• Journal of Information Processing Systems
• /
• v.1 no.1 s.1
• /
• pp.75-78
• /
• 2005

Although many tests for stabilization of the software have been done, vulnerability test for a system run by combination of the software of various products has not been conducted enough. This has led to increased threats and vulnerability of system. Especially, web-based software system, which is public, has inherent possibility of exposure to attacks and is likely to be seriously damaged by an accident. Consequently, comprehensive and systematic test plans and techniques are required. Moreover, it is necessary to establish a procedure for managing and handling the results of vulnerability test. This paper proposes vulnerability test plans and designs for implementing automated tools, both of which can be complied with on web-based software systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.4
• /
• pp.669-679
• /
• 2014

This study introduces server-side security-oriented framework for smart financial service. Most of domestic financial institutions providing e-banking services have employed server-side framework which implement service-oriented architecture. Because such architecture accommodates business and security requirements at the same time, institutions are struggling to cope with the security incidents efficiently. The thesis suggests that separating security areas from business areas in the frameworks makes users to be able to apply security policies in real time without considering how these policies may affect business transactions. Security-oriented frameworks support rapid and effective countermeasures against security threats. Furthermore, plans to avoid significant changes on existing system when institutions implement these frameworks are discussed in the report.

• Journal of the Korean Home Economics Association
• /
• v.36 no.5
• /
• pp.125-135
• /
• 1998

The purpose of this study is to investigate the overall levels of the middle-aged employed men's attitudes toward retirement and plans for post-retirement life, and to explore the relative effects of personal, family, and job characteristics on retirement attitude and the level of retirement plan. The data were collected from the 438 middle-aged (ranging from 41 to 50) employed men through the structured questionnaires. The data were analyzed using frequency, percentile, average, standard deviation, and multiple regression analysis. The results of the data analysis show that most of the respondents had neither positive nor negative attitude toward retirement and the level of planning for post-retirement life was slightly higher than average score on the scale. Next, the positive attitudes of middle-aged employed men toward retirement were observed from those who have higher education, larger household income, higher job security and lower job stress respondents who hold professional, administrative, or official jobs were more positive toward retirement than those who hold professional, administrative, or official jobs were more positive toward retirement than those who hold manufacturing or sales job. A well-planned post-retirement life was found among those who have better health, higher job satisfaction, job security and job orientation. Job characteristic variables such as job security and job satisfaction showed stronger impact than personal or family ones on the attitude toward retirement and the level of retirement planning. Household income and health also had significant effects.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.9 no.2
• /
• pp.261-266
• /
• 2014

The current status of domestic monitoring centers was reviewed and the pattern-based security monitoring system and the centralized security monitoring system, both of which are the characteristics of security monitoring systems, were analyzed together with their advantages and disadvantages. In addition, as for a development plan of domestic security monitoring systems, in order to improve the problems of the existing pattern-based centralized monitoring system, Honeynet and Darknet, which are based on anomalous behavior detection, were analyzed and their application plans were described.

• Fire Science and Engineering
• /
• v.20 no.4 s.64
• /
• pp.42-57
• /
• 2006

This study suggests improvement plans : safety check system security through combination in stages, unification of fire inspection, enterprising security of prevention work, enforcement of certificate of qualification for safety, activation of civil partner-ship of fire disaster prevention through contrast prevention work of administrative service with civil mind and an in-depth analysis : dispersed and duplicated management current safety check service, improper commission collection, immorality diffusion of involved, potential irregularities causes, deficit of professionalism security.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.11
• /
• pp.75-84
• /
• 2018

Social engineering attack means to get information of Social engineering attack means to get information of opponent without technical attack or to induce opponent to provide information directly. In particular, social engineering does not approach opponents through technical attacks, so it is difficult to prevent all attacks with high-tech security equipment. Each company plans employee education and social training as a countermeasure to prevent social engineering. However, it is difficult for a security officer to obtain a practical education(training) effect, and it is also difficult to measure it visually. Therefore, to measure the social engineering threat, we use the results of social engineering training result to calculate the risk by system asset and propose a attack graph based probability. The security officer uses the results of social engineering training to analyze the security threats by asset and suggests a framework for quick security response. Through the framework presented in this paper, we measure the qualitative social engineering threats, collect system asset information, and calculate the asset risk to generate probability based attack graphs. As a result, the security officer can graphically monitor the degree of vulnerability of the asset's authority system, asset information and preferences along with social engineering training results. It aims to make it practical for companies to utilize as a key indicator for establishing a systematic security strategy in the enterprise.

• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.9-17
• /
• 2021

Numerous IoT devices are connected to a wireless network environment to collect and transmit data without time and space limitations, but many security vulnerabilities are exposed in these process. But IoT security is not easy to create feasible security standards and device authentication due to differences in the approach or implementation of devices and networks. However, it is clear that the improvement and application of the standard framework for enhancing the security level of the device is the starting point to help the most successful security effect. In this study, we investigate the confidentiality, integrity, availability, and access control implementation plans for IoT devices (which are the basic goals of information security), and standardized security evaluation criteria for IoT devices, and study ways to improve them.

• Journal of the Semiconductor & Display Technology
• /
• v.23 no.2
• /
• pp.123-128
• /
• 2024

Major countries are trying to expand the construction of smart factories by introducing ICT such as the Internet of Things, cloud, and big data into the manufacturing sector to secure national-level manufacturing competitiveness in the era of the 4th industrial revolution. In addition, Germany is pushing for Industry 4.0 to build a fully automatic production system through the Internet of Things, and China is pushing for the expansion of smart factories to enhance the country's industrial competitiveness through Made in China 2025, Japan's intelligent manufacturing system, and the Korean government's manufacturing innovation 3.0. In this study, considering the increasing security connectivity of smart factories, we would like to identify security threats in the external connection part of smart factories and suggest security enhancement measures based on domestic and international standard security models to respond to the identified security threats. Eventually the proposed method can be applied by accurately identifying the smart factory security status, diagnosing vulnerabilities, establishing appropriate improvement plans, and expanding security strategies to respond to security threats.

• Journal of the Society of Disaster Information
• /
• v.8 no.2
• /
• pp.171-177
• /
• 2012

To protect the life and property of the residence from diverse disasters, we have collected and analyzed the domestic and foreign residence evacuation plans. The results and proposals from the study can be summarized as in following. First, the contents and items in civil defense emergency evacuation plan guidelines should be stipulated more clearly and its' application should be extended. Second, uniformity must be established in non-coherent contents between cities and counties. Third, disaster-prone people are not considered in the evacuation plans. The disaster-prone people must be accounted by each cities and counties and an evacuation plan for them must be established. Fourth, most of the rooms for residence evacuations are second to third level, and they are defenseless against disasters like CBRNE. Considering these conditions, deploying transportation means that can support large-scale evacuations, quickly and effectively, must also be considered.

• Convergence Security Journal
• /
• v.8 no.3
• /
• pp.51-56
• /
• 2008

Is caused by with growth etc. of the digital contents circulation market which leads suddenly accommodates in order to control the network traffic which increases and the researches which are various are being advanced the explosive evidence and a electronic transaction of the Internet user. The present paper protects a digital contents and a copyright from CDN system environments which will appear the center of new network service with the plan for the dispersive DRM system of CDN bases plans. Respect this dispersion DRM package formats which provide a stronger security characteristic in the contents which is stored the operational process of the dispersive DRM system for to be defined, CDN system and of existing interoperability they present.