• 한국정보통신학회논문지
• /
• 제18권10호
• /
• pp.2482-2488
• /
• 2014

본 논문에서는 MS-SQL 데이터베이스의 환경과 C++ 환경을 이용하여 데이터베이스 사용자 계정 취약점을 판별한다. MS-SQL 데이터베이스에서 패스워드나 사용자 설정이 변경되었는지를 체크한다. 또한, 사용자 계정이 만료되었거나 오랫동안 패스워드를 변경하지 않았으면 보안 취약점이 존재하는 것으로 판단한다. 이것은 제 3의 악의적인 사용자가 해킹 등을 하는 것을 방지, 예방을 하기 위한 목적이다. 최근에는 정보 자산이 더욱 중요하게 되어가고 있다. 데이터베이스의 정보 손실이 일어나게 된다면 큰 피해를 입게 된다. 본 논문은 MS-SQL 데이터베이스의 사용자 계정 만료 유무와 오랫동안 패스워드 설정이 변경되지 않은 사용자 계정을 점검하는 모듈을 개발한다. 이 기능을 이용하여 보안취약점 점검을 함으로써 악의적인 사용자가 데이터베이스에 접근을 할 수 없도록 한다.

• Earthquakes and Structures
• /
• 제2권1호
• /
• pp.25-42
• /
• 2011

This paper discusses a mechanical model for the vulnerability assessment of old masonry building aggregates that takes into account the uncertainties inherent to the building parameters, to the seismic demand and to the model error. The structural capacity is represented as an analytical function of a selected number of geometrical and mechanical parameters. Applying a suitable procedure for the uncertainty propagation, the statistical moments of the capacity curve are obtained as a function of the statistical moments of the input parameters, showing the role of each one in the overall capacity definition. The seismic demand is represented by response spectra; vulnerability analysis is carried out with respect to a certain number of random limit states. Fragility curves are derived taking into account the uncertainties of each quantity involved.

• Earthquakes and Structures
• /
• 제22권1호
• /
• pp.83-94
• /
• 2022

In recent years, some studies have identified and quantified factors that can increase or decrease the seismic vulnerability of buildings. These modifier factors, related to the building characteristics and condition, are taken into account in the vulnerability assessment, by means of a numerical estimation resulting from the quantification of these modifiers through vulnerability indexes. However, views have differed on the definition and the quantification of modifiers. In this study, modifier parameters and scores of the Risk-UE Level 1 method are adjusted based on the Algerian seismic code recommendations and the reviews proposed in the literature. The adjusted modifiers and scores are applied to reinforced concrete (RC) buildings in Boumerdes city, in order to assess probable seismic damage. Comparison between estimated damage and observed damage caused by the 2003 Boumerdes earthquake is done, with the objective to (i) validate the model involving influence of the modifier parameters on the seismic vulnerability, and (ii) to define the relationship between modifiers and damage. This research may help planners in improving seismic regulations and reducing vulnerability of existing buildings.

• Journal of Information Processing Systems
• /
• 제16권1호
• /
• pp.61-82
• /
• 2020

The security risk management used by some service providers is not appropriate for effective security enhancement. The reason is that the security risk management methods did not take into account the opinions of security experts, types of service, and security vulnerability-based risk assessment. Moreover, the security risk assessment method, which has a great influence on the risk treatment method in an information security risk assessment model, should be security risk assessment for fine-grained risk assessment, considering security vulnerability rather than security threat. Therefore, we proposed an improved information security risk management model and methods that consider vulnerability-based risk assessment and mitigation to enhance security controls considering limited security budget. Moreover, we can evaluate the security cost allocation strategies based on security vulnerability measurement that consider the security weight.

• 정보처리학회논문지:컴퓨터 및 통신 시스템
• /
• 제4권3호
• /
• pp.97-104
• /
• 2015

본 논문은 MS-SQL 데이터베이스의 환경과 OLE 원격 접속 기능, C++ 환경을 바탕으로 MS-SQL 데이터베이스 암호정책과 사용자 계정 패스워드 접속 시도, 패스워드 없는 사용자 계정, 패스워드를 일정 기간 이상 변경하지 않은 경우 등에 대한 점검을 통해서 보안취약점 기능을 설계한다. MS-SQL 데이터베이스와 C++의 연동을 위해서는 OLE DB 기능을 사용한다. OLE DB 연동을 통해 계정마다 암호정책 강제 적용의 유무를 확인하고, 계정별 패스워드 접속 실패 유무, 패스워드 없는 사용자, 패스워드를 일정 기간 이상 변경하지 않은 경우 등을 종합적으로 판단하여 보안취약점 유무를 판단한다. MS-SQL 데이터베이스 패스워드 기능과 관련하여 여러 가지 기능들을 판단해서 보안취약점을 점검할 수 있도록 한다. 본 논문에서 제시하는 기능을 활용하여 MS-SQL 데이터베이스 보안을 강화하고자 한다.

• 한국농공학회논문집
• /
• 제64권2호
• /
• pp.15-25
• /
• 2022

Idleness in rural areas is a very important issue with regard to national land space management. Previous studies have been conducted separately in terms of population housing and farmland. So, an integrated analysis considering population housing and farmland is required for rural spatial management. In this study, vulnerability indices were developed and spatial distribution of the vulnerable areas was analyzed by evaluating regional vulnerability on population, housing, and farmland. In addition, plans for rural space management plan were proposed considering the population hollowing out and the idle farmland. The results of this study would be helpful in preparing policies that take into account the vulnerability of idleness in rural areas.

• 디지털산업정보학회논문지
• /
• 제15권3호
• /
• pp.101-109
• /
• 2019

In addition to enabling access, database accounts play a protective role by defending the database from external attacks. However, because only a single account is used in the database, the account becomes the subject of vulnerability attacks. This common practice is due to the lack of database support, large numbers of users, and row-based database permissions. Therefore if the logic of the application is wrong or vulnerable, there is a risk of exposing the entire database. In this paper, we propose a Least-Privilege Account Separation Model (LPASM) that serves as an information guardian to protect the database from attacks. We separate database accounts depending on the role of application services. This model can protect the database from malicious attacks and prevent damage caused by privilege escalation by an attacker. We classify the account control policies into four categories and propose detailed roles and operating plans for each account.

• 정신신체의학
• /
• 제5권1호
• /
• pp.63-72
• /
• 1997

For the purpose of examining the relationship between perceived stress, vulnerability variables, and somatization tendency, the self-report questionnaires of perceived stress, styles of stress coping(passive and active copings), self-perception, gender, and somatization tendency were administered to university entrants(n=2,024). The results were as follows: 1) Perceived stress, styles of stress coping(passive and active copings), self-perception, and gender accounted for 15.56% of the total variance in somatization tendency. As a result of comparing the relative contributions of all predictor variables to somatization tendency, the highest was perceived stress, and the next in order were passive coping style, self-perception, and gender, whereas direct effect of active coping style was not significant. 2) The two-way and three-way interaction effects of perceived stress X vulnerability variables were not significant. 3) The two-way and three-way interaction effects of gender X psychosocial variables were not significant. To conclude, perceived stress and vulnerability variables independently contribute to somatization tendency in university entrants, and furthermore it is suggested that vulnerability variables as well as perceived stress must be considered to account for somatization tendency.

• 한국지반공학회:학술대회논문집
• /
• 한국지반공학회 2005년도 춘계 학술발표회 논문집
• /
• pp.713-718
• /
• 2005

A methodology is developed to evaluate the vulnerability of bridge piers to scour and to help establish effective disaster measures, taking into account the locality and scour characteristics in Korea. Based on the bearing capacity of bridge foundation-ground integrating system changed by scour, this methodology is able to prioritize bridge foundations reflecting on the geotechnical factors as well as hydraulic ones. The bridge foundation vulnerability to scour is categorized into 7 groups considering the concise information of the bridge foundation-ground integrating system. A case study of implementing this method which includes the analysis of the scour depth and evaluation, and categorizing the scour vulnerability of bridge foundation is presented.

• 대한조선학회논문집
• /
• 제55권3호
• /
• pp.274-280
• /
• 2018

This paper deals with the calculation of vulnerable areas of critical components required for the assessment of naval ship's vulnerability. Taking into account the effectiveness of threatening weapons, the probability density function of damage was used to assess vulnerable areas or vulnerabilities of critical components. It is shown that the vulnerable area of critical component can be simply computed from the damage function. Considering the weapon effectiveness of fragmentation and explosion on the target, both Carleton Damage Function and Rectangular Cookie Cutter Function representing the probability of damage are applied to the vulnerable area assessment. Carleton damage function is utilized to describe the weapon-target interaction in the vulnerability analyses. A problem of blast effect against an assumed naval ship is chosen as a case study. Vulnerability is evaluated by applying the suggested method to the equipments arranged in the engine room of the virtual ship.