• Korean Security Journal
• /
• no.20
• /
• pp.229-248
• /
• 2009

This research is looking for the private security industry and diagnostic issues and enable our strategy will be presented through SWOT analysis for the management environment of private security industry to ultimately contribute to the private security industry. Along, the purpose of this research is to want to reach key factors which affect the competitiveness of the private security industry. This study was to conduct literature research and surveys. And analyzing literature and data was collected. And determined the status of private security industry by conducted a comprehensive survey with 13 experts is causal. The question investigation hemisphere the question which harmonizes became accomplished in the center. Like this question analyzed the opinion of the identical research participant and 3 times was executed repetitively, and 2 to verify the data through multiple data as a basis for the SWOT analysis of the environment. Accordingly, the following conclusion emerges. First, the private security industry-related legislation will complement the systematic. This is the task of the public security authority and the relationship will be in the direction for improvement. Second, to develop strategies for diversification of products and services through the use of IT. This business what development security services and products based on IT advanced technology can provide a solution to maximize profits to large security companies and to all of the small companies. Third, it should seek ways to make exports that social safety net project based on security technology and capital of Kore for other Asian countries or developing countries in the world.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.6
• /
• pp.1197-1202
• /
• 2017

Security services that support electric energy service gateway require relatively high reliability. In particular, the application services that accompany communications and data are run organically. Each of the security services should support a secure service platform that supports a secure, scalable life cycle for existing services which should be extends security layer of Universal Middleware. In this convergence platform, it is the study of security transfer modular services that allow independent life cycle management of systems through Universal middleware. First, It is modular in terms of energy consumption service and data, enabling real-time operation, communications, remote management and applications. Second, the life cycle of the secure module to support start, stop and updating of the security module by applying the security policy module layer concept. It is modular system enabling to design of dyanmic models in the smart grid, the service was intended to be standardized and applied to the security service platform.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1435-1447
• /
• 2015

Finance Companies are operating a security solution such as E-DRM(Enterprise-Digital Right Management), Personal information search, DLP(Data Loss Prevention), Security of printed paper, Internet network separation system, Privacy monitoring system for privacy leakage prevention by insiders. However, privacy leakages are occurring continuously and it is difficult to the association analysis about relating to the company's internal and external distribution of private document. Because log system operated in the separate and independent security solutions. This paper propose a systematic chains that can correlatively analyze business systems and log among heterogeneous security solutions organically and consistently based on security documents. Also, we suggest methods of efficient detection for Life-Cycle management plan about security documents that are created in the personal computer or by individual through the business system and distribution channel tracking about security documents contained privacy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.1
• /
• pp.3-15
• /
• 2005

As a large quantity of information is presented in XML format on the web, there are increasing demands for XML security. Research area or n security is about Encryption Digital signature, Key management and Access control. until now research on U security has been focused on the security of data network using digital signature and encryption technology. As XML data become extensive and complex XML security comes to involve not only network security but also managerial security. Managerial security is guaranteed through access control. But XML Encryption supports simple network security. So it can't support multiple users and multiple access control policies. In this paper, we propose an integration method of encryption and access control policy for securing XML documents. This methodology can supper multiple authorizations of multiple users with integrating access control. And this can reduce the cost of evaluation process of the existing complicated access authorization with pre-processing.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.11
• /
• pp.4011-4027
• /
• 2021

Cloud Computing has emerged as an extensively used technology not only in the IT sector but almost in all sectors. As the nature of the cloud is distributed and dynamic, the jeopardies present in the current implementations of virtualization, numerous security threats and attacks have been reported. Considering the potent architecture and the system complexity, it is indispensable to adopt fundamentals. This paper proposes a secure authentication and data sharing scheme for providing security to the cloud data. An efficient IPSO-KELM is proposed for detecting the malicious behaviour of the user. Initially, the proposed method starts with the authentication phase of the data sender. After authentication, the sender sends the data to the cloud, and the IPSO-KELM identifies if the received data from the sender is an attacked one or normal data i.e. the algorithm identifies if the data is received from a malicious sender or authenticated sender. If the data received from the sender is identified to be normal data, then the data is securely shared with the data receiver using SHA256-RSA algorithm. The upshot of the proposed method are scrutinized by identifying the dissimilarities with the other existing techniques to confirm that the proposed IPSO-KELM and SHA256-RSA works well for malicious user detection and secure data sharing in the cloud.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.931-938
• /
• 2013

It is hard to extract original data from encrypted data before getting the password in encrypted data with disk encryption software. This encryption key of disk encryption software can be extract by using physical memory analysis. Searching encryption key time in the physical memory increases with the size of memory because it is intended for whole memory. But physical memory data includes a lot of data that is unrelated to encryption keys like system kernel objects and file data. Therefore, it needs the method that extracts valid data for searching keys by analysis. We provide a method that collect only saved memory parts of disk encrypting keys in physical memory by analyzing Windows kernel virtual address space. We demonstrate superiority because the suggested method experimentally reduces more of the encryption key searching space than the existing method.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.12
• /
• pp.69-75
• /
• 2021

Recently, deep learning, which is the most used in the field of artificial intelligence, has a structure that is gradually becoming larger and more complex. As the deep learning model grows, a large amount of data is required to learn it, but there are cases in which it is difficult to integrate and learn the data because the data is distributed among several owners and security issues. In that situation we conducted parallel learning for each users that own data and then studied how to integrate it. For this, distributed learning was performed for each owner assuming the security situation as V-environment and H-environment, and the results of distributed learning were integrated using Average, Max, and AbsMax. As a result of applying this to the mnist-fashion data, it was confirmed that there was no significant difference from the results obtained by integrating the data in the V-environment in terms of accuracy. In the H-environment, although there was a difference, meaningful results were obtained.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.57-62
• /
• 2022

The recent past has seen a tremendous amount of advancement in the field of Internet of Things (IoT), allowing the influx of a variety of devices into the market. IoT devices are present in almost every aspect of our daily lives. While this increase in usage has many advantages, it also comes with many problems, including and not limited to, the problem of security. There is a need for better measures to be put in place to ensure that the users' data is protected. In particular, fitness trackers used by a vast number of people, transmit important data regarding the health and location of the user. This data is transmitted from the fitness device to the phone and from the phone onto a cloud server. The transmission from device to phone is done over Bluetooth and the latest version of Bluetooth Light Energy (BLE) is fairly advanced in terms of security, it is susceptible to attacks such as Man-in-the-Middle attack and Denial of Service attack. Additionally, the data must be stored in an encrypted form on the cloud server; however, this proves to be a problem when the data must be decrypted to use for running computations. In order to ensure protection of data, measures such as end-to-end encryption may be used. Homomorphic encryption is a class of encryption schemes that allow computations on encrypted data. This paper explores the application of homomorphic encryption for fitness trackers.

• Asia pacific journal of information systems
• /
• v.18 no.4
• /
• pp.1-26
• /
• 2008

Rapid progress of information technology and widespread use of the personal computers have brought various conveniences in our life. But this also provoked a series of problems such as hacking, malicious programs, illegal exposure of personal information etc. Information security threats are becoming more and more serious due to enhanced connectivity of information systems. Nevertheless, users are not much aware of the severity of the problems. Using appropriate password is supposed to bring out security effects such as preventing misuses and banning illegal users. The purpose of this research is to empirically analyze a research model which includes a series of factors influencing the effectiveness of passwords. The research model incorporates the concept of risk based on information systems risk analysis framework as the core element affecting the selection of passwords by users. The perceived risk is a main factor that influences user's attitude on password security, security awareness, and intention of security behavior. To validate the research model this study relied on questionnaire survey targeted on evening class MBA students. The data was analyzed by AMOS 7.0 which is one of popular tools based on covariance-based structural equation modeling. According to the results of this study, while threat is not related to the risk, information assets and vulnerability are related to the user's awareness of risk. The relationships between the risk, users security awareness, password selection and security effectiveness are all significant. Password exposure may lead to intrusion by hackers, data exposure and destruction. The insignificant relationship between security threat and perceived risk can be explained by user's indetermination of risk exposed due to weak passwords. In other words, information systems users do not consider password exposure as a severe security threat as well as indirect loss caused by inappropriate password. Another plausible explanation is that severity of threat perceived by users may be influenced by individual difference of risk propensity. This study confirms that security vulnerability is positively related to security risk which in turn increases risk of information loss. As the security risk increases so does user's security awareness. Security policies also have positive impact on security awareness. Higher security awareness leads to selection of safer passwords. If users are aware of responsibility of security problems and how to respond to password exposure and to solve security problems of computers, users choose better passwords. All these antecedents influence the effectiveness of passwords. Several implications can be derived from this study. First, this study empirically investigated the effect of user's security awareness on security effectiveness from a point of view based on good password selection practice. Second, information security risk analysis framework is used as a core element of the research model in this study. Risk analysis framework has been used very widely in practice, but very few studies incorporated the framework in the research model and empirically investigated. Third, the research model proposed in this study also focuses on impact of security awareness of information systems users on effectiveness of password from cognitive aspect of information systems users.

• International Journal of Advanced Culture Technology
• /
• v.2 no.2
• /
• pp.7-10
• /
• 2014

In order to develop smart grid communications infrastructure, a high level of interconnectivity and reliability among its nodes is required. Sensors, advanced metering devices, electrical appliances, and monitoring devices, just to mention a few, will be highly interconnected allowing for the seamless flow of data. Reliability and security in this flow of data between nodes is crucial due to the low latency and cyber-attacks resilience requirements of the Smart Grid. In particular, Artificial Intelligence techniques such as Fuzzy Logic, Bayesian Inference, Neural Networks, and other methods can be employed to enhance the security gaps in conventional IDSs. A distributed FPGA-based network with adaptive and cooperative capabilities can be used to study several security and communication aspects of the smart grid infrastructure both from the attackers and defensive point of view. In this paper, the vital issue of security in the smart grid is discussed, along with a possible approach to achieve this by employing FPGA based Radial Basis Function (RBF) network intrusion.