• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.853-862
• /
• 2021

Today, disturbance and paralysis of information and communication infrastructure by electronic infringement of national infrastructure is emerging as a threat. Accordingly, the government regularly implements the vulnerability analysis and evaluation system of major information and communication infrastructure to protect the information system and control system of major infrastructure, and invests increased human and material resources every year to efficiently operate it. However, despite the government's efforts, as infringement accidents and attempts targeting national infrastructure continue to occur, the government's resource input to prepare the information protection foundation has little effect on the information protection activity result calculation, making the evaluation system not efficient. The question arises that it is not. Therefore, in this study, we use the DEA model to review the efficient operation of the vulnerability analysis and evaluation system for major information and communications infrastructure, and suggest improvement measures to enhance the level of information protection based on the analyzed results.

• The Journal of the Korea Contents Association
• /
• v.11 no.2
• /
• pp.79-87
• /
• 2011

Although products with the fingerprint recognition system currently show a rapid growth in quantity, it is also true that efforts to consider the product quality have been lacking until now. Accordingly, this paper analyzed technological elements with domestic and foreign market situations for products with the fingerprint recognition system to develop an evaluation model to support the quality increase by evaluating aspects of product quality for the knowledge information security, identifying the level of quality and deriving directions for improvements. A model for the reliability quality evaluation was constructed that can be applied comprehensively to non-functional elements that have not been done in the existing evaluations central to the security functions by analyzing requirements for the security, performance and reliability in consideration of features on products. It is considered that this paper can make contributions to the overall quality increase for products with the knowledge information security by reflecting features and trends for the fingerprint recognition products and building a model for the reliability and evaluation to perform evaluations by product.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.687-704
• /
• 2017

As Korea's industrial competitiveness and technological prowess increase, collaboration and technical exchanges with contracting companies are increasing. In an environment where cooperation with the contracting company is unavoidable ordering companies are also striving to prevent leakage of technologies through various security systems, policy-making and security checks. However, although the contracting companies were assessed to have a high level of security management the leakage of technical datas are steadily increasing. Issues are being raised about the effectiveness of the security management assessment and the actual security management levels. Therefore, this study suggested a security management system model to improve security management efficiency in the general contract structure. To prove this, analyze the efficiency of 36 contractor companies for the technical datas security management system using the DEA model. The results of the analysis are reflected in the assessment results. Lastly, suggestions for improving the effectiveness of the technical datas security system are proposed.

• Review of KIISC
• /
• v.13 no.4
• /
• pp.25-36
• /
• 2003

현재 미국을 비롯한 선진 국가에서는 ISO 국제 표준인 국제 공통 평가 기준 ISO/IEC 15408(CC v2.1, Common Criteria for Information Technology Security Evaluation))과 공통평가방법론(CEM, Common Methodology for Information Technology Security Evaluation)에 근거하여 IT 제품 및 시스템에 대한 보안성 평가를 하고 있다. 그러나, 현재 CC 및 CEM은 주로 IT 제품의 보안성 평가를 위한 것이며, 실제 IT 환경에서 운용되는 시스템에서 이를 적용해 평가하는데는 많은 어려움이 있다. ISO를 중심으로 각 국에서도 이와 관련해 시스템 평가에 CC를 적용하기 위한 방법론이 검토 중에 있다. 그리고 현재 개발 진행중이거나 시장에 출시된 많은 제품이 여러 단일 제품이 합성된 통합제품 형태로 구성되고 있는 추세이며, 이는 시스템 평가 문제와 더불어 향후 CC 기반의 평가를 활성화시키기 위해 풀어야 할 문제로 제기되고 있다. 본고에서는 각 국에서 추진 중인 시스템 평가 동향을 살펴보고, 현재 ISO/IEC SC27/WG3에 표준화로 제안된 "Security Assessment of Operational System"에 대해 살펴보고자 한다.자 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.341-353
• /
• 2022

Conglomerates are strengthening cooperative relations by sharing information and dispatching manpower with each other to improve the overall competitiveness and technology of the group, including affiliates, and to enhance synergy. As a result, we are making every effort to increase the level of information protection of the entire group, but information leakage accidents that bypass affiliates and partner companies continue to occur. In addition, the results of the evaluation of the security management system of affiliates conducted by the parent company and the effectiveness of the actual security level have been raised. In addition, each company has limited resources that can be put into security management, so it is time for an more efficient security management system than ever before. In this study, the efficiency of operating the security management system of affiliates of steel companies is reviewed using the DEA-SBM model, and based on the analysis results, improvement measures to improve the level of security management are suggested.

• Journal of Aerospace System Engineering
• /
• v.18 no.2
• /
• pp.87-94
• /
• 2024

The International Civil Aviation Organization (ICAO) has set up the Global Aviation Security Plan (GASeP), which urges member states to transition to more advanced security systems. This paper examines advanced aviation security policies and technologies at both domestic and international levels, and also investigates the underlying reasons for the challenges faced in establishing an advanced security system in the Republic of Korea. Based on this analysis, we propose effective strategies for deploying advanced security equipment at domestic airports, taking into consideration their respective classifications. Additionally, we identify the need for establishing new technological standards to introduce an advanced aviation security system, and provide evaluation criteria for the maintenance and management of technology to ensure the smooth operation of advanced security equipment.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.9
• /
• pp.99-107
• /
• 2010

This paper showed that the integrated system to fortify security was much more efficient than the respective system through the analysis of problems from Firewall and IPS system in the existing security systems. The results of problem analysis revealed that there were the delay of processing time and lack of efficiency in the existing security systems. Accordingly, their performance was evaluated by using the separated Firewall, IPS system, and the integrated system. The result of evaluation shows that the integrated security system this paper suggested is five times faster than the existing one in terms of processing speed of response. This paper demonstrated the excellence of the proposed security system is also more than fivefold in session handling per second and six times process speeding in the CPU processing performance. In addition, several security policies are applied, and it provided a fact that it gave an excellent performance when it comes to protecting from harmful traffic attacks. In conclusion, this paper emphasized that fortifying the integrated security system was more efficient than fortifying the existing one considering in various respects such as cost, management, time, space and so on.

• Convergence Security Journal
• /
• v.14 no.7
• /
• pp.23-28
• /
• 2014

This study proposes the design and implementation of the system for a facial expression recognition system. LDP(Local Directional Pattern) feature computes the edge response in a different direction from a pixel with the relationship of neighbor pixels. It is necessary to be estimated that LDP code can represent facial features correctly under various conditions. In this respect, we build the system of facial expression recognition to test LDP performance quickly and the proposed evaluation system consists of six components. we experiment the recognition rate with local micro patterns (LDP, Gabor, LBP) in the proposed evaluation system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.999-1007
• /
• 2018

To implement crowdsensing system in reality, trustiness between service provider server and user is necessary. Service provider server could manipulate the evaluation of sensing data to reduce incentive. Moreover, user could send a fake sensing data to get unjust incentive. In this paper, we adopt private blockchain on crowdsensing system, and thus paid incentives and sent data are unmodifiablely recorded. It makes server and users act as watcher of each others. Through adopting smart contract, our system automates sensing data evaluation and opens to users how it works. Finally, we show the feasibility of proposing system with performance evaluation and comparison with other systems.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.117-120
• /
• 2002

이 논문에서는 전자상거래에서의 안전하고 신뢰할 수 있는 이용여건을 마련하기 위해 자율규제로 추진되고 있는 국내외 인터넷 평가모델에 대한 분석과 효율적인 전자상거래 인증· 평가모델을 제시한다.