• Journal of Digital Convergence
• /
• v.15 no.8
• /
• pp.195-202
• /
• 2017

Unmanned Aerial Vehicles (UAV) have mostly been used for military purposes but with the progress in ICT and reduced manufacturing costs, they are increasingly used for various private services. UAVs are expected to carry out autonomous flying in the future. In order to carry out complex tasks, swarm flights are essential. Although the swarm flights has been researched a lot due to its different network and infrastructure from the existing UAV system, There are still not enough study on security threats and requirements for the secure swarm flights. In this paper, to solve these problems, UAV autonomous flight technology is defined based on US Army Corps of Engineers (USACE) and Air Force Research Laboratory (AFRL), and swarm flights and security threat about it are classified. And then we defined and compared security requirements according to security threats of each swarm flights so as to contribute to the development of secure UAC swarm flights in the future.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.11
• /
• pp.105-114
• /
• 2020

In this paper, we address security issues in 5G non-public networks for industrial applications. In contrast to public networks that offer mobile network services to the general public, 5G non-public networks provide 5G network services to a clearly defined user organization or groups of organizations, and they are deployed on the organization's defined premises, such as a campus or a factory. The main goal of this paper is to derive security threats and potential security requirements in the case that 5G non-public networks are built for discrete and process industries according to the four deployment models of 5G-ACIA (5G Alliance for Connected Industries and Automation). In order to clarify the scope of this paper, we express the security toolbox to be applied to 5G non-public networks in the form of the defense in depth concept. Security issues related to general 5G mobile communication services are not within the scope of this paper. We then derive the security issues to consider when applying the 5G-ACIA deployment models to the industrial domain. The security issues are divided into three categories, and they are described in the order of overview, security threats, and potential security requirements.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.2
• /
• pp.865-882
• /
• 2017

To improve passenger convenience and safety, today's vehicle is evolving into a "connected vehicle," which mounts various sensors, electronic control devices, and wired/wireless communication devices. However, as the number of connections to external networks via the various electronic devices of connected vehicles increases and the internal structures of vehicles become more complex, there is an increasing chance of encountering issues such as malfunctions due to various functional defects and hacking. Recalls and indemnifications due to such hacking or defects, which may occur as vehicles evolve into connected vehicles, are becoming a new risk for automakers, causing devastating financial losses. Therefore, automakers need to make voluntary efforts to comply with security ethics and strengthen their responsibilities. In this study, we investigated potential security issues that may occur under a connected vehicle environment (vehicle-to-vehicle, vehicle-to-infrastructure, and internal communication). Furthermore, we analyzed several case studies related to automaker's legal risks and responsibilities and identified the security requirements and necessary roles to be played by each player in the automobile development process (design, manufacturing, sales, and post-sales management) to enhance their responsibility, along with measures to manage their legal risks.

• Journal of the Korea Convergence Society
• /
• v.9 no.5
• /
• pp.27-32
• /
• 2018

IoT technology is developing with various application areas in $4^{th}$ Industrial revolution. There are many users using the application services. Sensing data from various environment need to be transferred to cloud computing storage and store in the cloud storage. However, physical distance from the end node to cloud computing storage is far away, and it is not efficient to transfer data from sensors and store the sensing data in the cloud storage whenever sensing data happen. Therefore, Fog computing is proposed to solve these problems which can process and store the sensing data. However, Fog computing is new emerging technology, there is no standard security model and requirements. This research proposes to security requirements and security model for Fog computing to establish a secure and efficient cloud computing environment.

• Journal of Korea Society of Industrial Information Systems
• /
• v.16 no.5
• /
• pp.163-171
• /
• 2011

In e-commerce environment, security should be considered as an essential factor for success. In this paper, we analyze security requirements for e-commerce system, and it is focused on the practical usage, not theoretical contribution, in the field of e-commerce security. To identify the security requirements being specific to e-commerce environment, the researches related to e-commerce security are surveyed and a phase of Delphi method and Analytic Hierarchy Process(AHP) are used to determine the relative importance of e-commerce security factors. Since researchers and practitioners can have significantly different views because of each different work environment, we divide the professionals into two respondents' group. This survey result can be useful security guidelines in the development of e-commerce service system from the initial system development step to the completion.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.7 no.2
• /
• pp.175-188
• /
• 2017

Radio-frequency identification (RFID) is being used in various fields as a technology for identifying objects (people, things etc.) using radio frequencies. In the past, there was an attempt to apply RFID into national defense, but failed to spread RFID in the defense field because of some limitations of RFID in a specific situation (e.g., low recognition rate). Therefore, in this paper, we propose how to overcome the limitation of RFID by adopting the Internet of Things (IoT) technology which is considered as an important technology of the future. Furthermore, we propose four scenarios (i.e., healcare band and RFID, identification and anormal state detection, access control, and confidential document management) that can be used for enhancing national defense security. In addition, we analyze the basic characteristics and security requirements of RFID and IoT in order to effectively apply each technology and improve security level.

• Electronics and Telecommunications Trends
• /
• v.38 no.4
• /
• pp.1-11
• /
• 2023

Trade rules in service and digital sectors mainly focus on reducing regulatory uncertainties by improving transparency and minimizing unnecessary requirements. Recognizing the importance of digital trade rules and trade in information and communication technology (ICT) sectors, governments worldwide have rapidly adopted and expanded rules on free flow of data, personal data protection, electronic authentication, and cybersecurity. On the other hand, advances in technology have led governments to face multiple threats related to cybersecurity, intellectual property (including that related to source code and algorithms), and unauthorized access to proprietary information of their suppliers. This study presents digital trade rules related to digital security emphasizing cybersecurity, source code, and ICT products that use cryptography in different trade agreements. Additionally, it introduces various approaches that major countries are taking to both address digital security issues and seek balance between security enhancement and trade liberalization.

• Korean Management Science Review
• /
• v.17 no.1
• /
• pp.145-158
• /
• 2000

The medical records of diagnostic and testing information include sensitive personal information that reveals some of the most intimate aspects of an individual's life. The hospital information system (HIS) operates in a state of high risk which may lead to the possible loss to the IS resources caused by various threats. This research addresses twofold : (1) to perform asset identification ad valuation and (2) to recommend countermeasures for secure HIS network using case studies This paper applied a risk management tool CRAMM (Central Computer and Tele-communications Agency's Risk Analysis and Management Method) to assess asset values and suggest countermeasures for the security of computerized medical information of two large hospitals in Korea. CRAMM countermeasures are recommended at the reference sites from the network security requirements of system utilized for the diagnosis and treatment of patients. The results of the study will enhance the awareness of IS risk management by IS managers.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.4
• /
• pp.1493-1515
• /
• 2015

A smart meter is one of the core components in Advanced Metering Infrastructure (AMI) that is responsible for providing effective control and monitor of electrical energy consumptions. The multifunction tasks that a smart meter carries out such as facilitating two-way communication between utility providers and consumers, managing metering data, delivering anomalies reports, analyzing fault and power quality, simply show that there are huge amount of data exchange in smart metering networks (SMNs). These data are prone to security threats due to high dependability of SMNs on Internet-based communication, which is highly insecure. Therefore, there is a need to identify all possible security threats over this network and propose suitable countermeasures for securing the communication between smart meters and utility provider office. This paper studies the architecture of the smart grid communication networks, focuses on smart metering networks and discusses how such networks can be vulnerable to security attacks. This paper also presents current mechanisms that have been used to secure the smart metering networks from specific type of attacks in SMNs. Moreover, we highlight several open issues related to the security and privacy of SMNs which we anticipate could serve as baseline for future research directions.

• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 2002.05a
• /
• pp.724-728
• /
• 2002

This paper considers a security framework for geographic information System(GIS). The GIS is an information system for supporting fast decision associated spacial problems and the system has a role of infra structure of the information system. The security is also one of the major technology for information system. However, researches on secure GIS are presented little and this paper considers the secure GIS. This paper suggest a framework for the secure GIS based on derived requirements on the secure system. Analysis on security for a serial, parallel and hierarchical secure system is also added.