• Journal of Information Technology Applications and Management
• /
• v.30 no.6
• /
• pp.17-29
• /
• 2023

In this paper, we aim to propose cyber security considerations and countermeasures for infrastructure and services in the UAM(Urban Air Mobility) Air Traffic Management field, which is one of the key elements of the UAM market that has not yet bloomed. Air traffic management is an important factor for safe navigation and social acceptance of UAM. In order to realize air traffic management, infrastructure and services based on solid network connectivity must be established. And for industries where connectivity is the core component, it can become an infiltration route for cyber threats. Therefore, cyber security is essential for the infrastructure and services. In detail, we will look into the definition of the existing air traffic management field and the cyber threats. In addition, we intend to identify cyber security threat scenarios that may occur in the newly designed UAM air traffic management infrastructure. Moreover, in order to study the cyber security countermeasures of the UAM air traffic management infrastructure, there will be analysis of the UAM operation concept. As a result, countermeasures applicable to the infrastructure and service fields will be suggested by referring to the cyber security frameworks.

• Journal of the Korea Convergence Society
• /
• v.6 no.4
• /
• pp.33-40
• /
• 2015

According to arriving convergence environment which can create new value-added converged between industry and ICT technology, It has made economic growth and improve the quality of life. However this convergence environment provide not only advantage but also various security problems resulting from generating converged security threats. For resolving this security problem, we need to approach to security problem in the integrated view not the fragmentary view which cover only technical approach. So This study developed security governance framework which can manage trustful security governance in multidimensional view which cover strategy, managerial/operational and technical view. Therefore this framework can construct trustful security management system which can help top management team to engage in security management directly and organizational member to perform security activities and have responsibility for themselves as suggesting single standard for security management.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.4
• /
• pp.45-54
• /
• 2001

It is necessary to control security management consistently and respond to an intrusion automatically in order to use the network securely in the single administrative domain. This paper presents a Shadowing Mechanism supporting a dynamic extension of security scheme and proposes an ARTEMIS(Advanced Realtime Emergency Management and Intruder Identification System), which is designed and implemented based on the suggested technique. It is possible for security management system developed on the basis of the Shadowing Mechanism to make all network components working under the same security scheme. It enhances the accuracy of intrusion tracing and automatic response through dynamic extension of space and time for security management.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.34 no.4
• /
• pp.72-81
• /
• 2011

In this paper, we propose adaptive convergence security policies and management technologies to improve security assurance in the home networking environment. Many security issues may arise in the home networking environment. Examples of such security issues include the user privacy, the service security, the integrated networking security, the middleware security and the device failure. All these security issues, however, should be fulfilled in phase due to many difficulties including deployment cost and technical complexity. For instance, fundamental security requirements such as authentication, access control and prevention of crime and disaster should be addressed first. Then, supplementary security policies and diverse security management technologies should be fulfilled. In this paper, we classify these requirements into three categories, a service authentication, a user authentication and a device authentication, and propose security policies and management technologies for each requirement. Since the home gateway is responsible for interconnection of many home devices and external network access, a variety of context information could be collected from such devices.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2001.05a
• /
• pp.1-10
• /
• 2001

SNMPv3 provides the security services such as authentication and privacy of messages as well as a new flexible and extensible administration framework. Therefore, with the security services enabled by SNMPv3, network managers can monitor and control the operation of network components more secure way than before. But, due to the user-centric security management and the deficiency of policy-based security management facility, SNMPv3 might be inadequate network management solution for large-scaled networks. In this paper, we review the problems of the SNMPv3 security services, and propose a Role-based Security Management Model(RSM), which greatly reduces the complexity of permission management by specifying and enforcing a security management policy far entire network.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.1 no.2
• /
• pp.56-63
• /
• 2006

In this paper, we propose the integrated security management framework supporting the trust for the ubiquitous environments. The proposed framework provides the gathering and analysis of the security related information including the location of mobile device and then dynamically configures the security policy and adopts them. More specially, it supports the authentication and delegation service to support the trusted security management for the ubiquitous networks. This system also provides the visible management tools to give the convenient view for network administrator.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.5
• /
• pp.171-176
• /
• 2015

Because the specific security technology alone can not cope with sophisticated attacks, various security management models are applied. But, they do not focus on the vulnerability of the highest part because they offer so many common security management criteria. By analyzing the main information and confidential leakage cases inflicting enormous damage to our society, we found that attackers are using mainly an interface vulnerabilities - the paths that connect the internal and external of the organization, such as e-mail, web server, portable devices, and subcontractor employees. Considering the reality that time and resources to invest in security domain are limited, we point out the interface security vulnerabilities the possibility of attackers to exploit and present a convergence method of security measures. Finally, based of ROI(Return on Investment), we propose the real-time security management system through the intensive and continuous management.

• International Journal of Computer Science & Network Security
• /
• v.22 no.9
• /
• pp.369-375
• /
• 2022

The article substantiates the need and shows the features of introducing SMART management into the system of public management of regional development in the context of strengthening the national security of Ukraine. Disclosed are such provisions as: goal-setting; state mission; state mission in Ukraine; goals of the Ukrainian state; strategic management priorities in Ukraine. Differences between the purpose of the organization and the purpose of the state are determined. The characteristic of the goal at the state level is given. The management standards in SMART management are characterized. The issues of the exhaustibility of existing SMART criteria are reviewed and it is proposed to supplement them with two such as: inspiration (inspiration) and ity (ethics). Two main principles are defined (evaluated (assessment), reviewed (review)), which must be observed when introducing SMART management into the system of public management of regional development in the context of strengthening the national security of Ukraine.

• Journal of the Korea Convergence Society
• /
• v.10 no.1
• /
• pp.53-59
• /
• 2019

In this paper, we introduce the UTOPIA Smart City Security Management System which manages a user authentication for smart cities. Because the smart city management system should take care of huge number of users and services, and various kinds of resources and facilities, and they should be carefully controlled, we need a specially designed security management system. UTOPIA is a smart city system based on ICT(Information and Communication Technology), and it has a three tier structure of UTOPIA portal system, UTOPIA processing system and UTOPIA infrastructure system. The UTOPIA processing system uses the smart city middleware named SmartUM. The UTOPIA Smart City Security Management System is implemented in the application security layer, which is the top layer of the SmartUM middleware, and the infrastructure security layer, which is the lowest layer. The UTOPIA Smart City security management system is built on the premise that it supports all existing user authentication technologies. This paper introduces the application security layer and describes the authentication management in the application security layer.

• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.63-72
• /
• 2021

The hospital biomedical engineering team is responsible for establishing and regulating the Medical Device Management Program (MEMP) to ensure that medical devices are safe and reliable. As technology advances, medical devices such as artificial intelligence and precision medicine are developing into a form that allows connection between objects anytime, anywhere, and as various technologies converge, internal and external security threats continue to increase. In this paper, we present a study of the Medical Device Management Program (Secure-MEMP) method, considering that the security threat of medical devices continues to increase due to advances in technology.