• Title/Summary/Keyword: Protection vulnerability

Search Result 218, Processing Time 0.026 seconds

DEVELOPMENT OF A VULNERABILITY ASSESSMENT CODE FOR A PHYSICAL PROTECTION SYSTEM: SYSTEMATIC ANALYSIS OF PHYSICAL PROTECTION EFFECTIVENESS (SAPE)

  • Jang, Sung-Soon;Kwan, Sung-Woo;Yoo, Ho-Sik;Kim, Jung-Soo;Yoon, Wan-Ki
    • Nuclear Engineering and Technology
    • /
    • 제41권5호
    • /
    • pp.747-752
    • /
    • 2009
  • A vulnerability assessment is essential for the efficient operation of a physical protection system (PPS). Previous assessment codes have used a simple model called an adversary sequence diagram. In this study, the use of a two-dimensional (2D) map of a facility as a model for a PPS is suggested as an alternative approach. The analysis of a 2D model, however, consumes a lot of time. Accordingly, a generalized heuristic algorithm has been applied to address this issue. The proposed assessment method was implemented to a computer code; Systematic Analysis of physical Protection Effectiveness (SAPE). This code was applied to a variety of facilities and evaluated for feasibility by applying it to various facilities. To help upgrade a PPS, a sensitivity analysis of all protection elements along a chosen path is proposed. SAPE will help to accurately and intuitively assess a PPS.

Line Security Evaluation of WANS Considering Protectability of Relays and Vulnerability of Lines

  • Hussain, Akhtar;Seok, Chang-Ju;Choi, Myeon-Song;Lee, Seung-Jae;Lim, Seong-Il
    • Journal of Electrical Engineering and Technology
    • /
    • 제9권6호
    • /
    • pp.1864-1872
    • /
    • 2014
  • Maloperation of protective relays is one of the major causes for cascading tripping in WANS. Another line trip followed by a previous line trip may occur due to overloading of the line, because of the load redistribution or unwanted trip of a backup relay due to change in the flow of fault current. Evaluation of each line is required by considering both of these effects. A new index named Line Security Index (LSI) is proposed in this paper which combines both Vulnerability Index (VI) and Protectability Index (PI) to completely evaluate the security of individual lines and their importance in the power grid. Computer simulations have been performed on the Korean power grid data to establish the feasibility of the proposed idea.

Evaluation of waste disposal site using the DRASTIC system in Southern Korea

  • Lee, S.
    • 대한원격탐사학회:학술대회논문집
    • /
    • 대한원격탐사학회 2003년도 Proceedings of ACRS 2003 ISRS
    • /
    • pp.126-128
    • /
    • 2003
  • As a systematic approach to waste disposal site screening for groundwater pollution protection, the DRASTIC system developed by the US Environmental Protection Agency (USEPA) was introduced at Younggwang County in Korea. Hydrogeologic spatial databases for the system include info rmation on depth to water, net recharge, aquifer media, soil media, topographic slope, hydraulic conductivity and lineament. Using the databases, the DRASTIC system and a GIS, the regional groundwater pollution vulnerability of the study area was assessed. The fracture density extracted from lineament maps was added to the DRASTIC system to take into account the preferential migration of contaminants through fractures. From the results of the study, a degree of groundwater pollution vulnerability through the study area was easily interpreted, and waste disposal sites could be screened for groundwater protection.

  • PDF

개인정보보호관리체계(PIMS)를 이용한 의료정보보호 개선 방안 연구 : 의료기관 종사자를 중심으로 (A Improvement Study on the Medical Information Protection Using Personal Information Management System(PIMS) : Focus on medical practitioners)

  • 민경은;김성준
    • 디지털산업정보학회논문지
    • /
    • 제12권3호
    • /
    • pp.87-109
    • /
    • 2016
  • This study intends to present an effective and efficient development plan about the information protection of medical institutions, by establishing the improvement plan about Personal Information Management System(PIMS) appropriate to the characteristics of medical information focusing on medical institutions generating and using domestic medical information, and doing an empirical study on medical information protection plan. For this, in view of the medical characteristics of the existing Information Security Management System(ISMS), the study presented a study model appropriated to medical institutions based on Personal Information Management Systems index specialized for personal information, and through this, presented the vulnerability diagnosis and vulnerability improvement plan. Based on ISMS index, it designed an improvement index of personal information protection management about each index. The study conducted a survey for executives and employees about PIMS. Accordingly, it presented vulnerability diagnosis items of the current management system indexes from the viewpoint of the people who establish and mange the personal information protection about patients' medical information targeting executives and employees who serve at hospitals and can access medical information.

NFC 환경에서 개인정보보호를 위한 취약점 분석 및 대책 수립 방법론 (Analysis on Vulnerability and Establishing Countermeasure Methodologies for Privacy Protection in NFC Environments)

  • 이재식;김형주;유한나;박태성;전문석
    • 정보보호학회논문지
    • /
    • 제22권2호
    • /
    • pp.357-365
    • /
    • 2012
  • NFC(Near Field Communication)는 근거리 통신 규약으로, 스마트폰 등에 적용되어 그 활용 범위가 매우 넓은 기술이다. 특히, NFC 환경에서 제공되는 서비스는 이용자의 개인정보를 활용한 서비스가 많다. 이러한 서비스에서 이용되는 개인정보는 NFC 기술적 특징 및 스마트폰으로 대표되는 NFC 기기의 특징으로 인해 기존에 없었던 새로운 취약점들이 발생하고 있다. 따라서 본 논문에서는 NFC 환경에서 발생할 수 있는 개인정보와 관련된 취약점을 기술적 관리적 제도적 측면에서 분석하는 방법론 및 그에 따른 대책 수립을 위한 방법론을 제안한다. 또한 제안된 방법론을 통하여 도출된 국내 NFC 서비스의 취약점 및 그에 따른 대책을 제시하고 있다. 본 논문에서 제안된 방법론을 통하여 NFC 환경에서 개인정보보호를 위한 다양한 대책들이 수립될 것으로 기대된다.

개인정보 영향평가 수행 사례에 기반한 기관의 개인정보보호법 대응방안에 관한 연구 (A Research on Institution's Countermeasure for Personal Information Protection Act Based on the Examples of Performing the Privacy Impact Assessment)

  • 조성규;전문석
    • 디지털산업정보학회논문지
    • /
    • 제8권1호
    • /
    • pp.89-98
    • /
    • 2012
  • According to the enforcement of Personal Information Protection Act as of September 2011, the laws and regulations for the protection of personal information that were applied only to the certain sectors such as information & communication network, financial institutions, public sector etc. for the time being has been expanded to apply to all public and private sectors to process personal information. In particular, because the public institutions are obliged to be mandatorily conducted of the Privacy Impact Assessment, it will be enforced in earnest for each agency's informationization business that handles personal information. In this paper, I examine the most derived vulnerability and set up the improvement measure to supplement it with the examples of 10 of all the institutions conducting the Privacy Impact Assessment in the year 2011. And, I suggest the measures to be prepared by the institutions to observe the Personal Information Protection Act.

주요 정보통신기반시설의 평가컨설팅 방법론에 대한 연구 (A Study on the Evaluation Consulting Methodology of Important Information Communication Base Facility)

  • 이영로;조재완
    • 디지털융복합연구
    • /
    • 제5권1호
    • /
    • pp.55-68
    • /
    • 2007
  • It soaks but 2001 July information communication base step law enforcement and the Enforcement Ordinance are published to follow, in order to support the establishment of evaluation and protective measure in order the vulnerability analysis against the facility of the agency which manages an important information communication base hour opinion to designate information protection specialty enterprise. As information protection specialty enterprise being revealed evacuation laboratory back 12 enterprises from information communication department become designation as the consulting enterprise and they do an enterprise activity actively. It follows in diffusion of the IT and information reconciliation level the other side where our country belongs in the world-wide first group, the research against the disfunction plan of preparation comparison the fact that law it is come negligently all actuality. The network as it will give management coat fatal effect even at obstacle occurrence hour of instant for of case and IT facility of the cyber transactions which leads, in the future there to be to corporate management, there is a possibility the stable civil official of information Facilities for communications very seeing in the portion which is important. Present condition and important propulsion contents of information communication base step law enforcement after, against a vulnerability analysis of information protection relation field and evaluation consulting methodological application situation to sleep it researches from the dissertation which it sees consequently and it does.

  • PDF

휴대전화 소액결제 시스템의 구조적 취약점 및 이용자 보호를 위한 표준결제창의 개선방안 (A Study on Structural Vulnerability of MobilePhone Micropayment System And Improvement of Standard Payment Module for User Protection)

  • 박광선;이상진
    • 정보보호학회논문지
    • /
    • 제23권6호
    • /
    • pp.1007-1015
    • /
    • 2013
  • 휴대전화 소액결제 시스템은 자동결제 처리 시 이용자의 점유인증을 관리하지 않는다. 콘텐츠제공사업자가 이점을 악용하면 허위 결제정보를 생성하여 이용자에게 부당한 요금을 부과할 수 있다. 이와 같은 휴대전화 소액결제 시스템의 구조적 취약점은 소액결제 이용자의 피해로 이어졌다. 이를 해결하기 위해 2012. 8. 이후 이용자의 결제 인증 강화를 위한 표준결제창이 적용되었다. 그러나 표준결제창도 부당한 이용자 피해가 발생할 수 있는 취약점이 존재하는 바 이용자 보호를 위한 개선방안을 제안하고자 한다.

스마트워크 서비스에서 정보보호를 위한 취약성 대응 방안 (Vulnerability Countermeasures for Information Security in Smart Work Services)

  • 김지석;김동수;김희완
    • 서비스연구
    • /
    • 제7권4호
    • /
    • pp.69-81
    • /
    • 2017
  • 스마트워크는 스마트기기를 활용하여 업무의 효율성을 높이는 것을 말한다. 스마트워크는 기업들의 업무 생산성을 향상시키고, 비용을 절감하여 업무효율성은 향상되지만, 이에 따른 다양한 정보보호에 대한 위협이 존재한다. 재택 근무, 모바일 오피스, 스마트워크 센타 등을 운영하기 위해서는 다양한 네트워크 자원, 서버, 플렛폼을 지원하는 하드웨어와 소프트웨어가 필요하다. 이에 따라 정보자원을 보호하는 보안 및 정보보호에 대한 취약점이 많이 발생한다. 본 논문에서는 스마트워크 서비스를 위하여 스마트워크 환경을 분석하고 정보보호관련 기준인 IOS27001 및 KISA-ISMS의 분석을 통하여 스마트워크 정보보호를 위한 취약점을 분석하였다. 정보보호 요구사항에 대하여 사용자 및 서비스 제공자 입장에서의 요구사항을 도출하였으며, 스마트워크 보안 위협 및 취약점에 대하여 공통부분, 모바일 오피스, 재택근무, 스마트워크 센터 등으로 나누어 취약점에 대한 대응방안을 제시하였다.

The Effect of Security Awareness Training on the Use of Biometric Authentication: Focusing on the Protection Motivational Behaviors

  • Jung, Seungmin;Park, Joo Yeon
    • Journal of Information Technology Applications and Management
    • /
    • 제27권2호
    • /
    • pp.1-21
    • /
    • 2020
  • The purpose of this study is to investigate the behavioral factors affecting the security attitude and intention to use biometrics password based on the protection motivation theory. This study also investigates security awareness training to understand trust, privacy, and security vulnerability regarding biometric authentication password. This empirical analysis reveals security awareness training boosts the protection motivational factors that affect on the behavior and intention of using biometric authentication passwords. This study also indicates that biometric authentication passwords can be used when the overall belief in a biometric system is present. After all, security awareness training enhances the belief of biometric passwords and increase the motivation to protect security threats. The study will provide insights into protecting security vulnerability with security awareness training.