• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.2
• /
• pp.580-599
• /
• 2021

Software-Defined Networking (SDN) has three key features: separation of control and forwarding, centralized control, and network programmability. While improving network management flexibility, SDN has many security issues. This paper systemizes the security threats of SDN using spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege (STRIDE) model to understand the current security status of SDN. First, we introduce the network architecture and data flow of SDN. Second, we analyze security threats of the six types given in the STRIDE model, aiming to reveal the vulnerability mechanisms and assess the attack surface. Then, we briefly describe the corresponding defense technologies. Finally, we summarize the work of this paper and discuss the trends of SDN security research.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.12
• /
• pp.4531-4544
• /
• 2021

Because the traditional network information security vulnerability risk assessment method does not set the weight, it is easy for security personnel to fail to evaluate the value of information security vulnerability risk according to the calculation value of network centrality, resulting in poor evaluation effect. Therefore, based on the network security data element feature system, this study designed a quantitative assessment method of network information security vulnerability detection risk under single transmission state. In the case of single transmission state, the multi-dimensional analysis of network information security vulnerability is carried out by using the analysis model. On this basis, the weight is set, and the intrinsic attribute value of information security vulnerability is quantified by using the qualitative method. In order to comprehensively evaluate information security vulnerability, the efficacy coefficient method is used to transform information security vulnerability associated risk, and the information security vulnerability risk value is obtained, so as to realize the quantitative evaluation of network information security vulnerability detection under single transmission state. The calculated values of network centrality of the traditional method and the proposed method are tested respectively, and the evaluation of the two methods is evaluated according to the calculated results. The experimental results show that the proposed method can be used to calculate the network centrality value in the complex information security vulnerability space network, and the output evaluation result has a high signal-to-noise ratio, and the evaluation effect is obviously better than the traditional method.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.11
• /
• pp.4331-4354
• /
• 2020

Nepal is a sensitive and disaster-prone country where safety and security risk are of high concern for travelers. Digital technologies can play a vital role in addressing safety and security issues in the country. This research work proposes a Digital tourism security system design for addressing the safety and security issues in tourism industry of Nepal. The study uses Design science research methodology to identify artifacts, interactions, information flow and dependencies between them which are then mapped with existing prevalent technology to provide design solutions. Data is obtained from interview of tourist and experts as a primary source and technical documents/draft, software documentations, surveys as secondary source. Generalized information model, Use cases model, Network architecture model, Layered taxonomy model and Digital tourism technology reference model are the outcomes of the study. The work is very important as it talks specifically about implementation and integration of digital technologies in tourism security governance at federal, provincial, municipal and rural level. The research supplements as a knowledge document for design and implementation of digital tourism security system in practice. As there is very less work on digital systems in tourism security of Nepal, this work is a pioneer and first of its kind.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.2
• /
• pp.117-129
• /
• 2010

To support the establishment of Information Security Management System, the private sector and the public sector have taken some measures. In the private sector, KISA(Korea Internet & Security Agency) has certified ISMS system based on "The Act on Communication Network Use Promotion and Information Security etc.". In the public sector, No authentication system has been established. Instead, NIS(National Intelligence Service) has enforced 'Information Security Management Condition Evaluation' based on "Electronic Government Act". This article compared ISMS control parts of the private sector with that of the public sector and analyzed the non-enforcement parts of ISMS implementing two sectors for years. Based on this, I would like to consider the method of establishment for efficient ISMS.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.3
• /
• pp.685-703
• /
• 2024

Cloud computing provides each consumer with a large-scale computing tool. Different Cyber Attacks can potentially target cloud computing systems, as most cloud computing systems offer services to many people who are not known to be trustworthy. Therefore, to protect that Virtual Machine from threats, a cloud computing system must incorporate some security monitoring framework. There is a tradeoff between the security level of the security system and the performance of the system in this scenario. If strong security is needed, then the service of stronger security using more rules or patterns is provided, since it needs much more computing resources. A new way of security system is introduced in this work in cloud environments to the VM on account of resources allocated to customers are ease. The main spike of Fog computing is part of the cloud server's work in the ongoing study tells the step-by-step cloud server to change the tremendous measurement of information because the endeavor apps are relocated to the cloud to keep the framework cost. The cloud server is devouring and changing a huge measure of information step by step to reduce complications. The Medical Data Health-Care (MDHC) records are stored in Cloud datacenters and Fog layer based on the guard intensity and the key is provoked for ingress the file. The monitoring center sustains the Activity Log, Risk Table, and Health Records. Cloud computing and Fog computing were combined in this paper to review data movement and safe information about MDHC.

• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.13 no.3
• /
• pp.110-116
• /
• 2005

TSA needs to be more transparent with the new passenger screening system and its functioning to build the citizen trust. The system is needed to be not only effective but supported by Congress and the general public. Until this occurs, skepticism will underlie any discussion about its effectiveness in balancing the protection from terrorism with respect to individual liberties. CAPPS II can be a viable system if it is developed appropriately. The objectives of the study are to introduce the security program in the U.S. aviation security policy and to discuss privacy problems when it applies. Korea also needs to study a harmonious plan with the basis of global approach mind in the case of considering the transferring of passenger information from other states for the purpose of security.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.3
• /
• pp.654-663
• /
• 1999

In this paper, we develop a security system which enhances the security of information during transmission over the World Wide Web for solving problems related to outflow of the information on the internet. Our system provides safe security functions without modifying the existing Web server and browser by utilizing CGI, Plug-in, and Socket Spy techniques. Our system implements user access control and data encryption/decryption by using the hardware cryptographic token instead of using a software technique as in previous systems, and hence is a more robust security system.

• Journal of Industrial Convergence
• /
• v.13 no.2
• /
• pp.45-54
• /
• 2015

This Study aims to analyze the factors for the success of commercialization of the facial extraction and recognition image security information system of the domestic companies in Korea. As the results of the analysis, the internal factors for the success of commercialization of the facial extraction and recognition image security information system of the company were found to include (1) Holding of technology for close range facial recognition, (2) Holding of several facial recognition related patents, (3) Preference for the facial recognition security system over the fingerprint recognition and (4) strong volition of the CEO of the corresponding company. On the other hand, the external environmental factors for the success were found to include (1) Extensiveness of the market, (2) Rapid growth of the global facial recognition market, (3) Increased demand for the image security system, (4) Competition in securing of the engine for facial extraction and recognition and (5) Selection by the government as one of the 100 major strategic products.

• Journal of Information Technology Applications and Management
• /
• v.27 no.4
• /
• pp.1-19
• /
• 2020

Infringement of information security has caused the corporate image to be damaged and share price to fall, and it is emerging as an organizational risk. The value of information assets in enterprises has led to a higher level of security than in the past. As a result, companies are aware of the need for officers to protect information and to oversee a security management system. However, despite the growing importance of information security officers, there is a lack of research on their roles and characteristics. This study validates the relationship between determinants that affect the performance of information security. And a structural equation model was presented and empirically analyzed to see the impact of the internal and external characteristics of the staff in charge of information security on the organization's information security performance.

• Journal of Information Technology Applications and Management
• /
• v.26 no.4
• /
• pp.19-30
• /
• 2019

Many organizations need to comply with ISMS-P for information systems and personal information management for ISMS-P certification. Organizations should safeguard vulnerablities to information systems. However, as the kinds of information systems are diversified and the number of information systems increases, management of such vulnerabilities manually accompanies with many difficulties. SCAP is a protocol to manage the vulnerabilities of information system automatically with security standards. In this paper, for the introduction of SCAP in domestic domains we verify the applicability of server-oriented system which is one of ISMS-P certification targets. For SCAP applicability, For obtaining this goal, we analyze the structures and functions of SCAP. Then we propose schemes to check vulnerabilities of the server-oriented system. Finally, we implement the proposed schemes with SCAP to show the applicability of SCAP for verifying vulnerabilities of the server-oriented system.