• The Journal of Korean Institute of Information Technology
• /
• v.17 no.7
• /
• pp.123-131
• /
• 2019

In this paper, related studies were investigated by dividing them into cost-benefit analysis, security continuity services, and SW-centric calculations. The case analysis was conducted on A institutions in the United States, Japan and South Korea. Based on this, an improvement model was prepared through comparison with the current system. The SCS(Security Continuity Service) performance evaluation system-based information protection service cost calculation model is proposed. This method applies a service level agreement(SLA) and NIST Cybersecurity framework that are highly effective through cost-effectiveness analysis and calculates consideration based on characteristics, performance criteria, and weights by information protection service. This model can be used as a tool to objectively calculate the cost of information protection services at public institutions. It is also expected that this system can be established by strengthening the current recommended statutory level to the enforceability level, improving the evaluation system of state agencies and public institutions, introducing a verification system of information protection services by national certification bodies, and expanding its scope to all systems.

• Korean Journal of Social Welfare Studies
• /
• v.41 no.1
• /
• pp.85-118
• /
• 2010

This study aims to suggest an analysis method for the research on the transformation of welfare states. To this end, 'restucturization' and 'change inside the structure' were differentiated. The 'restucturization' indicates a fundamental change of the structure itself, while the 'change inside the structure' means the modification of elements inside the structure. If 'abolition', 'substitution'/'entrust' and 'introduction' occurred, the changes are considered the 'restucturization'. Then it is examined, how the competence of the public organizations for social security systems is changed after the 'restucturization'. On the basis of this evaluation measure, the changes of 'restucturization' are defined as 'public-oriented restucturization', 'private-oriented restucturization' or 'status quo'. For analyzing the 'change inside the structure', coverage, entitlement, the level and length of benefit, finance and delivery system were compared within each country. The current study applied this analysis method to the research on the transformations of social security systems of Great Britain, Sweden and Germany.

• Journal of the Society of Naval Architects of Korea
• /
• v.37 no.3
• /
• pp.69-77
• /
• 2000

This study was a part of FSA study which was initiated by IMO and was applied to hatchway watertight integrity of bulk carriers. Hazards which were involved in high risk level were identified as follows. Ship Operation out of Design Criteria(Hatch Coaming Damage) and Poor Maintenance & Inspection(Securing Arrangement Damage). The potential risk was calculated by risk analysis and risk control option was made to reduce potential risk. The potential risk was about U$60,000/ship-year and could be reduced to about U$30,000/ship-year by applying RCO 1(Advanced system directly related to Hatchway Security). In addition, effectiveness of RCOs was shown by cost benefit assessment.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.251-257
• /
• 2006

The performance of face recognition methods using subspace projection is directly related to the characteristics of their basis images, especially in the cases of local distortion or partial occlusion. In order for a subspace projection method to be robust to local distortion and partial occlusion, the basis images generated by the method should exhibit a part-based local representation. We propose an effective part-based local representation method named locally salient ICA (LS-ICA) method for face recognition that is robust to local distortion and partial occlusion. The LS-ICA method only employs locally salient information from important facial parts in order to maximize the benefit of applying the idea of 'recognition by parts.' It creates part-based local basis images by imposing additional localization constraint in the process of computing ICA architecture I basis images. We have contrasted the LS-ICA method with other part-based representations such as LNMF (Localized Non-negative Matrix Factorization)and LFA (Local Feature Analysis). Experimental results show that the LS-ICA method performs better than PCA, ICA architecture I, ICA architecture II, LFA, and LNMF methods, especially in the cases of partial occlusions and local distortion

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38C no.8
• /
• pp.651-662
• /
• 2013

In this study, we suggest the selecting evaluation method considering 6 major factors like Compliance system application (Development language conformance, Platform Compliance), threat evaluation (criticality of security incident, possibility of security incident), application benefit (Reliability / quality improvement, Modify Cost) for appropriate secure coding rule selecting evaluation. Using this method, we selected and make a set consist of 197 secure coding rules for Battlefield Management System Software. And calculated the application priority for each rules.

• Journal of Multimedia Information System
• /
• v.7 no.3
• /
• pp.215-220
• /
• 2020

Many state agencies and companies collect personal data for the purpose of providing public services and marketing activities and use it for the benefit and results of the organization. In order to prevent the spread of COVID-19 recently, personal data is being collected to understand the movements of individuals. However, due to the lack of technical and administrative measures and internal controls on collected personal information, errors and leakage of personal data have become a major social issue, and the government is aware of the importance of personal data and is promoting the protection of personal information. However, theory-based training and document-based intrusion prevention training are not effective in improving the capabilities of the privacy officer. This study analyzes the processing steps and types of accidents of personal data managed by the organization and describes measures against personal data leakage and misuse in advance. In particular, using Capture the Flag (CTF) scenarios, an evaluation platform design is proposed to respond to personal data breaches. This design was proposed as a troubleshooting method to apply ISMS-P and ISO29151 indicators to reflect the factors and solutions to personal data operational defects and to make objective measurements.

• Convergence Security Journal
• /
• v.14 no.2
• /
• pp.73-79
• /
• 2014

In the 21st century, the higher CCTV, hidden Camera, and surveillance and contra-surveillance in Cyber-space are, the higher the voices of concern about surveillance society nationally are. Nevertheless, phenomenon of panoptisme is becoming into general use. Actually, this watching system should be on the rise but this is the output playing up and advertising the positive effect of immediate convenience and offering safety that government and business made. Thus, this study wants to offer implication to warn the invasion of privacy and generalization controlled society as pointed out cause and problem of the surveillance society time according to the digital era.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.662-665
• /
• 2011

The cognitive radio (CR) network has been studied in the form of open source by vast number of communities, and the potential expectation is very high since the CR is based on reprogrammable platform. However, this characteristics of open-source software take high risk as well. As the peer-to-peer software has been abused, so high is the chance that the CR network can be abused public wide. Consequently, the benefit from the study of next-generation wireless network can be at risk because of the negative impact of violation of communication law or abusing the CR. In this contribution, we analyze the issues and the problems of the CR and discuss an efficient measure against security attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.10
• /
• pp.5153-5170
• /
• 2016

The benefit of the scalability and flexibility inherent in cloud computing motivates clients to upload data and computation to public cloud servers. Because data is placed on public clouds, which are very likely to reside outside of the trusted domain of clients, this strategy introduces concerns regarding the security of sensitive client data. Thus, to provide sufficient security for the data stored in the cloud, it is essential to encrypt sensitive data before the data are uploaded onto cloud servers. Although data encryption is considered the most effective solution for protecting sensitive data from unauthorized users, it imposes a significant amount of overhead during the query processing phase, due to the limitations of directly executing operations against encrypted data. Recently, substantial research work that addresses the execution of SQL queries against encrypted data has been conducted. However, there has been little research on top-k join query processing over encrypted data within the cloud computing environments. In this paper, we develop an efficient algorithm that processes a top-k join query against encrypted cloud data. The proposed top-k join processing algorithm is, at an early phase, able to prune unpromising data sets which are guaranteed not to produce top-k highest scores. The experiment results show that the proposed approach provides significant performance gains over the naive solution.

• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.187-199
• /
• 2021

The research aims to measure the control procedures' effectiveness, followed by the University of Northern Borders employees. A questionnaire was developed and distributed to the target sample of financial and auditing affairs employees at the university, where the researcher followed the existing descriptive-analytical approach. The researcher relied on the field survey, and statistical analysis (spss) was used. The researcher has found that the control procedures used are highly efficient in reducing public money waste. The researcher has presented recommendations that may contribute to developing the work of oversight in combating waste of public money. These recommendations include: Increase the interaction between the General Oversight Office and the internal oversight departments at the University of Northern Borders, the incentives provided to the oversight and accounting staff for their efforts to combat public money waste. It encourages them to maintain public money and work to obliging employees to undertake training courses periodically to develop their skills and rehabilitate them in line with modern control procedures. Also, more studies and scientific research on the waste of public money and types of administrative and financial Corruption and the law in all state sectors and reach conclusions and recommendations will help decision-makers amend laws and regulations to serve the public benefit of the university and the state.