• Journal of Korea Society of Digital Industry and Information Management
• /
• v.15 no.3
• /
• pp.101-109
• /
• 2019

In addition to enabling access, database accounts play a protective role by defending the database from external attacks. However, because only a single account is used in the database, the account becomes the subject of vulnerability attacks. This common practice is due to the lack of database support, large numbers of users, and row-based database permissions. Therefore if the logic of the application is wrong or vulnerable, there is a risk of exposing the entire database. In this paper, we propose a Least-Privilege Account Separation Model (LPASM) that serves as an information guardian to protect the database from attacks. We separate database accounts depending on the role of application services. This model can protect the database from malicious attacks and prevent damage caused by privilege escalation by an attacker. We classify the account control policies into four categories and propose detailed roles and operating plans for each account.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.04a
• /
• pp.94-96
• /
• 2003

차세대 통신에서는 컴퓨터자원들이 지속적으로 대용량화 고속화되는 추세이며 특히 생명공학, 유전공학, 유체역학 기상기후 예측 동 여러 과학 분야에서 단일자원으로는 제공하기 힘든 계산 및 저장자원을 요구 하고 있다. 이러한 문제를 해결하기 위해서 지리적으로 분산 되어있는 자원들을 연결하여 마치 단일 차원을 사용하는 것처럼 해주는 서비스인 그리드가 대두 되었다. 그러나 그리드 사용자가 작업을 수행시키기 위해서는 자신의 DN(Distinguished Mame)을 Remote Machine상에 Local User Account를 바인딩 시켜줘야 한다. 따라서 각 사이트 관리자는 그리드 서비스를 제공하기 위해 수많은 그리드 사용자의 DN과 Local User Account를 바인딩 처리를 해 주어야 한다. 그러나 사실상 현실적으로 불가능하다. 이러한 문제를 해결하기 위해서 본 논문에서는 그리드 사용자에 대한 정책기반 접근 제어 시스템을 설계 및 구현했다.

• Journal of Distribution Science
• /
• v.11 no.3
• /
• pp.23-29
• /
• 2013

Purpose - Recently, the Korean government is seeking to internationalize KRW and reduce its heavy reliance on the U.S. dollar and better cope with risks from external turbulence. However, there has been too little study on this subject in comparision with its importance. The main objective of the paper is to distinguish the descrete stages of the KRW internationalization and recognize the costs and benefits of each stage. Research design, data, methodology - In order to achieve its goal, this study accomplishes a formal policy analysis based on potential factors of currency internationalization and an examination of legal practices in relation to Foreign Exchange Transaction Regulation (the Regulation). Results - This study found that securing monetary policy may not be easy under liberalized capital account for a small open economy like Korea in view of the trillema. In addition, the inherent ambiguity of the Regulation may increase the costs of KRW internationalization. Conclusions-This study revealed the negative system for the control of foreign exchange of the Korean government. The excessive regulatory restrictions on foreign exchange may hinder the process of KRW internationalization. Some legal and policy reforms are needed to improve related regulation and infrastructure.

• The Journal of the Korea Contents Association
• /
• v.7 no.11
• /
• pp.43-51
• /
• 2007

Access control techniques should be flexible enough to support all protection granularity levels. Since access control policies are very likely to be specified in relation to document types, it is necessary to properly manage a situation in which documents fail to be dealt with by the existing access control policies. The existing access control has not taken information structures and semantics into full account due to the fundamental limitations of HTML. In addition, access control for XML documents allows only read operations, and there exists the problem of slowing down system performance due to the complex authorization evaluation process. In order to resolve this problem, this paper designs a XML Access Control Management System which is capable of making fined-grained access control. And then, in developing an access control system, it describes the subject and object policies of authorization for XML document on which authorization levels should be specified and which access control should be performed.

• The Journal of the Korea Contents Association
• /
• v.10 no.4
• /
• pp.45-54
• /
• 2010

In this paper, we propose a quality interworking control system to enhance user's quality satisfaction in NGN environment by controling QoS parameters related with QoE in network layer when service user's QoE using variance multimedia service is poor. The proposed system gathers QoS parameter information in network layer through control packet such as RTCP, and evaluates QoE of multimedia service using these QoS parameter information. Comparing the evaluated QoE with the measured QoE in application layer, QCS judges quality degradation, deduces related QoS parameters and decides relative importance of each parameter when QoE is lower than threshold value. QCS generates QoS control values which is based on routing and switching policy in service quality control system(SCS) and forwards them to SCS. Through this proposed system, service and network providers can provide multimedia services of enhanced quality to service users taking account of service characteristic and network performance.

• Journal of Distribution Science
• /
• v.15 no.1
• /
• pp.105-114
• /
• 2017

Purpose - Recently, domestic pharmaceutical market is growing steadily, but top-tier companies are concentrating on sales growth. In this market, SMEs, which account for more than 80% of the entire market, suffer from the problem of lower margins and increasing inventory costs. According to the government's policy changes related to pharmaceuticals, it is pointed out that the management of existing customers and the control of salespeople are important issues for pharmaceutical companies. This study investigates the effect of the control system on the salesperson in domestic pharmaceutical distribution channel on customer-oriented selling behaviors and sales performance. Research design, data, and methodology - To verify the proposed research model and test hypotheses, the authors selected 244 MR(medical representatives)'s responses which have currently relationship with doctors or pharmacists. This study carefully investigated the reliability, content validity, convergent validity, and discriminant validity of the proposed model. Results - The authors find out the following results: capacity control, activity control, and self control have positive effects on customer-oriented selling behaviors and customer-oriented selling behaviors have a positive effect on sales performance. In addition, we present alternative model to check the direct effect between the control systems and the sales performance, but control system factors except self control have no direct influence. Conclusions - First of all, competency control and activity control increases the customer-oriented selling behavior of the salesperson. This means that the salesperson's sales skill, negotiation skill, customer access skill, presentation ability, monitoring, direction and evaluation are important and it is also important to control activities to check the number of visits to customers, report preparation, and customer service etiquette. Second, the fact that self-control of salesperson affects the customer-oriented selling behavior suggests that self-control is not controlled by external factors but rather establishes short/long-term goals. Therefore, it is important for sales organization to create an environment in which members can induce persistent incentives for self-control. Finally, output control did not affect customer-oriented sales behavior, which is less likely to form confidence or motivation to MRs when output control is perceived as a means of monitoring, supervising, or controlling rather than providing information to salespeople.

• Korean Security Journal
• /
• no.24
• /
• pp.147-170
• /
• 2010

This study is to present a improvement directions for the protection of industrial key technology. For the purpose of the study, the survey was carried out on the administrative security activity of 68 enterprises including Large companies, small-midium companies and public corporations. survey result on the 10 items of security policy, 10 items of personal management and 7 items of the assets management are as follows; First, stable foundation for the efficient implement of security policy is needed. Carrying a security policy into practice and continuous upgrade should be fulfilled with drawing-up of the policy. Also for the vitalization of security activity, arrangement of security organization and security manager are needed with mutual assistance in the company. Periodic security inspection should be practiced for the improvement of security level and security understanding. Second, the increase of investment for security job is needed for security invigoration. Securing cooperation channel with professional security facility such as National Intelligence Service, Korea internet & security agency, Information security consulting company, security research institute is needed, also security outsourcing could be considered as the method of above investment. Especially small-midium company is very vulnerable compared with Large company and public corporation in security management, so increase of government's budget for security support system is necessary. Third, human resource management is important, because the main cause of leak of confidential information is person. Regular education rate for new employee and staff members is relatively high, but the vitalization of security oath for staff members and the third party who access to key technology is necessary. Also access right to key information should be changed whenever access right changes. Reinforcement of management of resigned person such as security oath, the elimination of access right to key information and the deletion of account. is needed. Forth, the control and management of important asset including patent and design should be tightened. Classification of importance of asset and periodic inspection are necessary with the effects evaluation of leak of asset.

• The KIPS Transactions:PartC
• /
• v.8C no.6
• /
• pp.793-805
• /
• 2001

In the recent priority system, high-priority packet will be served first and low-priority packet will be served when there isn\`t any high-priority packet in the system. By the way, even high-priority packet can be blocked by HOL (Head of Line) contention in the input queueing System. Therefore, the whole switching performance can be improved by serving low-priority packet even though high-priority packet is blocked. In this paper, we study the performance of preemptive priority in an input queueing switch for high speed switch system. The analysis of this switching system is taken into account of the influence of priority scheduling and the window scheme for head-of-line contention. We derive queue length distribution, delay and maximum throughput for the switching system based on these control schemes. Because of the service dependencies between inputs, an exact analysis of this switching system is intractable. Consequently, we provide an approximate analysis based on some independence assumption and the flow conservation rule. We use an equivalent queueing system to estimate the service capability seen by each input. In case of the preemptive priority policy without considering a window scheme, we extend the approximation technique used by Chen and Guerin [1] to obtain more accurate results. Moreover, we also propose newly a window scheme that is appropriate for the preemptive priority switching system in view of implementation and operation. It can improve the total system throughput and delay performance of low priority packets. We also analyze this window scheme using an equivalent queueing system and compare the performance results with that without the window scheme. Numerical results are compared with simulations.

• Journal of Korea Trade
• /
• v.27 no.3
• /
• pp.21-42
• /
• 2023

Purpose - This paper investigates the trade effect of the Korea-China Free Trade Agreement (KCFTA) which coincides with political conflicts between the two countries due to the deployment of the Terminal High Altitude Area Defense (THAAD) in Korea. The two events occurred in the same year and both are likely to affect trade between two countries but in opposite directions. Therefore, it is crucial to distinguish between the trade effects from the KCFTA event and those from the THAAD event to evaluate the true FTA effects. However, this would be difficult when using only annual data. Accordingly, ex post studies to examine the trade effects of KCFTA are lacking in trustworthiness while many ex ante studies that conjecture the positive trade effects neglect the THAAD deployment impact. This paper aims to fill that gap. Design/methodology - Given that the KCFTA and THAAD events occurred in the same year but in different months, we use the monthly data from 2000 to 2019 of Korea's exports to bracket this period. We employ the difference-in-difference (DID) method within a gravity equation specification that uses hi-dimensional fixed effects to address various endogeneity issues and seasonal effects. We identify the net impact of KCFTA ratification from these two near-simultaneous events to quantify the effects of trade liberalization between these two countries. Findings - After isolating the THAAD effects on trade, the analysis creates a positive and statistically significant coefficient estimate of the KCFTA impact. In contrast, failing to isolate the THAAD effect produced a negative and statistically significant coefficient estimate of the KCFTA impact. Our results indicate that KCFTA independently increased Korea's exports to China by 10.2%, but that this increase was fully mitigated by the THAAD event. Further, our results verify that unobserved heterogeneity and multilateral resistance are technically difficult to account for in those estimations as that rely solely upon annual data, as this type of data are inadequate to control for the potential for endogeneity. Originality/value - This paper is one of the first studies to carefully evaluate the net trade effects of the KCFTA on Korea's largest trading partner while isolating the impact of simultaneously occurred political events that may influence trade in opposing directions. Our findings indicate that the lack of prior evidence of positive trade effects of the KCFTA when using annual data may be attributed to a failure to identify the impact of each event separately. This analysis supports using the correct modeling specification to avoid misleading conclusions when evaluating any important international trade policy.