• The Journal of Society for e-Business Studies
• /
• v.24 no.4
• /
• pp.79-107
• /
• 2019

Traditionally banks and other financial institutions use customers' accounts and information managed by them and provide payment services in dominant positions. Recently, EU amends Payment Services Directive to institutionally guarantee access to customers' accounts and use of account-related information even to third parties, which facilitates competition in financial markets and promotes innovation. However, this kind of change can increase potential security risks and therefore institutional responses from financial authorities are required so that all participants in financial markets can properly respond to security risks. In this study institutional responses to the security risks in the EU's new Payment Services Directive (PSD2) are analyzed, comparisons between this and domestic electronic financial regulations are analyzed, and implications for the direction of improving domestic electronic financial regulations will be suggested.

• The Journal of Asian Finance, Economics and Business
• /
• v.9 no.2
• /
• pp.151-158
• /
• 2022

The study aims to investigate Lebanese-Chinese relations within the framework of the Belt and Road Initiative. Lebanon formally joined the effort in 2017; this paper emphasizes Lebanon's geostrategic importance. The paper presents an assessment of the investment risks in Lebanon, which is considered an economically unstable country with a volatile security situation, with many internal and external political hurdles. The paper refers to the obstacles and challenges that the Chinese investor may face in Lebanese society. The study employs qualitative descriptive analysis to address the status of Chinese investment in Lebanon and the consequences of this partnership; the paper examines previous research related to the Belt and Road Initiative and the Lebanese political, security, and economic situation literature. Due to the deteriorating security situation, external intervention, and the economic crisis, the results reveal that Lebanon is not a top investment priority for China, which is a big impediment to China entering into economic cooperation with Lebanon. The findings of this study suggest that the Lebanese government should adopt an anti-corruption policy to build confidence for the Chinese investor, reduce unnecessary public spending, and hold a national dialogue to build confidence among the Lebanese parties.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.27 no.4
• /
• pp.483-491
• /
• 2021

The identification of regional collision risks in water areas is significant for the safety of navigation. This paper introduces a new method of collision risk assessment that incorporates a clustering method based on the distance factor - hierarchical clustering - and uses real-time data in case of several surrounding vessels, group methodology and preliminary assessment to classify vessels and evaluate the basis of collision risk evaluation (called HCAAP processing). The vessels are clustered using the hierarchical program to obtain clusters of encounter vessels and are combined with the preliminary assessment to filter relatively safe vessels. Subsequently, the distance at the closest point of approach (DCPA) and time to the closest point of approach (TCPA) between encounter vessels within each cluster are calculated to obtain the relation and comparison with the collision risk index (CRI). The mathematical relationship of CRI for each cluster of encounter vessels with DCPA and TCPA is constructed using a negative exponential function. Operators can easily evaluate the safety of all vessels navigating in the defined area using the calculated CRI. Therefore, this framework can improve the safety and security of vessel traffic transportation and reduce the loss of life and property. To illustrate the effectiveness of the framework proposed, an experimental case study was conducted within the coastal waters of Mokpo, Korea. The results demonstrated that the framework was effective and efficient in detecting and ranking collision risk indexes between encounter vessels within each cluster, which allowed an automatic risk prioritization of encounter vessels for further investigation by operators.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.3
• /
• pp.926-930
• /
• 2010

This paper is about a development framework, which is required to develop of security system is based on component. With applying of SDLC(system development life cycle) of information system, the application of information security products DLC is required at this point of time. In this paper, we review NIST requirement specification of development method, requirement criteria of SDLC in each stage, and major security guidelines of risk assessment. Also we are reviewed major security element of SDLC, and to aid understanding of security framework based on component, present the relationship fo security design and DFD in respect of spoofing for the outside entity based on threat tree STRIDE.

• Journal of Korean Society of Disaster and Security
• /
• v.16 no.1
• /
• pp.71-80
• /
• 2023

Fuel cells are low-carbon power sources that can expand distributed energy system and electric vehicle charging infrastructure when installing fuel cells in gas stations. In order to ensure safety for fuel cells in gas stations, quantitative risk assessments were conducted after deriving accident scenarios based on accident data of domestic and foreign gas stations and fuel cells. It calculates the expected extent of damage from fire and explosion that can occur in reality, not the worst accident scenario, and analyzes the damage impact. The separation distance of more than 9.0 m from a dispenser, 15.5 m from a car under refueling, 4.1 m from the ventilation pipe, 1.1 m from the gas adjustment device prevent the severe damage caused by the expected accident. This study result can be used to deploy fuel cells in gas stations and establish safety measures.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.544-547
• /
• 2002

최근 들어 인적 보안위험과 같이 단기간에 변화가 심한 위험이 증가하고 있어 이에 대한 관리가 요구되고 있다. 그러나, 기존 위험평가만으로는 이러한 보안위험에 대한 적절한 평가 및 관리가 어려우므로 이에 대한 보완이 필요하다. 이에 기존에 적용된 보안관리 도구에 의해 생성되는 온라인 데이터를 이용하여, 이러한 위험에 대한 평가를 지속적으로 실시할 수 있는 보안관리 체계를 제안한다. 이를 통해 조직내 보안위험 수준을 감내할 수 있는 수준으로 유지할 수 있도록 한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.11a
• /
• pp.945-948
• /
• 2005

현재 침입탐지시스템(IDS:Intrusion Detection System)은 다양한 평가요소들 - 탐지율, 오탐율, 새로운 공격탐지능력, 안정성 등을 기준으로 평가되고 있고, 이러한 결과는 제품의 보호수준을 결정하거나 한 조직의 정보보호장치로 적합한지를 평가하는 벤치마킹테스트의 방법으로 활용된다. 그러나, 이러한 평가의 결과는 조직의 침입탐지시스템을 구축하고자 하는 네트워크 환경하에서 각각의 침입탐지시스템이 갖는 특성에 따라 상대적인 평가는 가능하나 해당 조직의 네트워크 인프라와 위협요소, 취약점을 고려했을 때 보다 최적의 것이 무엇인지를 평가하는 방법으로는 한계가 있다. 그러므로, 본 연구논문에서는 이러한 한계를 극복하기 위한 방법으로서 조직의 정보보호 위험분석에서 도출된 해당 네트워크 환경의 자산, 위협, 취약성의 결과인 위험과 위험수준을 IDS 평가에 반영하여 조직의 환경하에 보다 적합한 침입탐지시스템 선정이 가능한 평가방법을 제안한다.

• International journal of advanced smart convergence
• /
• v.12 no.3
• /
• pp.40-50
• /
• 2023

Blockchain is a technology designed to prevent tampering with digital documents or information, safeguarding transaction data and managing it in a structured manner. This proves beneficial in addressing issues of trust and data protection in B2B, B2C, and C2B transactions. Blockchain finds utility not only in financial transactions but also across diverse industrial sectors. This study outlines significant cases and responses that jeopardize the security of blockchain networks and cryptocurrency technology. Additionally, it analyzes safety and risk factors related to blockchain and proposes effective testing methods to preemptively counter these challenges. Furthermore, this study presents key security evaluation metrics for blockchain to ensure a balanced assessment. Additionally, it provides evaluation methods and various test case models for validating the security of blockchain and cryptocurrency transaction services, making them easily applicable to the testing process.

• Korean Security Journal
• /
• no.36
• /
• pp.293-316
• /
• 2013

Today's high-rise buildings are increasing concern about the safety and evacuation of people related to the fire and threat from outside. Terrorism breaking out in high-rise buildings, a symbol of the national economy results in a number of casualties, economic loss, social fear and damage to national status. That's why high-rise building has also emerged as a target of major terrorist attacks, compared to other types of buildings. We have 54 high-rise buildings in 15 regions over the country. The Ministry of Land, Infrastructure and Transport and Seoul Metropolitan Government have offered the guidelines to prevent terrorist attacks toward high-rise buildings. Since the 9/11 terrorist attacks, the U.S. Federal Emergency Management Agency (FEMA) has developed and taken advantage of the Risk Management Manual Series. According to this manual, pre-assessment is conducted for the prevention of terrorism and particularly in FEMA 455, risk of the surrounding areas, vulnerability, possibility from terrorist attacks are checked. After the check, experts classify the risk of terrorist attacks toward the high-rise buildings and according to the risk classification, architects, security experts and structure engineers can carry out terrorism prevention program for high-rise buildings. The U.K. NaCTSO has also offered the terrorism prevention guidelines. Therefore, the Ministry of Land, Infrastructure and Transport and Seoul Metropolitan Government should make more concrete guidelines for high-rise buildings such as what U.S. FEMA and U.K. NaCTSO implement, including prior evaluation technique for terrorism risk.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.6
• /
• pp.267-273
• /
• 2015

For newly incoming technologies owing to the advancements in information and communications technology, the new form of information occurs due to the combination form of personal information. In turn, personal information which is combination with existing personal information is on the increase. It is difficult to equalize the method in order to analysis the degree of risk for personal information because it is qualitative method which is defined on the current Personal Information Protection Law. This dissertation presents the model to assess the degree of risk by using the IPA(Importance-Performance Analysis) after measuring the importance and the weighted value for the personal information based on the existing the method of risk assessment. Through the model suggested in this dissertation, the subjective judgement can be excluded, the combination of personal information can be assessed and the standard criteria which is used as the objective indicators from the quantitative degree of risk can be suggested.