• Convergence Security Journal
• /
• v.15 no.4
• /
• pp.3-9
• /
• 2015

A web application that allows a web service created by a internal developer who has security awareness show certain level of security. However, in the case of development by outsourcing, it is inevitable to implement the development centered on requested function rather than the issue of security. Thus in this paper, we improve the software testing process focusing on security for exclusion the leakage of important information and using an unauthorized service that results from the use of the vulnerable web application. The proposed model is able to consider security in the initial stage of development even when outsourced web application, especially, It can prevent the development schedule delay caused by the occurrence of modification for program created by programer who has low security awareness. This result shows that this model can be applied to the national defense area for increasing demand web application centered resource management system to be able to prevent service of web application with security vulnerability based on high test.

• Journal of the Korea Convergence Society
• /
• v.9 no.7
• /
• pp.9-16
• /
• 2018

The purpose of this study is to prevent the malicious user from breaking the door-lock due to physical impact. If it matches the analog displacement value set in the door-lock system, it protects the body and property by transmitting damage information in real time to the manager smart phone. The research suggests a system that transmits damage information in real time to registered users when door-lock is damaged by physical impact. Then compare the impact information sensed by the door lock with the data of the sensitivity control unit. In the web server of the proposed system, after impact information transmitted from Door-Lock is stored in the DB, if the impact information is larger than the shock detection transmission reference value stored in the DB, it is transmitted to the administrator in real time by SMS module so that illegal access information.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.20 no.5
• /
• pp.610-616
• /
• 2010

This paper describes how to securely bind the identity reference and biometric reference for satisfying security requirements. To overcome the shortcomings of the simple personal authentication method using a password, such as identify theft, a biometric system that utilizes physical and behavioral characteristics of each person has been adopted. In the biometric system, the biometric information itself is personal information, and it can be used as an unique identifier that can identify a particular it vidual when combining with other identity information. As a result, a son, anb it canmethod is required for manipulat canthese information. Consider canthese issues, this paper proposes a biit canmethod uiter son, anand uisecure channels for generating the common identifier and ensuring security of identity reference and biometric reference that are stored in the separated DBs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1281-1293
• /
• 2017

In 2001, Boneh and Franklin proposed Identity-Based Encryption(IBE) that does not require a certificate like Public Key Infrastructure(PKI) by using user's Identity as a public key. However, IBE has a key escrow problem because the Private Key Generator(PKG), who is a trusted authority, generates a secret key of every user. Also, it does not support efficient revocation when the user's secret key is exposed or the system needs to revoke the user. Therefore, in order to use IBE as PKI that currently used, it is necessary to solve the key escrow problem and the revocation problem. In this paper, to solve those two problems, we suggest Accountable Authority Revocable IBE(A-RIBE) based on Accountable Authority IBE that mitigates the key escrow problem and Revocable IBE that solves the revocation problem. Also, we define the security model suitable foe A-RIBE, and analyze the principle of designing A-RIBE according to based A-IBE and RIBE and their advantage and disadvantage.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.3B
• /
• pp.314-324
• /
• 2004

Recently, high-speed internet subscribers have grown continuously, and reached up to 10 millions. But existing network management that is responsible only for user access is confronted with many difficulties, since user access network(xDSL, Cable, B-WILL, and so on) has diversified and value added wired/wireless contents service has developed. In this paper propose the Agent based Inter Networking platform as object-oriented hierarchical system that can provide various service such as access QoS(Quality of Service), customized application service and security service according to user on demand. This system has divided into two parts(user agent and agent management system ＆ local and central management systems). Management system periodically receive status information such as bandwidth, download speed, delay, current service, and so on, and process them, then build a policy based on processed information. According to personal user profile that is generated by this policy, the customized service can be provided for users. And This system adopt the object-oriented modeling in case that system migration and integration, and implement a system that is robust and stable for security through hierarchical server system.

• The KIPS Transactions:PartC
• /
• v.16C no.1
• /
• pp.37-50
• /
• 2009

The SCADA(Supervisory Control And Data Acquisition) system is a control system for infrastructure of nation. In the past, the SCADA system was designed without security function because of its closed operating environment. However, the security of the SCADA system has become an issue with connection to the open network caused by improved technology. In this paper we review the constraints and security requirements for SCADA system and propose advanced key management architecture for secure SCADA communications. The contributions of the present work are that our scheme support both message broadcasting and secure communications, while the existing key management schemes for SCADA system don't support message broadcasting. Moreover, by evenly spreading much of the total amount of computation across high power nodes (MTU or SUB-MTU), our protocol avoids any potential performance bottleneck of the system while keeping the burden on low power (RTU) nodes at minimal.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.695-704
• /
• 2003

As wireless Internet speads widely, circulation of various types of digital contents become active. Therefore, it is necesary to make a mobile-based DRM (Digatal Rights Management) system to protect digital contents from illegal reproduction and to give proper rights to contents users, In this paper, we present a mibile security system, which protects the copyright for digital contents offered throughout the mobile environment. Our security system is focused on presenting mobile-based DRM architecture. Especially, considering mobile device's decrying power, we adopted partial encryption scheme. For this, wecompared and evaluated the performant of each contents encryption scheme (the entire encryption scheme and the partial encription scheme) and proved that a proper DRM system for current wireless devices is the partial encryption system. Our mobile DRM system can be very efficient to protect contents on the wireless Internet environment.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.1
• /
• pp.45-52
• /
• 2009

Currently broadcasting and telecommunication has integrated, And IPTV Service has appeared who called TPS(Triple Play Service) which integrated with broadcasting, telecommunication and Phone Service. IPTV provide broadcasting service and VOD(Video on Demand) service, and it must be satisfied digital content security. For this condition, IPTV Forum working on standardization of interface for digital content security. The Security solution for broadcasting and VOD are CAS (Conditional Access System) and DRM(Digital Rights Management). But these solutions manufactured by many vendors, so there is no inter-operability. And after finished standardization of interface for CAS and DRM system, the problem of inter-operability with them will be issued. For this reason, Rights management system which possible to operate independently with platform is necessary. In this paper, To protect multimedia digital content, we designed and implemented Conditional Access Management System.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.516-519
• /
• 2008

Currently broadcasting and telecommunication has integrated, And IPTV Service has appeared who called TPS(Triple Play Service) which integrated with broadcasting, telecommunication and Phone Service. IPTV provide broadcasting service and VOD(Video on Demand) service, and it must be satisfied digital content security. For this condition, IPTV Forum working on standardization of interface for digital content security. The Security solution for broadcasting and VOD are CAS(Conditional Access System) and DRM(Digital Rights Management). But these solutions manufactured by many vendors, so there is no inter-operablity. And after finished standardization of interface for CAS and DRM system, the problem of inter-operability with them will be issued. For this reason, Rights management system which possible to operate independently with platform is necessary. In this paper, To protect multimedia digital content, we designed and implemented Conditional Access Management System.

• Journal of KIISE:Information Networking
• /
• v.31 no.2
• /
• pp.171-178
• /
• 2004

Port scanning detection systems should rather satisfy a certain level of the requirement for system performance like a low rate of “False Positive” and “False Negative”, and requirement for convenience for users to be easy to manage the system security with detection systems. However, public domain Real Time Scan Detection Systems have high rate of false detection and have difficulty in detecting various scanning techniques. In addition, as current real time scan detection systems are based on command interface, the systems are poor at user interface and thus it is difficult to apply them to the system security management. Hence, we propose TkRTSD(Tcl/Tk Real Time Scan Detection System) that is able to detect various scan attacks based on port scanning techniques by applying a set of new filter rules, and minimize the rate of False Positive by applying proposed ABP-Rules derived from attacker's behavioral patterns. Also a GUI environment for TkRTSD is implemented by using Tcl/Tk for user's convenience of managing network security.