data centers. Recently, as the need for remote access increases, the task of overcoming the security vulnerabilities of remote access control is becoming more important. In this paper, the concept of the network security model from the perspective of zero trust and the strategy and security system using it will be reviewed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.901-911
• /
• 2012

The removal of security vulnerabilities during the developmental stage is found to be much more effective and much more efficient than performing the application during the operational phase. The underlying security vulnerabilities in software have become the major cause of cyber security incidents. Thus, secure coding is drawing much attention for one of its abilities includes minimizing security vulnerabilities at the source code level. Removal of security vulnerabilities at the software's developmental stage is not only effective but can also be regarded as a fundamental solution. This thesis is a research about the methods of Mobile-Secure Coding Self Assessment in order to evaluate the security levels in accordance to the application of mobile secure coding of every individual, groups, and organizations.

• Proceedings of the KIEE Conference
• /
• 2001.07a
• /
• pp.122-124
• /
• 2001

This Paper presents an application technique for solving the Security Constrained Economic Dispatch(SCED) problem using the Interior Point Method. The optimal power flow solution is obtained by optimizing the given generation cost objectives function subject to the system security constraints. The proposed technique is applied to a prototype 6-bus system for evaluation and test.

• Journal of Advanced Navigation Technology
• /
• v.15 no.3
• /
• pp.372-377
• /
• 2011

Until now, the study and research on the projects which have internationally conducted are in poor condition with regard to the security vulnerability analysis of web application. This is due to a lack of precedent study for improving the quality of the web services in order to provide better services for the future. In this paper, I analyze the types of the web application vulnerabilities which have been studied and mapped out a plan for protecting them.

• Journal of Information Technology Applications and Management
• /
• v.11 no.1
• /
• pp.39-51
• /
• 2004

Application systems outsourcing is an important part of IT outsourcing services. Application systems outsourcing costs is determined by service levels of outsourcers. Recent researches show there is a strong need to build industry-specific cost estimation models. In this study, an industry-specific application systems operation cost estimation model is suggested. We reviewed operation cost models of previous researches, and proposed a cost estimation model for security industry. Industry-specific service factors are defined and service levels are determined by Interviews with experts. The proposed model is tested and adjusted with empirical data. The new model shows more accurate prediction than previous general models. Future research will be needed to develop outsourcing cost estimation models for other industries and to refine cost models developed in this study.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.8 no.3
• /
• pp.49-55
• /
• 2012

Recently, with the rapid development of android-based smartphones, it is becomes a major security issue that the case of Android platform is an open platform. so it is easy to be a target of mobile virus penetration and hacking. Even there are a variety of security mechanisms to prevent the vulnerable points of the Android platform but the reason of most of the security mechanisms were designed at application-level that highly vulnerable to the attacks directly to the operating system or attacks using the disadvantages of an application's. It is necessary that the complementary of the android platform kernel blocks the kernel vulnerability and the application vulnerability. In this paper, we proposed a secure system using linux-based android kernel applied to LIDS(Linux Intrusion Detection and Defense System) and applied a smart phone with s5pc110 chip. As a result, the unauthorized alteration of the application was prevented with a proposed secure system.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.763-766
• /
• 2015

Smart Healthcare System as an Open Platform (Shesop) is an integrated healthcare system and have several features, one of them is Steppy Application. Steppy does count your step and display on Shesop website. In this system security issues are not properly addressed, while Personal Health Record (PHR) patient stored in the cloud platform could be at risk. In fact, the huge electronic information available online, people needs reliable and effective technique for privacy preserving. In order to improve the security of data which are displayed on the Shesop website, so that anyone who access could not tamper without permission. Recently Xu et al. showed a pseudonym scheme using smart card as a solution in e-health systems which uses discrete logarithm problem with cyclic group. In this paper, we adopt their scheme and use it application into smartphone using Near Field Communication (NFC) to construct security in Steppy apps.

• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.33-39
• /
• 2023

The global surge in depression and anxiety, intensified by challenges such as cost and stigma, emphasizes the pressing need for accessible, evidence-based digital solutions. The research centers on the creation of a mobile application specifically designed to address mental health challenges. By integrating cognitive behavioral therapy techniques and features like appointment bookings and mindfulness feedback tools, the app is positioned to improve user outcomes. Utilizing platforms like React Native and React, combined with NestJS for enhanced backend security, the application adheres to the rigorous standards required for mental health interventions. Collaborative efforts with experts, notably the counseling unit of IIUM, ensure the app's alignment with contemporary best practices and research. Preliminary findings indicate a promising tool with the potential to address the global mental health treatment disparity.

• Nuclear Engineering and Technology
• /
• v.44 no.8
• /
• pp.919-928
• /
• 2012

The applications of computers and communication system and network technologies in nuclear power plants have expanded recently. This application of digital technologies to the instrumentation and control systems of nuclear power plants brings with it the cyber security concerns similar to other critical infrastructures. Cyber security risk assessments for digital instrumentation and control systems have become more crucial in the development of new systems and in the operation of existing systems. Although the instrumentation and control systems of nuclear power plants are similar to industrial control systems, the former have specifications that differ from the latter in terms of architecture and function, in order to satisfy nuclear safety requirements, which need different methods for the application of cyber security risk assessment. In this paper, the characteristics of nuclear power plant instrumentation and control systems are described, and the considerations needed when conducting cyber security risk assessments in accordance with the lifecycle process of instrumentation and control systems are discussed. For cyber security risk assessments of instrumentation and control systems, the activities and considerations necessary for assessments during the system design phase or component design and equipment supply phase are presented in the following 6 steps: 1) System Identification and Cyber Security Modeling, 2) Asset and Impact Analysis, 3) Threat Analysis, 4) Vulnerability Analysis, 5) Security Control Design, and 6) Penetration test. The results from an application of the method to a digital reactor protection system are described.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.11
• /
• pp.2459-2464
• /
• 2012

Many companies has led to the damage case being leaked to personal information by taking cyber attack. Also, planned hacking cases continues to increase for the purpose of acquiring monetary gain or causing social disruption induction, etc. Approximately 75% of the Web site attacks exploit the vulnerability of the application. Major security issue is to strengthen the S/W development security according to the legal basis. The members of the project team is the fact that the lack of recognition of application development security. In addition, passive response and security validation/testing, etc. throughout the SDLC to the entire area is insufficient. Therefore, rework due to the belated discovery of a defect has occurs. In this paper, we examine the case of the project step-by-step security activities by performing IT services companies. And, through this, we present security measures that can be applied to the step-wise real-world projects.