• Journal of Korea Multimedia Society
• /
• v.10 no.12
• /
• pp.1671-1678
• /
• 2007

In these days, Disaster Management Systems have still put emphasis on its recovery more than the prevention of disaster events. However, the countermeasure of restoration has limitations to prevent the caused loss because the disasters often happen and are massive. Therefore, we propose a disaster prevention system for supporting the safe urban. In this paper, we try to construct a real-time monitoring system to prevent disaster events using new technologies such as Wireless Sensor Networks (WSN) and Geographic Information System (GIS). As a prototype to simulate the fire disasters on real-time, we construct gas sensors and temperature sensors. Our system consists of a WSN system to collect data of the gas and temperature sensors and to monitor the situation information. Our contribution is to provide a prototype application to prevent the disasters from the fire by constructing a WSN system with gas and temperature sensors.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.3
• /
• pp.53-65
• /
• 2010

Conditional Access System (CAS) is a core security mechanism of IPTV SCP (Service and Content Protection) which enables only authenticated user to be able to watch the broadcasting contents. In the past, it was general that CAS was built in Set-Top Box (STB) as hardware or as a detachable cable card. However, numerous researches in Downloadable CAS (DCAS), where users can download CAS code in their STB through their network, have been recently conducted widely due to the lack of security and scalability problem. In this paper, the security requirements of OpenCable based DCAS which is typical example of downloadable IPTV SCP will be derived, the novel authentication and key management scheme will be proposed by using the Authentication Proxy (AP) which is the core DCAS. Also, the benefits of the proposed system will be evaluated by comparison and analysis with preceding research.

• KNOM Review
• /
• v.22 no.1
• /
• pp.11-19
• /
• 2019

As technology develops, the latest security threats on the network applied to users are increasing. By attacking industrial or corporate systems with malicious purposes, hackers cause many social problems such as confidential information leakage, cyber terrorism, infringement of information assets, and financial damage. Due to the complex and diversified threats, the current security personnel alone are not enough to detect and analyze all threats. In particular, the Supervisory Control And Data Acquisition (SCADA) used in industrial infrastructures that collect, analyze, and return static data 24 hours a day, 265 days a year, is very vulnerable to real-time security threats. This paper introduces security information and event management (SIEM), a powerful integrated security management system that can monitor the state of the system in real time and detect security threats. Next, we compare SIEM solutions from various companies with the open source SIEM (OSSIM) from AlienVault, which is distributed as an open source, and present cases using the OSSIM and how to utilize it.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.1
• /
• pp.79-86
• /
• 2004

In general, operating system is offering the security function of OS level to support several web services. However, it is true that security side of OS level is weak from many parts. Specially, it is needed to audit/trace function in security kernel level to satisfy security more than B2 level that define in TCSEC(Trusted Computer System Evaluation Criteria). So we need to create audit data at system call invocation for this, and do to create audit data of equal format about almost event and supply information to do traceback late. This Paper Proposes audit/trace system module that use LKM(Loadable Kernel Module) technique. It is applicable without alteration about existing linux kernel to ensure safe evidence. It offers interface that can utilize external audit data such as intrusion detection system, and also offers safe role based system that is divided system administrator and security administrator These data will going to utilize to computer forensics' data that legal confrontation is Possible.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.06a
• /
• pp.107-108
• /
• 2007

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.253-254
• /
• 2011

Most of existing RFID authentication protocols either suffer from some security weaknesses or require costly operations that are not available on low-cost tags. In this paper, we analyzed the security mechanism of a lightweight authentication protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1131-1139
• /
• 2016

In the Hive file format, the sk(Security Key) cell provides access control to registry key. An attacker can figure out secret information on registry or change the security set-up if she could apply modified hive files on system. This paper presents various methods to change access control of registry key by modifying or replacing cell on hive file. We also discuss threats by access control modification and signs of attacks analysis by modified hive files.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.4C
• /
• pp.197-206
• /
• 2011

In the RFID system, bulk tag information is stored into the back-end database as plaintext format not ciphertext. In this case, the tags's private informations can be easily compromised by an external hacker or an insider attacker. If the private informations of tags disclosed by the attackers, it can occur serious privacy invasion problem. Recently the database(DB) security is an important issue to prevent the above DB compromised attack. However, DB security for RFID systeme has not been considered yet. If we use the DB security technique into the RFID system, the above described privacy invasion' problem can be easily prevented. Based on this motivation, this paper proposes a secure and efficient back-end database security and authentication(S-DB) scheme with XOR-based encryption/decryption algorithm. In the proposed scheme, all tag's private information is encrypted and stored by using the DB secret key to protect the DB compromised attack. As a result, the proposed S-DB scheme 'can provide stronger security and more efficiency for the secure RFID system environment.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.3
• /
• pp.661-669
• /
• 2004

As a large number of distributed systems becoming more popular, interoperability, portability and security are becoming major concerns of modern computing. CORBA and object-oriented database which provide transparency of network and database are increasingly being used as the basis for distributed system to solve these problems. The two methods can help accomplish assurance of security by using a method-based access control technique or an attribute-based access control technique. These methods also enhance the unavailability or inefficiency caused by the delay of access process and bottleneck of the network due to the complex instance-based access control. We propose a security model on the type information based access control system that can enhance both security and availability by separating the functions delivered from CORBA and object-oriented databases. We apply the access control model specifically to enhancement of security system and also perform a test to verify the security and availability of our model.

• Journal of The Korean Association of Information Education
• /
• v.2 no.1
• /
• pp.130-137
• /
• 1998

An agent is a computer program that acts autonomously on a computer system. A mobile agent is not bound to the system where it begins execution. It has an ability to transport itself from on e system in a network to another. Mobile agent system solve the network traffic problem. Moreover, the agent may utilize the object services of the destination agent system. In this study the mobile agent system is introduced to support security service.