• The Journal of Society for e-Business Studies
• /
• v.8 no.3
• /
• pp.69-86
• /
• 2003

A Protection Profile(PP) is a common security and assurance requirements for a specific class of Information Technology security products such as firewall and smart card. A PP should be included "TOE(Target of Evaluation) Security Environment", which is consisted of subsections: assumptions, treat, organizational security policies. This paper presents a new threats statement generation method for developing TOE security environment section of PP. Our survey guides the statement of threats in CC(Common Criteria) scheme through collected and analysed hundred of threat statements from certified and published real PPs and CC Tool Box/PKB that is included a class of pre-defined threat and attack statements. From the result of the survey, we present a new asset classification method and propose a threats statement generation model. The former is a new asset classification method, and the later is a production rule for a well formed statement of threats.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.13-28
• /
• 2003

The Protection Profile(PP) is a common security function and detailed statement of assurance requirements in a specific class of Information Technology security products such as firewall and smart card. The parts of TOE security environment in the PP have to be described about assumption, treat and security policy through analyzing purpose of TOE. In this paper, we present a new security policy derivation among TOE security environment parts in the PP. Our survey guides the organizational security policy statements in CC scheme through collected and analyzed hundred of real policy statements from certified and published real PPs and CC Toolbox/PKB that is included security policy statements for DoD. From the result of the survey, we present a new generic organizational policy statements list and propose a organizational security policy derivation method by using the list.

• Journal of Industrial Convergence
• /
• v.18 no.2
• /
• pp.87-94
• /
• 2020

This paper belongs in a literature of sustainablity policy determination. This paper offers an actual status and explanation to corporate social responsibility of SMEs in Korea. This study examines CSR situation focused on developing mechanisms to enable the SMEs sector. Firstly, this study suggests introducing the third-party professional assurance service on sustainablity reports and/or asking global accreditation such as ISO14001 and ISO26000 when entry as a provider in government e-procurement system. Secondly, this study introduce the CSR Committee headed by the CEO and coordinates group-wide committees to discuss the CSR Guidelines. Third, because CSR does not only have to do with the SMEs, but pertains to the local community and business partner, this study offered the opportunity to work with large companies in aspects of CSR.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.77-82
• /
• 2004

The notion of a certificate was introduced by Kohnfelder in his 1978 MIT bachelor's thesis. The idea, now common, was that a certificate is a digitally signed statement binding the key-holder's name to a public key. With the increasing acceptance of digital certificate, there has been a gaining impetus for methods to nullify the compromised digital certificates and enable the end user to receive this information before be trusts a revoked certificate. The problem of certificate revocation is getting more and more crucial with the development of wide spread PKIs. In this paper, we investigate recent trend of certificate revocation mechanism.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.71
• /
• pp.195-216
• /
• 2016

In determining the content of the FET standard, the tribunals stated protection of investor's legitimate expectations, due process and denial of justice, transparency, discrimination and arbitrariness, good faith, etc. The most major elements of the FET standard is the protection of the investor's legitimate and reasonable expectations. It is necessary to consider whether it is possible to what the expectations of investors are protected as legitimate and it is formed under any circumstances. If host state frustrate investor's legitimate expectations, it found a breach of the FET. The host state's specific assurance may reinforce investor's expectations, but such explicit statement is not always necessary. The host state must preserve a stable environment for investments. However, It must not be understood as the inalterability of the host state's legal framework. It implies that the host state's subsequent changes should be made consistently and predictably. The host state is entitled to exercise a reasonable regulatory authority to respond to changing circumstances in the public purpose. Therefore, whether the violation FET shall be determined through a balanced against the investor's legitimate expectations and the host state's reasonable regulatory exercise in the public interest. And investor should keep in mind that the principle of proportionality is applied unless host state provides stabilization clause or similar commitments to investor. Also host state should establish the basis of an argument about reasonable regulatory authority for public interest.

• Journal of Environmental Impact Assessment
• /
• v.14 no.2
• /
• pp.83-96
• /
• 2005

Brominated flame retardants have the market share of 40%, comparing others because of their low cost and highly effective retardation against the flame. However, their toxic effects in human and properties of the accumulation in the environments have been issued among the international organization such as EU, OECD and etc. It, therefore, was surveyed the classification, toxic effects, and the usage of Brominated flame retardants, the trends for their managements in the world and Korea, and their contaminated levels in Korean Peninsula. In addition, the management directions for them were proposed. Penta, octa, and deca-BDE among brominated retardants will seem to be prohibited by the regulation as a flame retardants for plastics in Europe because of their toxic effects. Although Penta and Octa BDEs was used marginally in Korea, deca-BDE was 27% of brominated flame retardants (49,050 ton) which had been used in 2002. However, risk assessment for brominated retardants might not launched in Korea, yet. These reports demonstrate that toxic brominated retardants such as PBDEs will be assessed for their usage and the level of contamination in the environment in the area of the point sources like the industrial areas, incinerators and etc. However, the law to regulate the hazardous chemicals seems not to be dictated the monitoring of their contamination in the environment. We, therefore, suggest how to evaluate and to monitor the toxic contaminants with EIA (Environmental Impact Assessment) and LCA (Life Cycle Assessment) system. Further, to establish the management system of BFRs (such as the monitering of contamination levels in environments, life cycle assessment, and risk assessment for the toxic chemicals), It can be recommended the law to deal with the method analyzing chemicals will be established, which contains QA/QC (Quality Assurance and Quality Control) to evaluate the analytic capability of the companies to prepare EIS (Environment Impact Statement) or other institutes for analyzing chemicals.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.42
• /
• pp.133-160
• /
• 2009

In International trade the buyer and seller are normally separated from on another not only by distance but also by differences in language and culture. It is rarely possible for the performance of obligations to be simultaneous and the performance of contracts therefore calls for trust in a situation in which the parties are unlikely to feel able to trust each other unless they have a longstanding and successful relationship. Thus the seller under an international contract of sale will not wish to surrender documents of title to goods to the buyer until he has at least an assurance of payment, and no buyer will wish to pay for goods until he has received them. A gap of distrust thus exists which is often bridged by the undertaking of an intermediary known and trusted by both parties who will undertake on his own liability to pay the seller the contract price in return for the documents of title and then pass the documents to the buyer in return for the reimbursement. This is a common explanation of the theory behind the documentary letter of credit in which the undertaking of a bank of international repute serves as a "guarantee" to each party that the other will perform his obligations. The independence principle, also referred to as the "autonomy principle", is at the core of letter of credit or bank guarantee law. This principle provides that the letter of credit or bank guarantee is independent of the underlying contractual commitment - that is, the transaction that the credit is intented to secure - between the applicant and the beneficiary ; the credit is also independent of the relationship between the bank and its customer, the applicant. The most important exception to the independence principle is the doctrine of fraud in the transaction. A strict interpretation of the rule that the guarantee is independent of the underlying transaction would lead to the conclusion that neither fraud nor manifest abuse of rights by the beneficiary would constitute an objection to payment. There is one major problem related to "Independent guarantees", namely abusive or unfair callings. The beneficiary may make an unfair calling under the guarantee. The countermeasure of beneficiary's unfair calling divided three cases. First, advance countermeasure namely by contract. In other words, when the formation of the contract, the parties must insert the Force Majeure Clause, Arbitration Clause to Contract, and clear statement to the condition for demand calling. Second, post countermeasure namely by court. Many countries, including the United States, authorize the courts to grant an order enjoining the issuer from paying or enjoining the beneficiary from receiving payment under the guaranty letter. Third, Export Insurance. For example, the Export Credit Guarantees Department is prepared, subject to certain conditions, to cover the risk of unfair calling. Of course, KEIC in Korea is cover the risk of the all things for guarantees. On international projects, contractor performance is usually guaranteed by either a standby letters of credit or Independent guarantee. These instruments will be care the parties.

• Korean Journal of Comparative Education
• /
• v.24 no.3
• /
• pp.157-177
• /
• 2014

The importance of selection methods of secondary school teachers have gathered attention due to their enormous influence on the pre-service education programs. However, scholars and practitioners are skeptical about the effectiveness of the measures, especially under the condition of teacher oversupply found in South Korea and China. Based on this problem statement, this study seeks to compare the secondary teacher employment methods of the two countries to better understand the situations as well as to draw implications for improvement. We reach the following conclusions through comparative analyses. First, the reforms of the teacher employment system in both countries have been triggered by the quantitative supply concerns not by the qualitative concerns. Second, both countries require teaching license as a precondition of employment, while their quality assurance measures for the license reveal critical limitations. Third, both countries have attempted to improve selection methods; nevertheless, oversupply of prospective teachers makes objectivity and fairness more important than the appropriateness. Based on the conclusions, policy implications focusing on the quality-oriented approach are suggested in order to employ effective secondary teachers who can contribute to the quality improvement of school education.