• The Korean Journal of Air & Space Law and Policy
• /
• v.26 no.1
• /
• pp.31-63
• /
• 2011

Since Korea has invested only on developing an aircraft, it is true that Korea has neglected detailed standards and procedures about certification activities including essential safety procedures. Most developed countries have implemented mandatory airworthiness system by legislating it for operational safety of aircraft based on ICAO Annex 8, and the U.S. Department of Defense and the FAA's Airworthiness system have been adapted it to the realities of their circumstance. Therefore, Airworthiness system that can guarantee the safety of the aircraft at international level is necessary to enhance flight safety and to create export opportunities of an aircraft as a country which can develop an aircraft by itself To achieve this, a study on the improvement of aircraft airworthiness was carried out by analyzing the problem of domestic airworthiness system and by reflecting international best practices on the establishment of a system for improved Airworthiness.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.23 no.3
• /
• pp.19-26
• /
• 2023

Critical information infrastructure designations for cloud service providers continue to spread around the world as energy, financial services, health, telecommunications, and transportation sectors move to the cloud. In addition, in the case of Ukraine, the removal of restrictions on the use of cloud for national critical facilities and the rapid transition of critical data to the cloud enabled the country to effectively respond to cyberattacks targeting Russian infrastructure. In Korea, the ISMS-P is operated to implement a systematic and comprehensive information protection management system and to improve the level of information protection and personal information protection management in organizations. Control items considering the cloud environment have been modified and added to the audit of companies. However, due to the different technical levels of clouds between domestic and global, it is not easy to obtain information on the findings of cloud providers such as Microsoft for the training of domestic certification auditors on hyperscale scale. Therefore, this paper analyzes findings in hyperscale clouds and suggests ways to improve cloud-specific control items by considering the compatibility of hyperscale environments with ISO/IEC 27001 and SOC(System and Organization Control) security international standards.

• The Journal of the Korea Contents Association
• /
• v.16 no.8
• /
• pp.90-96
• /
• 2016

The 3390 million people, around 83% of the adult population in Korea use smartphone. Although the safety problem of the certificate has been occurred continuously, most of these users use the certificate. These safety issues as a solution to 'The owner of a mobile phone using SMS authentication technology', 'Biometric authentication', etc are being proposed. but, a secure and reliable authentication scheme has not been proposed for replace the certificate yet. and there are many attacks to steal the certificate and private key. For these reasons, security experts recommend to store the certificate and private key on usb flash drive, security tokens, smartphone. but smartphones are easily infected malware, an attacker can steal certificate and private key by malicious code. If an attacker snatchs the certificate, the private key file, and the password for the private key password, he can always act as valid user. In this paper, we proposed a safe way to keep the private key on smartphone using smartphone's unique information and user password. If an attacker knows the user password, the certificate and the private key, he can not know the smart phone's unique information, so it is impossible to use the encrypted private key. Therefore smartphone user use IT service safely.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.22 no.4
• /
• pp.140-149
• /
• 2021

Most industries have introduced and operate an information security management system (ISMS) or a personal information security management system (PIMS) to suitably protect and maintain customer's information and company trade secrets. This study starts with the premise that it is desirable for every industry considering information security to maintain an ISMS. ISMS can be of different types among various organizations, taking into consideration culture, practical work procedures, and guidelines for information security. This study intends to derive primary control areas of an ISMS for each industry based on organizational size and audit type by analyzing non-conformity trends and control factors according to certification audits for organizations introduced for international ISMS under ISO27001. This study analyzed improvement effects of ISMS through case analyses. It is meaningful as exploratory research, although it was difficult to acquire data for empirical study because few organizations maintain certification in major industrial sectors. The requirements presented the highest frequency of non-conformity for each type from the 2013-initiated ISO27001; the years 2013 to 2020 were extracted as the primary control area. The study found that for primary control areas of ISMS for each of three industries, organizational size and audit type had differences.

• Journal of Korea Port Economic Association
• /
• v.24 no.2
• /
• pp.155-174
• /
• 2008

This paper proposed several activation strategies at both the government and company parts for the development of domestic third party logistics(TPL) to pull electronic trade era much earlier. In the government side, it must need to arrange and integrate complex regulation rules on the Logistics for more smooth access and use the TPL market. Also, it has to provide multiple support policies such as tax reduction, technical and financial service providing, and logistics information system to TPL. Finally, it should construct the government levels education system to train and forster a competent man who is well qualified as a electronic and logiscic expert. The TPL company must build up a total logistics information system concerned with an innovative operation system such as SCM, JIT etc. which can provide logistic services on demand to the electronic trade customers to maximize consumer satisfaction. In the shipper company level, it try to join a long-term strategic alliance with TPL to reduce logistic cost and increase logistic service to its electronic trade consumers.

• Journal of Navigation and Port Research
• /
• v.27 no.1
• /
• pp.9-18
• /
• 2003

This is a study for international competitiveness analysis if korea ship management service using the collected data from the fields in industry. making a comparison if ship management company between domestic ones in Korea and mutinational ones in international market is more suitable for it's purpose. but competitiveness level of korean ship management companies are too low to compare. Therefore in this study, ship management devision in Korea overseas shipping companies are selected as a target of camparision and the representative of Korea ship management industry. The analysis of competitiveness is divided by price competition and non-price competition. The former is consist of element likes as crew management cost, dry-docking cost, repair cos, stores & spares cost, lubricants cost and management free cost, The later os consist of element like as quality of sea & shore personnel, efficiency of company's organization, ability of management system. qualifications & certifications, know -hoe for the ship management, structure of control & support ship and office automation & IT system. According to this analysis the ship management division in korean shipping companied are superior to the foreign specialized ship management companies generally. So, it is necessary that korea ship management industry attempt level-up continously and expand into international ship management market positively.

• Electronics and Telecommunications Trends
• /
• v.20 no.1 s.91
• /
• pp.100-111
• /
• 2005

다양한 무선 네트워크 서비스의 장단점을 상호 보완하기 위해, 3G/WLAN/WiBro 등을 포괄하는 통합무선 네트워크 서비스 체계를 구축하고자 하는 노력이 활발히 이루어지고 있다. 이 때, 각 네트워크 간의 연동은 필연적이며 따라서 기존의 개별 네트워크를 넘어 연동되는 네트워크 상에서의 인증, 키 교환 및 데이터 암호화 등을 가능하게 하는 연동 보안 기술이 요구된다. 본 고에서는 국제 표준에서 제안되고 있는 무선 네트워크 간의 연동 기술을 소개하고, 이에 요구되는 연동 보안 기술의 국내외 기술 동향 및 표준화 동향에 대해서 살펴보고자 한다.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2016.06a
• /
• pp.381-383
• /
• 2016

본 논문에서는 영상보안시스템을 구성하는 장비 간의 상호연동 적합성을 평가하는 방법과 분석 결과를 제시한다. 꾸준한 성장세를 보이고 있는 영상보안시스템 분야는 기존의 아날로그 CCTV(Closed Circuit TeleVision) 체계 대신 네트워크 인터페이스 기반의 시스템으로 변화하고 있다. 이에 따라 IP(Internet Protocol) 기반의 네트워크 환경에서 장비 간 연동을 위해 국제적으로 ONVIF(Open Network Video Interface Forum), PSIA(Physical Security Interoperability Alliance)와 같이 여러 CCTV 제조사들이 모인 산업계 포럼에서 장비 간 상호호환성을 위해 인터페이스 프로토콜을 정의하고 자체 표준화를 주도하고 있다. 이에 본 논문은 TTA에서 국내 영상보안시스템의 상호운용성을 위해 개발한 ONVIF 기반의 상호연동 인증 기준을 기반으로 영상보안시스템 장비 중 하나인 IP 카메라와 NVR(Network Video Recorder)에 대해 상호연동 적합성을 평가하는 방법을 설명하고 분석 결과를 제시한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.10c
• /
• pp.649-651
• /
• 2003

빠른 속도로 발전하는 전자거래환경은 다양한 시스템과 다양한 사용자를 관리해야하는 어려움에 직면해 있다. 사용자 인증에 관한 기술은 전자거래의 시발점이라는 측면에서 상당히 강조되어야 할 부분이다. 하지만 개별적으로 구축하여 운영하고 있는 전산 시스템에서 개별적으로 관리되고 있는 자원과 사용자는 보안상의 문제점을 야기할수 있다. 따라서 기업내부의 모든 자원과 이러한 자원을 이용하는 사용자에 대한 통합을 통해서 일관된 자원 및 사용자 관리체계의 구축하는 통합접근관리 기술을 도입하여 보안상의 취약점을 보완할 수 있다. 따라서 본 논문에서는 XML기반 e­business 프레임워크에서 기존 보안기술의 취약점을 보완할 수 있는 국제 표준화된 XML보안 기술을 적용한 통합접근 관리를 연구하였다.

• Journal of the Korea Safety Management & Science
• /
• v.3 no.2
• /
• pp.33-49
• /
• 2001

This article is concerned with various aspects of establishing the global standard for occupational safety and health management system (OHSMS). The notion, main features, and brief history of the OHSMS are presented. The OHSAS 18000, its assets and liabilities, are reviewed as a prototype of the global standard. It is also addressed the possibility of combining ISO 9000(quality management system), 14000(environmental management system) and the OHSMS into the integrated management system (IMS) as a whole. The concepts of internal and external customers are presented to explain why the environment, safety and health should be incorporated into the notion of total quality 'Participation of the members' and 'standardization of the 4Ms (Man, Machine, Materials and Method)'are emphasized as the major enablers of the IMS. Finally, the industrial, academic and governmental roles are discussed for developing the IMS and setting it down into the Korean industries.