• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.11
• /
• pp.4163-4183
• /
• 2021

As measures for protecting users and ensuring security of electronic financial transactions, such as online banking, financial institutions in South Korea have implemented network segregation policies. However, a revision of such domain-centered standardized network segregation policies has been increasingly requested because of: 1) increased demand for remote work due to changes resulting from COVID-19 pandemic; and 2) the difficulty of applying new technologies of fintech companies based on information and communications technologies (ICTs) such as cloud services. Therefore, in this study, problems of the remote work environment arising from the network segregation policy currently applied to the financial sector in South Korea and those from the application of new ICTs such as fintech technology have been investigated. In addition, internal network protection policies of foreign financial sectors, such as those of the United States, United Kingdom, European Union, and Russia, and internal network protection policies of non-financial sectors, such as control systems, have been analyzed. As measures for the effective improvement of the current network segregation policy, we propose a policy change from domain-based to data-centric network segregation. Furthermore, to resolve threats of hacking at remote work, recently emerging as a global problem due to COVID-19 pandemic, a standard model for remote work system development applicable to financial companies and a reinforced terminal security model are presented, and an alternative control method applicable when network segregation is not applied is proposed.

• Journal of Positioning, Navigation, and Timing
• /
• v.13 no.2
• /
• pp.131-136
• /
• 2024

This paper deal with a method for calculating the continuity of Korea Augmentation Satellite System (KASS), which was completed in Korea in December 2023, and a plan to respond in the event that a continuity hazard situation occurs during operation. For this purpose, the International Civil Aviation Organization (ICAO) Satellite Based Augmentation System (SBAS) continuity standards, Wide Area Augmentation System (WAAS), and European Geostationary Navigation Overlay Service (EGNOS) continuity cases are examined in this paper. According to the measures recommended by the ICAO, when the number of continuity risks exceeds a certain level and the level drops drastically, various mitigation operations by country are implemented. Through this, if KASS does not meet ICAO continuity standards in the future, such measures can be referred to. In addition, this paper computes the short-term KASS continuity during the test broadcast period. Although continuity does not meet the ICAO standards, although this test period is too short, further meaningful analysis in the future is required. Additionally, this paper carried out an analysis of the timing and period to systematically calculate the meaningful value of continuity.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.7
• /
• pp.109-115
• /
• 2024

Overleaf is a cloud-based LaTeX editor, allowing users to easily create and collaborate on documents without the need for separate LaTeX installation or configuration. Thanks to this convenience, users from various fields worldwide are writing, editing, and collaborating on academic papers, reports, and more via web browsers. However, the caching that occurs during the process of converting documents written on Overleaf to PDF format poses risks of exposing sensitive information. This could potentially lead to the exposure of users' work to others, necessitating the implementation of security measures and vigilance to caution against such incidents. This paper delves into an in-depth analysis of Overleaf's security vulnerabilities and proposes various measures to enhance the protection of intellectual property.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.37
• /
• pp.217-250
• /
• 2008

The International Ship and Port Facility Security (ISPS) Code which was developed as the main response of the shipping sector to the miserable event of 11 September 2001 came into effect on 1 July 2004. The ISPS Code designed to detect and eliminate security threats affecting ships and port facilities used in international trade will significantly impact not only on the management and operation of the shipping industry but also on maritime law despite the fact that it is the regulatory framework of public law. It is expected that implementing the ISPS Code will contribute to reinforcement of maritime security on the one hand. However, on the other hand, more intensified security inspection and control measures of port states will also cause delay and additional costs which cause uncertainty in allocating security risk and cost between the contracting parties. Therefore, it is desire to insert new security clause dealing with main security issues or adapt existing clauses to new shipping environments to minimize disputes.

• Convergence Security Journal
• /
• v.11 no.2
• /
• pp.3-11
• /
• 2011

Today the protection of high-tech is one of the most important requirements to survive in competition between companies or countries. In these circumstances, government's industrial security activities have been transformed into independent activities of the private center. So, Company has introduced a high-tech security system for the sake of Technology protect. But, Several Security Incident have occurred in recent years, and so New security measures became necessary. In this study, I will suggest a new high-technology protection system model Using the social engineering techniques to analyze security threats.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.14 no.4
• /
• pp.219-228
• /
• 2018

The utilization of NFC has been continuously increasing due to the spread of smart phones and the development of short-range wireless communication networks. However, it has been suggested that stability and security of convenient NFC short-range wireless communications can be unstable and problematic. The unstable causes for NFC are the lack of security technologies for NFC, the controversy about personal information infringement, and the lack of social awareness on security breach against data settlement. NFC service can be conveniently used by simply touching other NFC devices and NFC tags through the NFC device. This thesis analyzes that NFC authentication technology, which is convenient for user are one of the unstable causes of security of NFC. This thesis suggest that ministry should research countermeasures and promote how users can use NFC safely. It also suggests that users should have awareness when they use payment and authentication service through NFC to prevent from security threat.

• International journal of advanced smart convergence
• /
• v.13 no.2
• /
• pp.25-34
• /
• 2024

The paper investigates how the semiconductor and electric vehicle industries are addressing safety and security concerns in the era of autonomous driving, emphasizing the prioritization of safety over security for market competitiveness. Collaboration between these sectors is deemed essential for maintaining competitiveness and value. The research suggests solutions such as advanced autonomous driving technologies and enhanced battery safety measures, with the integration of AI chips playing a pivotal role. However, challenges persist, including the limitations of big data and potential errors in semiconductor-related issues. Legacy automotive manufacturers are transitioning towards software-driven cars, leveraging artificial intelligence to mitigate risks associated with safety and security. Conflicting safety expectations and security concerns can lead to accidents, underscoring the continuous need for safety improvements. We analyzed the expansion of electric vehicles as a means to enhance safety within a framework of converging security concerns, with AI chips being instrumental in this process. Ultimately, the paper advocates for informed safety and security decisions to drive technological advancements in electric vehicles, ensuring significant strides in safety innovation.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.9
• /
• pp.81-90
• /
• 2020

In order to operate multi drone efficiently, existing control methods must be improved, and drones must be able to construct communication networks autonomously. FANET(Flying Ad-Hoc Network), which is being considered as an alternative to solving these problems, is based on ad hoc network technology and can be exposed to a variety of security vulnerabilities. However, due to the limited computational power and memory of FANET nodes, and rapid and frequent changes in network topology, it is not easy to apply the existing security measures to FANET without modification. Thus, this paper proposes lightweight security measures applicable to FANET, which have distinct characteristics from existing ad hoc networks by utilizing PUF technology. The proposed security measures utilize unique values generated by non-replicable PUFs to increase the safety of AODV, FANET's reactive routing protocol, and are resistant to various attacks.

• Convergence Security Journal
• /
• v.14 no.4
• /
• pp.109-116
• /
• 2014

Personal information leakage in financial corporations including three card corporations has occurred constantly this year. It is due to incomplete encryption system and negligent personal security. Solicitors are known as a cause of information leakage because they operate with leaked information. Information leakage can cause secondary damage with mental demage to person and result in a drop in reliability as well as an operating loss in financial corporations. Also because it can destroy a base of credit society, prevention of recurrence is badly needed. The government finally announced 'general measures for prevention of information leakage in the field of finance' with sanctions reinforcement and restriction to collect, possess, provide personal information as the main agenda. And a related law revision is going in the National Assembly. In this paper, effectiveness of government measures is weighed with the cause analysis of information leakage and countermeasure for prevention of information leakage is found.

• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.125-137
• /
• 2023

Companies that handle sensitive information, led by public institutions, establish separate networks for work and the Internet and protect important data through strong access control measures to prevent cyber attacks. Therefore, systems that involve the junction where the Intranet(internal LAN for work purposes only) and the Internet network are connected require the establishment of a safe security environment through both administrative and technical measures. Mobile Device Management(MDM) solutions to control mobile devices used by institutions are one such example. As this system operates by handling sensitive information such as mobile device information and user information on the Internet network, stringent security measures are required during operation. In this study, a model was proposed to manage sensitive information data processing in systems that must operate on the Internet network by managing it on the internal work network, and the function design and implementation were centered on an MDM solution based on a network interconnection solution.