• Journal of Korean Society of Archives and Records Management
• /
• v.16 no.2
• /
• pp.81-112
• /
• 2016

This study aims to propose the adoption of a business management system, as well as suggest the functions and development directions for public organizations, which are required to establish the record management and information disclosure system under Government 3.0, rapidly respond to the needs for strengthening the responsibilities for explanation, and improve work efficiency. Recently, some of the public organizations that introduced the record management and information disclosure system adopted the Electronic Document System, which focuses on the function of electronic approval, and developed a records classification scheme for the system. This study aims to review the case of A organization, which recently developed an in-house records management system and established information strategy planning to adopt a customized business management system after establishing a business reference model throughout the organization, and suggests the directions of the electronic record production system for public organizations.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.45 no.1
• /
• pp.53-70
• /
• 2022

Recently, due to the change to SASB(Sustainability Accounting Standards Board) and GRI(Global Reporting Initiative) Standards 2021, the paradigm for non-financial information disclosure is changing significantly, with the number of ESG topics and indicators that must be disclosed by industry from an autonomous material topic selection method. This study revealed that the number of compulsory topics in the oil and gas industry by GRI standards 2021 is up to 2.4 times higher than the average number of material topics disclosed when domestic companies publish sustainability reports using GRI Standards 2020. In the oil and gas industry, I analyzed the similarities and differences between the GRI standards 2021 and the ESG topics covered by SASB by environmental, social, economic, and governance areas. In addition, the materiality test process, which is different in GRI standards 2021, is introduced, and the issues included in the following 10 representative ESG-related initiatives are summarized into 62 and suggested improvement plans for materiality test used in the topic pool.

• Journal of The Korean Association of Information Education
• /
• v.1 no.2
• /
• pp.57-66
• /
• 1997

The primary purpose of security mechanisms in a computer systems is to control the access to information. There are two types of access control mechanisms to be used typically. One is discretionary access control(DAC) and another is mandatory access control(MAC). In this study an access control mechanism is introduced for secure access path in security system. The security policy of this access control is that no disclosure of information and no unauthorized modification of information. To make this access control correspond to security policy, we introduce three properties; read, write and create.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.9
• /
• pp.2550-2572
• /
• 2023

Epidemiological survey is an important means for the prevention and control of infectious diseases. Due to the particularity of the epidemic survey, 1) epidemiological survey in epidemic prevention and control has a wide range of people involved, a large number of data collected, strong requirements for information disclosure and high timeliness of data processing; 2) the epidemiological survey data need to be disclosed at different institutions and the use of data has different permission requirements. As a result, it easily causes personal privacy disclosure. Therefore, traditional access control technologies are unsuitable for the privacy protection of epidemiological survey data. In view of these situations, we propose a black box-assisted fine-grained hierarchical access control scheme for epidemiological survey data. Firstly, a black box-assisted multi-attribute authority management mechanism without a trusted center is established to avoid authority deception. Meanwhile, the establishment of a master key-free system not only reduces the storage load but also prevents the risk of master key disclosure. Secondly, a sensitivity classification method is proposed according to the confidentiality degree of the institution to which the data belong and the importance of the data properties to set fine-grained access permission. Thirdly, a hierarchical authorization algorithm combined with data sensitivity and hierarchical attribute-based encryption (ABE) technology is proposed to achieve hierarchical access control of epidemiological survey data. Efficiency analysis and experiments show that the scheme meets the security requirements of privacy protection and key management in epidemiological survey.

• The Journal of Korean Association of Computer Education
• /
• v.17 no.6
• /
• pp.21-33
• /
• 2014

This study reviewed the all specialized vocational high school across the nation, through the data per school in the Elementary, Middle & High Schools information disclosure system(2012), and carried out an analysis on the specialized vocational high school's educational outcomes in using the data mining technique. The educational outcomes of specialized vocational high schools were defined as the employment rate, the university entrance rate, the aware records in various vocational techniques contests. As the first research question, this study investigate whether there was any significant differences in educational outcomes depending on school's general characteristics. And as the second research question, this study explored the factors influencing on educational outcome.

• The Korean Journal of Archival Studies
• /
• no.39
• /
• pp.45-72
• /
• 2014

In the recent years, Gov.2.0, which strengthens not only a claim for freedom of information but also sharing public information, became a new paradigm of government operations. In line with the paradigm the Korean government promotes the Gov.3.0 policy. This study exams the freedom of information system, which expends its roles and responsibilities for enhancing the usage of public information in the Gov.3.0 era. Furthermore, it analyzes the system's usability from the perspective of users. The freedom of information system is the fundamental portal for all the public information's disclosure and usage. Without providing the solution for problems of the system, the Korean government's Gov3.0 policy cannot succeed. Also, Park Geun-hye Government's Gov.3.0 initiatives which consists of tasks, such as reinforcing freedom of information, immediate releasing original documents, and expending public access to information, should be done through the freedom of information system. The importance of the system is increasingly heavy. It is not only the simple online contact point for public information, but also a public sphere for sharing public raw data and for implementing the Gov.3.0 vision. However, the current system still does not slove it problems. This study analyzes the system's problems in terms of usability and sustainability. As a result, it provides three alternative strategies for the freedom of information system, including 'personnel and financial support expansion', 'strengthening user-friendly operating' and 'establishing long-term strategies for system improvement.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.2
• /
• pp.580-599
• /
• 2021

Software-Defined Networking (SDN) has three key features: separation of control and forwarding, centralized control, and network programmability. While improving network management flexibility, SDN has many security issues. This paper systemizes the security threats of SDN using spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege (STRIDE) model to understand the current security status of SDN. First, we introduce the network architecture and data flow of SDN. Second, we analyze security threats of the six types given in the STRIDE model, aiming to reveal the vulnerability mechanisms and assess the attack surface. Then, we briefly describe the corresponding defense technologies. Finally, we summarize the work of this paper and discuss the trends of SDN security research.

• The Korean Journal of Archival Studies
• /
• no.50
• /
• pp.177-229
• /
• 2016

Archival reference service is the ultimate goal and outcome of records management. It encompasses a whole range of activities to connect records with the demands for them. Intellectual needs for records are met by the procedure of information disclosure to guarantee the people's right to know and to provide active responses to archival information needs. Thus, it is required to establish an efficient search system by unifying search tools for archives used in information disclosure and sorting out the classification systems and description items according to the archive types. The qualitative enhancement of information disclosure can be expected when there is a harmonious circulation of attributes-such as applicants, records, search tools, and information providers-for the smooth implementation of reading processes in the context of archival reference service. Therefore, the present study holds its significance in the following aspects. First, it presented a picture of pending issues and the reality of reading service processes from an internal perspective by examining the factors and characteristics that influence "reading service."Second, it demonstrated the phenomenon of close interactions among information providers, applicant, search tools, and records in the process of requesting, searching, and providing records. Third, it proposed the need for a total integrated search tool around the pending issues of reading processes at the National Archives of Korea. Fourth, it promoted an understanding of archival information utilization at the working level among information providers. Finally, it showed major differences in the quality of information provision of "reading service" according to the "perceptions" and "attitudes" of information providers.

• Journal of Intelligence and Information Systems
• /
• v.22 no.4
• /
• pp.109-122
• /
• 2016

Recently, big data analysis has developed into a field of interest to individuals and non-experts as well as companies and professionals. Accordingly, it is utilized for marketing and social problem solving by analyzing the data currently opened or collected directly. In Korea, various companies and individuals are challenging big data analysis, but it is difficult from the initial stage of analysis due to limitation of big data disclosure and collection difficulties. Nowadays, the system improvement for big data activation and big data disclosure services are variously carried out in Korea and abroad, and services for opening public data such as domestic government 3.0 (data.go.kr) are mainly implemented. In addition to the efforts made by the government, services that share data held by corporations or individuals are running, but it is difficult to find useful data because of the lack of shared data. In addition, big data traffic problems can occur because it is necessary to download and examine the entire data in order to grasp the attributes and simple information about the shared data. Therefore, We need for a new system for big data processing and utilization. First, big data pre-analysis technology is needed as a way to solve big data sharing problem. Pre-analysis is a concept proposed in this paper in order to solve the problem of sharing big data, and it means to provide users with the results generated by pre-analyzing the data in advance. Through preliminary analysis, it is possible to improve the usability of big data by providing information that can grasp the properties and characteristics of big data when the data user searches for big data. In addition, by sharing the summary data or sample data generated through the pre-analysis, it is possible to solve the security problem that may occur when the original data is disclosed, thereby enabling the big data sharing between the data provider and the data user. Second, it is necessary to quickly generate appropriate preprocessing results according to the level of disclosure or network status of raw data and to provide the results to users through big data distribution processing using spark. Third, in order to solve the problem of big traffic, the system monitors the traffic of the network in real time. When preprocessing the data requested by the user, preprocessing to a size available in the current network and transmitting it to the user is required so that no big traffic occurs. In this paper, we present various data sizes according to the level of disclosure through pre - analysis. This method is expected to show a low traffic volume when compared with the conventional method of sharing only raw data in a large number of systems. In this paper, we describe how to solve problems that occur when big data is released and used, and to help facilitate sharing and analysis. The client-server model uses SPARK for fast analysis and processing of user requests. Server Agent and a Client Agent, each of which is deployed on the Server and Client side. The Server Agent is a necessary agent for the data provider and performs preliminary analysis of big data to generate Data Descriptor with information of Sample Data, Summary Data, and Raw Data. In addition, it performs fast and efficient big data preprocessing through big data distribution processing and continuously monitors network traffic. The Client Agent is an agent placed on the data user side. It can search the big data through the Data Descriptor which is the result of the pre-analysis and can quickly search the data. The desired data can be requested from the server to download the big data according to the level of disclosure. It separates the Server Agent and the client agent when the data provider publishes the data for data to be used by the user. In particular, we focus on the Big Data Sharing, Distributed Big Data Processing, Big Traffic problem, and construct the detailed module of the client - server model and present the design method of each module. The system designed on the basis of the proposed model, the user who acquires the data analyzes the data in the desired direction or preprocesses the new data. By analyzing the newly processed data through the server agent, the data user changes its role as the data provider. The data provider can also obtain useful statistical information from the Data Descriptor of the data it discloses and become a data user to perform new analysis using the sample data. In this way, raw data is processed and processed big data is utilized by the user, thereby forming a natural shared environment. The role of data provider and data user is not distinguished, and provides an ideal shared service that enables everyone to be a provider and a user. The client-server model solves the problem of sharing big data and provides a free sharing environment to securely big data disclosure and provides an ideal shared service to easily find big data.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.2
• /
• pp.21-28
• /
• 2008

There are some problems on the system that uses a password comprising a digital signature to identify the secret key owner under the public key infrastructure. For example, the password can be difficult to remember or easy to be disclosure, and users should make more complex password to protect it. A number of studies have been proceeded in order to overcome these defects using the fingerprint identification technologies, but they need to change the current standard of public key infrastructure. On the suggested private key escrow system, the private key can be withdrawn only through the enrollment and identification of a fingerprint template after it is saved to a reliable third system. Therefore, this new private key escrow system can remove previous inconveniences of managingthe private key on current public key infrastructure, and it exhibited superior results in terms of the evaluation items when compared with the integrated method of the existing fingerprint identification and public key infrastructure.