• Journal of Internet Computing and Services
• /
• v.22 no.2
• /
• pp.123-131
• /
• 2021

The Fourth Industrial Revolution was triggered by data-driven digital technologies such as AI and big data. There is a rapid movement to expand the scope of data utilization to the privacy area, which was considered only a protected area. Through the revision of the Data 3 Act, laws and systems were established that allow personal information to be freely transferred and utilized under their consent. But, it will be necessary to support the platform that encompasses the entire process from collecting personal information to managing and utilizing it. In this paper, we propose a platform model that can be applied to building mydata ecosystem using personal information. It describes the six essential functional requirements for building MyData platforms and the procedures and methods for implementing them. The six proposed essential features describe consent, sharing/downloading/ receipt of data, data collection and utilization, user authentication, API gateway, and platform services. We also illustrate the case of applying the MyData platform model to real-world, underprivileged mobility support services.

• The Journal of the Korea Contents Association
• /
• v.20 no.7
• /
• pp.618-628
• /
• 2020

The purpose of this paper is to propose a new security orchestration service model by combining various security solutions that have been introduced and operated individually as a basis for cyber security framework. At present, in order to respond to various and intelligent cyber attacks, various single security devices and SIEM and AI solutions that integrate and manage them have been built. In addition, a cyber security framework and a security control center were opened for systematic prevention and response. However, due to the document-oriented cybersecurity framework and limited security personnel, the reality is that it is difficult to escape from the control form of fragmentary infringement response of important detection events of TMS / IPS. To improve these problems, based on the model of this paper, select the targets to be protected through work characteristics and vulnerable asset identification, and then collect logs with SIEM. Based on asset information, we established proactive methods and three detection strategies through threat information. AI and SIEM are used to quickly determine whether an attack has occurred, and an automatic blocking function is linked to the firewall and IPS. In addition, through the automatic learning of TMS / IPS detection events through machine learning supervised learning, we improved the efficiency of control work and established a threat hunting work system centered on big data analysis through machine learning unsupervised learning results.

• Korea Science and Art Forum
• /
• v.23
• /
• pp.111-122
• /
• 2016

The purpose of this multi-disciplinary convergent study is to establish Image Copyright Archive Model for Museums to protect image copyright and vitalize the use of images out of necessity of research and development on copyright services over the life cycle of art contents created by the museums and out of the necessity to vitalize distribution market of image copyright contents in creative industry and to formulate management system of copyright services. This study made various suggestions for enhancement of transparency and efficiency of art contents ecosystem through vitalization of use and recycling of image copyright materials by proposing standard system for calculation, distribution, settlement and monitoring of copyright royalty of 1,000 domestic museums, galleries and exhibit halls. First, this study proposed contents and structure design of image copyright archive model and, by proposing art contents distribution service platform for prototype simulation, execution simulation and model operation simulation, established art contents copyright royalty process model. As billing system and technological development for image contents are still in incipient stage, this study used the existing contents billing framework as basic model for the development of billing technology for distribution of museum collections and artworks and automatic division and calculation engine for copyright royalty. Ultimately, study suggested image copyright archive model which can be used by artists, curators and distributors. In business strategy, study suggested niche market penetration of museum image copyright archive model. In sales expansion strategy, study established a business model in which effective process of image transaction can be conducted in the form of B2B, B2G, B2C and C2B through flexible connection of museum archive system and controllable management of image copyright materials can be possible. This study is expected to minimize disputes between copyright holder of artwork images and their owners and enhance manageability of copyrighted artworks through prevention of such disputes and provision of information on distribution and utilization of art contents (of collections and new creations) owned by the museums. In addition, by providing a guideline for archives of collections of museums and new creations, this study is expected to increase registration of image copyright and to make various convergent businesses possible such as billing, division and settlement of copyright royalty for image copyright distribution service.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.4
• /
• pp.41-46
• /
• 2016

Recently, many domestic and foreign corporates are concentrating in investment to wearable devices and users are provided with various service based on wearable devices 26% more than compared to last year. It is widely used in previous healthcare, smart work, smart home environment, and it is now introduced to get connection to fused service environment. However, as products of G company are commercialized, the security issue of personal information is causing dispute in society, and the danger of data management and security regarding telecommunication is increasing. Also, because the password system used in previous wireless environment is still in use, there are possible vulnerability considering the new and mutant security threat. This thesis conducted study about protocols that can exercise safe telecommunication in the basis of wearable devices. In the registration and certification process, the signature value is created based on the code value. The telecommunication method is designed to conduct safe telecommunication based on the signature value. As for the attack method occurring in the wearable device environment, the safety was analyzed and conducted performance evaluation of previous password system and proposal system, and verified about 14% of efficiency.

• The Journal of Engineering Geology
• /
• v.4 no.3
• /
• pp.321-331
• /
• 1994

Environmental geologic maps were produced on the cheong-Ju area using GIS technique. They are GIS maps on land management and regional land use planning. In the last year, the model of environmental geologic map was established, and the digital database was constructed by environmental and geotechnical data collected form various sources. The special maps for environmental geologic study were also pnoduced ; landslide hazard and risk map, cut & fill map, actual run-off map and engineering geological map. The maps are secondary models (sub-model) in order to create final environmental geologic map. Finally, Environmental Geologic Unit(EGU) was evaluated for regional land use planning and land management by EGIS(Environmental Geologic Inforafion System). This unit is very important in order to assess environmental geologic impact on large construction works and detailed road design etc.

• Convergence Security Journal
• /
• v.15 no.4
• /
• pp.35-41
• /
• 2015

Internet of Things has a wide range of vulnerabilities are exposed to information security threats. However, this does not deal with the basic solution, the vaccine does not secure encryption for the data transmission. The encryption and authentication message transmitted from one node to the construction of the secure wireless sensor networks is required. In order to satisfy the constraint, and security requirements of the sensor network, lightweight encryption and authentication technologies, the light key management technology for the sensor environment it is required. Mandatory sensor network security technology, privacy protection technology subchannel attack prevention, and technology. In order to establish a secure wireless sensor networks encrypt messages sent between the nodes and it is important to authenticate. Lightweight it shall apply the intrusion detection mechanism functions to securely detect the presence of the node on the network. From the sensor node is not involved will determine the authenticity of the terminal authentication technologies, there is a need for a system. Network security technology in an Internet environment objects is a technique for enhancing the security of communication channel between the devices and the sensor to be the center.

• Journal of Digital Convergence
• /
• v.14 no.1
• /
• pp.211-217
• /
• 2016

There have been gradually established paid using system on contents, such as sound source, webtoon etc, with which licences are systematically managed. However, rampant free sites still mostly relying on advertising revenue make difficulties on lots of contents developers and obstruct the protection of their resonable right. In this situation, we need systematic measures to protect copyright of authors and to maximize use of contents of users. Therefore, it is important to handle the convenience of digital contents distribution and the diversity of contents license(differentiating permission rate according to user's purpose, scope, service period etc), based on the need of contents users. This paper implies to guideline to install contents distribution platform of individuals and to apprehend the need and acceptability of users in order to activate digital contents transaction on individuals.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.28 no.spc
• /
• pp.44-49
• /
• 2022

It is necessary to establish a marine environment management system in Korea for hazardous noxious substances (HNS) effluent from marine industrial facilities because the Marine Environment Management Act primarily focuses on pollution control from vessels and offshore man-made structures. In this study, we investigated the effluent guidelines of foreign cases focusing on the US Environmental Protection Agency (US EPA), which provides detailed information on the action levels and establishing principles for the industrial wastewater discharge of HNS. Based on the review, we also considered appropriate options for establishing new guidelines for Korea.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.909-928
• /
• 2020

From the early 1970s, the US government began to recognize that penetration testing could not assure the security quality of products. Results of penetration testing such as identified vulnerabilities and faults can be varied depending on the capabilities of the team. In other words none of penetration team can assure that "vulnerabilities are not found" is not equal to "product does not have any vulnerabilities". So the U.S. government realized that in order to improve the security quality of products, the development process itself should be managed systematically and strictly. Therefore, the US government began to publish various standards related to the development methodology and evaluation procurement system embedding "security-by-design" concept from the 1980s. Security-by-design means reducing product's complexity by considering security from the initial phase of development lifecycle such as the product requirements analysis and design phase to achieve trustworthiness of product ultimately. Since then, the security-by-design concept has been spread to the private sector since 2002 in the name of Secure SDLC by Microsoft and IBM, and is currently being used in various fields such as automotive and advanced weapon systems. However, the problem is that it is not easy to implement in the actual field because the standard or guidelines related to Secure SDLC contain only abstract and declarative contents. Therefore, in this paper, we present the new framework in order to specify the level of Secure SDLC desired by enterprises. Our proposed CIA (functional Correctness, safety Integrity, security Assurance)-level-based security-by-design framework combines the evidence-based security approach with the existing Secure SDLC. Using our methodology, first we can quantitatively show gap of Secure SDLC process level between competitor and the company. Second, it is very useful when you want to build Secure SDLC in the actual field because you can easily derive detailed activities and documents to build the desired level of Secure SDLC.

• Journal of the Korean Society for Marine Environment & Energy
• /
• v.19 no.3
• /
• pp.227-235
• /
• 2016

This paper emphasized the necessity of the marine spatial planning (MSP) through the analysis of the major developmental projects which could make a contradiction based on the adequacy of the site selection and environmental impacts. The conflicting affairs between space utilization and management plan happen in the following ways: marine renewable energy development, sand mining, reclamation, construction of golf course in coastal area, thermal effluent and waste heat, erosion causing port development. The conflict of stakeholder continues caused by the accumulated environmental impact. For the reasons mentioned above, we found two things. First, it is necessary to comprehend the fact of developmental planning and MSP. Second, it is still unsatisfactory to connect the relevance of laws related to the spatial planning. For the reinforcement of marine environmental policy management, it is necessary to consolidate the property of site selection and assessment of developmental scale. Especially, while the strategic environmental assessment is in progress based on site selection and property of scale, consistent diagnosis is needed in the following concerns: the fact of the marine spatial planning, the relevance between national developmental plan and regional developmental plan, fisheries regulation, marine protected animals. For the environmentally sound and sustainable development (ESSD), MSP should have to be prepared based in a way of top-down including coastal and EEZ plan, relevance of ocean-use zoning and sector planning, 3-D spatial information. And also integrated information system have to be prepared through high-tech marine spatial information. In conclusion, consistent and relevant strategy for MSP should have to include the whole information related to the maritime affairs such as harbor, fishing port, fishing ground, coastal management, marine ecosystem generally.