• Journal of Information Technology and Architecture
• /
• v.11 no.2
• /
• pp.175-185
• /
• 2014

This study is based on the information security management system, the threat from mobile office, mobile office configuration item type, vulnerability analysis and control at the level of the current possibilities for technology to its purpose. To perform exploratory study for mobile Office to target the new technology, we were used the integrated research methods such as the documentary survey, expert FGI and real user's survey. To identify the main risk areas of mobile office services, we develop the mobile service layer model that separated the place, terminal, network, server according to service deliverly system. Finally, the result of survey for threats and vulnerabilities showed that the control of the terminal of user is a significant.

• Journal of the Earthquake Engineering Society of Korea
• /
• v.2 no.3
• /
• pp.13-26
• /
• 1998

In view of the rapid development of economics and technology, perilous meteorological and geological conditions often cause natural disasters and result in severe loss of lives and properties in Taiwan. To promote multi-hazard mitigation strategies in an integrated a, pp.oach, the National Science Council established a National Science and Technology Program for Disaster Mitigation in January 1998. This program emphasizes on the implementation of research results in the National Disaster Management System. This paper describes the earthquake loss estimation methodology that is currently developed in Taiwan. Topics of potential earth science hazards (PESH) and building vulnerability analysis are described in detail.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1047-1057
• /
• 2018

As the number of services offered on the Internet exponentially increases, password managers are increasing popular applications that store several passwords in an encrypted database (or password vault). Browser-integrated password managers or locally-installed password managers store the password vault on the user's device. Although a web-based password manager stores the password vault on the cloud server, a user can store the master password used to sign in the cloud server on her device. An attacker that steals a user's encrypted vault stored in the victim's device can make an offline attack and, if successful, all the passwords in the vault will be exposed to the attacker. This paper investigates the vulnerability of the password vault stored in the device and develops attack programs to verify the vulnerability of the password vault.

• Journal of Advanced Navigation Technology
• /
• v.15 no.4
• /
• pp.664-671
• /
• 2011

The development of IT technology and breakthrough of the network and the wired network, wireless network boundaries disappear and wired and wireless integrated service environment is the advent in online game environment. However, the wired and wireless integrated service environment appropriate security technology is still inactive, wired and wireless integration environment due to the characteristic as well as security threats wired network and security threats in wireless networks should be considered. Therefore, This wired and wireless integrated environment has been considering studied various, Among them wired and wireless environment considering the lightweight of ID-based authentication and key management has been in progress. In recent, Moon et al. pervasive environment in authentication and ID-based key management protocol is proposed. However, Moon et al.'s scheme is use the ID-based public-key approach to decreased the amount of computation. However, pairing by using a technique similar to the existing public key scheme can represent the amount of computation. Therefore, In this paper the way of Moon etc in security vulnerability analysis.

• Nuclear Engineering and Technology
• /
• v.36 no.4
• /
• pp.346-356
• /
• 2004

14 Pressurized Water Reactors (PWR) in Korea use a remote monitoring system (RMS), which have been used in Korea since 1998. A Memorandum of Understanding on Remote Monitoring, based on Enhanced Cooperation on PWRs, was signed at the 10th Safeguards Review Meeting in October 2001 between the International Atomic Energy Agency (IAEA) and Ministry Of Science and Technology (MOST). Thereafter, all PWR power plants applied for remote monitoring systems. However, the existing method is high cost (involving expensive telephone costs). So, it was eventually applied to an Internet system for Remote Monitoring. According to the Internet-based Virtual Private Network (VPN) applied to Remote Monitoring, the Korea Atomic Energy Research Institute (KAERI) came to an agreement with the IAEA, using a Member State Support Program (MSSP). Phase I is a Lab test. Phase II is to apply it to a target power plant. Phase III is to apply it to all the power plants. This paper reports on the penetration testing of Phase I. Phase I involved both domestic testing and international testing. The target of the testing consisted of a Surveillance Digital Integrated System (SDIS) Server, IAEA Server and TCNC (Technology Center for Nuclear Control) Server. In each system, Virtual Private Network (VPN) system hardware was installed. The penetration of the three systems and the three VPNs was tested. The domestic test involved two hacking scenarios: hacking from the outside and hacking from the inside. The international test involved one scenario from the outside. The results of tests demonstrated that the VPN hardware provided a good defense against hacking. We verified that there was no invasion of the system (SDIS Server and VPN; TCNC Server and VPN; and IAEA Server and VPN) via penetration testing.

• International Journal of Highway Engineering
• /
• v.17 no.6
• /
• pp.75-83
• /
• 2015

PURPOSES : This study deals with the traffic accidents classified by the traffic analysis zone. The purpose is to develop the accident density models by using zonal traffic and socioeconomic data. METHODS : The traffic accident density models are developed through multiple linear regression analysis. In this study, three multiple linear models were developed. The dependent variable was traffic accident density, which is a measure of the relative distribution of traffic accidents. The independent variables were various traffic and socioeconomic variables. CONCLUSIONS : Three traffic accident density models were developed, and all models were statistically significant. Road length, trip production volume, intersections, van ratio, and number of vehicles per person in the transportation-based model were analyzed to be positive to the accident. Residential and commercial area ratio and transportation vulnerability ratio obtained using the socioeconomic-based model were found to affect the accident. The major arterial road ratio, trip production volume, intersection, van ratio, commercial ratio, and number of companies in the integrated model were also found to be related to the accident.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2001.05a
• /
• pp.15-24
• /
• 2001

This study introduces an integrated decision support system (DSS) for the water supply system in Fukuoka City, Japan. The objective is to conceive a comprehensive tool that may aid decision-makers to derive the best water supply alternatives from a multi-reservoir system in order to minimize the long-term drought damages and threat of water shortage. The present DSS consists of graphical user interface (GUI), a database manager, and mathematical models for runoff analysis, water demand forecasting, and reservoir operation. The methodology applied explicitly integrates the drought risk assessment based on the concept of reliability, resiliency, and vulnerability, as constraints to derive the management operation. The application of the DSS to the existing water supply system in Fukuoka City was found to be an efficient tool to facilitate the examination of a sequence of water supply scenarios toward an improved performance of the actual water supply system during periods of drought.

• Journal of Climate Change Research
• /
• v.7 no.1
• /
• pp.69-75
• /
• 2016

Recently, many countries all over the world have been suffered from disaster caused by climate change. Especially in case of developed countries, the disaster is concentrated in the industry sector. In this research, we analyzed industrial vulnerable homogeneous hotspot for the climate change using spatial autocorrelation analysis on the south Korea. Homogeneous hot spot areas through autocorrelation analysis indicate the spatial pattern of areas interacted each other. Industry sector have responsibility of green house gas emissions, and should adapt to the climate change caused by greenhouse gas already released. So, we integrated the areas sensitive to mitigation option with the areas hardly adapt to climate change because of vulnerable infrastructure. We expected that the result of this research could contribute to the decision-making system of climate change polices.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.10 no.6
• /
• pp.161-167
• /
• 2010

Social individualized broadcasting increases rapidly in an environment that combines communication and broadcasting. Real-time individualized broadcasting is a service that is provided by multiple individuals to many and unspecified persons. In contrast, newly introduced individualized broadcasting service is a service that has not been experienced socially and culturally and therefore many problems are expected. The newly emerging real-time individualized broadcasting service may bring about various dysfunctions as well as desirable functions. Establishment of guideline and its implementation based in vulnerability analysis are necessary to prevent the expected dysfunctions and reinforce the desirable functions. Therefore, the purpose of this paper is to examine dysfunctions of the information-oriented society which threaten cyber-norms, cyber-morality, cyber-dangers, cyber-democracy, etc. at the level of social individualized broadcasting service and to propose appropriate guidelines. Through this paper, first, future changes of dysfunctions of the information-oriented society due to individualized broadcasting service can be forecast, and countermeasures and policy directions can be proposed. Second, Dysfunctions of ICT-based service that may emerge in individualized broadcasting service can be forecast and correct guideline can be prepared to reduce potential dangers and increase desirable functions of the service. This paper will analyze in various aspects the characteristics of a new media with the focus on individualized broadcasting service among the new ICT-integrated services, and forecast the appearance and aggravation of the dysfunctions and then draw the guideline.

• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.189-200
• /
• 2024

In recent years, the development of defense technology has become digital with the introduction of advanced assets such as drones equipped with artificial intelligence. These assets are integrated with modern information technologies such as industrial IoT, artificial intelligence, and cloud computing to promote innovation in the defense domain. However, the convergence of the technology is increasing the possibility of transfer of cyber threats, which is emerging as a problem of increasing the vulnerability of defense assets. While the current cybersecurity methodologies focus on the vulnerability of a single asset, interworking of various military assets is necessary to perform the mission. Therefore, this paper recognizes these problems and presents a mission-based asset management and evaluation methodology. It aims to strengthen cyber security in the defense sector by identifying assets that are important for mission execution and analyzing vulnerabilities in terms of cyber security. In this paper, we propose a method of classifying mission dependencies through linkage analysis between functions and assets to perform a mission, and identifying and classifying assets that affect the mission. In addition, a case study of identifying key assets was conducted through an attack scenario.