• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.10a
• /
• pp.347-350
• /
• 2016

Analysis of vulnerability of the software for risk. The weakness of the software material, the importance of strengthening security in accordance with financial damage occurred is emerging. There is a potential risk factor not only from the case, the manufacturing to use the software company that appropriate to use a software business and personal risk of loss to size.In this paper due to diagnose and vulnerabilities in software, diagnosis, the curriculum and to cultivate a diagnostic guide, and security vulnerabilities in software.Proposal system for increased.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.8 no.4
• /
• pp.53-70
• /
• 1998

OMG(Object Management Group) 에서는 CORBA(Common Object Broker Architure) 환경에서의 보안 문제를 해결하기 위해서 CORBA 보안 서비스$^{[8]}$ 를 정의하였다. CORBA보안 서비스는 다양한 보안 기술을 허용하는 보안 구조를 제안하고 있으며, 사용자 인증, 접근제어, 보안 통신 등에 필요한 보안 객체를 정의하고 있다. 또한 CORBA환경에서 수행되는 응용들에게 투명한 보안 통신을 제공하는 것을 기본으로 한다. 본 논문에서는 ECMA(European Computers Association) SESAME(a Secure European System for Application in Multi-vendor Environment) Ver. 4$^{7}$ 를 사용하여 CORBA 환경에서 수행되는 응용들에게 보안 통신을 제공하는 것에 중점을 둔 CORBA보안 서비스의 설계및 구현관리 기능 등을 제공하는 보안 소프트웨어인 SESAME Ver. 4에서 제공하는 GSS-API(Generic Security Application Programming Interface)$^{[9,10,11]}$ 를 사용하여 CORBA 환경에서 보안 통신에 필요한 보안 객체들을 설계 구현하였고, CORBA 환경을 위한 전체 보안 구조를 제시하였다. 본 논문에서 제시한 보안 구조는 보안 통신을 제공하기 위해 구현된 보안 객체와 SESAME Ver. 4에서 제공하는 인증, 접근제어, 보안 정책관리 기능을 통합한 형태이다.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.181-186
• /
• 2022

Cloud computing is the latest approach that is developed for reducing the storage of space to store the data and helps the quick sharing of the data. An increase in the cloud computing users is observed that is also making the users be prone to hacker's attacks. To increase the efficiency of cloud storage encryption mechanisms are used. The encryption techniques that are discussed in this survey paper are searchable encryption, attribute-based, Identity-based encryption, homomorphic encryption, and cloud DES algorithms. There are several limitations and disadvantages of each of the given techniques and they are discussed in this survey paper. Techniques are found to be effective and they can increase the security of cloud storage systems.

• International Journal of Computer Science & Network Security
• /
• v.23 no.4
• /
• pp.25-31
• /
• 2023

Fog computing diversifies cloud computing by using edge devices to provide computing, data storage, communication, management, and control services. As it has a decentralised infrastructure that is capable of amalgamating with cloud computing as well as providing real-time data analysis, it is an emerging method of using multidisciplinary domains for a variety of applications; such as the IoT, Big Data, and smart cities. This present study provides an overview of the security and privacy concerns of fog computing. It also examines its fundamentals and architecture as well as the current trends, challenges, and potential methods of overcoming issues in fog computing.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.7
• /
• pp.3558-3577
• /
• 2017

In 2D-to-3D video conversion process, the virtual left and right view can be generated from 2D video and its corresponding depth map by depth image based rendering (DIBR). The depth map plays an important role in conversion system, so the copyright protection for depth map is necessary. However, the provided virtual views may be distributed illegally and the depth map does not directly expose to viewers. In previous works, the copyright information embedded into the depth map cannot be extracted from virtual views after the DIBR process. In this paper, a new copyright protection scheme for the depth map is proposed, in which the copyright information can be detected from the virtual views even without the depth map. The experimental results have shown that the proposed method has a good robustness against JPEG attacks, filtering and noise.

• Convergence Security Journal
• /
• v.5 no.2
• /
• pp.65-74
• /
• 2005

The hacking accident is increasing repidly according to development of latest computer network and the method becomes various. But, to correspond to hacking, it is lot of difficulties to cope gear and security element between product because most radiant mercuries apply technology between individual digenomic species and It is real condition that great setup, equipment, manpower disturbance are enlarged to apply this. Designed and embody Site-Based executive system that can integrate security element about IDS information between digenomic species to solve these problem and correspond efficiently from hacking.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.4
• /
• pp.709-722
• /
• 2022

The recent "Log4j Security Vulnerability Incident" has occurred, and the information system that uses the open source "Log4J" has been exposed to vulnerabilities. The incident brought great vulnerabilities in the information systems of South Korea's major government agencies or companies and global information systems, causing problems with open source vulnerabilities. Despite the advantages of many advantages, the current development paradigm, which is developed using open source, can easily spread software security vulnerabilities, ensuring open source safety and reliability. You need to check the open source. However, open source vulnerability scan tools have various languages and functions. Therefore, the existing software evaluation criteria are ambiguous and it is difficult to evaluate advantages and weaknesses, so this paper has developed a new evaluation criteria for the vulnerability analysis tools of open source

• Journal of Digital Convergence
• /
• v.12 no.8
• /
• pp.351-359
• /
• 2014

The log data generated by security equipment have been synthetically analyzed on the ESM(Enterprise Security Management) base so far, but due to its limitations of the capacity and processing performance, it is not suited for big data processing. Therefore the another way of technology on the big data platform is necessary. Big Data platform can achieve a large amount of data collection, storage, processing, retrieval, analysis, and visualization by using Hadoop Ecosystem. Currently ESM technology has developed in the way of SIEM (Security Information & Event Management) technology, and to implement security technology in SIEM way, Big Data platform technology is essential that can handle large log data which occurs in the current security devices. In this paper, we have a big data platform Hadoop Ecosystem technology for analyzing the security log for sure how to implement the system model is studied.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.47-59
• /
• 2020

The Army, which is dreaming of a military leap forward through the fourth industrial revolution, needs to also consider the side effects and adverse functions of the fourth industrial revolution. In particular, this study conducted an analysis of whether it was consistent with the global technological trend of normal 'military security'. This paper focuses on the countermeasures that could result from 4th industrial revolution by utilizing the text-mining technique and social network technique of big data. 1. Active promotion of a convergence program with private, public, militaryand industrial, academic, and solidarity, 2. Information Sharing for International Cooperation and Cooperation in Cyber security, 3. Military Innovation and Military Unsymmetric Cyber security innovation, 4.The Establishment of Military Security Convergence Interface Management System in accordance with the Fourth Industrial Revolution, 5. Cooperation in the transition from technology engineering to social technology, 6. Establishing a military security governance system in the military, 7. Specifying confidential military digital data We look forward to providing useful information so that the results of this study can help develop the military and enhance military confidentiality.

• International Journal of Computer Science & Network Security
• /
• v.22 no.8
• /
• pp.328-342
• /
• 2022

The Internet of Things (IoT) is a technology that offers lucrative services in various industries to facilitate human communities. Important information on people and their surroundings has been gathered to ensure the availability of these services. This data is vulnerable to cybersecurity since it is sent over the internet and kept in third-party databases. Implementation of data encryption is an integral approach for IoT device designers to protect IoT data. For a variety of reasons, IoT device designers have been unable to discover appropriate encryption to use. The static support provided by research and concerned organizations to assist designers in picking appropriate encryption costs a significant amount of time and effort. IoTES is a web app that uses machine language to address a lack of support from researchers and organizations, as ML has been shown to improve data-driven human decision-making. IoTES still has some weaknesses, which are highlighted in this research. To improve the support, these shortcomings must be addressed. This study proposes the "IoTES with Security" model by adding support for the security level provided by the encryption algorithm to the traditional IoTES model. We evaluated our technique for encryption algorithms with available security levels and compared the accuracy of our model with traditional IoTES. Our model improves IoTES by helping users make security-oriented decisions while choosing the appropriate algorithm for their IoT data.