• 안보군사학연구
• /
• 통권9호
• /
• pp.207-240
• /
• 2011

보안성은 현대의 정보시스템의 가장 중요한 특성 중의 하나이므로, 정보시스템의 보안성을 보증하기 위한 수많은 정보보증 제도(표준, 방법 등)가 있다. 그러나 제도간의 혼선이 있고 보증의 중복성 문제가 발생하고 있다. 본 논문에서는 기존의 정보보증 제도들을 조사하여 보증 대상별, 생명주기별 및 국가별로 분류하고 문제점을 지적하고 3가지의 새로운 정보보증 제도를 제시하였다. 특정 기관 및 업무별 보안기능 요구사항을 표준화하고 평가 및 인증하여 요구사항 자체를 보증하는 제도, 개발 중인 정보시스템에 대한 정보보증 제도, 신규 정보 시스템의 인증 및 사용 인가제도 확립 등이 그것이다. 이 연구는 국방 정보보증 제도의 설정에도 도움이 될 것이다.

• 디지털융복합연구
• /
• 제10권3호
• /
• pp.161-166
• /
• 2012

본 논문은 미군이 수행중인 미래전투 환경과, 네트워크 중심의 현대화 전쟁 배경 하에, 정보보증 이슈를 중심으로 정보보증 정책 및 로드맵에 대해 연구 분석하였다.

• 한국정보처리학회논문지
• /
• 제6권11S호
• /
• pp.3320-3331
• /
• 1999

In this paper, we explore two ways to improve the bandwidth assurance performance of Assured Service(AS). It is well known that AS fails to meet the bandwidth assurance target for large-profile TCP flows competing with many small-profile flows. This flows after the back-offs induced by packet drops. Thus currently proposed solution to this problem naturally focus on modifying TCP's behavior to counter the unfairness in the TCP dynamics. Unfortunately, these proposals lack practicability in terms of the required changes in the incumbent Internet infrastructure. Admitting this difficulty, we instead look to not yet deployed Diff-Serv mechanisms for practical solutions. In particular, we investigate the role of RIO, RED with IN(in-profile) and OUT(out-profile), queue management scheme in the assurance failure for As. Specifically, we identify the inadequacy of RIO that aggravates the bandwidth assurance failure. Then we alleviates the bandwidth assurance failure problem by separately controlling the out-of-profile packet queue length. Through extensive simulations we demonstrate that RI+O extends the regime where AS consistently provides the bandwidth assurance.

• 한국항행학회논문지
• /
• 제14권2호
• /
• pp.247-252
• /
• 2010

IT 기술이 발전함에 따라 네트워크를 통해 방대한 양의 정보가 이동하고 있다. 인터넷을 사용하는 사용자들은 올바른 사용으로 유용한 정보를 획득할 수 있으나, 올바르지 않은 사용을 하는 공격자는 악의적인 목적으로 사용하기 위해 타인의 개인 정보를 노출시키고 유포하여 다양한 피해를 발생시키고 있다. 이를 해결하기 위하여 다양한 정보보호제품이 개발되고 있다. 안전한 정보보호제품을 개발하기 위해서는 개발 과정부터 보안이 필요하며, 안전한 제품을 보증하기 위하여 제품 평가 및 보안 모듈에 대한 평가 제도들이 사용되고 있다. 본 논문에서는 정보보호제품이 안전하게 개발될 수 있도록 기존 정보보호제품 인증 제도뿐만 아니라, 정보보호 기능을 제공하지 않는 제품을 개발할 때 시행되고 있는 다양한 인증 제도까지 포함하여 연구함으로써, 더욱 안전하고 견고한 제품 개발 및 보증 방안을 제안한다.

• 경영과정보연구
• /
• 제10권
• /
• pp.117-133
• /
• 2002

In December 1999, the AICPA introduced WebTrust, a electronic commerce assurance service of ensuring safe trading on the web, in order to effect consumer confidence into electronic commerce. Shortly afterwards, CPA associations of other advanced nations, such as Canada, Australia, also adopted this service. This study focuses on introduction of electronic commerce assurance service of ensuring safe trading on the web. WebTrust assurance service expected to be the international standard in electronic commerce in the near future and not only as a source of income for domestic accounting firms, which have simpler income structure than the international counterparts, but also as catalyst for stimulating electronic commerce. The findings of the study are expected to contribute to accounting practice, academy of accounting and electronic commerce firms in the following ways. Domestically, as Korea is considering using the electronic commerce assurance service, this study will help promote adoption of WebTrust assurance service. This study has shown, in the midst of declining income of accounting firms by audit, a way to increase their audit boundary.

• Journal of information and communication convergence engineering
• /
• 제17권2호
• /
• pp.117-127
• /
• 2019

In software engineering, to ensure reliability between systems, describing both system architecture and assurance arguments between system elements is considered necessary. There are proposals for system architecture assurance, but use of these traditional methods often requires development of different diagrams using different editors. Because the visual sense of the traditional methods is inadequate, errors readily occur when manipulating different diagrams. Therefore, it is essential that the assurance of dependability between components and systems is visualized and easy to understand. In this paper, an integrated approach to describe the relationship between system actors and system architecture is proposed, and this approach is clarified using an enterprise architecture modeling language. A case study is carried out and comparison to the traditional approach $d^*$ framework is explained. The comparison results show that the proposed approach is more suitable for ensuring dependability in system architecture.

• Journal of Information Technology Applications and Management
• /
• 제16권2호
• /
• pp.23-43
• /
• 2009

For reliability and confidentiality of information security systems, the security engineering methodologies are accepted in many organizations. To improve the effectiveness of security engineering, this paper suggests a security methodology ISEM, which considers both product assurance and production processes, takes advantages in terms of quality and cost. To verify the effectiveness of ISEM, this paper introduces the concepts of quality loss, and compares the development costs and quality losses between ISEM and CC through the development of VPN system.

• Nuclear Engineering and Technology
• /
• 제35권6호
• /
• pp.556-565
• /
• 2003

A quality assurance safety assessment database, called QUARK (QUality Assurance Program for Radioactive Waste Management in Korea), has been developed to manage both analysis information and parameter database for safety assessment of low- and intermediate-level radioactive waste (LILW) disposal facility in Korea. QUARK is such a tool that serves QA purposes for managing safety assessment information properly and securely. In QUARK, the information is organized and linked to maximize the integrity of information and traceability. QUARK provides guidance to conduct safety assessment analysis, from scenario generation to result analysis, and provides a window to inspect and trace previous safety assessment analysis and parameter values. QUARK also provides default database for safety assessment staff who construct input data files using SAGE(Safety Assessment Groundwater Evaluation), a safety assessment computer code.

• 한국컴퓨터정보학회논문지
• /
• 제23권9호
• /
• pp.123-132
• /
• 2018

This study presents perceived reputation, perceived quality, perceived assurance of online shopping malls as the attributes factors of online shopping malls and identifies the impact of perceived online shopping mall attributes on trust, involvement and purchasing intention. Also we analyzed whether trust on online shopping mall affect involvement and purchasing intention, and whether involvement on online shopping mall affect purchasing intention. The results show that perceived quality, perceived assurance of online shopping malls influence positively on trust, but perceived reputation does not. Second, perceived reputation, perceived quality, perceived assurance of online shopping malls doesn't influence positively on involvement. Third, perceived quality, perceived assurance of online shopping malls influence positively on purchasing intention, but perceived reputation does not. Forth, trust on online shopping mall influence positively on involvement and purchasing intention. Fifth, involvement on online shopping mall influence positively on purchasing intention.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2007년도 추계학술발표대회
• /
• pp.1021-1024
• /
• 2007

인터넷이 발달하고 VoIP 의 활성화로 인하여 사용자들은 인터넷 전화서비스의 통화품질에 대한 관심이 크게 증가하고 있다. 본 고에서는 인터넷 전화서비스의 단말에 사용하고 있는 음성 코덱의 품질 측정을 위해 IP 패킷 전송품질 파라미터(ITU-T Y.1540)들을 인가하면서 이들 파라미터들의 변화에 따른 E-Model(ITU-T G.107) 종합 음성품질(R 값)을 측정하여 인터넷전화 단말의 프로세싱 품질을 파악하고 종단간서비스에서 단말이 차지하는 부분을 분석하여 인터넷 전화서비스의 통화품질 개선 및 향후 단말의 인증기준 등에 활용하고자 한다.