• Journal of Information Technology and Architecture
• /
• v.9 no.1
• /
• pp.33-42
• /
• 2012

Present many organizations are introduced to smartwork for reducing the operational cost and getting the labor's flexibility. The smartwork is the future-oriented worker's environment in which they can engage in their task, anytime and anywhere conveniently and efficiently. In spite of many smartwork advantages, the security problems are major issues and prevent to introducing and spreading of smartwork for organizations. Therefore, the success of the organization for smartwork environment is put in place appropriate security control model. This study is about security threats for smartwork security control model. We apply the exploratory method for this research, which are reviewing, analyzing of literature for extracting the security threats and clustering of the extracted security threats. Finally we define the 16's security threats according to the aspect of smartwork service layers.

• Smart Media Journal
• /
• v.9 no.4
• /
• pp.9-16
• /
• 2020

Recently, various studies are being conducted to integrate Image Segmentation into smart factory industries and autonomous driving fields. In particular, Image Segmentation systems using deep learning algorithms have been researched and developed enough to learn from large volumes of data with higher accuracy. In order to use image segmentation in the autonomous driving sector, sufficient amount of learning is needed with large amounts of data and the streaming environment that processes drivers' data in real time is important for the accuracy of safe operation through highways and child protection zones. Therefore, we proposed a novel DFCN algorithm that enhanced existing FCN algorithms that could be applied to various road environments, demonstrated that the performance of the DFCN algorithm improved 1.3% in terms of "loss" value compared to the previous FCN algorithms. Moreover, the proposed DFCN algorithm was applied to the existing U-Net algorithm to maintain the information of frequencies in the image to produce better results, resulting in a better performance than the classical FCN algorithm in the autonomous environment.

• Journal of Industrial Convergence
• /
• v.20 no.7
• /
• pp.65-71
• /
• 2022

With the development of ICT, as the era of the 4th industrial revolution arrives, the amount of data is enormous, and as big data technologies emerge, technologies for processing, storing, and processing data are becoming important. In this paper, we propose a system that detects events through monitoring and judges them using hash values because the damage to important files in case of leakage in industries and public places is serious nationally and property. As a research method, an optional event method is used to compare the hash value registered in advance after performing the encryption operation in the event of a file leakage, and then determine whether it is an important file. Monitoring of specific events minimizes system load, analyzes the signature, and determines it to improve accuracy. Confidentiality is improved by comparing and determining hash values pre-registered in the database. For future research, research on security solutions to prevent file leakage through networks and various paths is needed.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2020.06a
• /
• pp.180-180
• /
• 2020

최근 인구 증가, 도시화 및 산업의 발달로 인해 생활·공업용수의 수요가 증가하면서, 상대적으로 농업용수의 비율은 감소하고 있는 추세이다. 하지만 수자원이용 현황 중 농업용수는 전체 물 사용량의 48%로 여전히 가장 큰 비중을 차지하고 있다. 환경부 중심의 물관리 일원화 관련법 시행으로 국가 통합물관리 정책이 본격 추진됨에 따라 농업용수 가치의 재평가가 요구되고 있으며, 현재 수원공 확대의 경우 환경보호와 같은 이유로 농업용수 확보에 대한 많은 제약이 발생하고 있다. 공급된 농업용수 중 작물에 의해 소비되지 않고 하천으로 회귀되는 회귀수량은 하천 건천화 방지, 용수공급계획, 하천 유황예측 등 기여하는 바가 크다. 하지만 관개량과 회귀수량의 비로 나타내는 회귀율의 경우 지역에 따라 38.1%에서 70.5%로 큰 차이를 보이고 있으며, 지역별 회귀율 정량화에도 한계가 있다. 본 연구에서는 경기도 안성에 위치한 관개면적 429ha인 마둔 저수지를 대상으로 회귀율을 산정하고 농촌용수종합정보시스템 (Rural Agricultural Water Resource Information System, RAWRIS)에서 제공하는 저수지 수위 자료를 활용하여 마둔 저수지의 4월부터 9월 관개기 강수량, 저수율, 증발산량을 구축하였다. 물수지 분석 기반 회귀수량 산정모형으로부터 회귀율을 추정하였으며, 수로 네트워크 기반의 SWMM (Storm Water Management Model)과 비교를 통해 정량적인 회귀수량 및 회귀율을 산정하고자 한다. 본 연구의 결과를 통해 정량적인 회귀수량 및 회귀율 자료가 구축된다면, 농업용수의 재이용, 환경용수 및 하천유지용수, 용수공급계획 등 효율적인 농업 수자원관리에 기초자로로써 활용 가능할 것이라 판단된다.

• Convergence Security Journal
• /
• v.24 no.1
• /
• pp.21-26
• /
• 2024

The security model in the previous network environment has a vulnerability in which resource access control for trusted users is not properly achieved using the Perimeter model based on trust. The Zero Trust is an absolute principle to assume that the users and devices accessing internal data have nothing to trust. Applying the Zero Trust principle is very successful in reducing the attack surface of an organization, and by using the Zero Trust, it is possible to minimize damage when an attack occurs by limiting the intrusion to one small area through segmentation. ZTNA is a major technology that enables organizations to implement Zero Trust security, and similar to Software Defined Boundary (SDP), ZTNA hides most of its infrastructure and services, establishing one-to-one encrypted connections between devices and the resources they need. In this study, we review the functions and requirements that become the principles of the ZTNA architecture, and also study the security requirements and additional considerations according to the construction and operation of the ZTNA solution.

• The Journal of Society for e-Business Studies
• /
• v.20 no.1
• /
• pp.1-22
• /
• 2015

Due to recent growth in IT industry along with the expansion of smartphone, we came to connect to the Internet wherever and whenever we are. However, this causes negative side effects, though. One of them is a rapid increase of the financial crimes such as the Phishing and the SMishing. There have been many on-going researches about crimes such as Phishing and SMishing to protect users. However, the study about sharing knowledge on SNS to prevent such a crime can be hardly found. Based on social identity theory, we conduct the research about factors on SNS users' intention to share the information security knowledge on SNS. As a result, we found that knowledge provision self-efficacy has a significant impact on self-expression. In addition, it also found out self-expression, awareness about information security and the sense of belonging have a significant impact respectively on the intention to share the information security knowledge on SNS. On the other hand, the altruism didn't have a significant impact to the intention to share information security knowledge on SNS. With this research as a starting point, it seems necessary to expand its range to all types of online community in the future for the generalization of the hypotheses.

• Korean Journal of Construction Engineering and Management
• /
• v.10 no.4
• /
• pp.26-37
• /
• 2009

Ministry of Land, Transportation and Marine Affairs(MLTM) has implemented Construction CALS project for improving productivity of construction industry and for making construction project management efficient by responding to informatization and knowledge base society in 21st century. CALS has beeb applied successfully to projects form MLTM, however, the outcomes of Construction CALS hasn't been recognized. In addition, there is no way to find how high the level of Construction CALS is when it is compared with other SOC informatization projects. This study found out the informatiziation level of Construction CALS by using the evaluation index proposed in the former study, and by comparing with other sectors. The evaluation on the level was implemented in the three parts such as informatization infrastructure(network, hardware, standardization, data, informatization, informatization security), informatization utilization(information usage, IT performance), and informatization support(informatization goal, organization of informatization, informatization investment, informatization education), and then, this evaluation was compared with "Assessment for level of industry information system", "Assessment for level of small and midium sized industry information system", and "IICI(Informatizaion Index for the Construction Industry)". With the result from the comparison, this study produced superior factors and inferior factors for each sector. These results are expected to be useful for prioritizing budget allocation by finding out the informatization level of Construction CALS.

• Korean Security Journal
• /
• no.39
• /
• pp.319-353
• /
• 2014

Cyber-based technologies are now ubiquitous around the glob and are emerging as an "instrument of power" in societies, and are becoming more available to a country's opponents, who may use it to attack, degrade, and disrupt communications and the flow of information. The globe-spanning range of cyberspace and no national borders will challenge legal systems and complicate a nation's ability to deter threats and respond to contingencies. Through cyberspace, competitive powers will target industry, academia, government, as well as the military in the air, land, maritime, and space domains of our nations. Enemies in cyberspace will include both states and non-states and will range from the unsophisticated amateur to highly trained professional hackers. In much the same way that airpower transformed the battlefield of World War II, cyberspace has fractured the physical barriers that shield a nation from attacks on its commerce and communication. Cyberthreats to the infrastructure and other assets are a growing concern to policymakers. In 2013 Cyberwarfare was, for the first time, considered a larger threat than Al Qaeda or terrorism, by many U.S. intelligence officials. The new United States military strategy makes explicit that a cyberattack is casus belli just as a traditional act of war. The Economist describes cyberspace as "the fifth domain of warfare and writes that China, Russia, Israel and North Korea. Iran are boasting of having the world's second-largest cyber-army. Entities posing a significant threat to the cybersecurity of critical infrastructure assets include cyberterrorists, cyberspies, cyberthieves, cyberwarriors, and cyberhacktivists. These malefactors may access cyber-based technologies in order to deny service, steal or manipulate data, or use a device to launch an attack against itself or another piece of equipment. However because the Internet offers near-total anonymity, it is difficult to discern the identity, the motives, and the location of an intruder. The scope and enormity of the threats are not just focused to private industry but also to the country's heavily networked critical infrastructure. There are many ongoing efforts in government and industry that focus on making computers, the Internet, and related technologies more secure. As the national intelligence institution's effort, cyber counter-intelligence is measures to identify, penetrate, or neutralize foreign operations that use cyber means as the primary tradecraft methodology, as well as foreign intelligence service collection efforts that use traditional methods to gauge cyber capabilities and intentions. However one of the hardest issues in cyber counterintelligence is the problem of "Attribution". Unlike conventional warfare, figuring out who is behind an attack can be very difficult, even though the Defense Secretary Leon Panetta has claimed that the United States has the capability to trace attacks back to their sources and hold the attackers "accountable". Considering all these cyber security problems, this paper examines closely cyber security issues through the lessons from that of U.S experience. For that purpose I review the arising cyber security issues considering changing global security environments in the 21st century and their implications to the reshaping the government system. For that purpose this study mainly deals with and emphasis the cyber security issues as one of the growing national security threats. This article also reviews what our intelligence and security Agencies should do among the transforming cyber space. At any rate, despite of all hot debates about the various legality and human rights issues derived from the cyber space and intelligence service activity, the national security should be secured. Therefore, this paper suggests that one of the most important and immediate step is to understanding the legal ideology of national security and national intelligence.

• The KIPS Transactions:PartC
• /
• v.15C no.3
• /
• pp.157-166
• /
• 2008

The ubiquitous service environment is poor in reliability of connection and also has a high probability that the intrusion against a system and the failure of the services may happen. Therefore, It is very important to guarantee that the legitimate users make use of trustable services from the viewpoint of security without discontinuance or obstacle of the services. In this paper, we point out the problems in the standard Jini service environment and analyze the Jgroup/ARM framework that has been developed in order to help fault tolerance of Jini services. In addition, we propose a secure Jini service architecture to satisfy the security, availability and quality of services on the basis of the analysis. The secure Jini service architecture we propose in this paper is able to protect a Jini system not only from faults such as network partition or server crash, but also from attacks exploiting flaws. It provides security mechanism for dynamic trust establishment among the service entities. Moreover, our secure Jini service architecture does not incur high computation costs to merge the user service states because of allocation of the replica based on each session of a user. Through the experiment on a test-bed, we have confirmed that proposed secure Jini service architecture is able to guarantee the persistence of the user service states at the level that the degradation of services quality is ignorable.

• Journal of Internet Computing and Services
• /
• v.12 no.1
• /
• pp.55-70
• /
• 2011

In this paper, we propose a policy-driven RFID data management event definition language, which is possibly applicable as a partial standard for SSI (Software System Infrastructure) Part 4 (Application Interface, 24791-4) defined by ISO/IEC JTC 1/SC 31/WG 4 (RFID for Item Management). The SSI's RFID application interface part is originally defined for providing a unified interface of the RFID middleware functionality―data management, device management, device interface and security functions. However, the current specifications are too circumstantial to be understood by the application developers who used to lack the professional and technological backgrounds of the RFID middleware functionality. As an impeccable solution, we use the concept of event-constraint policy that is not only representing semantic contents of RFID domains but also providing transparencies with higher level abstractions to RFID applications, and that is able to provide a means of specifying event-constraints for filtering a huge number of raw data caught from the associated RF readers. Conclusively, we try to embody the proposed concept by newly defining an XML-based RFID event policy definition language, which is abbreviated to rXPDL. Additionally, we expect that the specification of rXPDL proposed in the paper becomes a technological basis for the domestic as well as the international standards that are able to be extensively applied to RFID and ubiquitous sensor networks.