• 한국디지털정책학회:학술대회논문집
• /
• 2004.11a
• /
• pp.221-229
• /
• 2004

This paper aims at developing communication module and application prcgram for client management module and developing database management module and managing wireless communication facilities for server systems. To construct these aims, we have adapted DES algorithm and researched on encrypting and decrypting module development applicable to SMS Security System and optimize module size and processing speed.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1991.11a
• /
• pp.155-164
• /
• 1991

컴퓨터가 널리 보급되고 정보통신 기술이 발전함에 따라 지리적으로 먼거리에 있는 사람에게 정보를 주고받을 수 있게 되었는데, 안전한 데이타의 송수신은 그 중요성이 더해가고 있다. 이런 시점에서 ISO가 OSI 환경에서 안전성 제공을 위해 IS 7498-2로 발표한 OSI Security Architecture에서는 5가지 안전성 서비스틀 제공하였다. 본 논문에서는 이들 중 이미 발생한 통신 사실을 부인할 수 없도록 하는 부인봉쇄 서비스를 제공할 수 있는 부인봉쇄 서비스 구현 모델을 MHS(Message Handling System)상에 설계하였으며, 구현방안을 제시하였다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1991.11a
• /
• pp.215-228
• /
• 1991

본 논문에서는 PC의 사용환경이 확대됨에 따른 PC보안의 필요성을 인식하고, PC에서 처리 운용되는 자료들을 보호하고 개인의 프라이버시를 보호할 수 있는 PC 보안시스템을 PC-XINU 운영체제상에서 설계하고 구현한다. 설계 구현하는 보안시스템은 인증, 엑세스 제어 및 정보 흐름 제어, 암호제어를 하도록 하였으며, 군과 같은 비밀체계에 적합하고 개인의 프라이버시를 보호할 수 있도록 하기 위한 정책을 적용하였다. 암호알고리즘은 DES를 이용하였다.

• Journal of Industrial Convergence
• /
• v.7 no.1
• /
• pp.21-31
• /
• 2009

Multicast is a network technology for the delivery of information to a group of destinations simultaneously using the most efficient strategy to deliver the messages over each link of the network only once, creating copies only when the links to the multiple destinations split. This thesis designed a group certificate that can authenticate group information safety between cores based on CBT, proposed a multicast security system that can control some security key.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.5
• /
• pp.945-950
• /
• 2017

Due to the vulnerability of the software, there is a hacking attack on the country's cyber infrastructure and real financial assets. Software is an integral part of the operating system and execution system that controls and operates Internet information provision, cyber financial settlement and cyber infrastructures. Analyzing these software vulnerabilities and enhancing security will enhance the security of cyber infrastructures and enhance the security of actual life in the actual country and people. Software development security system analysis and software development Security diagnosis analysis and research for enhancing security of software vulnerability. In addition, we will develop a textbook for the training of software vulnerability diagnosis and maintenance education, develop pilot test problems, pilot test of diagnostic staff, The purpose of this study is to enhance the software security of the cyber infrastructures of national and national life by presenting curriculum and diagnosis guide to train the software vulnerability examiner.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.5
• /
• pp.39-48
• /
• 2003

AAA(Authentication, Authorization, Accounting) protocol is a framework that propose functions of AAA on multiple networks and platforms. AAA protocol is extending from previous RADIUS protocol to Diameter protocol. There are some Diameter applications for variety purpose. Diameter CMS Application makes Diameter messages more secure by using PKI. Diameter CMS Application establish DSA(Diameter Security Association) for end to end security. However the Application has some problems to establish DSA(Diameter Security Association), which can make Diameter system unstable. If one system lose DSA information for some system error - for example, reboot -, the secure communication between two nodes may not be possible. At the application such as MIP, even user registration can't be done. In this paper, we propose a mechannism for DSA re-establishment, and also show the result of the implementation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.145-152
• /
• 2009

SCADA(Supervisory Control And Data Acquisition) systems are widely used for control and monitoring of critical infrastructures including electricity, gas and transportation. Any compromise in the security of SCADA systems could result in massive chaos and disaster at a national level if a malicious attacker takes the control of the system. Therefore, sound countermeasures must be provided when the SCADA systems are being developed as well as when they are being operated. Unlike general information processing system, SCADA systems have different service responses, communication protocols and network architectures and therefore a different approach should be applied to each SCADA systems that takes into consideration of each system's security characteristics and architectures. In addition, legal basis should be established to ensure the nationwide management of the systems security. This paper examines the vulnerabilites of SCADA systems and proposes action plans to protect the systems against cyber attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.5
• /
• pp.45-57
• /
• 2009

In this paper, we implemented the conference system based on DTLS for saving securely the VoIP, which is served sprightly in the latest, securely and tested (and also analyzed) the system. As VoIP technology development, demand of conference system is increased and the related technologies are growed. But Security protocol to protect conference service is getting late than conference technology. In this paper, we studied based on DTLS protocol that can provide function of signaling, channel security, media channel security and application of group key and apply to VoIP conference system based UDP unchanged. In this paper, we searched suggested security protocols based on DTLS can apply to conference system and implement and apply the protocol to conference system. And we tested (and also alayzed) overhead of encryption and key management mechanism.

• Convergence Security Journal
• /
• v.2 no.1
• /
• pp.1-15
• /
• 2002

Network management system exchanges information between management servers to manage other network as well as local network for MSP(Management Service Provider) business. Because communication line that is used here is communication line that several users use, other user can steal a important information that are passed through communication line. For these information include important information of administrator or equipments, These information should be protected. Usually it is use much SSL to security of communication and it wish to protect information using SSL in communication between management servers' or communication between server and client at network management system to use much SSL for security of communication.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1191-1199
• /
• 2016

To ensure the fairness, journal reviewers use blind-review system which hides the author information of the journal. Even though the author information is blinded, we could identify the author by looking at the field of the journal or containing words and phrases in the text. In this paper, we collected 315 journals of 20 authors and extracted text data. Bag-of-words were generated after preprocessing and used as an input of artificial neural network. The experiment shows the possibility of circumventing the blind review through identifying the author of the journal. By the experiment, we demonstrate the limitation of the current blind-review system and emphasize the necessity of robust blind-review system.