• The Journal of Korean Association of Computer Education
• /
• v.22 no.2
• /
• pp.1-9
• /
• 2019

In order to improve the quality of textbooks, this study analyzed seven informatics textbooks published based on the 2015 revised curriculum. Content analysis was used to analyze the organization system of these textbooks. Learning objectives of the textbooks were also analyzed according to Anderson's taxonomy of educational objectives. Furthermore, a textbook satisfaction survey, in which textbook selection criteria were applied, was given out to preliminary teachers. The results showed that the textbooks were similarly organized, centered on practice, activities, differentiated learning, and small group learning. However, the number of pages varies considerably for each chapter. After analyzing learning objectives of the textbooks, it was found that in terms of cognitive processes, 'understanding' (53%) was the highest item and 'analyzing' (16%) the second highest; in terms of type of knowledge, 'conceptual' (42%) and 'procedural' (31%) accounted for the two highest categories; in terms of cognitive domains, there has been a significant increase in 'analyzing' and 'creating' facets for learning objectives of these new versions of textbooks as compared to those of previously existed textbooks. In the satisfaction survey on a 5-point Likert scale, 'the accuracy and fairness of the content' had the highest points at 4.21 among four scale items. In this study, the improvement of the textbook is proposed based on the findings from this analysis.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.261-273
• /
• 2019

Recently, with the development of IT technology, there is an increasing interest in cloud services as the number of users using mobile devices such as mobile phones and tablets is increasing. However, there is a need for techniques to control or control various methods of accessing data as the user's service demands increase. In this paper, we propose a dual key based user authentication model that improves the user 's authentication efficiency by using two keys (secret key and access control key) to access the users accessing various services provided in the cloud environment. In the proposed model, the operation process and the function are divided through the sequence diagram of the algorithms (key generation, user authentication, permission class permission, etc.) for controlling the access right of the user with dual keys. In the proposed model, two keys are used for user authentication and service authorization class to solve various security problems in the cloud service. In particular, the proposed model is one of the most important features in that the algorithm responsible for access control of the user determines the service class of the user according to the authority, thereby shortening the management process so that the cloud administrator can manage the service access permission information of the user.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.11
• /
• pp.157-165
• /
• 2018

Companies conduct R&D for continuous development and enhancement of corporate value, and obtain patents as an intangible asset resulting from this process. This study screened 103 medical device firms whose R&D information, patent information, and management performance information were all published to determine how R&D activities and patents affect corporate operational performance. The number of patents, R&D costs, company type and Inno-Biz of the company were set as independent variables, and the companies' sales, intangible assets, operating profit ratios, net profit margins, corporate ratings and profit-related financial ratios were used as dependent variables. The results confirmed that R&D expenditure had negative (-) effects on most indicators, including sales volume, operating profit ratio, and net profit ratio, while it had positive (+) [ED highlight - these are unnecessary if negative and positive are also written out.] effects only on intangible assets. Additionally, domestic patents were found to have negative (-) effects on sales, cash flow ratings, and dropped capital return, and positive (+) effects on net profit growth. Moreover, the business performance variables affected by the company characteristics were sales volume and cash flow ratings. The medical device industry is dominated by small and medium-sized businesses Although research and development activities and patents have been shown to have a negative impact on corporate management in the short term, they are expected to have a positive long-term impact when reflecting the characteristics of the medical device industry that must undergo clinical trials and authorization procedures after R&D.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.5
• /
• pp.36-46
• /
• 2019

The number of hosts connected to the Internet has increased dramatically, introducing the Domain Name System(DNS) in 1984. DNS is now an important key point for all users of the Internet by allowing them to use a convenient character address without memorizing a series of numbers of complex IP address. However, relative to the importance of DNS, there still exist many problems such as the authorization allocation issue, the disputes over public registration, security vulnerability such as DNS cache poisoning, DNS spoofing, man-in-the-middle attack, DNS amplification attack, and the need for many domain names in the age of hyper-connected networks. In this paper, to effectively improve these problems of existing DNS, we proposed a method of implementing DNS using distributed ledger technology, blockchain, and implemented using a Ethereum-based platform. In addition, the qualitative analysis performance comparative evaluation of the existing domain name registration and domain name server was conducted, and conducted security assessments on the proposed system to improve security problem of existing DNS. In conclusion, it was shown that DNS services could be provided high security and high efficiently using blockchain.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.12
• /
• pp.99-109
• /
• 2018

Tampering involves illegally removing technologies from a protected system through reverse engineering or developing a system without proper authorization. As tampering of a weapon system is a threat to national security, anti-tampering measures are required. Precedent studies on anti-tampering have discussed the necessity, related trends, application cases, and recent cybersecurity-based or other protection methods. In a domestic situation, the Defense Technology Protection Act focuses on how to prevent technology leakage occurring in related organizations through personnel, facilities and information systems. Anti-tampering design needs to determine which technologies are protected while considering the effects of development cost and schedule. The objective of our study is to develop methods of how to select target technologies and determine counter-measures to protect these technologies. Specifically, an evaluation matrix was derived based on the risk analysis concept to select the protection of target technologies. Also, based on the concept of risk mitigation, the classification of anti-tampering techniques was performed according to its applicability and determination of application levels. Results of the case study revealed that the methods proposed can be systematically applied for anti-tampering in weapon system development.

• Korean Journal of Anesthesiology
• /
• v.71 no.6
• /
• pp.467-475
• /
• 2018

Background: The Quality of Recovery-40 (QoR-40) is a widely-used, self-rated, and self-completed questionnaire for postoperative patients. The questionnaire is intended to elicit information from each patient regarding the quality of recovery during the postoperative period. It is noteworthy, however, that an official Korean version of the QoR-40 (QoR-40K) has not been established. The purpose of this study was to develop the QoR-40K by translation and cultural adaptation process and to evaluate the validity and reliability of the QoR-40K. Methods: After pre-authorization from the original author of the QoR-40, the translation procedure was established and carried out based upon Beaton's recommendation to create a QoR-40K model comparable to the original English QoR-40. Two hundred surgical patients were enrolled, and each completed the questionnaire during the preoperative period, on the third day, and 1 month after surgery. The QoR-40K was compared with the visual analogue scale (VAS) and another health-related questionnaire, the Short-form Health Survery-36 (SF-36). The method of validation for QoR-40K included test-retest reliability, internal consistency, and level of responsiveness. Results: Spearman's correlation coefficient for test-retest reliability was 0.895 (P < 0.001), and Cronbach's alpha of the global QoR-40K on the third day after surgery was 0.956. A positive correlation was obtained between the QoR-40K and the mental component summary of SF-36 (${\rho}=0.474$, P < 0.001), and a negative correlation was observed between QoR-40K and VAS (${\rho}=-0.341$, P < 0.001). The standardized responsive mean of the total QoR-40K was 0.71. Conclusions: The QoR-40K was found to be as acceptable and reliable as the original English QoR-40 for Korean patients after surgery, despite the apparent differences in the respective patients' cultural backgrounds.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.5
• /
• pp.109-119
• /
• 2004

The home network environment can be defined as a network environment, connecting digital home devices such as computer systems, digital appliances, and mobile devices. In this kind of home network environments, there will be numerous local/remote interactions to monitor and control the home network devices and the home gateway. Such an environment may result in communication bottleneck. By applying the mobile agents that can migrate among the computing devices autonomously and work on behalf of the user, remote interactions and network traffics can be reduced enormously. The mobile agent authentication is necessary to apply mobile agent concept to the home network environments, as a prerequisite technology for authorization or access control to the home network devices and resources. The existing mobile agent systems have mainly used the public key based authentication scheme, which is not suitable to the home network environments, composed of digital devices of limited computation capability. In this paper, we propose a shared key based mobile agent authentication scheme for single home domain and expand the scheme to multiple domain environments with the public key based authentication scheme. Application of the shared key encryption scheme to the single domain mobile agent authentication enables to authenticate the mobile agent with less overhead than the public key based authentication scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.4
• /
• pp.125-135
• /
• 2009

Logs from various security system can reveal the attack trials for accessing private data without authorization. The logs can be a kind of confidence deriving factors that a certain IP address is involved in the trial. This paper presents a rule-based expert system for derivation of privacy violation confidence using various security systems. Generally, security manager analyzes and synthesizes the log information from various security systems about a certain IP address to find the relevance with privacy violation cases. The security managers' knowledge handling various log information can be transformed into rules for automation of the log analysis and synthesis. Especially, the coverage of log analysis for personal information leakage is not too broad when we compare with the analysis of various intrusion trials. Thus, the number of rules that we should author is relatively small. In this paper, we have derived correlation among logs from IDS, Firewall and Webserver in the view point of privacy protection and implemented a rule-based expert system based on the derived correlation. Consequently, we defined a method for calculating the score which represents the relevance between IP address and privacy violation. The UI(User Interface) expert system has a capability of managing the rule set such as insertion, deletion and update.

• The Korean Society of Law and Medicine
• /
• v.22 no.4
• /
• pp.59-88
• /
• 2021

The National Assembly of the Republic of Korea recently enacted laws to fortify sanctions about data manipulation of pharmaceutical companies. The medicine approval system is the result of legislative efforts to prevent accidents that caused damages to patients' life and health. The medicine approval system is based on the trust that the data submitted by pharmaceutical companies is not manipulated. The Supreme Court of Korea clarified that strict standard shoud be required to secure the medicine safety in Supreme Court Decision 2008Du8628 decided November 13, 2008. We agree. This paper suggest legislation to weaken the economic incentives for pharmaceutical companies to choose data manipulation by minimizing the expected profit. In addition to revoking the marketing authorization of the medicine, the 'unfair' profits the pharmaceutical company has earned must be recovered. In addition, in order to increase the possibility to discover data manipulation, it is necessary to strengthen the review capacity and to activate the whistle-blowing.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.817-839
• /
• 2021

To manage software safely, the military acquires and manages products in accordance with the RMF A&A. RMF A&A is standard for acquiring IT products used in the military. And it covers the requirements, acquisition through evaluation and maintenance of products. According to the RMF A&A, product development activities should reflect the risks of the military. In other words, developers have mitigated the risks through security by design and supply chain security. And they submit evidence proving that they have properly comply with RMF A&A's security requirements, and the military will evaluate the evidence to determine whether to acquire IT product. Previously, case study of RMF A&A have been already conducted. But it is difficult to apply in real-world, because it only address part of RMF A&A and detailed information is confidential. In this paper, we propose the evidence fulfilling method that can satisfy the requirements of the RMF A&A. Furthermore, we apply the proposed method to real-world drone system for verifying our method meets the RMF A&A.