• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.9 no.6
• /
• pp.599-603
• /
• 2016

Recently the wireless LAN system is substituting wired LAN system notably as the number of mobile users increases greatly along the advancement of technology. But the wireless LAN has a critical weakness in the security such as data leakage. Thus a safe security system is imperative to avoid threatening from hackers with offering the best convenience to inner users. In this research, we have developed a RADIUS wireless LAN security system for industrial applications, which performs the EAP authentication with the compatibility for any maker of wireless LAN. The system has interfaces based on WEB, providing DB access function for user management so that users can perform authentication of 802.1x in their computers.

• Journal of Service Research and Studies
• /
• v.5 no.2
• /
• pp.93-101
• /
• 2015

Today, various access security technology appeared in this society as a result of the informatization and automation. Most building, floor, or door security certification system for the office units are installed, but there are many inconvenient matters. In order to minimises this, we used the face recognition function via the camera, and various sensors. In this paper, I designed the access security system through physical computing which Arduino offered, facial recognition program, and Twitter. Check that the personal information stored in the individual RFID tag is matched to the personal information stored on the existing server. Face recognition program input the face using a camera, and allow to confirm the identity. The system's abnormal or when the unauthenticated person is to penetrate, the system transmits the Twitter status message to the manager. It was designed continuously to monitor the status in real time in this way.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.71-79
• /
• 2003

Existing web-based system management software solutions show some limitations in time and space. Moreover, hey possess such as shortcomings unreliable error message announcements and difficulties with real-time assistance supports and emergency measures. In order to solve these deficiencies, Wireless Remote Control System(W-RCS) was designed and implemented. W-RCS is able to manage and monitor remote systems by using mobile communication devices for instantaneous control. The implementation of W-RCS leads to these security problems as well as solutions to aforementioned issues with existing web-based system management software solutions. Therefore, this paper has focused on the security matters related to W-RCS. The security functions based on public key infrastructure include mobile device user authentication and target system access control. The W-RCS allows real-time user authentication, increases the flexibility of resource administrators and mobile device non, and provides not only uninterrupted services, but also safe mobile office environments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.5
• /
• pp.81-88
• /
• 2010

Sun et al. proposed a new design of wearable token system for security of mobile devices, such as a notebook and PDA. In this paper, we show that Sun et al.'s system is vulnerable to off-line password guessing attack and man in the middle attack based on known plain-text attack. We propose an improved scheme which overcomes the weaknesses of Sun et al.'s system. The proposed protocol requires to perform one modular multiplication in the wearable token, which has low computation ability, and modular exponentiation in the mobile devices, which have sufficient computing resources. Our protocol has no security problem, which threatens Sun's system, and known vulnerabilities. That is, the proposed protocol overcomes the security problems of Sun's system with minimal overheads.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1399-1410
• /
• 2015

Gartner is requiring companies to considerably change their survival paradigms insisting that companies need to understand and provide again the upcoming era of data competition. With the revealing of successful business cases through statistic algorithm-based predictive analytics, also, the conversion into preemptive countermeasure through predictive analysis from follow-up action through data analysis in the past is becoming a necessity of leading enterprises. This trend is influencing security analysis and log analysis and in reality, the cases regarding the application of the big data analysis framework to large-scale log analysis and intelligent and long-term security analysis are being reported file by file. But all the functions and techniques required for a big data log analysis system cannot be accommodated in a Hadoop-based big data platform, so independent platform-based big data log analysis products are still being provided to the market. This paper aims to suggest a framework, which is equipped with a real-time and non-real-time predictive analysis engine for these independent big data log analysis systems and can cope with cyber attack preemptively.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.4
• /
• pp.737-744
• /
• 2012

Recently VoIP has provided voice(both wired and wireless from IP-based) as well as the transmission of multimedia information. VoIP used All-IP type, Gateway type, mVoIP etc. Wired and wireless VoIP has security vulnerabilities that VoIP call control signals, illegal eavesdropping, service misuse attacks, denial of service attack, as well as wireless vulnerabilities etc. from WiFi Zone. Therefore, the analysis of security vulnerabilities in wired and wireless VoIP and hacking incidents on security measures for research and study is needed. In this paper, VoIP (All-IP type, and for Gateway type) for system and network scanning, and, IP Phone to get the information and analysis of the vulnerability. All-IP type and Gateway type discovered about the vulnerability of VoIP hacking attacks (Denial of Service attacks, VoIP spam attacks) is carried out. And that is a real VoIP system installed and operated in the field of security measures through research and analysis is proposed.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.269-273
• /
• 2010

7.7 DDoS incident due to recent events and the emerging importance of privacy and Privacy laws are being discussed in the National Assembly. In this study, Legislative Assembly Secretariat support organization focused on using the system, such as the Internet network and the administrative, technical and physical security elements on the status of confidentiality, availability, integrity and security criteria to identify and follow and We are analyzing. In addition, the Internet, including network and use the system primarily for use, Legislative support agency, The National Assembly Secretariat staff awareness about information security and privacy on the survey for compliance with codes of conduct and We are analyzing. Through this analysis of legislative support agencies' security status, and social responsibility as an institution will wish to encourage the role.

• The KIPS Transactions:PartC
• /
• v.11C no.4
• /
• pp.471-484
• /
• 2004

Recently. many projects have been actively implementing IPsec on the various Operating Systems for security of IPv6 network. But there is no existing tool that checks the IPsec-based systems, which provide IPsec services, work Properly and provide their network security services well In the IPv6 network. In this paper, we design SERDL(Security Evaluation Rule Description Language) and rule execution tool for evaluating security of the IPv6 network, and we provide implementation details. The system Is divided into following parts : User Interface part, Rule Execution Module part, DBMS part and agent that gathering information needed for security test.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.344-365
• /
• 2020

Providing security has been always on priority in all areas of computing and communication, and for the systems that are low on computing power, implementing appropriate and efficient security mechanism has been a continuous challenge for the researchers. Radio Frequency Identification (RFID) system is such an environment, which requires the design and implementation of efficient security mechanism. Earlier, the security protocols for RFID based on hash functions and symmetric key cryptography have been proposed. But, due to high strength and requirement of less key size in elliptic curve cryptography, the focus of researchers has been on designing efficient security protocol for RFID based on elliptic curves. In this paper, an efficient elliptic curve signcryption based security protocol for RFID has been proposed, which provides mutual authentication, confidentiality, non-repudiation, integrity, availability, forward security, anonymity, and scalability. Moreover, the proposed protocol successfully provides resistance from replay attack, impersonation attack, location tracking attack, de-synchronization attack, denial of service attack, man-in-the-middle attack, cloning attack, and key-compromise attack. Results have revealed that the proposed protocol is efficient than the other related protocols as it takes less computational time and storage cost, especially for the tag, making it ideal to be used for RFID systems.

• Journal of the Society of Disaster Information
• /
• v.2 no.1
• /
• pp.3-18
• /
• 2006

Recently the demand for civil bodyguards and security guards shows rapid growth by the social development and improve the quality of life. However the supply and training system have some limitations in spite of the high demand guard-secretary. The main role of secretaries has been to accompany superiors in order to maintain their dignity or trait. But the secretaries are required to play additional roles of safety managers such as a security manager, a protocol manager, an intelligence manager and a protective driver in order to overcome the domestic and the international safety environment and to elevate the quality of service as a competitive work. So, the purpose of this article is to analyse current situation of civil body and security guard training industry and to seek an educational model. For it, the following questions will be examined. First, Do the professional training organizations meet social demand for the body and security guards? Second, What kind of training has to be provide for the body and security guards? and what the qualifications of the trainers? Then, what are the differences in training courses between private organizations and universities? Is there differences in the job placement among the trainers of private organizations and universities? etc.. In summary to meet the social demand common curriculum for the body and security guard will be drawn from the analyses of diverse training organizations with different training courses in contents, training periods, educational value, and social aim.