• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.5
• /
• pp.1125-1130
• /
• 2015

In this paper, a method to identify components per unit task system is expressed with node, module, and interface. We define security subject per unit task system and explain node, module, and interface per component. According to the defined security standard in design phase, we also perform to design and elaborate security attributes for node and module as identified security subjects in their defined tables. And then we describe the composition standard for security attribute design with some examples, after classifying it into security subject, access subject, access control area, identification or verification area, and encryption.

• 한국디지털정책학회:학술대회논문집
• /
• 2003.12a
• /
• pp.161-170
• /
• 2003

Knowledge management system building knowledge acquisition, knowledge share, and knowledge maintenance for the member of corporation is expanded throughout whole industry to cope with rapid business environment. Electronic document basing knowledge management system can copy, print, and transfer knowledge to another party, so it is being regarded as a essential infrastructure to share knowledge. However, considering most of information leakage is sprung up by insider of organization, it is considered to provide countermeasure to protect illegal use from information leakage. The purpose of this paper is to establish digital information security system through design of document and manage digital information assets safely through electronic document security system protecting illegal leakage of digital information assets.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.165-168
• /
• 2012

In this paper, to remind ourselves that exist in the world what kind of security system is also difficult to defend a system with computerized access system representative of infringement that, Computerized personnel act of infringement cases, and thus the extent of the damage and the severity Revisited, Furthermore, technical measures beyond the limits of the technical security measures in line computerized rights management representative and for infringement prevention measures in Human Resource Management through its own alternative to find.

• Journal of Advanced Navigation Technology
• /
• v.12 no.4
• /
• pp.384-391
• /
• 2008

These days, along with the information society, the value of information has emerged as a powerful factor for a company's development and sustainability, and therefore, the importance of the Information Security and Management System (ISMS) has emerged and become an integral part of all areas of business. In this paper, ISMS evaluation methods from around the world are compared and analyzed with the standards of various management guidelines, definitions, management of threats and vulnerability, approaches to result calculations, and the evaluation calculation indexes for domestic to propose the best method to evaluate the Information Security Management System that will fit the domestic environment.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.4
• /
• pp.131-142
• /
• 2010

Due to the development of the Internet, Internet banking that we are liberated from time and space has evolved into banking system. So modern life became comfortable. However, Dysfunction (malicious Information leakage and hacking etc.) of the Internet development has become a serious social problem. According to this, The need for security is rapidly growing. In this paper, we proposed the Internet Banking Authentication System using a dual-channel in OTP(One Time Password) authentication. This technology is that A user transfer transaction information to Bank through one Internet channel then bank transfer transaction information to user using the registered mobile phone or smart phone. If user confirm transaction information then bank request user's OTP value. User create OTP value and transfer to bank and bank authenticate them throgth the ARS. If authentication is pass then transaction permitted. Security assessment that the proposed system, the security requirement that the confidentiality and integrity, authentication, repudiation of all of the features provide a key length is longer than the current Internet banking systems, such as using encryption, the security provided by the Financial Supervisory Service Level 1 rating can be applied to more than confirmed.

• Journal of Information Processing Systems
• /
• v.16 no.3
• /
• pp.699-717
• /
• 2020

Propagation time on permissionless blockchain plays a significant role in terms of stability and performance in the decentralized systems. A large number of activities are disseminated to the whole nodes in the decentralized peer-to-peer network, thus causing propagation delay. The stability of the system is our concern in the first place. The propagation delay opens up opportunities for attackers to apply their protocol. Either by accelerating or decelerating the propagation time directly without proper calculation, it brings numerous negative impacts to the entire blockchain system. In this paper, we thoroughly review and elaborate on several parameters related to the propagation time in such a system. We describe our findings in terms of data communication, transaction propagation, and the possibility of an interference attack that caused an extra propagation time. Furthermore, we present the influence of block size, consensus, and blockchain scalability, including the relation of parameters. In the last session, we remark several points associated with the propagation time and use cases to avoid dilemmas in the light of the experiments and literary works.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.3
• /
• pp.59-68
• /
• 2013

In this study, airport security check process is analyzed to modeling a simulation. Simulation is compared with real security system to verify. Utilizing verified simulation, spends time in the current security check is calculated and suggests alternatives. Considering the movement of passengers and security check system of all four cases the results yielded by the experiment. The results show that security check time decreased significantly to 20.8%. The simulation was developed in this study; including the introduction of a new security system at security check can be used as a decision support tool is expected.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.877-884
• /
• 2019

As technology advances, equipment installed in Nuclear facilities are changing from analog system to digital system. Nuclear facilities have been exposed to cyber threats as the proportion of computers and digital systems increases. As a result, interest in cyber security has increased and there has been a need to protect the system from cyber attacks. KINAC presented 101 cyber security controls for critical digital asset. However, this is a general measure that does not take into account the characteristics of digital assets. Applying all cyber security controls to critical digital assets is a heavy task and can be lower efficient. In this paper, we propose an effective cyber security controls by identifying the characteristics of critical digital assets and presenting proper security measures.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.4
• /
• pp.45-54
• /
• 2001

It is necessary to control security management consistently and respond to an intrusion automatically in order to use the network securely in the single administrative domain. This paper presents a Shadowing Mechanism supporting a dynamic extension of security scheme and proposes an ARTEMIS(Advanced Realtime Emergency Management and Intruder Identification System), which is designed and implemented based on the suggested technique. It is possible for security management system developed on the basis of the Shadowing Mechanism to make all network components working under the same security scheme. It enhances the accuracy of intrusion tracing and automatic response through dynamic extension of space and time for security management.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.12
• /
• pp.6243-6259
• /
• 2019

As a foundation of next-generation air transportation systems, automatic dependent surveillance-broadcast (ADS-B) helps pilots and air traffic controllers create a safer and more efficient national airspace system. Owing to the open communication environment, it is easy to insert fake aircraft into the system via spoofing or the insertion of false messages. Efforts have thus been made in academic research and practice in the aviation industry to ensure the security of transmission of messages of the ADS-B system. An identity-based batch verification (IBV) scheme was recently proposed to enhance the security and efficiency of the ADS-B system, but current IBV schemes are often too resource intensive because of the application of complex hash-to-point operations or bilinear pairing operations. In this paper, we propose a lightweight IBV signature scheme for the ADS-B system that is robust against adaptive chosen message attacks in the random oracle model, and ensures the security of batch message verification and against the replaying attack. The proposed IBV scheme needs only a small and constant number of point multiplication and point addition computations instead of hash-to-point or pairing operations. Detailed performance analyses were conducted to show that the proposed IBV scheme has clear advantages over prevalent schemes in terms of computational cost and transmission overhead.