• 정보보호학회논문지
• /
• 제34권1호
• /
• pp.41-52
• /
• 2024

IPsec VPN에 대한 보안 감사는 구현 결함이나 설정 오류로 인한 취약점을 점검하고 사고 발생에 대한 조사 등을 위해 매우 중요하다. 하지만 IPsec VPN은 기밀성, 무결성, 인증 등을 보장하기 위해 네트워크 콘텐츠가 암호화 되어 있어 보안 감사에 큰 어려움이 있다. 이를 해결하기 위해 중간자 공격 방식을 이용한 분석 기법들이 이전 연구들에서 제안되었다. 중간자 공격 기법을 적용하기 위해서는 상호 인증을 위한 사전 공유키를 알고 있어야 하며, 네트워크에 직접 참여해야 한다. 이는 보안 감사를 위해 일시적으로 네트워크 단절을 유발하며, 감사 이전에 수집된 데이터에 대한 분석이 불가능하다. 본 논문에서는 네트워크 연속성을 보장하며, 특정 IPsec VPN 연결 방식과 인증 방식에 한정되지 않는 새로운 분석 기법을 제안한다. 따라서, 제안하는 분석 기법은 IPsec VPN 보안 감사를 위해 실제적으로 활용될 것으로 기대된다.

• 한국안전학회지
• /
• 제28권3호
• /
• pp.44-50
• /
• 2013

Process gas piping is one of the most basic components frequently used in the refinery and petrochemical plants. Many kinds of by-product gas have been used as fuel in the process plants. In some plants, natural gas is additionally introduced and mixed with the byproduct gas for upgrading the fuel. In this case, safety or design margin of the changed piping system of the plant should be re-evaluated based on a proper design code such as ASME or API codes since internal pressure, temperature and gas compositions are different from the original plant design conditions. In this study, series of piping stress analysis were conducted for a process piping used for transporting the mixed gas of the by-product gas and the natural gas from a mixing drum to a knock-out drum in a refinery plant. The analysed piping section had been actually installed in a domestic industry and needed safety audit since the design condition was changed. Pipe locations of the maximum system stress and displacement were determined, which can be candidate inspection and safety monitoring points during the upcoming operation period. For studying the effects of outside air temperature to safety the additional stress analysis were conducted for various temperatures in $0{\sim}30^{\circ}C$. Effects of the friction coefficient between the pipe and support were also investigated showing a proper choice if the friction coefficient is important. The maximum system stresses were occurred mainly at elbow, tee and support locations, which shows the thermal load contributes considerably to the system stress rather than the internal pressure or the gravity loads.

• 대한기관윤리심의기구협의회지
• /
• 제2권2호
• /
• pp.37-48
• /
• 2020

Purpose: The purpose of this study is to assess the operational status and level of understanding among IRB and HRPP staffs at a hospital or a research institute to the HRPP guideline set by the Ministry of Food and Drug Safety (MFDS) and to provide recommendations. Methods: Online survey was distributed among members of Korean Association of IRB (KAIRB) through each IRB office. The result was separated according to topic and descriptive statistics was used for analysis. Result: Survey notification was sent out to 176 institutions and 65 (37.1%) institutions answered the survey by online. Of 65 institutions that answered the survey; 83.1% was hospital, 12.3% was university, 3.1% was medical college, 1.5% was research institution. 23 institutions (25.4%) established independent HRPP offices and 39 institutions (60.0%) did not. 12 institutions (18.5%) had separate IRB and HRPP heads, 21 (32.3%) institutions separated business reporting procedure and person in charge, 12 institutions separated the responsibility of IRB and HRPP among staff, and 45 institutions (69.2%) had audit & non-compliance managers. When asked about the most important basic task for HRPP, 23% answered self-audit. And according to 43.52%, self-audit was also the most by both institutions that operated HRPP and institutions that did not. When basic task performance status was analyzed, on average, the institutions that operated HRPP was 14% higher than institutions that only operated IRB. 9 (13.8%) institutions were evaluated and obtained HRPP accreditation from MFDS and the most common reason for obtaining the accreditation was to be selected as Institution for the education of persons conducting clinical trial (6 institutions). The most common reason for not obtaining HRPP accreditation was because of insufficient staff and limited capacity of the institution (28%). Institutions with and without a plan to be HRPP accredited by MFDS were 20 (37.7%) each. 34 institutions (52.3%) answered HRPP evaluation method and accreditation by MFDS was appropriate while 31 institutions (47.7%) answered otherwise. 36 institutions answered that HRPP evaluation and accreditation by MFDS was credible while 29 institutions (44.5%) answered that HRPP evaluation method and accreditation by MFDS was not credible. Conclusion: 1. MFDS's HRPP accreditation program can facilitate the main objective of HRPP and MFDS's HRPP accreditation program should be encouraged to non-tertiary hospitals by taking small staff size into consideration and issuing accreditation by segregating accreditation. 2. While issuing Institution for the education of persons conducting clinical trial status as a benefit of MFDS's HRPP accreditation program, it can also hinder access to MFDS's HRPP accreditation program. It should also be considered that the non-contact culture during COVID-19 pandemic eliminated time and space limitation for education. 3. For clinical research conducted internally by an institution, internal audit is the most effective and sole method of protecting safety and right of the test subjects and integrity for research in Korea. For this reason, regardless of the size of the institution, an internal audit should be enforced. 4. It is necessary for KAIRB and MFDSto improve HRPP awareness by advocating and educating the concept and necessity of HRPP in clinical research. 5. A new HRPP accreditation system should be setup for all clinical research with human subjects, including Investigational New Drug (IND) application in near future.

• 한국군사과학기술학회지
• /
• 제2권1호
• /
• pp.159-169
• /
• 1999

최근 전산망의 트래픽을 제어하여 해킹방지를 위해 방화벽을 구축한다. 방화벽의 보안 서비스는 인증, 접근통제, 기밀성, 무결성 그리고 감사기록 이다. 사용자는 방화벽에 인증을 위하여 토큰을 사용한다. 토큰은 작은 배터리를 내장하므로 전력 용량이 한정된다. 본 논문은 TCP/IP를 이용하는 전산망의 해킹방지를 위한 경제적인 방화벽 토큰 설계 방법을 제안한다. 공개키 암호 시스템의 주요 연산이며, 토큰 전력 소모의 대부분을 차지하는 지수연산에 Sparse 소수를 이용한 고속 처리 방법을 제안한다. 제안한 방법은 지수연산에서 모듈러 연산 량을 감소시킴으로 토큰의 배터리 용량 또는 CPU 가격을 낮출 수 있다.

• Journal of Information Processing Systems
• /
• 제16권2호
• /
• pp.301-317
• /
• 2020

An enterprise patch-management system (PMS) typically supplies a single point of failure (SPOF) of centralization structure. However, a Blockchain system offers features of decentralization, transaction integrity, user certification, and a smart chaincode. This study proposes a Hyperledger Fabric Blockchain-based distributed patch-management system and verifies its technological feasibility through prototyping, so that all participating users can be protected from various threats. In particular, by adopting a private chain for patch file set management, it is designed as a Blockchain system that can enhance security, log management, latest status supervision and monitoring functions. In addition, it uses a Hyperledger Fabric that owns a practical Byzantine fault tolerant consensus algorithm, and implements the functions of upload patch file set, download patch file set, and audit patch file history, which are major features of PMS, as a smart contract (chaincode), and verified this operation. The distributed ledger structure of Blockchain-based PMS can be a solution for distributor and client authentication and forgery problems, SPOF problem, and distribution record reliability problem. It not only presents an alternative to dealing with central management server loads and failures, but it also provides a higher level of security and availability.

• 융합보안논문지
• /
• 제15권7호
• /
• pp.85-96
• /
• 2015

보안로그의 활용범위가 다양해짐에 따라 저장된 로그 데이터에 대한 무결성의 중요성이 높아지고 있다. 특히, 저장된 로그 데이터는 시스템에 침입한 공격자들이 자신의 흔적을 없애기 위해 우선적으로 조작되는 대상이다. 키 정보가 노출이 된 이후의 로그 데이터의 안전성은 보장하지 못하지만, 그 이전에 축적된 로그 데이터 무결성의 전방 안전성을 보장하는 다양한 이론적 기법들이 소개되었다. 본 논문에서는 기존기법들의 특성을 분석하며, 계산 효율적인 측면에서의 비교분석을 통해 적용될 운영환경에 적합한 기법들의 유효성을 확인한다.

• 융합보안논문지
• /
• 제15권5호
• /
• pp.37-45
• /
• 2015

IT 시스템에서 로그는 과거의 중요 이벤트를 보여주는 지표가 된다. 따라서 시스템에 문제가 발생했을 시에 그 원인을 찾고 문제를 해결하는데 사용하기 때문에 저장된 로그의 무결성을 보장하는 것이 중요하다. 기존의 로그 시스템에서는 키 정보가 노출되더라도 저장된 로그의 변조를 탐지하기 위한 다양한 기법들이 제안되었다. 현재 로그의 무결성을 보장하기 위한 연구는 로그의 전송과 저장하는 부분을 분리하여 진행되고 있다. 본 논문에서는 로그의 전송과 저장 시무결성을 보장하는 로그 시스템을 소개한다. 또한, 제안 로그시스템이 만족하는 보안요구사항과 기존의 연구된 기법들보다 전송 및 저장 시 계산적으로 효율적임을 증명한다.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2012년도 추계학술발표대회
• /
• pp.1511-1514
• /
• 2012

최근 기업에서 구축하는 IT 아키텍쳐가 점점 복잡해져 가는 환경변화에 따라 각 시스템 구성요소의 조건이나 특성을 저장하는 설정파일(Configuration file)의 중요성이 강조되고 있지만, 대부분의 형상관리시스템이 응응 소프트웨어를 중심으로 구성되어 설정파일의 특징을 반영한 활동에 한계를 갖고 있다. 또한 품질보증 목적으로 수행하는 형상감사 활동도 응용 소프트웨어를 대상으로 품질중심 감사 활동이 이루어지면서, 등록된 개별 소프트웨어 별로 변경통제와 버전관리가 이루어져 설정 파일이 포함되는 경우 버전 무결성 차원의 문제를 적발하지 못하는 문제가 있다. 이 논문에서는 추가적으로 필요한 감사활동 요구기능을 정의하고, 동일한 원본에서 배포된 설정파일들이 서로 버전이 다르게 관리 될 수 있는 문제를 감사(Audit)를 통해 탐지할 수 있는 버전 무결성 감사 프레임워크를 제시한다. 제안하는 프레임워크는 기존 형상관리 개념과 액티비티, 프로세스를 기반으로 감사기능을 보완한다. 이를 통해 기존 감사활동에 버전 무결성 검증을 수행하는 형상감사 기능이 포함되며, 이는 설정파일의 버전 차이에 의해 사전/사후 발생될 장애, 오동작 등의 문제 해결에 활용된다. 이 논문에서 제안 프레임워크의 검증을 위하여 웹 시스템 기반 자바환경으로 구현하였고, 현장 적용한 부분을 평가 함으로써 검증하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제17권11호
• /
• pp.3003-3029
• /
• 2023

The rapid evolution of the IoT has paved the way for new opportunities in smart city domains, including e-health, smart homes, and precision agriculture. However, this proliferation of services demands effective SLAs between customers and service providers, especially for critical services. Difficulties arise in maintaining the integrity of such agreements, especially in vulnerable wireless environments. This study proposes a novel SLA management model that uses an SDN-Enabled WSN consisting of wireless nodes to interact with smart contracts in a straightforward manner. The proposed model ensures the persistence of network metrics and SLA provisions through smart contracts, eliminating the need for intermediaries to audit payment and compensation procedures. The reliability and verifiability of the data prevents doubts from the contracting parties. To meet the high-performance requirements of the blockchain in the proposed model, low-cost algorithms have been developed for implementing blockchain technology in wireless sensor networks with low-energy and low-capacity nodes. Furthermore, a cryptographic signature control code is generated by wireless nodes using the in-memory private key and the dynamic random key from the smart contract at runtime to prevent tampering with data transmitted over the network. This control code enables the verification of end-to-end data signatures. The efficient generation of dynamic keys at runtime is ensured by the flexible and high-performance infrastructure of the SDN architecture.

• 대한간호학회지
• /
• 제22권3호
• /
• pp.237-388
• /
• 1992

This study was done to identify the degree of congruence between nurses and patients on patients' health problems. The purposes of this study were 1. To compare the health problems of parturient women as identified by interview and in the nursing record. 2. To compare the health problems of patients who have had gynecological surgery as identified by interview and in the nursing record. 3. To compare the health problems of chemotherapy patients as identified by interview and in the nursing record. The design of this study was a comparative descriptive design. The subjects were 205 Obstetric-Gynecologic patients. The tool for this study was an 11 item questionnaire, including one open ended question on the patient's problem during the past one day. Data was collected through interviews and an audit of the nursing records during the period from March 22, 1992 to April 29, 1992. Data was analyzed using by frequencies and percentiles. The result of this study were summarized as follows : Pain was the most prevalent complaint for parturient women by interview(60.3% ) and from the nursing records(83.2%). There was no record in the nursing records about the complaints of lack of information and emotional problems even though there were complaints of communication problems (17.6%) and of emotional problems(3.5%) identified in the interviews but there were more records of cardiopulmonary problems in nurses record(9.1%) than the patient interviews (3.3%). In the nursing records 25.9% of the identified records identified pain problems compared with 23.3% in the interviews. In the nursing records, 22.3% of the records identified nutrition problem as compared with 18.2% in the interview. There were only a very few emotional problem identified in the nursing records (3.7%) as compared to 18.2% in the interviews. There were no comments about communication problems in the nursing records but 5.2% of the subjects mentioned of communication problems in the patient interview. There were problems in five categories for the parturient women ; comfort, communication, activity and rest, elimination, emotions, and there were problems in ten categories for the surgery patients : comfort, elimination, communication, emotions, nutrition, cardiopulmonary, thermoregulation, physical integrity, host defense and activity /rest. There were also problems in the same ten categories for chemotherapy Patients. On the other hand, in the nursing records, only comfort activity /rest, and elimination problems were identified for the parturient women, there were only seven categories of problems : comfort, elimination, cardiopulmonary, activity /rest, and nutrition for the gynecology surgical patients, and for the chemotherapy Patients, comfort, nutrition, physical integrity, cardiopulmonary, activity /rest, thermoregulation, emotion and elimination were the categories identified, and no communication problems were identified. It was found that there was low congruence between the patients' problems as identified through patient interview and as recorded in the nursing records. Therefore it can be concluded that the main content of the nursing records is the physical problems of the patients and this is not in congruence with the patients' reported problems in the emotional and communication domain.