http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
강창구(Kang Chang Goo),최용락(Choi Yong Rak) 한국정보처리학회 1998 정보처리학회논문지 Vol.5 No.8
In this paper, we propose two authentication exchange schemes which combine public-key-based mutual authentication with a Diffie-Hellman key derivation exchange. The security of key exchange of the proposed schemes depends on the discrete logarithm problem. The security of the entity authentication depends on that of the signature mechanism to be used in the proposed scheme. In comparison with the Kerberos, X.509 exchanges, and ISO 3-way authentication protocol, the proposed schemes are not only simple and efficient, but also are resistant to the full range of replay and interception attacks.
통합 정보 모델을 이용한 접근제어 메커니즘 설계 및 구현
강창구(Kang Chang Goo),박진호(Park Jin Ho),최용락(Choi Yong Rak) 한국정보처리학회 1997 정보처리학회논문지 Vol.4 No.9
This paper presents a design of an access control mechanism that can resolves the complicated problems of access control requirements in modern information communication applications. In this paper, we proposed an integrated information model which can satisfy the combined goals of confidentiality, integrity and availability of any resource. We defined an integrated information model from the view points of identity-based, rule-based and role-based policy and implemented six access control operations. The proposed integrated information model can protect to unauthorized access to any resource based on the multilevel security policies of security label, integrity level, role and ownershop.
A Theoretical Study on Minimum-Bandwidth Line Coding
김대영,강창구,배철,오승협,Kim, Dae-Young,Kang, Chang-Goo,Bae, Cheol,Oh, Seung-Hyeub The Institute of Electronics and Information Engin 1990 전자공학회논문지 Vol.27 No.5
In this paper, some new results on minimum-bandwidth system are presented. First, we state sufficient condition for the existance of a existance of a power spectral null at the zero frequency and Nyquist frequency. Second, eye boundary functions and eyewidth are obtained for minimum-bandwidth systems of arbitrary numbers of transmitted symbol levels. Third, for linear minimum-bandwidth systems usually known as PR systems, we derived formulars for evaluating DSVs and ASVs in terms of the coefficients of the system polynomials and using formulars, we obtain DSVs and ASVs of various PR systems. Last, the relations among DSV, ASV, power spectral nulls, system polynomial nulls, and the minimum-bandwidth property are summarized.
이용준(Yong-Joon Lee),강창구(Chang-Goo kang),박성열(Sung-Yul Park),류근호(Keun-Ho Ryu) 한국정보과학회 1998 정보과학회 컴퓨팅의 실제 논문지 Vol.4 No.4
방화벽은 인터넷과 같은 외부망에 연결된 내부망을 외부의 불법적인 사용자의 침입으로부터 안전하게 보호하기 위한 시스템이다. 따라서 방화벽은 외부망에서 내부망으로 접근하기 위해서 반드시 방화벽을 통과하여야만 내부망으로 진입할 수 있도록 사용자를 통제하고 적법하다고 인증된 통신 트래픽만 걸러내어 통과시킨다. 그러나 방화벽은 외부망으로부터의 불법 침입을 일차적으로 방어해 주는 역할만을 수행하므로 외부 침입자가 메시지 재전송, 위장 등과 같은 다양하고 지능적인 공격을 통해 방화벽의 보안기능을 통과할 경우 내부망 전체가 침입 당할 수 있는 문제를 가지고 있다. 이 연구에서는 이러한 문제점을 개선하기 위하여 암호화 기법을 이용하여 사용자와 방화벽간의 상호 인증을 수행함으로써 인증시 재전송, 위장 공격을 방지하는 실체인증 프로토콜과 내부망에 대한 침입이 발생하였을 경우 침입을 신속히 감지하여 경보, 추적할 수 있는 전산망 감사추적 기법을 연구하고 이를 이용하여 방화벽의 정보보호 기능을 향상시킨 Wall & Walls 방화벽 시스템을 설계, 구현하였다. 또한 Wall & Walls 방화벽 시스템을 체계적으로 개발하기 위해서 시스템 개발을 위한 생명 주기를 정의하고 개발 단계를 방화벽 설계 정책의 수립, 설계 정책의 구현에 필요한 요구사항 분석, 시스템 설계, 구현, 시험 및 평가 단계로 구분하고 이에 따라 시스템을 개발하였다. Firewall is a network security system that provides secure access and internetwork communications between internal networks and external networks such as the Internet. It completely prevents any network traffic from passing directly between the internal and external untrusted network and permits only authenticated traffic. However, conventional firewall system has a serious problem that can't protect against higher level attacks, for example message replay and masquerade, and if even one intruder connect to inside network through firewall, the entire inside network is vulnerable. In order to solve this problem, new security mechanisms, entity authentication protocol for peer authentication between user and firewall system, and audit trail mechanism to detect and audit intrusions into internal network, are studied. In this paper, firewall system, called Wall & Walls, is designed and implemented using new security mechanisms so it can provide more secure firewall. To develop system efficiently, we define the firewall lifecycle that include phases such as design policy of firewall, requirement analysis for implementing design policy, system design, implementation, test and evaluation. And Wall & Walls firewall system is developed based on lifecycle.
디지털 다중서명 방식을 적용한 전자결재 시스템에 관한 연구
박희운(Park Hee Un),강창구(Kang Chang Goo),이임영(Lee Im Yeong) 한국정보처리학회 1999 정보처리학회논문지 Vol.6 No.4
In this study, we propose a new multi-party electronic approval system. We classified and analyzed several existing electronic approval systems which use the multisignature method. Based on the analysis, we developed a new multisignature method and then applied it to several existing electronic approval systems. By comparing various aspects of the new and the conventional methods, we were able to demonstrate the effectiveness of the proposed method. The new method is based on discrete logarithm so that it lowers the complexity requirement involved in electronic communication and rises the ability requirement, hence makes itself suitable to general electronic approval systems.