• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1225-1241
• /
• 2014

Recently, Financial companies implement DLP(Data Leaks Prevention) security products and enforce internal controls to prevent customer information leaks. Accidental data leaks in financial business increase more and more because internal controls are insufficient. Security officials and IT operation staffs struggle to plan countermeasures to respond to all kinds of accidental data leaks. It is difficult to prevent data leaks and to control information flow in business without research applications that handle business and privacy information. Therefore this paper describes business and privacy information flow on applications and how to plan and deploy security container based OS-level and Hypervisor virtualization technology to enforce internal controls for applications. After building security container, it was verified to implement internal controls and to prevent customer information leaks. With security policies additional security functions was implemented in security container and With recycling security container costs and time of response to security vulnerabilities was reduced.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.9 no.1
• /
• pp.67-74
• /
• 2009

Information Effluence leaks are caused by the wide use of the P2P program in Japan and Korea lead by the increase of internet use and network infrastructure expansion. This research confirms the seriousness of the data collected from the P2P leaks of the two countries and furthers its study by researching how countermeasures are applied. The effectiveness is verified by collecting data according to countermeasure applied periods. Both countries had information leaks, but in the case of Japan, not only personal information leaks but corporation, administrative agency, military, and others in a wide range as well. As a countermeasure against information effluence, Korea is enforcing counter plans mainly against the P2P service businesses and for Japan, various plans are taken such as business guides for each agency, organization management, SW development and supply, HW supply, and ect. The leaks in Japan were more severe than the ones in Korea but they had well planned countermeasures that were applied. Therefore if the Japanese countermeasure on information effluence of P2P programs is taken as a lesson, Korea can prevent the problem of leaks beforehand.

• Convergence Security Journal
• /
• v.17 no.2
• /
• pp.3-13
• /
• 2017

In the knowledge-information society, many domestic companies put lots of investment in technical development to possess core technologies and intellectual property. However, in the results of passive investment in security to protect their technologies compared to the active investment in technical development, the technology leaks from many companies and research institutes are rapidly increasing. Such increase of technology leaks not only causes damage to companies, but also has harmful effects on national economy directly and indirectly. Even though it has been perceived that a lot of industrial technology leak crimes are committed by former/current workers of small and medium-sized businesses, it is hard to find researches that mainly compare and analyze them. Therefore, this study aimed to understand the actual status of industrial technology leaks by analyzing cases of industrial technology leaks from 2014 to 2016 based on the type of victimized companies, corporate internal leakers' positions, matter of complicity, tools used for technology leaks, and motivation for technology leaks. Through the analysis in each type, the patterns and characteristics of industrial technology leaks were researched, and also the exploratory research on industrial security for the prevention of industrial technology leaks was conducted.

• Convergence Security Journal
• /
• v.11 no.5
• /
• pp.3-12
• /
• 2011

According to the NIS, damages due to leaking industrial technology are reaching tens of trillion won. The type of damages are classified according to insider leaks, joint research, and hacking, illegal technology leaks and collaborated camouflaged. But 80% of them turned out to be an insider leak about connecting with physical security. The convergence of IT and non IT is accelerating, and the boundaries between all area are crumbling. Information Security Industry has grown continuously focusing Private Information Security which is gradually expanding to Knowledge Information Security Industry, but Information Security Industry hereafter is concentrated with convergence of IT Security Technology and product, convergence of IT Security and Physical Security, and IT convergence Industry Security. In this paper, for preventing company information leaks, logical security and physical security both of them are managed at the same level. In particular, using convergence of physical security systems (access control systems, video security systems, and others) and IT integrated security control system, convergence security monitoring model is proposed that is the prevention of external attacks and insider leaks, blocked and how to maximize the synergy effect of the analysis.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.14 no.5
• /
• pp.369-374
• /
• 2021

Apartment recently built in kitchen is made is made because the gas hose with built-in ways invisible inside the sink. In this case, if the gas leaks, it is a dangerous method that can accumulate inside the sink and lead to an explosion. In this study, since the hose connected between the gas range and the intermediate valve is inside the sink, it is not possible to test for gas leaks, so a valve system that can easily check for gas leaks using a pressure sensor was studied. As for the pressure measurement method, the pressure of the hose connecting the intermediate valve and the gas range was measured so that data could be collected and analyzed using the I2C communication method. In addition, the calculation of the gas pressure supplied to the home was investigated for the atmospheric pressure error for the value calculated by adding the average value of the gas gauge pressure of 22.46 mbar at the inlet of the gas meter to the atmospheric pressure. A valve system was developed to detect minute gas leaks.

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.77-86
• /
• 2015

The organization shall minimize business risks associated with customer information leaks. Enhance information security activities through voluntary pre-check and must find a way to detect the personal information leakage caused by carelessness and neglect accident. Recently, many companies have introduced an information leakage prevention solution. However, there is a possibility of internal data leakage by the internal user who has permission to access the data. By this thread it is necessary to have the environment to analyze the habit and activity of the internal user. In this study, we use the SFI analytical technique that applies RFM model to evaluate the insider activity levels were carried out case studies is applied to the actual business.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.591-594
• /
• 2014

Due to the spread of personal computers and the development of network, the information age has come and a variety of information has been flooded. Accordingly, individuals and companies have been a lot of attention to information security. However personal information leaks have been happening constantly in Korea. Nevertheless, awareness of security of personal information have been treated carelessly in society. In this paper, we will survey foreign awareness of personal information, specific cases for information leaks, and coping methods.

• International Journal of Knowledge Content Development & Technology
• /
• v.4 no.1
• /
• pp.53-78
• /
• 2014

As instances of private information leak increase, taking steps to protect such information becomes a necessity. In this study of public library patrons, we strove for a comprehensive understanding of library usage records to suggest viable solutions for private information safety in public libraries. To this end, we investigated the patrons' understanding of library usage records and determined the relationship between different user characteristics and privacy knowledge or leaks. The results show that a high number of patrons perceived these records as their own private information, but that there was no necessity for legal procedures or consent for the use of these records. Also, even though the understanding of these usage records showed that there was a relationship between the frequency of library visits and leaks of personal information, the correlation was not particularly strong.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.99-106
• /
• 2012

Numerous private corporations and public institutions are collecting personal information through the diverse methods for the purpose of sales, promotion and civil services, and using personal information for the profits of the organizations and services. However, due to immaturity of the technical, managerial measures and internal control for the collected personal information, the misuse, abuse and the leaks of personal information are emerged as major social issues, and the government also is promoting implementation of the act on the privacy protection by recognizing the importance of the personal information protection. This research describes on the measures to detect the anomaly by analyzing personal information treatment patterns managed by the organizations, and on the measures to coup with the leaks, misuse, and abuse of personal information. Particularly, this research is intended to suggest privacy leakage monitoring system design, which can be managed by making the elements related to personal information leaks to numeric core risk indexes to be measured objectively.

• Journal of KIISE:Software and Applications
• /
• v.36 no.7
• /
• pp.590-606
• /
• 2009

We present a static analyzer that detects memory leaks in C programs. It achieves relatively high accuracy at a relatively low cost on SPEC2000 benchmarks and several open-source software packages, demonstrating its practicality and competitive edge against other reported analyzers: for a set of benchmarks totaling 1,777 KLOCs, it found 332 bugs with 47 additional false positives (a 12.4% false-positive ratio), and the average analysis speed was 720 LOC/sec. We separately analyze each procedure's memory behavior into a summary that is used in analyzing its call sites. Each procedural summary is parameterized by the procedure's call context so that it can be instantiated at different call sites. What information to capture in each procedural summary has been carefully tuned so that the summary should not lose any common memory-leak-related behaviors in real-world C program. Because each procedure is summarized by conventional fixpoint iteration over the abstract semantics ('a la abstract interpretation), the analyzer naturally handles arbitrary call cycles from direct or indirect recursive calls.