• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.821-834
• /
• 2019

As cyber security threats increase, there is a growing demand for highly reliable systems. Common Criteria, an international standard for evaluating information security products, requires formal specification and verification of the system to ensure a high level of security, and more and more cases are being observed. In this paper, we propose highly reliable drone systems that ensure high level security level and trust. Based on the results, we use formal methods especially Z/EVES to improve the system model in terms of scheduling in the system kernel.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1995.11a
• /
• pp.51-58
• /
• 1995

The importance of the risk analysis tool has been recognized and its use also has been emphasized by a number of researchers recently The methodology were examined but neither algorithms nor practical applications have been implemented or practiced in Korea. In this paper, the architecture of the Buddy System, one of the automated risk assessment tools. is analyzed in depth to provide the algorithmic understanding and to promote the development of the risk analysis methodology. The Buddy System mainly uses three main factors of vulnerability, threat and countermeasures as a nucleus of the qualatative analysis with the modified loss expectancy value. These factors are identified and assessed by the separation of duties between the end user and security analyst. The Buddy System uses five axioms as its bases of assessment algorithm and the assessed vulnerability level is strictly within these axioms. Since the In-place countermeasures reduce the vulnerability level up to a certain level. the security analyst may use "what if " model to examine the impact of additional countermeasures by proposing each to reduce the vulnerability level further to within the acceptable range. The emphasis on the qualitative approach on vulnerability leveling is very well balanced with the quantitative analysis that the system performance is prominent.prominent.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.4
• /
• pp.15-31
• /
• 2001

In this paper we classify security threat elements of satellite communication into four parts; Level-0(satellite propagation signal), Level-1(satellite control data), Level-2(satellite application data) and ground network security level according to the personality and data of the satellite communication network. And we analyze each security levels. Using analyzed security threat elements, we divide security requirements into signal security level and information security level separately. And then above the existent signal security level countermeasure, we establish the countermeasure on the basis of information security policy such as satellite network security policy, satellite system security policy and satellite data security policy in information security level. In this paper we propose secure satellite communication network through the countermeasure based on information security policy.

• Convergence Security Journal
• /
• v.12 no.4
• /
• pp.25-31
• /
• 2012

The SSE-CMM model is how to verify the level of information protection as a process-centric information security products, systems and services to develop the ability to assess the organization's development. The CMM is a model for software developers the ability to assess the development of the entire organization, improving the model's maturity level measuring. However, this method of security engineering process improvement and the ability to asses s the individual rather than organizational level to evaluate the ability of the processes are stopped. In this research project based on their existing research information from the technical point of view is to define the maturity level of protection. How to diagnose an information security vulnerabilities, technical security system, verification, and implementation of technical security shall consist of diagnostic status. The proposed methodology, the scope of the work place and the current state of information systems at the level of vulnerability, status, information protection are implemented to assess the level of satisfaction and function. It is possible that measures to improve information security evaluation based on established reference model as a basis for improving information security by utilizing leverage.

• International Journal of Computer Science & Network Security
• /
• v.22 no.2
• /
• pp.362-368
• /
• 2022

The main purpose of the article is to study the key aspects of the use of modern technologies to ensure economic security in the context of achieving high efficiency of public administration.The economic security of the country is a multi-level system, the structure of which is determined by the peculiarities of the structure and key development priorities both in the regional aspect and nationally. The fundamental role of economic security is realized through a set of goals and objectives that are achieved in the process of ensuring it, among the main ones is the effective, dynamic and progressive development of the economy, which is impossible without the development of innovations. The essence of ensuring economic security from the standpoint of innovative development lies in the development of innovations that can increase the level of competitiveness of the state-level economic system, which necessitated an analysis of the conditions and dynamics of innovation development. As a result of the study, the basic aspects of the implementation of modern technologies were analyzed in the context of achieving high efficiency in public administration.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.71-81
• /
• 2008

In the paper, we designed a context aware task-role based access control system(CAT-RACS) which can control access and prevent illegal access efficiently for various information systems in ubiquitous computing environment. CAT-RACS applied CA-TRBAC, which adds context-role concept for achieve policy composition by context information and security level attribute to be kept confidentiality of information. CA-TRBAC doesn't permit access when context isn't coincident with access control conditions, or role and task's security level aren't accord with object's security level or their level is a lower level, even if user's role and task are coincident with access control conditions. It provides security services of user authentication and access control, etc. by a context-aware security manager, and provides context-aware security services and manages context information needed in security policy configuration by a context information fusion manager. Also, it manages CA-TRBAC policy, user authentication policy, and security domain management policy by a security policy manager.

• Proceedings of the KIEE Conference
• /
• 1999.07c
• /
• pp.1155-1157
• /
• 1999

The UPFC is known to have the ability to control both the real power flow and the reactive power flow. [1],[2] The power flow in the system is heavily related with the system security. [4] This paper deals with the operation of the UPFC to increase the power system security. The concept of the power system security is verified and the index to indicate the power system security level is suggested. And the algorithm to find the optimum operation point of the UPFC improving the system security level is presented.

• The Transactions of the Korean Institute of Electrical Engineers
• /
• v.43 no.2
• /
• pp.197-205
• /
• 1994

Security of a power system refers to its robustness relative to a set of imminent disturbances (contingencies) during operation. The socially optimal solution for the actuall level of generation/consumption has been well-known spot pricing at shot-run marginal cost. The main disadvantage of this approach arises because serious contingencies occur quite infrequently. Thus by establishing contractual obligations for contingency offering before an actual operation time through decision feedback we can obtain socially optimal level of system security. Under probabilistic precontract pricing the operating point is established at equal incremental cost of the expected short-run and collapse cost of each participant. Rates for power generation/consumption and for an offer to use during a contingency, as well as information on the probability distribution of contingency need for each participant, are derived so that individual optimization will lead to the socially optimal solution in which system security is optimized and the aggregate benefit is maxmized.

• Convergence Security Journal
• /
• v.16 no.6_2
• /
• pp.3-22
• /
• 2016

The purpose of this paper is to study ways to improve the welfare of private security guards. For this reason, it was analyzed the actual situation of the private security guards' wage and welfare system. As a result of the analysis, the most important factors that affect the wages and welfare system of private security guards was such as contracting costs, the minimum wage level, professional duties. In particular, a private security guards have been recognized as the most low-level professionalism sorted by the simple laborers standard classification. Wages of guards in accordance with this recognition is only about 47% of major company on average, about 80% of the small business average. If the proposed future improvements include: First, we need to improve the professionalism of a private security. Second, It is established a mutual-aid project about private security guards. Third, It shall regulate the wage of private security guards on Private Security Industry Act. Fourth, we should adopt a selective welfare system.

• International Journal of Computer Science & Network Security
• /
• v.22 no.3
• /
• pp.213-219
• /
• 2022

The main purpose of the study is to determine the main aspects of the introduction of modern management technologies into the security system in the context of socio-economic development and digitalization of the economy. Socio-economic development and a high level of security include growth in income, labor productivity, production volumes, increased competitiveness, changes in the institutional environment, consciousness, activity, social security, the quality of the education system, healthcare, etc. Despite the root cause of economic development, it is not an end in itself, but a tool for ensuring social development. Gaining access for citizens to education, health care, observance of the principles of equality and justice, ensuring protection are directly dependent on the level of economic well-being, the level of economic potential of the country or regions. The research methodology involved the use of both theoretical and practical methods. As a result of the study, the key elements of the introduction of modern management technologies into the security system in the context of socio-economic development and digitalization of the economy were identified.