• Smart Media Journal
• /
• v.11 no.3
• /
• pp.54-61
• /
• 2022

With the increase in the types of information systems managed by public institutions and companies, a security certification system is being implemented in Korea to quickly respond to vulnerabilities that may arise due to insufficient security checks. The korea security evaluation system, such as ISMS-P, performs a systematic security evaluation for each category by dividing the categories for technical inspection items. NIST in the United States has developed SCAP that can create security checklists and automate vulnerability checks, and the security checklists used for SCAP can be written in OVAL. Each manufacturer prepares a security check list and shares it through the SCAP community, but it's difficult to use it in Korea because it is not categorized according to the korea security evaluation system. Therefore, in this paper, we present a mechanism to categorize the OVAL definition, which is an inspection item written in OVAL, to apply SCAP to the korea security evaluation system. It was shown that 189 out of 230 items of the Red Hat 8 STIG file could be applied to the korea security evaluation system, and the statistics of the categorized Redhat definition file could be analyzed to confirm the trend of system vulnerabilities by category.

• Journal of Convergence for Information Technology
• /
• v.8 no.2
• /
• pp.77-82
• /
• 2018

Recently, as cloud services become popular with general users, users' information is freely transmitted and received among the information used in the cloud environment, so security problems related to user information disclosure are occurring. we propose a method to secure personal information of multiple users by making personal information stored in the cloud server and a key for accessing the shared information so that the privacy information of the multi users using the cloud service can be prevented in advance do. The first key used in the proposed scheme is a key for accessing the user 's personal information, and is used to operate the information related to the personal information in the form of a multi - layer. The second key is the key to accessing information that is open to other users than to personal information, and is necessary to associate with other users of the cloud. The proposed scheme is constructed to anonymize personal information with multiple hash chains to process multiple kinds of information used in the cloud environment. As a result of the performance evaluation, the proposed method works by allowing third parties to safely access and process the personal information of multiple users processed by the multi - type structure, resulting in a reduction of the personal information management cost by 13.4%. The efficiency of the proposed method is 19.5% higher than that of the existing method.

• Knowledge Management Research
• /
• v.22 no.2
• /
• pp.227-246
• /
• 2021

In the context of the global pandemic caused by COVID-19, emergency alert text messages can violate the privacy of confirmed corona positive cases. This study used conjoint analysis to identify the essential information factors and the privacy invasion information factors of local government initiated safety notices. As a result of this study, we found eight essential information factors, including all routes of the confirmed case and ten privacy invasion factors of safety notices. In addition, we found that there is a similarity between the combinations of information perceived to be the most essential and perceived as the most significant privacy invasion; both combinations include the confirmed case's personal and route information. This study ultimately tried to suggest a way to lower the concern about privacy invasion of the confirmed cases without damaging the emergency alert text messages' essential information. We expect that this study will provide researchers and policymakers interested in disaster communication with valuable theoretical and practical implications.

• Journal of the Korean Association of Geographic Information Studies
• /
• v.7 no.2
• /
• pp.57-68
• /
• 2004

Recently in order to more effectively and scientifically process forest official tasks, which have been focused on documents and inventories, they should be applied with the up-to-date spatial information technologies. Especially, the forest resource information management based on GIS(geographic information system) and aerial orthophoto is expected not only to play an important role as DSS(decision support system) for domestic forest conservation policy and forestry development industry but also to service forest resource information toward people such as the owners of a mountain rapidly. In this study, the important forest information such as digital topography map, digital forest type map, digital forest cadastral map, digital aerial photographs and attribute data were first reprocessed and constructed in DBMS(data base management system). In addition, forest officials could analyze and retrieve forest information by using detail sub-application systems such as forest cadastral retrieval, forest land development information management, reserved forest information management and forest resource information retrieval. For this, the user interface is developed by using Visual Basic 6.0 and MapObjects 2.1 of ESRI based on CBD(component based development) technology. The result of developing this system will not only perform constructing economical forest and better environment but also be the foundation of domestic spatial technology for forest resource management.

• Korean journal of communication and information
• /
• v.46
• /
• pp.556-589
• /
• 2009

With the advent of the so-called Web 2.0 age, the interconnections of various contents on the web, as well as the user-participatory services from blogs, web-based communities, picture sharing sites, and social networking sites, to the sites for collective knowledge productions, have been further vitalized. As the User Generated Contents(UGCs) are flourishing on the web, they have channeled users' desires for self-expression and social acknowledgement, and yet have created the new kinds of invasion of privacy. This study attempts to look at how the networked individuals' everyday perceptions of privacy have been reconstructed in the age of Web 2.0. By investigating how users have used the UGCs for their sociality on the web and how they have set the boundaries of the private and the public in these public or semi-public disclosures of self-expressions, it has traced the changing perceptions of privacy in everyday communication practices. For this study, it has interviewed Korean youngsters in their 10s and 20s who have grown up with the Internet and have received self-expressions and social communication on the web as everyday activities. Based on their interviews, it inquires into the concurrent notion of privacy and discuss its cultural implications.

• Korea Journal of Hospital Management
• /
• v.27 no.2
• /
• pp.16-33
• /
• 2022

Purposes: Prompt evaluation of routes and contact tracing are very important for epidemiological investigations of coronavirus disease 2019 (COVID-19). To ensure better adoption of contact tracing apps, it is necessary to understand users' expectations, preferences, and concerns. This study aimed to identify main reasons why people use the apps, appropriate services, and basis for voluntary app services that can improve app participation rates and data sharing. Methodology/Approach: This study conducted an online survey from November 11 to December 6, 2020, and received a total of 1,048 survey responses. This study analyzed the questionnaire survey findings of 883 respondents in areas with many confirmed cases of COVID-19. This study used a multiple regression analysis. Findings: Respondents who had experience of using related apps showed a high intention to use contact-tracing apps. Participants wished for the contact tracking apps to be provided by the government or public health centers (74%) and preferred free apps (93.88%). The factors affecting the participants' intention to use these apps were their preventive value, performance expectancy, perceived risk, facilitative ability, and effort expectancy. The results highlighted the need to ensure voluntary participation to address participants' concerns regarding privacy protection and personal information exposure. Practical Implications: The results can be used to accurately identify user needs and appropriate services and thereby improve the development of contact tracking apps. The findings provide the basis for voluntary app that can enhance app participation rates and data sharing. The results will also serve as the basis for developing trusted apps that can facilitate epidemiological investigations.

• The Korean Journal of Air & Space Law and Policy
• /
• v.30 no.2
• /
• pp.337-371
• /
• 2015

In recent years, aviation safety has been facing new hazards due to the rapidly changing environment in which aircraft operation increasingly finds. Continuously increasing air traffic volume, integration of various cultures from many States, and many other changes are the causal factors of the new risks. To identify such new hazards and risks, the government of the Republic of Korea (ROK) established aviation safety reporting systems in accordance with the international standards of the Convention on International Civil Aviation. However, there are some misunderstandings by the government in operating and by the personnel who take part in these reporting systems. Everybody should understand that aviation safety reporting system is not a punitive measure but a tool for collecting data in order to improve safety. In addition, such a system can be utilized further to promote an improved awareness on the need for a proper safety culture on the part of both the government, the industry and the personnel. This paper includes studies on international standards, relevant regulations in the United States and the United Kingdom. Moreover, this paper proposes to the government of ROK several points to improve their own system, including integration of the existing reporting systems, improvement of reporting items, implementation of safety data taxonomy and the establishment of safety data protection.

• Journal of Korea Multimedia Society
• /
• v.8 no.7
• /
• pp.869-881
• /
• 2005

XML(eXtensible Markup Language) has emerged as a prevalent standard for document representation and exchange on the Internet. XML documents contain information of different sensitivity degrees, so that XML Document must selectively shared by user communities. There is thus the need for models and mechanisms enabling the specification and enforcement of access control policies for XML documents. Mechanisms are also required enabling a secure and selective dissemination of documents to users, according to the authorizations which the users have. In this paper, we give an account of access control model and mechanisms, which XML documents can be securely protected in web environments. We make RBAC Based access Control polices to the problem of secure and selective access of XML documents. The proposed model and mechanism guarantee that the secure use for XML documents through definition of authority for element, attribute, link within XML document as well as XML document.

• Journal of Satellite, Information and Communications
• /
• v.10 no.3
• /
• pp.127-130
• /
• 2015

ITU-R has conducted a studies for the frequency allocation to the maritime mobile satellite service (MMSS) in the 7375 - 7750 / 8025 - 8400 MHz under WRC-15 agenda item 1.9.2. In order to allocate a certain frequency bands to the new service, compatibility between new service and the existing services is ensured taking into account protecting the existing services form interference of new service. In this paper, we present current studies results of the frequency sharing studies between new allocation to MMSS and the existing services in the ITU-R. In addition, some proposals for allocating the 7/8 GHz frequency bands to MMSS are also considered for efficient spectral utilization with respect to preparing WRC-15.

• Journal of Internet Computing and Services
• /
• v.14 no.3
• /
• pp.1-13
• /
• 2013

The recent emergence of diverse platform-based media devices such as smart phones and iPads has aroused interest of consumers all across the world. This interest has led to digitalization of paper books and a steep growth in the digital publishing industry at home and abroad. However, advent of various devices and content has caused the issue of compatibility and produced needs and demand for standardization to exchange and share content related to digital publication. Through collection of opinions of 16 stakeholders from the industrial, academic, research, and public sectors, this study aims to examine predictable future changes about content and its distribution, devices, standardization, technical protective measures, and obstacles in future digital publishing and eventually to draw out areas and elements for future standards development.