• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.7
• /
• pp.1-8
• /
• 2017

As the IT environment becomes more sophisticated, various threats and their associated serious risks are increasing. Threats such as DDoS attacks, malware, worms, and APT attacks can be a very serious risk to enterprises and must be efficiently managed in a timely manner. Therefore, the government has designated the important system as the main information communication infrastructure in consideration of the impact on the national security and the economic society according to the 'Information and Communication Infrastructure Protection Act', which, in particular, protects the main information communication infrastructure from cyber infringement. In addition, it conducts management supervision such as analysis and evaluation of vulnerability, establishment of protection measures, implementation of protection measures, and distribution of technology guides. Even now, security consulting is proceeding on the basis of 'Guidance for Evaluation of Technical Vulnerability Analysis of Major IT Infrastructure Facilities'. There are neglected inspection items in the applied items, and the vulnerability of APT attack, malicious code, and risk are present issues that are neglected. In order to eliminate the actual security risk, the security manager has arranged the inspection and ordered the special company. In other words, it is difficult to check against current hacking or vulnerability through current system vulnerability checking method. In this paper, we propose an efficient method for extracting diagnostic data regarding the necessity of upgrading system vulnerability check, a check item that does not reflect recent trends, a technical check case for latest intrusion technique, a related study on security threats and requirements. Based on this, we investigate the security vulnerability management system and vulnerability list of domestic and foreign countries, propose effective security vulnerability management system, and propose further study to improve overseas vulnerability diagnosis items so that they can be related to domestic vulnerability items.

• Journal of the Society of Disaster Information
• /
• v.18 no.1
• /
• pp.202-217
• /
• 2022

Purpose: The recent increased use of Personal Mobility (PM) has been accompanied by a rise in the annual number of accidents. Accordingly, the safety requirements for PM use are being strengthened, but the laws/systems, infrastructure, and management systems remain insufficient for fostering a safe environment. Therefore, this study comprehensively searches the main problems and improvement methods through a review of previous studies that are related to PM. Then the priorities according to the importance of the improvement methods are presented through the Delphi survey. Method: The research method is mainly composed of a literature study and an expert survey (Delphi survey). Prior research and improvement cases (local governments, government departments, companies, etc.) are reviewed to derive problems and improvements, and a problem/improvement classification table is created based on keywords. Based on the classification contents, an expert survey is conducted to derive a priority improvement plan. Result: The PM-related problems were in 'non-compliance with traffic laws, lack of knowledge, inexperienced operation, and lack of safety awareness' in relation to human factors, and 'device characteristics, road-drivable space, road facilities, parking facilities' in relation to physical factors. 'Management/supervision, product management, user management, education/training' as administrative factors and legal factors are divided into 'absence/sufficiency of law, confusion/duplication, reduced effectiveness'. Improvement tasks related to this include 'PM education/public relations, parking/return, road improvement, PM registration/management, insurance, safety standards, traffic standards, PM device safety, PM supplementary facilities, enforcement/management, dedicated organization, service providers, management system, and related laws/institutional improvement', and 42 detailed tasks are derived for these 14 core tasks. The results for the importance evaluation of detailed tasks show that the tasks with a high overall average for the evaluation items of cost, time, effect, urgency, and feasibility were 'strengthening crackdown/instruction activities, education publicity/campaign, truancy PM management, and clarification of traffic rules'. Conclusion: The PM market is experiencing gradual growth based on shared services and a safe environment for PM use must be ensured along with industrial revitalization. In this respect, this study seeks out the major problems and improvement plans related to PM from a comprehensive point of view and prioritizes the necessary improvement measures. Therefore, it can serve as a basis of data for future policy establishment. In the future, in-depth data supplementation will be required for each key improvement area for practical policy application.