• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.781-797
• /
• 2013

Nowadays, it is increasing that corporates consign tasks related to the personal information processing to the consignees for efficiency and quality improvements and cost reductions. As the consignments are increased, there are increases on types and amounts of personal information. Therefore, the needs on the information managements and the security threats are increased. This report will analyze the laws that consignors and consignees should follow. Moreover, it identifies issues and analyzes the current levels on consignees in terms of the personal information protection so that the consignors can come up with the best and efficient way to monitor the consignees when they consign the personal information processing tasks.

• The Magazine of the IEIE
• /
• v.31 no.3
• /
• pp.21-37
• /
• 2004

BcN 전달망은 광대역통합망(BcN)의 핵심 부분으로 유 · 무선, 통신 · 방송 등이 융합 수용되는 품질보장형 멀티미디어 서비스를 언제 어디서나 끊김없이 안전하게 제공할 수 있는 전송망, 교환망, (백본망, 접속망), 제어망을 포함하는 정보통신 인프라이다. BcN 전달망은 서비스 품질(QoS) 보장, 고도의 통신망 관리기능과 보안기능(Security), 차세대 인터넷 주소체계(IPv6) 수용, 다양한 서비스를 쉽게 창출할 수 있는 개방형 망구조(Open API)가 도입된 통신망으로 유선, 무선, 방송 등의 다양한 가입자망의 특성을 통합 수용하며, 표준 인터페이스를 통하여 다양한 응용서비스의 개발 및 이용환경을 제공할 수 있어야 한다.(중략)

• Journal of Digital Convergence
• /
• v.12 no.1
• /
• pp.405-414
• /
• 2014

It is very important to IT users that the Cloud service provides dynamic extension of IT resources and cost-saving. However, the reliability for Cloud service hinders utilizing Cloud service actively. Existing studies on assessment program for Cloud Service are executed by extracting information security assessment articles and adding features of cloud services by referencing ISO/IEC 27001:2005. This paper will review the recently released ISO/IEC 27001:2013 for the addition, reduction, and changing of articles for Controls and Control objectives. Comparative analysis for the Controls of ISO/IEC 27001:2013 with those of CSA CCMv.3, FedRAMP which is an assessment program for Cloud service will suggest Control Objects of Information Security Management System for related Cloud service. The suggestion of Controls will be an important reference index for the security policy of companies which manage the information security management system based on Cloud service.

• Convergence Security Journal
• /
• v.6 no.4
• /
• pp.153-160
• /
• 2006

The control system is accomplishing very important role in our life currently as the national critical Infrastructure and large scale industry plant. We manage SCADA system to manage generally the control system interconnected with the information system. The operating system of SCADA is changing also to the well-known OS like Windows or UNIX for offer various convenience and facility to the user. We offered the reason why such change of the system makes so that it is exposed to cyber terror. In the traditional SCADA system is managed safely by an isolated network system physically. It is the trend to increase gradually though a cyber terror possibility is thinner on a control system than a information system but the cyber terror gives a nation or community wide damage influence of large scale if it happens. Therefore this paper presents a security safeguard plan about SCADA system and helps prepare systematic security strategy and enhance the security level implement.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.10a
• /
• pp.292-294
• /
• 2003

최근들어 IT 산업이 급속도로 발전하면서, 리소스가 제한된 작은 기기들의 사용이 비약적으로 증가하는 추세에 있다. 이들 기기들에 플랫폼 독립성(Platform Independency), 보안성(Security), 이동성(Mobility) 등의 장점을 포함하고 있는 자바 환경을 적용하기 위해 연구가 계속되고 있다. 임베디드 시스템이나 모바일 시스템과 같이 자원이 제한적인 다양한 기기들에는 자바 가상 머신을 경량화한 최소 크기의 자바 플랫폼에 대한 Configuration인 CLDC(Connected, Limited Device Configuration)에서 정의하고 있는 K 가상 머신(K Virtual Machine: KVM)을 탑재한다. 본 논문에서는 실시간 운영체제로 iRTOS$^{TM}$을 사용하는 기기에서 KVM을 탑재할 때 필요한 메모리 체계를 설계하고 구현한 내용을 설명한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.05a
• /
• pp.1489-1492
• /
• 2005

유비쿼터스 환경을 위한 차세대 IP(IP Next Generation) 기술로 확장 주소 체계 수용, 멀티미디어 실시간 처리 및 보안 대처 능력을 기술적으로 개선한 IPv6(Internet Protocol version 6)의 주소 지정 방식을 고찰하고 기존 IPv4에서 IPv6 전환으로 인해 발생할 수 있는 새로운 비용 부담 위험성 분석을 통해 복수 주소 관리 방안을 모색하고 이를 해결하기 위한 새로운 프로토콜을 요구한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.05a
• /
• pp.598-601
• /
• 2003

초고속 통신망을 이용한 인터넷의 대중화와 더불어 인터넷을 기반으로 하는 SNMP가 활발해 지고 있다. SNMP에 있어서는 민감한 정보의 기밀성과 사용자 인중의 확보가 필수적이며, 이를 위해서는 전자서명 기술을 포함하고 있는 공개키 기반의 인증서 관리 체계의 확립이 선결되어야 한다. 본 논문에서는 인증, 기밀성 및 무결성 문제를 해결하기 위하여 PKI 기반 인증서의 생성, 관리 기능과 인증서를 상호 교환하여 매매 협상을 하는 에이전트 중재에 의한 보안 애플리케이션을 설계하고 이에 대하여 기술한다.

• The Journal of the Korea Contents Association
• /
• v.21 no.8
• /
• pp.356-366
• /
• 2021

The high-tech industry, a leader in the national economy, has a larger investment cost compared to general buildings, a shorter construction period, and requires continuous investment. Therefore, accurate construction cost prediction and quick decision-making are important factors for efficient cost and process management. Overseas, the construction information classification system has been standardized since 1980 and has been continuously developed, improving construction productivity by systematically collecting and utilizing project life cycle information. At domestic construction sites, attempts have been made to standardize the classification system of construction information, but it is difficult to achieve continuous standardization and systematization due to the absence of a standardization body and differences in cost and process management methods for each construction company. Particular, in the case of the high-tech industry, the standardization and systematization level of the construction information classification system for high-tech facility construction is very low due to problems such as large scale, numerous types of work, complex construction and security. Therefore, the purpose of this study is to construct a construction information classification system suitable for high-tech facility construction through collection, classification, and analysis of related project data constructed in Korea. Based on the WBS (Work Breakdown Structure) and CBS (Cost Breakdown Structure) classified and analyzed through this study, a code system through hierarchical classification was proposed, and the cost model of buildings by linking WBS and CBS was three-dimensionalized and the utilized method was presented. Through this, an information classification system based on inter-relationships can be developed beyond the one-way tree structure, which is a general construction information classification system, and effects such as shortening of construction period and cost reduction will be maximized.

• The Journal of Society for e-Business Studies
• /
• v.18 no.3
• /
• pp.125-142
• /
• 2013

As a reinforcing strategic-alignment of IT business, Financial Service becomes more rely on IT systems. It needs to continuous information security activities to provide a secure and reliable finance service. Performance measurement of information security activities can be useful for decision and management support. The purpose of this study is to derive CSF(Critical Success Factor) and KPI(Key Performance Indicator) based on K-ISMS, Financial IT Information Security Standards. Providing a rationale can be used to determine key performance indicators, which are utilized as basic data for establishing security policies for financial IT security competency.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2022.06a
• /
• pp.157-158
• /
• 2022

최근 자율운항선박, 무인선박 등 해사분야의 4차 산업혁명이 가속화되고 있으나 이에 대비한 해사안전분야 전문인력 양성체계는 없었다. 선장, 안전관리자, 선박소유자의 안전관련 책임 및 의무를 강화하고, 안전관리의 전문성 및 책임성 제고를 위해 선박안전관리사 자격제도가 신설되었다. 법률개정에 따라 안전관리자의 교육과정, 기존 안전관리자의 자격취득 교육 및 평가과정 등을 마련하기 위한 연구가 수행되고 있다. 이에 본 연구에서는 해사안전분야 전문인력 양성 지원을 위한 전문연구용역 진행 및 추진상황을 소개하였다.