• 정보처리학회논문지C
• /
• 제10C권1호
• /
• pp.1-10
• /
• 2003

본 논문에서는 취약점 검색공격 탐지시스템 DS-NVSA(Detection System of Network Vulnerability Scan Attacks)에서 서버와 에이전트들 사이의 상호연동을 위한 안전한 통신 프레임워크를 제안한다. 기존 시스템과의 상호연동을 위하여 제안 프레임워크는 IETF의 IDWG에서 제안한 IDMEF와 IAP를 확장 적용하였다. 또한 공개키 기반의 환경을 지원하지 못하는 네트워크 시스템을 위해 대칭키 기반의 암호화 통신 프로토콜 SKTLS(Symmetric Key based Transport Layer Security Protocol)를 제시하였다. 제안된 프레임워크는 DS-NVSA 이외에도 기존의 이기종 침입탐지 시스템의 제사용과 탐지 영역의 확대를 제공하며, 또한 기업내 통합 보안환경시스템 ESM(Enterprise Security Management) 시스템에도 적용될 수 있다.

• Asia pacific journal of information systems
• /
• 제10권4호
• /
• pp.57-75
• /
• 2000

Most current literature on knowledge and technology transfer(Appropriability Model, Dissemination Model, and Knowledge Utilization Model), describe the process of transfer in details, but has limitation in terms of their application in contemporary high-tech industries since most studies have not provided plausible explanation on levels and factors affecting transfer of knowledge and/or technology. To overcome these limitations, the four levels of knowledge and technology transfer are suggested: Knowledge and Technology Creation(Level I), Sharing(Level II), Implementation(Level III), and Commercialization(Level IV). Comprehensive literature identifies sixteen variables affecting the process and results of knowledge and technology transfer. The survey results show four key factors in knowledge and technology transfer: Communication, Distance, Equivocality, and Motivation, Communication refers to the degree to which a medium is able to efficiently and accurately conveys task-relevant information and media while distance involves both physical and cultural proximity. Equivocality refers to the degree of concreteness of knowledge and technology to be transferred while motivation involves incentives for and the recognition of the importance of knowledge and technology transfer activities. Further analysis shows that there are four distinctive clusters and they show very contrasting characteristics in terms of four key factors. The careful mapping of the four clusters on the four key factors show very informative knowledge and technology transfer patterns, the Knowledge and Technology Transfer Grid. Finally, actions to increase communication interactivity and motivation, and to reduce cultural distance and equivocality are suggested.

• 한국문헌정보학회지
• /
• 제53권3호
• /
• pp.317-344
• /
• 2019

데이터의 가치 증대, 연구 방법의 패러다임 변화 그리고 오픈 사이언스 등의 구체적 발현은 연구가 더 이상 기존의 학술지와 같은 텍스트 중심이 아닌 데이터 기반으로 전환되고 있음을 나타내고 있다. 본 연구에서는 아직 국내 연구가 미흡한 연구 데이터 관리 및 서비스를 위한 핵심요소와 해당 기능적 요건을 도출하기 위하여 DCC, ICPSR, ANDS 그리고 DataONE에 대한 서비스를 분석하였다. 분석 결과 도출된 핵심 요소는 'DMP 작성지원', '데이터 기술', '데이터 저장', '데이터 공유 및 접근', '데이터 인용' 그리고 '데이터 관리 교육' 등이다. 또한 도출된 핵심 요소에 기능적 요건을 제시함으로써 향후 실질적으로 RDM 서비스를 구축 및 운영하고자 할 때 본 연구의 내용을 적용할 수 있을 것이다.

• 한국건축시공학회:학술대회논문집
• /
• 한국건축시공학회 2023년도 봄 학술논문 발표대회
• /
• pp.367-368
• /
• 2023

Kiscon, Seumteo, KONEPS and CSI are representative construction-related DBs. All four DBs are operated by the public. However, the characteristics of data are different depending on the purpose. Therefore, it is difficult to utilize integrated data and it is only used sparingly. Creating and sharing a unique key that can identify a construction site will enable integrated accumulation and management of construction-related data for various purposes. At this point, it is most efficient to assign a unique key based on KISCON. KISCOn data conforms to the construction site definition and covers most of the public, private, architectural and civil works. In addition, there is an advantage in that DB construction is performed in the construction situation, which is a relatively preceding process. In the future, it is necessary to create a practical construction site integrated DB through the production of an integrated key table containing linkage information of unique keys for site management, performance indicators, and statistics production.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권1호
• /
• pp.455-472
• /
• 2020

As a user in modern societies with the rapid growth of Internet environment and more complicated business flow processes in order to be effective at work and accomplish things on time when the manager of the company went for a business trip, he/she need to delegate his/her signing authorities to someone such that, the delegatee can act as a manager and sign a message on his/her behalf. In order to make the delegation process more secure and authentic, we proposed a secure and efficient identity-based proxy signcryption in cloud data sharing (SE-IDPSC-CS), which provides a secure privilege delegation mechanism for a person to delegate his/her signcryption privilege to his/her proxy agent. Our scheme allows the manager of the company to delegate his/her signcryption privilege to his/her proxy agent and the proxy agent can act as a manager and generate signcrypted messages on his/her behalf using special information called "proxy key". Then, the proxy agent uploads the signcrypted ciphertext to a cloud service provider (CSP) which can only be downloaded, decrypted and verified by an authorized user at any time from any place through the Internet. Finally, the security analysis and experiment result determine that the proposed scheme outperforms previous works in terms of functionalities and computational time.

• 정보처리학회논문지C
• /
• 제18C권6호
• /
• pp.369-378
• /
• 2011

최근 비즈니스 환경에서 공유되는 데이터의 기밀성과 유연성있는(fine-grained) 접근제어를 보장하기 위해서 KP-ABE(Key Policy-Attribute Based Encryption)와 PRE(Proxy Re-Encryption)를 활용한 시스템 모델이 제안되었다. 그러나 기존 방식은 클라우드 서버에 집중된 복호권한 때문에 데이터 기밀성을 침해하게 된다. 또한, 접근권한 관리에 대한 개념을 고려하지 않았으므로 악의적인 내부사용자의 공격에 취약하다. 이러한 문제를 해결하기 위해서 기존방식의 프로토콜 모델에서 권한 관리자 그룹을 두어 클라우드 서버에 저장되는 데이터 파일(data file)을 분산 저장하여 데이터 기밀성을 보장하고 AONT 기반의 XOR 임계치 비밀분산을 활용하여 접근권한 관리 모델을 구성하였다. 또한 XOR 쉐어를 활용하여 권한의 가중치를 부여할 수 있는 방법을 구체화했다. 4장에서 기존방식과 제안방식과의 비교 분석과 기능적 활용에 대해서 서술하여 제안방식의 차별화를 부각시켰다.

• Geomechanics and Engineering
• /
• 제36권1호
• /
• pp.51-69
• /
• 2024

Currently, composite lining mountain tunnels in China are generally classified based on the [BQ] method for the surrounding rock grade. Increasingly, tunnel field construction is replicated indoors for scale down model tests. However, the development of analogous materials for model tests of composite lining tunnels with different surrounding rock grades is still unclear. In this study, typical Class III and V surrounding rock analogous materials and corresponding composite lining support materials were developed. The whole processes of excavation-support dynamics of the mountain tunnels were simulated. Data on the variation of deformations, contact pressures and strains on the surrounding rock were obtained. Finally, a comparative analysis between model tests and numerical simulations was performed to verify the rationality of analogous material development. The following useful conclusions were obtained by analyzing the data from the tests. The main analogous materials of Class III surrounding rock are barite powder, high-strength gypsum and quartz sand with fly ash, quartz sand, anhydrous ethanol and rosin for Class V surrounding rock. Analogous materials for rockbolts, steel arches are replaced by aluminum bar and iron bar respectively with both shotcrete and secondary lining corresponding to gypsum and water. In addition, load release rate of Class V surrounding rock should be less than Class III surrounding rock. The fenestration level had large influence on the load sharing ratio of the secondary lining, with a difference of more than 30%, while the influence of the support time was smaller. The Sharing ratios of secondary lining in Class III surrounding rock do not exceed 12%, while those of Class V surrounding rock exceed 40%. The overall difference between the results of model tests and numerical simulations is small, which verifies the feasibility of similar material development in this study.

• 한국IT서비스학회지
• /
• 제19권1호
• /
• pp.145-158
• /
• 2020

With the development and widespread application of online shopping, the number of online consumers has increased. With one click of a mouse, people can buy anything they want without going out and have it sent right to the doors. As consumers benefit from online shopping, people are becoming more concerned about protecting their privacy. In the group buying scenario described in our paper, online shopping was regarded as intra-group communication. To protect the sensitive information of consumers, the polynomial-based encryption key sharing method (Piao et al., 2013; Piao and Kim, 2018) can be applied to online shopping communication. In this paper, we analyze security problems by using a polynomial-based scheme in the following ways : First, in Kamal's attack, they said it does not provide perfect forward and backward secrecy when the members leave or join the group because the secret key can be broken in polynomial time. Second, for simultaneous equations, the leaving node will compute the new secret key if it can be confirmed that the updated new polynomial is recomputed. Third, using Newton's method, attackers can successively find better approximations to the roots of a function. Fourth, the Berlekamp Algorithm can factor polynomials over finite fields and solve the root of the polynomial. Fifth, for a brute-force attack, if the key size is small, brute force can be used to find the root of the polynomial, we need to make a key with appropriately large size to prevent brute force attacks. According to these analyses, we finally recommend the use of a relatively reasonable hash-based mechanism that solves all of the possible security problems and is the most suitable mechanism for our application. The study of adequate and suitable protective methods of consumer security will have academic significance and provide the practical implications.

• 정보처리학회논문지C
• /
• 제14C권3호
• /
• pp.239-254
• /
• 2007

유비쿼터스 컴퓨팅은 사용자에게 장소와 시간에 제약이 없이 자유롭게 네트워크에 접속 할 수 있는 환경을 제공하고 있다. 이러한 환경은 모든 정보의 공유 및 접근이 쉽게 이루어지는 반면, 인가되지 않은 사용자의 불법적인 접근도 쉽게 이루어질 수 있기 때문에 적합한 보안 정책이 필요하다. 특히 유비쿼터스 센서 네트워크의 센서 노드들은 제한된 전력을 이용하고 하드웨어적으로 작은 크기를 유지해야 하기 때문에 보안 정책 수립에 많은 제한이 발생하게 된다. 본 논문에서는 유비쿼터스 센서 네트워크에서 센서의 운영체제와 플랫폼, 라우팅 방식에 종속적이지 않은 더블키를 이용한 경량 보안 프로토콜을 제안한다. 본 논문에서는 더블키 방식을 제안하여 인증과 안전한 키 분배 및 교체가 이루어 질 수 있도록 한다. 보안 관리자가 네트워크 상황에 맞는 보안 레벨 변경 및 키 교체, 관리가 가능하기 때문에 적은 연산 처리만으로 최대의 보안 효과를 얻을 수 있는 장점이 있다. 성능 평가 결과 제안한 유비쿼터스 센서 네트워크에서 더블키를 이용한 경량 보안 프로토콜은 기존의 보안 정책 보다 상대적으로 저전력으로 보안 정책을 활용 할 수 있었다. 제안한 더블키를 이용한 경량 보안 프로토콜은 스마트 오피스 및 스마트 홈과 같은 실제 환경의 유비쿼터스 센서 네트워크에 적합하다고 할 수 있다.

• 무역상무연구
• /
• 제71권
• /
• pp.325-350
• /
• 2016

As the new competitive environment become more global, technologically oriented and customer driven, as customers continually demand higher quality, faster response, and greater reliability of products and services, the new global market demands a more customer responsive behaviour by companies and firms have responded with innovative products and improved manufacturing processes to manufacture products. Further, the shift from traditional manufacturing and purchasing to JIT manufacturing and purchasing requires customers and suppliers to shift from adversarial relationships to strategic partnerships, and information sharing, so as to attain flexibility, reliability, and speed. SCM practices such as supplier collaboration and information sharing is considered as a key to attaining supplier network responsiveness and enhancing the product innovation and the market access time. The current research investigates the effect of SCM practices on supplier network responsiveness, the product innovation and the market access time of export companies. Thus by providing empirical evidence of the said relationships, this study offers useful guidelines for measuring and improving the supplier network responsiveness of a firm, facilitating further research in the area.