• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.1
• /
• pp.123-128
• /
• 2010

Graph expression of attack scenarios is a necessary method for analysis of vulnerability in server as well as the design for defence against attack. Although various requirement analysis model are used for this expression, they are restrictive to express combination of complex scenarios. Role Based Petri Net suggested in this paper offer an efficient expression model based role on Petri Net which has the advantage of concurrency and visuality and can create unknown scenarios.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.5 no.4
• /
• pp.667-674
• /
• 2015

Internet of things (IoT) has been a focus of research and widespread. Security and privacy are the key issues for IoT applications, and still faced with some enormous challenges. In order to facilitate this emerging domain, we analyzed the research progress of IoT, and pay attention to the security. By means of deeply analyzing the security architecture and features, the security requirements are required. And, we surveyed the demands and requirements.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.05a
• /
• pp.628-631
• /
• 2008

The information transfer between the ground facilities and the ground facilities and exchange are necessary for an aircraft and ground facilities so that it is safe, it is economic, an aircraft tan operate an aircraft to the high efficiency until it arrives at the destination location from the stand-by for the fly. Presently, by using the AFTN which is closed network, a communication is made. However, by applying the leading edge communication technology, the aeronautical telecommunication network of the next generation is constructed and it is planning to be managed. Due to this, the ground facilities connected to the foreign network has the security vulnerability by an attack. Therefore, the vulnerability analysis for the safe operational environment build-up at the aeronautical telecommunication network and sorority requirement research are needed.

• The KIPS Transactions:PartC
• /
• v.18C no.5
• /
• pp.293-302
• /
• 2011

The various information services can be delivered by smartphone through advanced high-speed mobile communication. A smartphone is a mobile device that offers more powerful computing capacity than feature phone. Therefore this device can provide such as web surfing, editing documents, playing video, and playing games. A lot of personal information stored on smartphone. Because it has High usability. Personal information Leaks if the smart phone is lost or stolen may become a big problem. In this paper we have analyzed existing method for providing secure storage and user authentication on mobile platform and derived security requirement. Therefore we propose the following scheme that satisfy security requirement. Proposed scheme providing secure storage with preventing authentication bypass, and availability from damaged data to access secure area.

• Journal of Digital Contents Society
• /
• v.5 no.2
• /
• pp.95-100
• /
• 2004

For improve level of information security, the necessity of evaluation and certification of Information Security System(ISS) in increasing. Evalustion and Certification Institute have evaluated ISS for risk prevention of information dysfunction in an advanced countries. But, the problem of the time and cost occurred when it is caused by with application of unlike evaluation criteria each other. The result of effort to solution, Common Criteria(CC) and Common Evaluation Methodology(CEM) is using for evaluation of ISS and mutual recognition. Evaluation participant is needed flexible and active interpretation of CC and CEM for an efficient evaluation preparation and performance.

• Convergence Security Journal
• /
• v.5 no.4
• /
• pp.33-40
• /
• 2005

As e-learning studying is activated, learner's requirement increased. Therefore, need correct e-learning model augmented requirement of learner and new ubiquitous surrounding. In this treatise when, proposed to supplement studying contents relationship conversion service and cooperation studying service function to LMS that analyze existing e-learning model's limitation for ubiquitous environment e-learning model that can study regardless of, ubiquitously some contents and do based on SCORM ubiquitous-network and next generation sensor technology etc. Learning form conversion service senses a learner's surrounding situations and recognize his/her body condition using smart sensor technology and provides the learner with contents in the optimal form. Using sensing projects like Orestia and SOB, users can more effective collaborative learning service.

• Journal of Digital Convergence
• /
• v.12 no.10
• /
• pp.235-242
• /
• 2014

Although the requirement of enterprise security implementation has been raised, a few research on security collaboration, which is one of the methods for enterprise security has been performed. This paper approached information security from the collaboration-centric perspective and propose critical success factors for security collaboration. In this study, a model of security collaboration, which includes coordination and cooperation activities was devised. Based on the previous research on organizational collaboration literature, the eight success factors for collaboration were deduced and examined the significance of the eight factors using the PLS-SEM statistical method with data of 106 samples who are security and IT professionals who have worked for more than 7 years. The result of the hypothesis test supported that trust, expertise motivation, collaboration performance criteria, top manager support and collaboration tools are the prominent factors of security collaboration.

• Journal of Digital Convergence
• /
• v.17 no.8
• /
• pp.221-228
• /
• 2019

The importance of security for virtualization products has been increased with the activation policy of cloud computing and it is necessary to analyze cyber security threats and develop security requirements for virtualization products to provide with more secure cloud environments. This paper is a preliminary study with the purpose of developing security functional requirements through analyzing security features and cyber security threats as well as comparison of foreign countries' cases for virtualization products. To do this, the paper compares evaluation schemes for virtualization products in US and UK foreign countries, and analyzes the cyber security threats, security objectives and security requirements in both countries. Furthermore, it proposes the essential checking items and processes for developing security functional requirements about security features of virtualization products to contribute to its more secure development and the establishment of related security evaluation standards.

• The Journal of Society for e-Business Studies
• /
• v.24 no.2
• /
• pp.113-124
• /
• 2019

Today many companies are offering IoT-enabled products and place emphasis on security from the planning stage to protect their products and user information from external threats. The present security levels, however, remain low because the time and resources invested in developing security requirements for each device are far from enough to meet the needs of a wide range of IoT products. Nevertheless, vulnerabilities of IoT devices have been reported continuously, which calls for more detailed security requirements for home IoT devices. In this context, this research identified threats of home IoT systems by using Microsoft Threat Modeling Tool. It then suggested measures to enhance the security of home IoT devices by developing security assessment items through comparative analysis of the identified threats, domestic and global vulnerability assessment standards and related research. It also verified the effectiveness of the developed security requirements by testing them against the existing ones, and the results revealed the security requirements developed in this research proved to be more effective in identifying vulnerabilities.

• Journal of IKEEE
• /
• v.19 no.4
• /
• pp.548-556
• /
• 2015

When the variety of personal health services are provided in the ICBM(IoT, Cloud, Bigdata, and Mobile) environment, the security requirements of personal health service(PHS) including privacy issues is proposed in this paper. Because it is expected that the services related to personal health are provided in the cloud environment, the security requirements of a cloud environment is firstly investigated and then security threats including direct and indirect threats in a cloud environment are analyzed in terms of the security of PHS. In addition, the security requirements of PHS is developed based on the security requirements of electronic medical record(EMR) for medical service in this paper, then the validity of the proposed security requirements is shown by the relation between security requirements of cloud environment and PHS to indicate that a security requriement is supported by several security requirements of PHS.