• Proceedings of the Korea Association of Information Systems Conference
• /
• 2000.05a
• /
• pp.171-175
• /
• 2000

The firewall is normally an intermediate system between the secure internal networks and the less secure external networks. It is intended to keep corporate systems safe from intruders, hackers, and accidental entry into the corporate system. The primary types of firewalls are screening routers, proxy servers, and stateful inspectors. Encryption is another form of firewall protection which is being incorporated along with other firewall methods. Before choosing a firewall architecture, a company must have the right mind set about the threat. The future will see more integration of firewall technologies and the increased use of standards in the industry. It must also determine what are the possible consequences of a breach in security and then develop a system to counter the threat. Additionally, new firewall technologies will address the potential dangers associated with the use of Java applets and Active X-controls on the Internet.

• Journal of the Korean Society for Industrial and Applied Mathematics
• /
• v.8 no.1
• /
• pp.11-30
• /
• 2004

Access Control is one of essential branches to provide system's security. Depending on what standards we apply, in general, there are Role-based access control, History-based access control. The first is based on subject's role, The later is based on subject's history. In fact, RBAC has been implemented, we are using it by purchasing some orders through the internet. But, HBAC is so complex that there will occur some errors on the system. This is more and more when HBAC is used with other access controls. So HBAC's formalization and model which are general enough to encompass a range of policies in using more than one access control model within a given system are important. To simplify these, we design the mathematical model called non-access structure. This Non-access structure contains to historical access list. If it is given subjects and objects, we look into subject grouping and object relation, and then we design Non-access structure. Then we can determine the permission based on history without conflict.

• International Commerce and Information Review
• /
• v.10 no.1
• /
• pp.349-371
• /
• 2008

Export controls on strategic items has been an international standard of trade. We should understand the global trend of this and perform clean policies in the international community. This article examines the Improvement of Competitiveness and International Export Control System of Strategic Items for focusing to Internal Compliance Program(ICP). Therefore, this study would like to suggest for build to ICP. Each member of company have to convert their perception for controling strategic items. Also, they have to build controling system in ERP system and extend Incentive for CPs. the support to the trustworthy controling system. Korea is actively trying to control strategic items export for world peace and national security. So the related enterprise needs to manage voluntary export system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.8
• /
• pp.1457-1471
• /
• 2011

A method to detect Trojan horses in messaging and Bluetooth in mobile phones by means of monitoring the events produced by the infections is presented in this paper. The structure of the detection approach is split into two modules: the first is the Monitoring module which controls connection requests and sent/received files, and the second is the Graphical User module which shows messages and, under suspicious situations, reports the user about a possible malware. Prototypes have been implemented on different mobile operating systems to test its feasibility on real cellphone malware. Experimental results are shown to be promising since this approach effectively detects various known malware.

• Proceedings of the Korea Society for Simulation Conference
• /
• 2005.05a
• /
• pp.1-4
• /
• 2005

Information communication environment integrates communication, broadcasting and internet, and Digital Convergence service emerges in result. Thus, the effective routers are needed so that they can transmit a huge number of data to core internet through appropriate base center. Therefore, the network guaranteeing QoS in transport layer supports interoperability with different wireless networks. So as to users receive necessary information anywhere seamlessly, the network architecture focuses on packet transmission and it is efficient for the control layer switches and controls packets between different networks. Since individual users take advantage of different services and data, the effective router architecture must be designed. Hence in this paper we design monitoring technique to solve security problem and to support premium service to ultimate users. Thereafter, we run opnet simulation and show the improvement of proposed router architecture.

• The Journal of Information Technology
• /
• v.6 no.1
• /
• pp.11-20
• /
• 2003

With the development of Information Communication Technique, electronic commerce using PKIs is widely used over the Internet. The goal of access control is to counter the threat of unauthorized operations involving Web-server or data base systems. The RBAC(Role-Based Access Control) has recently received considerable attention as a promising alternative to traditional discretionary and mandatory access controls. In this paper we propose two methods, the RBAC system using attribute certificates and the RBAC system using SPKI certificates. And we analyze and compare the two methods.

• Structural Engineering and Mechanics
• /
• v.82 no.5
• /
• pp.587-594
• /
• 2022

Behavior of concrete elements under the effect of high-speed projectiles has gain increasing interest recently. It's necessary to understand how far the concrete can absorb the effect of bullets in order to save the occupants when design security and military infrastructures. This study presents a total of 18 concrete slabs casted and tested under reinforcement ratios, 0%, 0.35% and 0.7%. Parameters interested were slab thickness, (50 mm, 100 mm, and 150 mm) and type of weapon. All specimens tested to investigate their response under the effect of attacking by two common types of weapon. In general, it was found that projectile penetration was controlled by their thickness regardless the steel reinforcement ratio. However, the steel reinforcement controls the damage.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.5 s.43
• /
• pp.127-137
• /
• 2006

We propose two phase filtering scheme to develop an efficient mechanism for XML databases to control query-based access. An access control environment for XML documents and some techniques to deal with fine-grained authorization priorities and conflict resolution issues are proposed. Despite this, relatively little work has been done to enforce access controls particularly for XML databases in the case of query-based access. The basic idea utilized is that a user query interaction with only necessary access control rules is modified to an alternative form through a query optimization technique, which is guaranteed to have no access violations using tree-aware metadata of XML schemas. The scheme can be applied to any XML database management system and has several advantages such as small execution time overhead, fine-grained controls, and safe and correct query modification. The experimental results clearly demonstrate the efficiency of the approach.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.821-830
• /
• 2017

The internet is an important infra resource that it controls the economy and society of our country. Also, it is providing convenience and efficiency of the everyday life. But, a case of various are occurred through an using vulnerability of an internet infra resource. Recently various attacks of unknown to the user are an increasing trend. Also, currently system of security control is focussing on patterns for detecting attacks. However, internet threats are consistently increasing by intelligent and advanced various attacks. In recent, the darknet is received attention to research for detecting unknown attacks. Since the darknet means a set of unused IP addresses, no real systems connected to the darknet. In this paper, we proposed an algorithm for finding black IPs through collected the darknet traffic based on a statistics data of port information. The proposed method prepared 8,192 darknet space and collected the darknet traffic during 3 months. It collected total 827,254,121 during 3 months of 2016. Applied results of the proposed algorithm, black IPs are June 19, July 21, and August 17. In this paper, results by analysis identify to detect frequency of black IPs and find new black IPs of caused potential cyber threats.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.21 no.1
• /
• pp.634-640
• /
• 2020

The information security management system (ISMS) and the personal information management system (PIMS) have been integrated into a personal information & information security management system (ISMS-P) certification scheme in response to requests to reduce the time and cost to prepare certification schemes. Integration of the certification system has made it possible for the system operator to gain the advantage of easy management of the ISMS-P certification system, and the certification target organization can enjoy the advantage of easy acquisition and maintenance of certification. However, ambiguity in the application criteria of the target organization, and ambiguity in the certification criteria control items require the target organization to operate an excessive management system, and the legal basis to be applied to the certification target organization is ambiguous. In order to improve these problems, this paper uses case studies to identify the types of certification bodies that apply the certification criteria, and to change the control items applied during certification audits based on the types of certification bodies. Institutions that wish to obtain only ISMS certification have proposed three solutions, excluding controls covered by the ISMS-P. This paper suggests ways to operate an efficient certification system, and can be used as a basis for improving problems in the ISMS-P certification system.