• Journal of Digital Convergence
• /
• v.17 no.1
• /
• pp.347-356
• /
• 2019

Recently, the liberalization of industrial control systems has been accompanied by a major change in the structural paradigm of information systems in the public and public sectors, and potential cyber security problems in the future major infrastructure control systems that cannot respond to the level of security of existing information systems. To cope with this, a cyber security evaluation tool that can evaluate security vulnerability in three dimensions against various infrastructure control system environment is needed. However, a cyber security evaluation in the domestic environments does not have the concept of the current security status and satisfy settings of the infrastructure. Also, the most of items in that environments have had short-term inspection themselves which makes a limitation by a technical area. In order to overcome this problems, many researches are needed to apply CSET (Cyber Security Evaluation Tool) which is the US cyber security evaluation tool to the control environment of various domestic infrastructure. In this paper, first, we analyze methods to apply to the major domain through the analysis of various case studies on existing security assessement tools. Finally, we discuss future directions.

• Korean Security Journal
• /
• no.2
• /
• pp.259-289
• /
• 1999

The Security Industry has dynamic working conditions. So this study intends to find the advisable direction for the reduction of accidents. To achieve the aim, the investigation of documents and the examinations of actual proofs have been done to figure the theoretical background and to see the basic knowledge of security industry. The questionnaire was composed of two question sheets to search real data and actual proofs, with making targets of pure security organization and personnel. The one consists of 9 questions to find the scale and extent of security organizations and the population and character of security personnel, and the other 25 questions in 3 major areas to analyze the causes, the frequency rates, the factors, and the condition of accidents. The period of survey was July 15th to October 15th in 1997 by mail/telephone/interview. The questionnaires were efficiently returned from 102 different organizations including the public security groups of Seoul Metropolitan Police Bureau and so on, with the information of 8,222 persons having worked for Korean Security Industry in 1996. So being based on the reality, some meaningful facts were found, and were compared with the national statistics of the Government. This study is made up of 5 chapters : in the 1st chapter the motivation, the object, the method, the direction and the limitation of the approach were presented ,in the 2nd chapter the theoretical background were inferred ; in the 3rd chapter the collected data of accidents in Korean Security Industry were analyzed and explained on the base of the questionnaires , in the 4th chapter the advisable facts connected with preventing accidents were mentioned ; in the last the conclusion were stated. With the replies of 102 different organizations including the information of 8,222 persons in 1996, the main facts found or analyzed through this study are as follows. Firstly, accident is an unpredictable and occasional event. It occurs to man and/or thing, but the frequency rate of accidents in Korean Government and other Institutes has been calculated and evaluated only in the point of the accident related with man. Secondly, the factors of accidents are firstly relevant to the way preventing accidents in Security Industry in Korea. However the frequency rate is academically calculated and evaluated by at once man(population) and hour(time). But the Government has done the rate only by man(population). This can be improper and inaccurate rates. Thirdly, the confused concept of security is used in Korean Government, academic society, corporation and so on. Therefore the detailed formation of the concept is needed for the development of Security Industry in Korea. Fourthly, security organizations can be classified into 'public security(public law enforcement)' and 'private security' according to its identification, and furthermore 'private security' can be divided into 'facilities-guard service', 'body-guard service', and 'patrol service' according to its major role. Fifthly, in the viewpoint of the number of both organization and population,'facilities-guard service' is centered in Korean 'private security'. According to the analyzed results of the questionnaires in this study, the frequency rate of accidents of Korean Security Industry is 0.43(%) totally in 1996 : 'facilities-guard service' 0.54(%), 'body-guard service' 0.12(%), and 'patrol service' 0.21(%) in 'private security', and 'public security' 0.20(%). With regard to the accident frequency rate of organization and population, 'facilities-guard service' is the highest. The accident frequency rate of population in 'facilities-guard service' organization ranges dispersively from 0.20(%) to 11.11(%). Sixthly, the accidented rate of workers having serviced for under one year is 57.6(%). This can mean that the main factor of accidents in Korean Security Industry is the lack of role-understanding and training/education. And another factor can be found on the time of accident occurrence. Many accidents have been occurred on the relaxed points like as just after lunch and morning rush-hour. Lastly, the major advisable facts related to preventing accidents are as follows : The workers who are over fifty years old in 'facilities-guard service' organization need to be educated for preventing accidents ; It is desirable that the training and education to prevent accidents should be practiced in the time of pre-service ; As the style of accidents and the age of the accidented are not same according to major service area('public security' and 'private security' : 'facilities-guard service', 'body-guard service', and 'patrol service'), the plans to prevent accidents must be different and various. However fracture and bruise are general accidents in Korean Security Industry ; Workers must care about traffic accident and violent fall ; It seems that the grouped working with other two persons will reduce accident occurrence possibility rather than individually single working.

• Journal of Navigation and Port Research
• /
• v.36 no.1
• /
• pp.1-7
• /
• 2012

A concept of the "e-Navigation" was introduced in 2005 and implementation strategies are under way by IMO/IALA in the maritime safety area. Specially VTS is an important maritime traffic monitoring and aids to navigation system which is aims to improve safety, navigation efficiency and protect the marine environment. The demand of the inter-VTS networking has been increased and standardization is underway for realization of shore side collaboration for maritime safety in IALA. But there may be security problems in the inter-VTS networks if they have not proper security mechanism. The hacking of realtime ship position and sensitive maritime surveillance information caused a critical accident of vessel, human life and environment by terrorist. This paper aims to design of a secure inter-VTS network structure and related security protocol for secure sharing of sensitive maritime data.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.3
• /
• pp.53-60
• /
• 2017

The purpose of this study is to provide empirical and quantitative analysis on user's perceived privacy, security, and user satisfaction when providing visualization information about objects and service provider behaviors that users can not perceive in internet service process. Through previous research, we have examined the importance of privacy and security factors as a key factor to be considered for the characteristics of the Internet of things and the Internet of things. In addition, service blueprint, which is one of the service design methodologies to examine the flow of service usage in providing Internet service of things, was examined. In the flow of things internet service utilization, it is found that the things that are out of the user's cognitive area and the behavior of the service provider take up a large part. Therefore, the hypothesis that the trust of the Internet service security and the satisfaction of the user experience can be improved by providing the security visualization information about the behavior of the object and the invisible service provider in the non-contact aspect of the user and the object. In order to verify the hypothesis, we conducted experiments and questionnaires on the use of virtual objects' internet environment and conducted statistical analysis based on them. As a result, it was analyzed that visual information feedback on non - contact and invisible objects and service provider's behaviors had a positive effect on user's perceived privacy, security, and satisfaction. In addition, we conclude that it can be used as a service design evaluation tool to eliminate psychological anxiety about security and to improve satisfaction in internet service design. We hope that this research will be a great help for the research on application method of service design method in Internet environment of objects.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.261-264
• /
• 2008

IPv6 has been proposed and deployed to cater the shortage of IPv4 addresses. It is expected to foresee mobile phones, pocket PCs, home devices and any other kind of network capable devices to be connected to the Internet with the introduction and deployment of IPv6. This scenario will bring in more challenges to the existing network infrastructure especially in the network security area. Firewalls are the simplest and the most basic form of protection to ensure network security. Nowadays, firewalls' usage has been extended from not only to protect the whole network but also appear as software firewalls to protect each network devices. IPv6 and IPv4 are not interoperable as there are separate networking stacks for each protocol. Therefore, the existing states of the art in firewalling need to be reengineered. In our context here, we pay attention only to the IPv6 firewalls configuration anomalies without considering other factors. Pre-evaluation of security risk is important in any organization especially a large scale network deployment where an add on rules to the firewall may affect the up and running network. We proposed a new probabilistic based model to evaluate the security risks based on examining the existing firewall rules. Hence, the network administrators can pre-evaluate the possible risk incurred in their current network security implementation in the IPv6 network. The outcome from our proposed pre-evaluation model will be the possibilities in percentage that the IPv6 firewall is configured wrongly or insecurely where known attacks such as DoS attack, Probation attack, Renumbering attack and etc can be launched easily. Besides that, we suggest and recommend few important rules set that should be included in configuring IPv6 firewall rules.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.241-243
• /
• 2016

In the Past, Trend of car security was Physical Something like doorlock system, and The Generation did not have skills connecting External devices. Through Car Development is up, that trend of car security Changed Physical Security to Intelligence Security. This Changes give a chance to hackers to attack this system. This System use CAN(Controller Area Network) Protocol which have three vulnerabilities. First, ID Spoofing, Twice, D - Dos Attack, Third, Android Application Injected Modern cars have many ECU(Electronic Control Unit) to control devices like Engine ON/OFF, Door Lock Handling, and Controlling Handle. Because CAN Protocol spread signal using broadcast, Hackers can get the signal very easily, and Those often use Mobile devices like Android or IOS to attack this system. if bluetooth signal is spread wide, hackers get the signal, and analysis the bluetooth data, so then They makes certain data to attack ECU, they send the data to ECU, and control ECU installed car. so I suggest that I will prevent this attack to make Auth system and prevent this attack in end of Android.

• Journal of the Korea Safety Management & Science
• /
• v.5 no.3
• /
• pp.81-98
• /
• 2003

In modern society, there are diverse sorts of VIPs including a king and individuals. Some like a king or president are in need of professional secret services, and others become VIPs by being guarded by a bodyguard company at their own request. The former is called a public guard, and the latter is a private one. In the field of the public guard, the nation should be furnished with a guard system in consideration of political circumstances to protect VIPs. That is, the parliamentary cabinet system and presidential system call for a different guard system, and the guard system's professional features vary to some degree with political situations and cultural climate. If the ultimate goal of guard is to protect the chief of the democratic and open state in a most efficient and safe manner, it's mandatorily necessary to set up a professional and specialized guard organization to provide democratic and efficient secret services. It's desired that the domestic presidential guard division should be staffed with not only expert guards but other personnels dispatched from the military and police. In the police, guard mission is splitted among various guard and security agencies, including the National Police Agency's public security bureau or the Seoul Metropolitan Police Agency's public security division, 101 security unit, mobile police and 22 special guard division. As a chain of command is separated and it's difficult to manage such organizations effectively, the National Police Agency should be exclusively in charge of VIP guard and security. In the area of private guard, the private police system has shared national security task as a middle organization between the private police and private guard. But now its intent has gradually weakened, and its mission should be redefined. In addition, the way people look at private guard should change, and they should be well informed that it could serve to prevent possible crimes, protect them against crimes and get rid of their inconveniences. To make a good impression on people, the guard associations and businesses should put their efforts into reinforcing publicity activities, and the government, academic circles and press should team up with them as well.

• Convergence Security Journal
• /
• v.12 no.2
• /
• pp.33-41
• /
• 2012

Important crime prevention is emphasized. Depending on the type of criminal act itself, but with many material and human damage because it is a threat to the safety of civil life. The traditional police power of the police in patrolling the derailment by the diversification of the crime, globalization, organizing, specialization, and ferocious anger by far exceeds the capabilities of the police crime prevention are occurring. Civilian police crime prevention organizations in the area of the region as a base for complementary activities, and even if the purpose of commercial availability, but many organizations is the autonomous and spontaneous personality voluntary work civic life is to serve as the safety fence. But that suits the role of these organizations and social support and lack of institutional support and practical and effective crime prevention activities has not been effective. Law reform and the role of the Organization for the maintenance of redundancy, or a series of systematic effort to equip networks and take advantage of the functional and has been factory.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.2
• /
• pp.1370-1374
• /
• 2015

Lighting improvements are needed for adequate operation of security installations according to the turn of scientific policing instead of human policing. The basic principles of security lighting is to provide sufficient lighting over a specific area so that anyone moving in or around can be seen easily. Also, in security lighting, illuminance and uniformity are to be considered for clearing of CCTV screen through the lighting improvement. To achieve such goals, each pole is to be considered of the height and the space of luminaries as well as the wattage and the type of lamps. In this paper, the lighting designs show the adequate operations of fence security systems through the actual measurement of illuminance by mock-up and the illuminance analyses for obtaining proper illuminance and uniformity value to keep brightness of CCTV screen able to confirm objects considering characteristics of CCTV monitor by simulations.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.8 no.4
• /
• pp.788-794
• /
• 2007

The policy of US DoD is moving towards implementation of Network Centric Warfare(NCW) concepts. NCW is commonly described as the integration and synchronization of four key interdependent elements such as command and control, sensor system, engagement systems and the network. Therefore the military policy of Korea military is needed to access and examine the policy of NCW communication environment and crypto communication, which is able to apply it. In this case study, We are reviewed the security framework of the concept of network centric warfare in the centering around the US. It is introduced the core technology in the network centric warfare, and it is reviewed the security framework such as, the requirements of security, the characteristics security of global information grid, joint tactical radion system, net centric enterprise services, transformational communication satellite, in the basis of core technology, and analysis the effect of crypto communication relay between command node and surbornate node in NCW environment. This report support the assistance, which is considered the elements of surrounding effects in the varied crypto communication research area of NCW.