• Convergence Security Journal
• /
• v.24 no.3
• /
• pp.3-11
• /
• 2024

Information security is crucial not only for protecting against external cyber-attacks but also for identifying and blocking internal data leakage risks in advance. To this end, many companies and institutions implement digital rights management(DRM) document security solutions, which encrypt files to prevent content access if leaked, and data loss prevention(DLP) solutions, which control devices such as USB ports on computing equipment to prevent data leaks. At a time when efforts to prevent internal data leaks are crucial, there is a growing need for control policies such as device control and the identification of information assets in standalone network environments, which could otherwise fall into unmanaged domains. In this study, we propose a Generation-Distribution-Application model for device control policies that are uniquely applied to standalone information assets that are not connected to internal networks. To achieve this, we developed an authentication technique linked with the asset management system, where information assets are automatically registered upon acquisition. This system allows for precise identification of information assets and enables flexible device control, and we have designed and implemented a system based on these principles.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.6
• /
• pp.283-290
• /
• 2015

As society has evolved to the knowledge and information society, the importance of internal information of the company has increased gradually. Especially in financial institutions which must maintain the trust of customers, the disclosure of inside information is a big problem beyond the a company's business information disclosure level to break down sales-based businesses because it contains personal or financial transaction information. Recently, since massive outflow of internal information are occurring in several enterprises, many companies including financial companies have been working a lot in order to prevent the leakage of customer information. This paper describes the internal information leakage incidents occurred in the finance companies, the PC security vulnerabilities exists despite the main security system and internal information leakage prevention and suggests countermeasures against increasing cyber infringement threats.

• Convergence Security Journal
• /
• v.15 no.7
• /
• pp.39-45
• /
• 2015

Industrial secrets that companies own recently protected by various act related industrial security such as Trade Secret Act, Act on Prevention of Divulgence and Protection of Industrial Technology, etc. However, despite such protection infringement and leakage accidents of industrial secrets is increasing every year. According to a survey conducted by KAITS(Korean Association for Industrial Technology Security) annual average of estimated damage by industrial secrets leakage is estimated to be "50 trillion won." This is equivalent to the amount of annual revenue of small businesses more than 4,700 units. Following this, industrial secrets leakage causes serious damages to competitiveness of nation and companies and economic. However investment and effort to the industrial secrets leakage crime is lack of level compared to the scale of damage. Actually, most companies except some major companies are lack of response action about industrial secrets leakage because of shortage of separate organization, workforce, budget for industrial secrets leakage security. This paper aims to understand the overall flow of the industrial secrets leakage crime through various taxonomy such as cause of occurrence and leakage pathway and grasp the condition of damage from industrial secrets leakage through analyzation of internal and external industrial secrets leakage crime. This is expected to be the basis for related research.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.2
• /
• pp.65-72
• /
• 2015

According to recent statistics published by the National Industrial Security Center, former and current employees are responsible for 80.4% of companies' technology leakages, and employees of cooperative firms are responsible for another 9.6%. This means that 90% of technology leakages are intentionally or mistakenly caused by insiders. In a recent incident, a credit card company leaked private information, and the person responsible was an employee of a cooperative firm. These types of incidents have an adverse effect not only on a company's assets but also on its reputation. Therefore, most institutions implement various security solutions to prevent information from being leaked. However, security solutions are difficult to analyze and distinguish from one another because their logs are independently operated and managed. A large number of logs are created from various security solutions. This thesis investigates how to prevent internal data leakage by setting up individual scenarios for each security solution, analyzing each scenario's logs, and applying a monitoring system to each scenario.

• Journal of the Korean Society of Safety
• /
• v.37 no.6
• /
• pp.1-8
• /
• 2022

This study analyzed the characteristics of insulation resistance and operating time based on an accelerated degradation test of a low-voltage circuit breaker. The experimental sample used a molded case circuit breaker (MCCB) and an earth leakage circuit breaker (ELCB). After measuring the insulation resistance of the circuit breakers, the leakage current was affected by an external rather than an internal structure. Furthermore, the insulation resistance of the circuit breakers with accelerated degradation was measured using a Megger insulation tester. In the accelerated degradation test, aging times of five, ten, 15, and 20 years were applied according to a temperature derived using the Arrhenius equation. Circuit breakers with an equivalent life of ten, 15, and 20 years had increased insulation resistance compared to those with less degradation time. In particular, the circuit breaker with an equivalent life of ten years had the highest insulation resistance. Component analysis of the circuit breaker manufactured through an accelerated degradation test confirmed that the timing of the increase in insulation resistance and the time of additive loss were the same. Finally, after analyzing the operating time of the circuit breakers with degradation, it was confirmed that the MCCB did not change, but the ELCB breaker failed.

• Proceedings of the Korean Institute of IIIuminating and Electrical Installation Engineers Conference
• /
• 2005.11a
• /
• pp.339-344
• /
• 2005

A person's body resistance in the waterpark, public bath and similar places is lower than any other places due to effect of water. So low voltage may create a shock hazard for the human body in case of leakage or fault currents from lighting unit etc. We researched the related regulations these are internal standards, NEC, IEC and investigated the actual conditions for the prevention of electrical shock due to lighting units in the waterpark, public bath and similar places. So we could present actual facilities's problems and solutions

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.449-456
• /
• 2018

Many organizations divide the network to manage the network in order to prevent the leakage of internal data between separate organizations / departments by sending and receiving unnecessary traffic. The most fundamental network separation method is based on physically separate equipment. However, there is a case where a network is divided and operated logically by utilizing a virtual LAN (VLAN) network access control function that can be constructed at a lower cost. In this study, we first examined the possibility of bypassing the logical network separation through VLAN ID scanning and double encapsulation VLAN hopping attack. Then, we showed and implemented a data leak scenario by utilizing the acquired VLAN ID. Furthermore, we proposed a simple and effective technique to detect and prevent the double encapsulation VLAN hopping attack, which is also implemented for validation. We hope that this study improves security of organizations that use the VLAN-based logical network separation by preventing internal data leakage or external cyber attack exploiting double encapsulation VLAN vulnerability.

• Journal of the Korean Institute of Illuminating and Electrical Installation Engineers
• /
• v.20 no.4
• /
• pp.78-85
• /
• 2006

A person's body resistance in the waterpark, public bath and similar places is much lower than any other places due to effect of water. So low voltage may create a shock hazard for the human body in case of leakage or fault currents from lighting unit etc. We researched the related regulations which are internal standards, NEC, IEC and investigated the actual conditions for the prevention of electric shock due to lighting units in the waterpark, public bath and similar places. As a results internal standard is obscure as compared with NEC, IEC which is the limit of application and distinction of environment condition. And then internal standard's using voltage is higher than NEC, IEC in filed of water. Studies show that internal standard should be revision that raise the installation height of lighting unit, mark IP level surface of lighting unit and limit using voltage to line-to-line voltage

• Structural Engineering and Mechanics
• /
• v.81 no.6
• /
• pp.691-703
• /
• 2022

To obtain the seismic response of lead-cored rubber, shape memory alloy (SMA)-rubber isolation Plate-shell Integrated Concrete Liquid-Storage Structure (PSICLSS), based on a PSICLSS in a water treatment plant, built a scale experimental model, and a shaking table test was conducted. Discussed the seismic responses of rubber isolation, SMA-rubber isolation PSICLSS. Combined with numerical model analysis, the vibration characteristics of rubber isolation PSICLSS are studied. The results showed that the acceleration, liquid sloshing height, hydrodynamic pressure of rubber and SMA-rubber isolation PSICLSS are amplified when the frequency of seismic excitation is close to the main frequency of the isolation PSICLSS. The earthquake causes a significant leakage of liquid, at the same time, the external liquid sloshing height is significantly higher than internal liquid sloshing height. Numerical analysis showed that the low-frequency acceleration excitation causes a more significant dynamic response of PSICLSS. The sinusoidal excitation with first-order sloshing frequency of internal liquid causes a more significant sloshing height of the internal liquid, but has little effect on the structural principal stresses. The sinusoidal excitation with first-order sloshing frequency of external liquid causes the most enormous structural principal stress, and a more significant external liquid sloshing height. In particular, the principal stress of PSICLSSS with long isolation period will be significantly enlarged. Therefore, the stiffness of the isolation layer should be properly adjusted in the design of rubber and SMA-rubber isolation PSICLSS.

• Journal of Multimedia Information System
• /
• v.7 no.3
• /
• pp.215-220
• /
• 2020

Many state agencies and companies collect personal data for the purpose of providing public services and marketing activities and use it for the benefit and results of the organization. In order to prevent the spread of COVID-19 recently, personal data is being collected to understand the movements of individuals. However, due to the lack of technical and administrative measures and internal controls on collected personal information, errors and leakage of personal data have become a major social issue, and the government is aware of the importance of personal data and is promoting the protection of personal information. However, theory-based training and document-based intrusion prevention training are not effective in improving the capabilities of the privacy officer. This study analyzes the processing steps and types of accidents of personal data managed by the organization and describes measures against personal data leakage and misuse in advance. In particular, using Capture the Flag (CTF) scenarios, an evaluation platform design is proposed to respond to personal data breaches. This design was proposed as a troubleshooting method to apply ISMS-P and ISO29151 indicators to reflect the factors and solutions to personal data operational defects and to make objective measurements.