• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1293-1308
• /
• 2014

The cause of privacy extrusion in credit card company at 2014 is usage of the original data in test system. By Electronic banking supervision regulations of the Financial Supervisory Service and Information Security business best practices of Finance information technology (IT) sector, the data to identify the customer in the test system should be used to convert. Following this guidelines, Financial firms use converted customer identificaion data by loading in test system. However, there is some risks that may be introduced unintentionally by user mistake or lack of administrative or technical security in the process of testing. also control and risk management processes for those risks did not studied. These situations are conducive to increasing the compliance violation possibility of supervisory institution. So in this paper, we present and prove the process to eliminate the compliance violation possibility of supervisory institution by controlling and managing the unidentified conversion customer identification data and check the effectiveness of the process.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.2
• /
• pp.85-100
• /
• 2004

Study and analysis on the digital certification of the world today, and census on how digital signature is being used or considered for the government will be used to sum of what can be the difficulties and Problems in operating digital signature certifications for the government administrations at this research, and of course the answers to these problems will be provided too. This research suggests practical ideas on how to interoperate between Government PKI (GPKI: Administrational Digital Certification for the Government) and National PKI (NPKI: Digital Certification for General Public ＆Business), how to make use of Standard Security APIs, how to manage (e.g. issue, reissue, update, revoke) digital certificate, how to improve technical side of security and reliability, and how to improve political issues on public education for information security. Digital certification will become more popular and widely used in government administrations in the future. Therefore, census and research on demands md satisfactions of digital certification for public and government will be regularly performed. Of course, continuous maintenances and improvement in this field will be necessary to obtain firmer way of information security.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.3-12
• /
• 2020

Although the related regulations or guidelines are not specified in the defense weapon system R&D process, R&D authorities frequently encounter problems that require rational decision-making. If the rational process is not applied in the matter of alternative choice, the project could be disrupted, which can result in longer project periods or more resource provision. In particular, a variety of decision-making methods are needed for test&evaluation of missile R&D. The issue of selecting a test site is one of the representative decision-making problems. If it is needed to determine the priority of multiple sites, Delphi Method and Analytic Hierarchy Process(AHP) will be applied. However, if the input of cost is to be considered, Data Envelopment Analysis(DEA) is more valuable to solve the problem. This paper proposes a solution to handle quantitatively various decision-making problems that can occur in missile flight test, and shows how DEA is applied through a simulated case study of selecting a foreign test site.

• Convergence Security Journal
• /
• v.22 no.5
• /
• pp.115-126
• /
• 2022

This study studied the working relationship between national crisis management and national defense elements from a comprehensive security perspective. The elements of national defense are presented in the Integrated Defense Act. Therefore, by presenting the principles, problems, and alternatives of integrated defense, the study was conducted with the aim of protecting the lives and property of the people in the event of a national crisis and strengthen national security. As a theoretical background, an analysis frame was envisioned based on the four stages of crisis management in the 'Comprehensive Crisis Management Model' and the 'Basic Guidelines for National Crisis Management'. Through this, four domestic and foreign case studies were conducted. As a result of the study, it can be confirmed that related laws, organizations, and public awareness must be provided in order for the national defense elements at each stage of national crisis management to work well. For the completeness of national crisis management, it was suggested that the enactment of the Framework Act on National Crisis Management, the establishment of an integrated defense plan, linked training, C4I for communication, strengthening the capabilities of local government heads, and national defense elements of firefighters.

• Korean Security Journal
• /
• no.36
• /
• pp.293-316
• /
• 2013

Today's high-rise buildings are increasing concern about the safety and evacuation of people related to the fire and threat from outside. Terrorism breaking out in high-rise buildings, a symbol of the national economy results in a number of casualties, economic loss, social fear and damage to national status. That's why high-rise building has also emerged as a target of major terrorist attacks, compared to other types of buildings. We have 54 high-rise buildings in 15 regions over the country. The Ministry of Land, Infrastructure and Transport and Seoul Metropolitan Government have offered the guidelines to prevent terrorist attacks toward high-rise buildings. Since the 9/11 terrorist attacks, the U.S. Federal Emergency Management Agency (FEMA) has developed and taken advantage of the Risk Management Manual Series. According to this manual, pre-assessment is conducted for the prevention of terrorism and particularly in FEMA 455, risk of the surrounding areas, vulnerability, possibility from terrorist attacks are checked. After the check, experts classify the risk of terrorist attacks toward the high-rise buildings and according to the risk classification, architects, security experts and structure engineers can carry out terrorism prevention program for high-rise buildings. The U.K. NaCTSO has also offered the terrorism prevention guidelines. Therefore, the Ministry of Land, Infrastructure and Transport and Seoul Metropolitan Government should make more concrete guidelines for high-rise buildings such as what U.S. FEMA and U.K. NaCTSO implement, including prior evaluation technique for terrorism risk.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2011.07a
• /
• pp.208-211
• /
• 2011

향후 인터넷 기반 애플리케이션에는 확장성, 보안 및 신뢰성, 새로운 서비스에 대한 유연성 및 QoS 등의 요구사항이 중요하다. 기존 클라이언트-서버 방식에서 이러한 요구 사항의 만족을 위해서는 복잡성 및 고비용 문제가 제기된다. 반면, 모든 형태의 분산 자원 접근이 가능한 P2P 통신 방식에서는 보다 간단한 해결방안을 제시함으로써 인터넷 기반 애플리케이션에 새로운 가능성을 제시하고 있다. 인터넷의 전통적인 클라이언트-서버 패러다임과는 달리 완전 분산 및 자율 조직 특성을 가진 P2P 개념은 확장성 및 신뢰성 측면에서 장래의 애플리케이션, 시스템 요소, 인프라 서비스를 위한 기본 설계지침으로 제시되고 있다. 본 논문에서는 P2P 실시간 스트리밍 프로토콜의 새로운 모델인 PREP 프로토콜을 설계 및 구현한다. 제안된 P2P 실시간 스트리밍 프로토콜을 NS-2를 통해서 설계하고 시뮬레이션을 통해 P2P 기반의 스트리밍 서비스의 가능성을 확인한다.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.9 no.2
• /
• pp.15-21
• /
• 2003

Recently, one of important resolutions of IMO MSC is an adoption of AIS in SOLAS Chapter 5. The AIS, which is a communication system to enhance safety of navigation by transmitting and receiving vessel information automatically, entered into force on July 1st, 2002. This paper provides guidelines for utilizing AIS effectively and successfully in VIS or all ships. For this, we investigated technical characteristics of AIS, the regulations related to AIS, marine accidents.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.10
• /
• pp.311-318
• /
• 2016

IoT(Internet of Things areas) rich information based on the user easy access to service creation must be one of the power system of specificity due following: The IoT spread obstacle to the act be, and 'Smart Grid information of this is not easy under power plants approach the Directive on the protection measures, particularly when stringent security policies IoT technologies applied to Advanced Metering Infrastructure sector has been desired. This is a situation that occurs is limited to the application and use of IoT technologies in the power system. Power Information Network is whilst closed network operating is has a smart grid infrastructure, smart grid in an open two-way communication for review and although information security vulnerabilities increased risk of accidents increases as according to comprehensive security policies and technologies are required and can. In this paper, the IoT platform architecture design of information systems as part of the power of research and development IoT-based energy information platform aims. And to establish a standard framework for a connection to one 'Sensor-Gateway-Network-platform sensors Service' to provide power based on the IoT services and solutions. Framework is divided into "sensor-gateway" platform to link information modeling and gateways that can accommodate the interlocking standards and handling protocols variety of sensors Based on this real-time data collection, analysis and delivery platform that performs the role of the relevant and to secure technology.

• The Korean Journal of Air & Space Law and Policy
• /
• v.25 no.1
• /
• pp.27-54
• /
• 2010

Soon after September 11 attacks in 2001, there were strong demands in Korea on making relevant laws and regulations on aviation security, and Korean parliament legislated "Aviation Safety and Security Act"to fulfill the demands on safety and security of aircrafts during aviation. However, the current Aviation Safety and Security Act seems to have many problems which do not meet the practical needs in Korea, because there were not enough considerations on the practical needs and extinguishable national circumstances on civil aviation system in Korea, but only regarded the relevant international conventions and foreign practices on it. In this context, it is necessary to amend several provisions in Aviation Safety and Security Act to enhance more practical efficiencies in its implementation through systematization of the provisions on crimes which may happen during aviation. In this context, this article argues two main issues. First, Article 39 of Aviation Safety and Security Act does not express whether it is possible to punish the attempt of crime of causing damage to aircraft. Therefore, regarding a principle of legality, it is impossible to punish the perpetrator even when coincidently failed to destruct or damage aircraft. In this context, this article argues that the necessity to introduce the possibility to punish the attempt of crime of causing damage to aircraft. Second, regarding Article 160 of Civil Aviation Act of Korea, current Aviation Safety and Security Act should be amended by guaranteeing the culpability of negligence of crime of causing damage to aircraft.

• Proceedings of the Korean Institute Of Construction Engineering and Management
• /
• autumn
• /
• pp.223-232
• /
• 2002

The government, in order to settle and activate the use of Construction Management (CM) method, clarified the legal Issues pertaining to infrastructure development and is taking an active role to promote CM through government sponsored pilot projects. However, when a CM method is applied to a turn-key protect, many applicational difficulites are expected. With design and construction are performed under the simple responsibility in a turn-key method, roles of CM's is overlapped. Also, the characteristics of turn-key method are not reflected to the present $\lceil$CM Work Guideline$\rfloor$. Over the years, various problems have been identified from turn-key projects. Korea's $\lceil$CM Work Guideline$\rfloor$ is more inclusive compared to the CM services of CMAA and overlooks the importance of CM's roles in pre-design phase. In this study, CM's roles of pre-construction phase (pre-bidding, bidding, detail design, contracting) in construction turn-key projects were identified and complementary policy for institution was suggested. We further look into dividing the roles of the CM at turn-key project Into professional role and emotional role. Also, we speculate problems of the existing experience in turn-key projects and suggest a rough methodology on how these concepts can be adjusted for improve the turn-key method.