• Journal of Environmental Science International
• /
• v.26 no.11
• /
• pp.1209-1222
• /
• 2017

On June 5, 2008, the "Act on Special Cases Concerning the Simplification of Authorization and Permission Procedures for Industrial Complexes" (Act No. 9106) was enacted. When it was implemented in August 2008, many industrial complex development projects were established, and the number of industrial complexes growth rates of 3-6% during 2003-2007 rose to around 15% in 2008. With the increase in industrial complexes, the environmental impacts of individual projects were examined, but comprehensive regional reviews of environmental impacts were not undertaken. In this study, we determined changes in air quality by applying the industrial complex development plan that completed the consultation at the end of 2010 to assess the comprehensive regional environmental impacts and presented the adequacy review plan for future industrial development plans based on the study's results. When considering these industrial complex development plans, emissions in North Jeolla and South Chungcheong Provinces and Daegu City have increased significantly. Air quality analyses showed that the 24 h mean $SO_2$ concentration in Daegu increased by more than 50% in summer compared to air quality concentrations in summer. The 24 h mean $PM_{10}$ and $NO_2$ concentrations increased by approximately 12 and 30%, respectively, in North Jeolla Province in summer. Areas exceeding the air quality standard for 1 h mean $O_3$ concentration increased by more than $3,500km^2$. Based on the above analysis, changes in air quality should be anticipated through a comprehensive evaluation of long-term development plans. Furthermore, control of air quality in accordance with the development of future industrial complexes is possible.

• The KIPS Transactions:PartC
• /
• v.15C no.6
• /
• pp.455-468
• /
• 2008

In this paper, we propose FAS model for establishing trust based on digital certificates in Grid security framework. The existing RBAC(Role Based Access Control) model is extended to provide permissions depending on the users‘ roles. The FAS model is designed for a system independent integrated Grid security by detailing and extending the fundamental architecture of user, role, and permission. FAS decides each user’s role, allocates access right, and publishes attribute certificate. FAS is composed of three modules: RDM, PCM, and CCM. The RDM decides roles of the user during trust negotiation process and improves the existing low level Grid security in which every single user maps a single shared local name. Both PCM and CCM confirm the capability of the user based on various policies that can restrict priority of the different user groups and roles. We have analyzed the FAS strategy with the complexity of the policy graph-based strategy. In particular, we focused on the algorithm for constructing the policy graph. As a result, the total running time was significantly reduced.

• Journal of the Korea Convergence Society
• /
• v.10 no.12
• /
• pp.93-99
• /
• 2019

Small electric vehicles, such as electric bicycles or electric kickboards, operate with the power charged in a battery mounted in the vehicle, and some of these users use emergency power sockets installed in apartments or public facilities without getting permission. For this reason, the necessity for a simple method to approve the use of power with instant payment system rises for the building managers and small vehicle users as well. In this paper, we propose a technique to charge batteries for small electric vehicles with less than 1 [kW] through a power supply control device installed on the existing 15 [A]. sockets on the common residential properties or public buildings. It also describes the power user authorization algorithm and how to charge fees for the power used. As a result of this research, this paper shows how the user authentication power supply system with the effect of preventing power theft can be realized by creating an environment in which a battery in a small electric vehicle can be easily charged.

• The Journal of the Korea Contents Association
• /
• v.13 no.11
• /
• pp.433-440
• /
• 2013

The Ministry of Land, Infrastructure and Transport was developed the Construction CALS system for improvement of the construction economy. Construction CALS system is consist by Construction Portal System, Construction Management System, Construction Authorization and Permission System, Compensation Management System, Facility Maintenance Management System and has utilized at construction site of more than 900. Ministry of Land, Infrastructure and Transport and related researcher was proposed method of various function improvements for usability of the system. However, the proposed method was expanded the problems like increase of system management cost and development cost with decrease of data process rate. The problem was increases because has added of only service function without modify of software structure to the system on each different platform base. One of the methods for solving problems is to apply the e-Government framework and then integrated the different platform. The purpose of this paper is analyse of the applicability and efficiency of e-Government framework to the construction CALS system. For that was analyzed the e-Government standard framework and the developments case. And then was verified about the adaption possibility and efficiency by use the Function Point tool.

• Journal of Korean Society of Occupational and Environmental Hygiene
• /
• v.24 no.1
• /
• pp.1-13
• /
• 2014

Objectives: The purpose of this study is to review the debate on the Article 28(Prohibition of Inhouse-Contract for Harmful Work) of the Industrial Safety and Health Law. Methods: Literatures and recent debate for prohibition and permission of inhouse-contract for harmful work were reviewed. Proposals of revision for the Article 28 of the Industrial Safety and Health Law were also reviewed. Results: It was not found reasonable to revise the Article 28 based on increased fatal accidents or diseases in the electroplating work and heavy metals handling works that are currently listed in the Presidential Decree under the law as the harmful works. Regulation types of prohibition or authorization for any harmful work shall have inherently poor coverage since the scope of application is extremely limited. Contractors for maintenance and repair of chemical facilities may not be included in the scope of application if the harmful works are defined as chemical handling works. If harmful works are prohibited, the contractor workers may loose their jobs. Therefore, it is necessary to consider balancing job security and occupational safety and health safety. Conclusions: Various limitations were found in the Article 28 and the proposals to revise it. Currently in-house subcontracting is widely spread in the workplace. Therefore, it may be inappropriate to set one or two Article such as the Article 28 and 29 to protect in-house subcontract workers from injury and illness. It is believed that it needs fundamental redirection and new approach with new paradigm to impose occupational safety and health duty to prime contractors.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39C no.1
• /
• pp.1-8
• /
• 2014

This paper proposed a method that prevents data leakage and modulation and detects an unauthorized device by using AP and mobile device. Most of existing method for detecting and preventing an unauthorized device are similar to type of Evil Twin. However, in previous studies can not resolve many security accident and have the problem to cope with effectively security accident on various network. In order to solve these problem, companies prepare security accident through the varies policy and guideline. but It is hard to prevent all security accident because it is consistently increasing everyday. This paper suggests technique of detecting and preventing an unauthorized device using Context Awareness and Mobile Device Management. Firstly, when mobile device go into internal network, server distinguish access permission and authorization of mobile device using acquiring the conetxt information of mobile device. By using this result, server applies the appropriate management technique to the mobile device for leakage and accident of internal network.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1103-1113
• /
• 2020

Hospitals store and manage personal and health information through the electronic medical record (EMR). However, vulnerabilities and threats are increasing with the provision of various services for information sharing in hospitals. Therefore, in this paper, we propose a model to prevent personal information leakage due to the transmission of patient information in EMR. A method for granting permission to securely receive and transmit patient information from hospitals where patient medical records are stored is proposed using OAuth authorization tokens. A protocol was proposed to enable secure information delivery by applying and delivering the record access restrictions desired by the patient to the OAuth Token. OAuth Delegation Token can be delivered by writing the authority, scope, and time of destruction to view patient information.This prevents the illegal collection of patient information and prevents the leakage of personal information that may occur during the delivery process.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.871-874
• /
• 2011

The fast emerging of network technology and the high demand of computing resources have prompted many organizations to outsource their storage and computing needs. Cloud based storage services such as Microsoft's Azure and Amazon's S3 allow customers to store and retrieve any amount of data, at anytime from anywhere via internet. The scalable and dynamic of the cloud storage services help their customer to reduce IT administration and maintenance costs. No doubt, cloud based storage services brought a lot of benefits to its customer by significantly reducing cost through optimization increased operating and economic efficiencies. However without appropriate security and privacy solution in place, it could become major issues to the organization. As data get produced, transferred and stored at off premise and multi tenant cloud based storage, it becomes vulnerable to unauthorized disclosure and unauthorized modification. An attacker able to change or modify data while data inflight or when data is stored on disk, so it is very important to secure data during its entire life-cycle. The traditional cryptography primitives for the purpose of data security protection cannot be directly adopted due to user's lose control of data under off premises cloud server. Secondly cloud based storage is not just a third party data warehouse, the data stored in cloud are frequently update by the users and lastly cloud computing is running in a simultaneous, cooperated and distributed manner. In our proposed mechanism we protect the integrity, authentication and confidentiality of cloud based data with the encrypt- then-upload concept. We modified and applied proxy re-encryption protocol in our proposed scheme. The whole process does not reveal the clear data to any third party including the cloud provider at any stage, this helps to make sure only the authorized user who own corresponding token able to access the data as well as preventing data from being shared without any permission from data owner. Besides, preventing the cloud storage providers from unauthorized access and making illegal authorization to access the data, our scheme also protect the data integrity by using hash function.

• The Korean Society of Law and Medicine
• /
• v.21 no.1
• /
• pp.223-259
• /
• 2020

With COVID-19 spreading rapidly around the world, research and development issues on treatments and vaccines for the virus are of high interest. Among them, Remdesivir was the first to show noticeable therapeutic effects and began clinical trials, with each country authorizing the use of the drug through emergency approval. However, Gilead Co., Ltd., the developer of Remdesivir, received a lot of criticism from civic groups for submitting the application for the marketing authorization as an orphan drug. This is because when a new drug got a marketing authorization as an orphan drug could be granted an exclusive status for seven year. The long-term exclusive status of an orphan drug comes from the policy purpose of motivating pharmaceutical companies to develop treatment opportunities for patients suffering from rare diseases, which was not appropriate to apply to infectious disease treatments. This paper provides a review of the problems and improvement directions of the domestic system through comparative legal consideration against the United States, Europe and Japan for the statutes which give exclusive status to medicines. The domestic system has a fundamental problem that it does not have explicit provisions in the statute in the manner of granting exclusive status, and that it uses the review system to give it exclusive status indirectly. In addition, in the case of orphan drugs, the "Rare Diseases Management Act" and the "Regulations on Examination of Items Permission and Reporting of Drugs" provide overlapping review periods, and despite the relatively long monopoly period, there seems to be no check clause to recover exclusive status in the event of a change in circumstances. Given that biopharmaceuticals are difficult to obtain patents, the lack of such provisions is a pity of domestic legislation, although granting exclusive rights may be a great motivation to induce drug development. In the United States, given that the first biosimilar also has a one-year monopoly period, it can be interpreted that domestic legislation is quite strictly limited to granting exclusive status to biopharmaceuticals. The need for improvement of the domestic system will be recognized in that it could undermine local pharmaceutical companies' willingness to develop biopharmaceuticals in the future, and in that it is also necessary to harmonize international regulations. Taking advantage of the emergence of COVID-19 as an opportunity, we look again at the problems of the domestic system that grants exclusive rights to medicines and hope that an overall revision of the relevant legislation will be made to establish a unified legal basis.

• Journal of KIISE:Information Networking
• /
• v.34 no.5
• /
• pp.405-422
• /
• 2007

Recently, according to the network environment, there are many researches for home network. Nowadays, in home network, the method that access control policy is managed for each home device by using ACL is popular, and EAM (Extranet access management) is applied as a solution. In addition, the research about secure OS is ongoing based on open operating system and the research of user authentication mechanisms for home network using home server is also in progress. However, these researches have some problems as follows; First, the transmission scope of expected access technology in home network is wide, so unauthenticated outside terminal can access the home network. Second, user is inconvenient because user need to set the necessary information for each device. Third, user privacy and convenience are not considered. OSGi provides a service platform for heterogeneous technologies in home network environment. Here, user access control is one of the core parts which should have no problems such as above items, but there are no concrete researches yet. Thus in this paper, we propose an access control policy management framework and access control operation based on RBAC for user access control in home network environment in which OSGi service platform is operated. First, we list the consideration which is not clearly mentioned in OSGi standard, and then we solve these above problems through new framework. In addition, we propose the effective and economical operation method which reduces the policy change frequency for user access control by using RBAC concept though limited resource of home gateway. Besides, in this paper, these proposed policies are defined separately as user-role assignment policy and permission-role assignment policy, and user decide their own policies. In conclusion, we provide the scheme to enhance the user convenience and to solve the privacy problem.