• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.8
• /
• pp.3567-3588
• /
• 2018

In the Internet of Things (IoT) concept, devices communicate autonomously with applications in the Internet. A significant aspect of IoT that makes it stand apart from present-day networked devices and applications is a) the very large number of devices, produced by diverse makers and used by an even more diverse group of users; b) the applications residing and functioning in what were very private sanctums of life e.g. the car, home, and the people themselves. Since these diverse devices require high-level security, an operational model for an IoT system is required, which has built-in security. We have proposed the societal model as a simple operational model. The basic concept of the model is borrowed from human society - there will be infants, the weak and the handicapped who need to be protected by guardians. This natural security mechanism works very well for IoT networks which seem to have inherently weak security mechanisms. In this paper, we discuss the requirements of the societal model and examine its feasibility by doing a proof-of-concept implementation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.1201-1216
• /
• 2017

Recently, many countries around the world including Korea (Rep. of) have actively introduced online voting using distributed ledger technology (e.g. blockchain). However, online voting using distributed ledger technology based on the widely deployed telecommunication/ICT infrastructure. There is insufficient analysis of potential security threats. In this paper, we suggest a model for online voting system using distributed ledger technology and propose countermeasures by analyzing the security threats that may occur in online voting process in terms of information security.

• Knowledge Management Research
• /
• v.22 no.4
• /
• pp.157-172
• /
• 2021

Information security companies were established in earnest from the mid-late 1990s to early 2000s, far shorter than other national key industries. Nevertheless, the information security industry has made rapid progress. It is expected that the proportion of the information security industry will increase rapidly with the development of advanced technology along with the 4th industrial revolution. As COVID-19, which occurred at the end of 2019, spreads around the world in 2020, non-face-to-face services and digital transformation are accelerating, and cyber threats to users are also increasing. However, there are limitations in responding to new Cyber Security threats due to the shortage of information protection manpower, insufficient security capabilities of domestic companies, and the narrow domestic information protection market. This study examines the external environmental factors of information security companies such as government information protection system operation, government influence, government support, partnership between information security companies, and internal environmental factors such as top management support, financial status, human resources, organizational capability, This study was conducted using empirical data to analyze whether it affects innovation capability and whether organizational capability and innovation capability affect financial and non-financial performance. The results of this study can be used as basic data to suggest policies and implications for information security, and to strengthen the competitiveness of the information security industry.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.47 no.1
• /
• pp.99-108
• /
• 2010

RFID(Radio Frequency IDentification) is a technology that automatically identifies objects containing the electronic tags by using radio wave. When there are some tags in the domain of the RFID reader, the mechanism that can solve a collision between the tags occurs is necessary. The multi tag identification problem is the core issue in the RFID and could be resolved by the anti-collision algorithm. However, RFID system has another problem. The problem id user information security. Tag response easily by query of reader, so the system happened user privacy violent problem by tag information exposure. In the case, RFID system id weak from sniffing by outside. In this paper, We study of security robustness for tree-walking algorithm, query tree algorithm and advanced query tree algorithm of tree based memoryless algorithm.

• Journal of the Korea Safety Management & Science
• /
• v.8 no.6
• /
• pp.91-108
• /
• 2006

RFID/USN is important infrastructure of the ubiquitous society. And so, It is various and practical research is attempted. These two base technology have physical characteristic and complement relationship. Like this relationship is applied Following example that is system research which manages warehouse stocks and conditions. First, We adhere RFID Tag at the Pallet of the warehouse and do identification goods. And then, It grasps the environment state information of stocks with sensor module which has Zigbee wireless communication function. From like this process RFID Tag information and jop-control command of sensor node also it is exposed to air. Therefore, We control sensor node in USN/RFID environment through the mobile device. And system design for the security Apply of the process is main purpose of this paper's. We propose the condition and function of the mobile device to the secondary. And We define the relation of the sensor node with RFID to be arranged to a warehouse. Finally, This paper is designed to find a trade-off of the following viewpoints. First, We offer suitable sensor-control information to a actual manager. Second, We offer RFID tag security approach to control the action of the sensor. Third, It increases the survivability of sensor node form.

• The Transactions of the Korea Information Processing Society
• /
• v.4 no.12
• /
• pp.3078-3087
• /
• 1997

The information security is very important in computer communication network, and the security system has been developed in many aspects to provide secure communication. The secret key distribution and mutual user authentication are essential element in designing security system, then many algorithms and implementation schemes have been proposed. But they don't consider communication protocol, so they are not easy to adapt a real communication network' In this paper, we propose a key distriburion and mutual user authentication scheme based on X.25 protocol which is the most popular in packet communication, and the proposed scheme maintains a protocol transparency and can select communication mode, so the security system is more capable.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.341-342
• /
• 2017

Control and development systems such as air traffic control systems, road traffic systems, and Korea Hydro &Nuclear Power are the infrastructure facilities of the country, and if the malicious hacking attacks proceed, the damage is beyond imagination. In fact, Korea Hydro & Nuclear Power has been subjected to a hacking attack, causing internal information to leak and causing social problems. In this study, we analyze the environment of the development control system and analyze the status of the convergence security research, which is a recent issue, and propose a strategy system for stabilizing various power generation control systems and propose countermeasures. We propose a method to normalize and integrate data types from various physical security systems (facilities), IT security systems, access control systems, to control the whole system through convergence authentication, and to detect risks through fusion control.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.363-365
• /
• 2014

Internet baking, e-commerce, business processing, etc on smartphone handing could be possible in present days. Ambiguity between cyber and real life has made vulnerability on infrastructure, Gov't Service and National security by cyber terrorism. Especially, Lots of Infrastructure and Gov't Service based on Information Technology were exposed by Cyber terror. Legal system should be improved to keep from these threats. This paper proposed needs of cyber legal system by analyzing proposed cyber related code on Korean National Assembly, issue on Cyber Control Tower, National Cyber Security Industry and Human resource.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.117-130
• /
• 2007

A honeypot is a security resource whose value lies in being attack. It collects data regarding the attack strategies and tools of hackers. However, the honeypot is normally located at a single point, and the possibility is small that a hacker will attack it. Unused ports-based decoy systems which gather data about hackers activities have been developed to complement honeypots. However, the systems have some problems to be deployed in actual environment. In this paper, we propose an agent-based system which enhances shortcomings of the unused ports-based decoy systems. It makes honeypot gather more information regarding hacker activities and protects clients from attacks. Moreover, the proposed system can increase the chance of tracking hackers activities without wasting additional IP addresses and computer hardwares.

• Journal of Digital Convergence
• /
• v.17 no.5
• /
• pp.23-31
• /
• 2019

This study aims to build an AHP model that evaluates the priority of cyber security policies for the Azerbaijan information system. For this, 4 factors were constructed from components of ITU National Interest Model, whereas 5 alternatives were based on the best practices of the eight developed countries leading the cyber security field. Using the questionnaire, 24 security experts evaluated the strategic priority of such factors or alternatives. The analysis results using the AHP software showed that homeland defense and economic well-being were the dominant aspects of cyber security policy, whereas capacity building and infrastructure were the main concern of cyber security elements for Azerbaijan. This study presents the strategic priority of cyber security policies that can be adopted by Azerbaijan government. This study can contribute to developing the national cyber security guide of Azerbaijan.