• Proceedings of the Korean Information Science Society Conference
• /
• 2007.06d
• /
• pp.7-10
• /
• 2007

최근 정보화 수준이 고도화 되고 대외 기술 교류가 활발해짐에 따라 기업 정보 유출에 의한 피해 사례가 급증하고 있고, 자료 유출 사례 중 전 현직 종사원인 내부자에 의해 발생되는 건이 80%이상을 차지하고 있어 내부정보 유출 방지체계에 대한 구축이 절실히 요구되고 있다. 내부 정보 유출 방지체계는 침입탐지시스템이나 방화벽 같은 외부 공격자에 대한 방어 대책으로는 한계가 있어 새로운 정보보호 체계가 필요하다. 본 논문은 내부정보 유통 구조에 내재되어 있는 내부정보 유출 취약점을 분석하고 이에 대한 대책으로서 정보보호 모델을 제안하며, 제안된 정보보호 모델을 구현하는 한 방법으로서 DRM 기술을 적용한 정보보호 기술구조를 제안하고 구현 시 고려사항을 기술한다. 제안된 기술구조는 조직에서 운용하고 있는 정보체계와 정보기기들을 관리영역으로 식별하는 방법을 제공하며 관리영역에서 비 관리영역으로의 자료 유통을 근본적으로 통제하는 장점을 갖고 있다.

• Journal of KIISE
• /
• v.43 no.10
• /
• pp.1124-1130
• /
• 2016

A controlled group is closed compared to other organizations, which hinders collection of data and accurate analysis, so that it is hard to evaluate a controlled group's power structure and predict future changes using usual analytical methods including sociological approach. Analyzing a controlled group using SNA can allow for evaluation of inner power structure by revealing the relationships between members and identifying members with central roles given limited data. In this study, in order to evaluate changes in power structure, time-sequential SNA research was conducted by analyzing eigenvector centrality, which reflects individual influence and reveals the overall power structure. The result showed an improvement in accuracy compared to other centralities that contain individual degree or closeness, and made it possible to presume structural changes such as promotion or purge of a member.

• Journal of Intelligence and Information Systems
• /
• v.5 no.1
• /
• pp.35-48
• /
• 1999

Many organizational contexts should be considered in designing EDI controls to make control systems effective and efficient. This paper gives a description of the neural network model for suggesting the extent of effective EDI controls for a company that has specific organizational environment. Feedforward backpropagation neural network models are designed to predict the state of 12 modes of EDI controls from the sate of environment. The predictive power of the system is compared with that of multivariate regression analysis to evaluate the effectiveness of using neural network model in predicting the level of EDI controls. The results show that the neural network model outperforms regression analysis in predictive accuracy. The controls that have high estimated value in the model are likely to be critical controls and EDI auditor or management can enhance investment of IS resources to enhance these controls.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.11a
• /
• pp.282-285
• /
• 2007

최근 금융, 공공기관 등에서 개인 정보 유출이 빈번해짐에 따라 사회적으로 심각한 문제가 발생하고 있다. 한국산업기술진흥협회의 조사에 따르면, 이런 정보 유출이 외부의 불법적 시스템 침입으로 인해 발생하는 것보다, 대부분 데이터 접근이 인가된 내부자 소행으로 나타나고 있다. 이는 데이터베이스의 보안 취약성으로 인해, 내부의 비인가자 또는 인가자의 데이터 접근에 대한 통제 정책이 제대로 이루어지지 않기 때문이다. 이에 따라, 본 논문에서는 클라이언트에서 데이터베이스 서버로 요청되는 네트워크상의 패킷 분석을 통한 데이터베이스의 접근통제방법을 제안한다. 제안된 보안모델에서는, 사용자 정보 및 SQL 의 위 변조를 방지하기 위해서 공개키 인증과 메시지 인증코드 교환으로 무결성을 확보하였다. 또한 권한별 테이블의 컬럼 접근통제를 확장하기 위해서 데이터 마스킹 기법을 구현하였다.

• Management & Information Systems Review
• /
• v.38 no.3
• /
• pp.35-53
• /
• 2019

A standing auditor can perform the monitoring and control activities for the opportunistic behaviors of top manager. However, for this purpose she/he must have the independence from top manager. Thus, this study is designed to analyze the factors that influences the independence of standing auditor. The independence of standing auditor as dependent variable was measured in terms of school and company ties to top manager. The relationship between the shareholding of professional top manager and independence of standing auditor, and the moderating effects of the shareholdings of related-party, institutional investors, and foreign investors were examined by implementing multiple regression and conditional moderating effect analyses. The findings present a negative relationship between the shareholding of professional top managers and the independence of standing auditor. They also reveal a positive moderating effect of the shareholding of related-party on that relationship. On the other hand, the shareholdings of foreign and institutional investors did not significant change the relationship between the shareholding of professional top manager and the independence of standing auditor. The findings imply that professional manager might be able to lower the controlling mechanism by appointing a standing auditor having low independence. Related-party as an internal control mechanism might be beneficial to reduce this effect while institutional investors or foreign investors as an external control mechanisms might not. This is the first study that examine the antecedents of the independence of standing auditor in terms of the characteristics of ownership structure. It provides a guideline for selecting an effective standing auditor with the consideration for ownership structure.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.05a
• /
• pp.467-470
• /
• 2009

CAN communication developed for communication between electric control devices in vehicle, was recently applied to automatic braking devices, and can also be applied to field bus for production automation. Recently, field bus is introduced in engine control, etc. for large ship. In this paper, cabin access control system can be implemented, based on CAN communication. The cabin access control system based on CAN communication consists of access control server, embedded system based on ARM9, and micro-controller built-in CAN controller. The access control server can be able to manage overall access control system by accessing with manager. And embedded system adopted ARM9 processor transmits access information of RFID reader controller connected with CAN networks to server, also performs access control. The embedded system can carry CAN frames to server, so it can be used as gateway.

• The Transactions of the Korean Institute of Power Electronics
• /
• v.16 no.1
• /
• pp.58-63
• /
• 2011

This paper presents a development of a fire control system with an intelligent judgment algorithm of hit or not. The presented algorithm analyzes an impact energy and impact signals according to impact materials. And the detected signals are used to judge the correct hit or not. Furthermore, Zigbee wireless communication technology is applied in the developed fire control system. The wireless communication technology can supply a simple installation of the practical system and free from ageing of communication wire. The presented system is verified in the practical fire test, and the results show the effectiveness of the development system.

• Journal of Intelligence and Information Systems
• /
• v.18 no.1
• /
• pp.71-90
• /
• 2012

Although it has been studied for a long time in various disciplines, most of control theories remain being developed by analyzing relatively simple tasks. Even recent research on control of information systems development explains only a small part of control phenomena observed in the real world projects. This research focuses on identifying and analyzing the concepts and structures in order to make them useful for understanding and explaining control of information systems development comprehensively This investigation utilizes the complementary relationship between views on control from organizational and economic perspectives. A conceptual framework developed by integrating previous research on control allows us to analyze the development of information systems for control purposes. The results of discussion about control mechanisms and network can be used as guidelines for designing control systems in real projects. Analysis of control networks shows that control of development projects requires quite complex networks intertwining a variety of controllers and controlees. The results of this research are expected to contribute to correcting the unbalanced status of IS research which has emphasized too heavily on planning and implementation, and deepening and widening our understanding about controlling development projects. Practitioners can use the results as guidelines for designing control mechanisms and networks, and get alerted by them about the agency risks inherent in outsourced developments.

• Journal of Scientific & Technological Knowledge Infrastructure
• /
• s.11
• /
• pp.76-87
• /
• 2002

이러한 평가는 북한의 경제 현실에서 오는 각종 인프라의 취약성, 체제유지와 보안상의 여러 가지 비합리적인 통제 구조와 환경들, 바세나르조약 등 국제적인 제재 조치 등 국내외적으로 복합적인 문제에서 야기되고 있는 것이다. 이러한 북한 인터넷 현황과 여러 문제점에 관한 논의는 먼저, 북한이 일본, 중국 등 해외에 서버를 설치하고 운영하고 있는 북한의 홈페이지를 직접 살펴본 후에 검토하는 것이 도움이 될 것이다.

• Journal of Internet Computing and Services
• /
• v.7 no.3
• /
• pp.93-105
• /
• 2006

The instant messenger is not only a wonderful tool for individuals. It is also a great tool which provides real-time dialogue and file transfers for individuals via the Internet and improves an enterprise productivity. However, it has many security risks that may have significant impact in corprate environments. This paper provides an overview of the security risks of the instant messenger with a risk analysis method and the controls that can be used to make it secure. It's hard to eliminate the instant messenger from enterprise environments because of its benefits. If we cannot avoid using it, we must make it secure and reap the full benefits of it.