• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.617-636
• /
• 2017

Many businesses have adopted the standard security management structure such as ISO27001 and K-ISMS for strengthening business's security management structure to protect their core information assets and have acquired partial output from such effort. However, many risk factors such as recent advances in Information Technology and evolution of intrusion methods have increased exponentially requiring the businesses to response even more quickly with better accuracy. For such purpose, a study of 'Real Time Security Management Structure for Business' based on security management process optimization, defining a set of security index for managing core security area and calculation of risk indices for precognition of intrusion risk area has been made. Also, a survey on opinions of an expert panel has been conducted. The effectiveness of studied structure was analyzed using AHP method as well. Using this study, security personnels of a company can improve efficiency of the preemptive responsive and quicker measure from the current security management structure.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.05a
• /
• pp.591-594
• /
• 2008

This paper explores how to characterise security properties of software components, and how to reason about their suitability for a trustworthy compositional contract. Our framework provides an explicit opportunity for software composers as well as software components to test a priori security properties of software components in a system composition. The proposed framework uses logic programming as a tool to represent security properties of atomic components and reason about their compositional matching with other components.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1996.11a
• /
• pp.238-247
• /
• 1996

본 논문에서는 ITU-T X.800 권고안의 요구 기능을 중심으로 SEDI(Secure EDI) 시스템의 정보보호 서비스 모듈들을 관리하기 위한 시스템 구조를 설계하였다. 관리자인 ESM(EDI Security Management) 모듈과 관리 대행자인 SMA(Security Management Agent) 모듈을 새롭게 설계하였다. 특히, ESM과 SMA 간의 관리 정보의 교환때문에 전체적인 성능 저하가 발생하지 않도록 SMA에 필터링 기능을 제안하였다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.232-236
• /
• 2001

본 논문에서는 WAP 포럼에서 제시하고 있는 무선 인터넷 솔루션인 WAP에서의 보안 메커니즘인 WTLS(Wireless Transport Layer Security), WIM (WAP Identity Module), WMLScript Crypto Library, WPKI(WAP Public Key Infrastructure)에 대해 살펴보고, WAP 게이트웨이를 사용하는 네트워크의 구조적 형태에서 발생되는 종단간 보안 서비스의 문제점에 대해 논의한 후 WAP 환경에서 종단간 보안 서비스를 제공할 수 있는 보안 시스템을 설계 및 구현하고자 한다.

• Journal of information and communication convergence engineering
• /
• v.3 no.2
• /
• pp.93-95
• /
• 2005

In order to create security session, security keys are preconfigured between communication objects. For this purpose, Handshake Protocol exists. The pre-master secret key that is used in this process needs to interpreted by a server to create master secret key, whose process requires a big calculation, resulting in deteriorating system's transmission performance. Therefore, it is helpful in increasing transmission speed to reuse secret keys rather than to create them at every connection.

• Annual Conference of KIPS
• /
• 2004.05a
• /
• pp.1165-1168
• /
• 2004

본 논문은 임베디드 장비에 사용되는 코어중 시장의 약 70% 이상을 점유하고 있는 ARM(Advanced RISC Machine) 코어에서의 BOF(Buffer OverFlow)에 대해서 논하고자 한다. 먼저, ARM 아키텍처에서 함수 호출시 스택의 변화에 대해서 기술하고 이 환경에서 시스템 공격 기법 중 가장 빈번한 BOF가 어떻게 이루어지는가에 대해서 설명한다. 그리고 ARM 아키텍처만이 가지는 특징을 이용하여 이에 대처하는 방법을 제안 한다.

• Journal of the Korea Society of Computer and Information
• /
• v.7 no.3
• /
• pp.60-67
• /
• 2002

Existing as a reverse function in the information age, the security threats against the information system is increasing day by day and a systematic security management to this is being considered more and more important. The most important thing on security management is a risk analysis to understand the cause of the threat and to set up a countermeasure. Therefore, to increase security the proposed model will advise on the set up of the security policy and for a set up of an economic security countermeasure we have increased the reliability on the risk calculation stage. Especially, on the countermeasure stage we have requested a security level on the asset in order to examine the mutual reliance between assets, and differing from the standard model, we have improved the proposed model so that the materializing of the proposed countermeasure has been made to identify the restricted items for each asset and in order to not materialize superficial countermeasures and to make sure to materialize an economic countermeasure.

• Journal of Convergence Society for SMB
• /
• v.6 no.3
• /
• pp.13-19
• /
• 2016

In various ICBM (IoT, Bigdata, Cloud, Mobile) IT convergence environments, IT technologies have been evolved, new information security threats have been occurred. As information security incidents in major public agencies, financial institutions and companies occurred, it was emphasized that the importance of human security was disclosed. Thus, implementing of information security management system could protect hacks and security breaches and respond quickly to accidents so it minimized the sized of loss. In this paper, comparison of human security controls shown in ISO27001, COBIT, NIST 800-53, K-ISMS, Cyber Security Framework such as the main information security management systems was analyzed, and proposed of the security implications about effective controls of human resources security issues.

• ETRI Journal
• /
• v.36 no.1
• /
• pp.183-186
• /
• 2014

In this letter, we consider a cooperation system with multiple untrusted relays (URs). To keep the transmitted information confidential, we obtain joint channel characteristics (JCCs) through combining the channels from the source to the destination. Then, in the null space of the JCCs, jammers construct artificial noise to confuse URs when the source node broadcasts its data. Through a distributed implementation algorithm, the weight of each node can be obtained from its own channel state information. Simulation results show that high-level security of the system can be achieved when internal and external eavesdroppers coexist.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.11S
• /
• pp.3289-3298
• /
• 1999

E-mail system is the most important service that enterprises and normal users in internet use. However, because a data security is not satisfied yet, and E-mail system with security service is essential. In this paper, We implemented the E-mail system with Certification of Delivery that was not provided in prior mail system with basic security services and can prove that sender's document is properly sent to the intended receipt. And an implementation of the system used Java Cryptography API.