• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.238-241
• /
• 2022

North Korea launched an ICBM and declared Moratorium for the September 19 military talks. The Armed Forces must protect military security for national defense and security. The Ministry of National Defense, which received a hacking attack from North Korea, must protect its military security even more. Recently, the leakage of military data through smartphones is occurring through smartphones. Officers and non-commissioned officers can use smartphones while working. Therefore, smartphone forensics is required to check information leakage of military data from smartphones. In this study, forensic leaks of military data from the Galaxy S20 model of S company. Research integrity verification for securing smartphone forensic evidence, securing metadata, and adopting evidence. This study will contribute to the development of military security and forensic technology.

• Journal of Convergence for Information Technology
• /
• v.11 no.7
• /
• pp.7-13
• /
• 2021

Recently, due to the many features and advantages of cloud computing, cloud service is being introduced to countless industries around the world at an unbelievably rapid pace. With the rapid increase in the introduction of multi-cloud based services, security vulnerabilities are increasing, and the risk of data leakage from cloud computing services are also expected to increase. Therefore, this study will propose an AWS Well-Architected based security architecture configuration method such as AWS standard security architecture, AWS shared security architecture model that can be applied for personal information security including cost effective of cloud services for better security in AWS cloud service. The AWS security architecture proposed in this study are expected to help many businesses and institutions that are hoping to establish a safe and reliable AWS cloud system.

• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.31-38
• /
• 2024

Recent expansion in cloud service usage has heightened the importance of cloud security. The purpose of this study is to analyze current research trends in the field of cloud security and to derive implications. To this end, R&D project data provided by the National Science and Technology Knowledge Information Service (NTIS) from 2010 to 2023 was utilized to analyze trends in cloud security research. Fifteen core topics in cloud security research were identified using LDA topic modeling and ARIMA time series analysis. Key areas identified in the research include AI-powered security technologies, privacy and data security, and solving security issues in IoT environments. This highlights the need for research to address security threats that may arise due to the proliferation of cloud technologies and the digital transformation of infrastructure. Based on the derived topics, the field of cloud security was divided into four categories to define a technology reference model, which was improved through expert interviews. This study is expected to guide the future direction of cloud security development and provide important guidelines for future research and investment in academia and industry.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.2
• /
• pp.65-73
• /
• 2008

Security layer of the Cdma2000 1x EV-DO is currently completing standard (C.S0024-A v2.0). Accordingly, a hardware security devices, that allows to implementation requirement of the security layer described in standard document, is required to apply security function about data transferred between AT and AN of then Cdma2000 1x EV-DO environment. This paper represents design of hardware device providing EV-DO security with simulation of the security layer protocol via the FPGA platform. The SHA-1 hash algorithm for certification and service of packet data, and the AES, SEED, ARIA algorithms for data encryption are equip in this device. And paper represents implementation of hardware that applies optionally certification and encryption function after executing key-switch using key-switching algorithm.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.47-59
• /
• 2020

The Army, which is dreaming of a military leap forward through the fourth industrial revolution, needs to also consider the side effects and adverse functions of the fourth industrial revolution. In particular, this study conducted an analysis of whether it was consistent with the global technological trend of normal 'military security'. This paper focuses on the countermeasures that could result from 4th industrial revolution by utilizing the text-mining technique and social network technique of big data. 1. Active promotion of a convergence program with private, public, militaryand industrial, academic, and solidarity, 2. Information Sharing for International Cooperation and Cooperation in Cyber security, 3. Military Innovation and Military Unsymmetric Cyber security innovation, 4.The Establishment of Military Security Convergence Interface Management System in accordance with the Fourth Industrial Revolution, 5. Cooperation in the transition from technology engineering to social technology, 6. Establishing a military security governance system in the military, 7. Specifying confidential military digital data We look forward to providing useful information so that the results of this study can help develop the military and enhance military confidentiality.

• KNOM Review
• /
• v.22 no.1
• /
• pp.11-19
• /
• 2019

As technology develops, the latest security threats on the network applied to users are increasing. By attacking industrial or corporate systems with malicious purposes, hackers cause many social problems such as confidential information leakage, cyber terrorism, infringement of information assets, and financial damage. Due to the complex and diversified threats, the current security personnel alone are not enough to detect and analyze all threats. In particular, the Supervisory Control And Data Acquisition (SCADA) used in industrial infrastructures that collect, analyze, and return static data 24 hours a day, 265 days a year, is very vulnerable to real-time security threats. This paper introduces security information and event management (SIEM), a powerful integrated security management system that can monitor the state of the system in real time and detect security threats. Next, we compare SIEM solutions from various companies with the open source SIEM (OSSIM) from AlienVault, which is distributed as an open source, and present cases using the OSSIM and how to utilize it.

• Journal of the Korea Safety Management & Science
• /
• v.9 no.3
• /
• pp.103-109
• /
• 2007

Payment and security requirement are playing an increasingly critical role in RFID system, allegedly the core of the ubiquitous, especially in logistics. Therefore, security technology has been playing essential role gradually unlike the past when only the perception of equipment was considered important technology. The current encoding system allows the access only to the user who has the secret key. Many encoding algorithm has been studied to ensure the security of secret key. Security protocol is the most typical way to authorize appropriate user perception by using the data and secret key to proceed the encoding and transmit it to the system in order to confirm the user. However, RFID system which transmits more than dozens of data per second cannot be used if the algorithm and protocol of the existing wired system are used because the performance will degrade as a consequence. Security protocol needs to be designed in consideration of property of RFID and hardware. In this paper, a protocol was designed using SNEP(Sensor Network Encryption Protocol), the security protocol used for the sensor similar to RFID- not the current system used in wired environment- and ECC (Elliptic Curve Cryptography: oval curve encoding), the encoding algorithm.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.7
• /
• pp.2719-2735
• /
• 2015

In the cloud environment, users pay more attentions to their data security since all of them are stored in the cloud server. Researchers have proposed many mutual authentication schemes for the access control of the cloud server by using the smart card to protect the sensitive data. However, few of them can resist from the smart card lost problem and provide both of the forward security and the backward security. In this paper, we propose a novel authentication scheme for cloud computing which can address these problems and also provide the anonymity for the user. The trick we use is using the password, the smart card and the public key technique to protect the processes of the user's authentication and key exchange. Under the Elliptic Curve Diffie-Hellman (ECDH) assumption, it is provably secure in the random oracle model. Compared with the existing smart card based authentication schemes in the cloud computing, the proposed scheme can provide better security degree.

• Asia pacific journal of information systems
• /
• v.9 no.3
• /
• pp.143-157
• /
• 1999

EDI is one of the most important information technologies in todays business environment. This study is an exploratory study on the EDI control of Korean companies in their early stage of EDI implementation. The purpose of this study is to examine the impact of EDI controls on the security and usefulness of EDI systems for Korean companies who have adopted EDI. The data of fifty-one Korean companies for financial, manufacturing, and trade industries are collected by the mail survey and interview methods. The level of EDI control is mediocre on the average. The level of EDI security is low while that of EDI usefulness is mediocre. The empirical results show that the EDI controls in general improve the EDI security and usefulness significantly. Especially, the application and security control affect the EDI security significantly while the management, application, and security controls affect the EDI usefulness significantly. The gap between the level and perceived importance of control does not affect the EDI security but decreses the EDI usefulness at the marginal level of significance. The limitation of this study is that only a small number of companies are available for data collection because Korea is in the early stage of EDI implementation.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.12 no.4
• /
• pp.259-266
• /
• 2017

GPS was developed for military purposes. As a result, it is used as a military important means such as guided weapons and strategy / tactics. However, GPS depends on the communication infrastructure and is affected by interference signals. In this paper, we propose a secure micro - web page - based smart map that can enhance security without relying on communication infrastructure on the battlefield. The proposed system consists of general smartphone, security QR, central server and smart map. Only use the network when downloading the security key and SmartMap before the task starts. During operation, the smartphone transmits and receives data using a secure QR. The security QR inserts the security code to prevent forgery and falsification and confirms whether the data is authentic by checking whether the smart phone is forged or not. As a result of implementation, we solved communication security problem of existing technology by using location based service without relying on communication infrastructure.