• Asia pacific journal of information systems
• /
• v.14 no.3
• /
• pp.23-55
• /
• 2004

Interests on Service Level Agreement(SLA), an immanence operating tool for managing the level of the information system service objectively and qualitatively, were raised among IT outsourcing service providers, outsourcers, and operating departments. Yet, only a few domestic conglomerates adopted the SLA, and exact usage of the SLA is currently unknown. Because of the importance of the SLA between a service recipient and a service provider, the agreement is treated with high confidentiality. This raised the problems to organizations which are considering the SLA but lack in the concrete guide line to internalize SLA management process. This study provides the process model of implementation for SLA by conducting multiple case research. The sampled companies are currently implementing the SLA over 1 year of usage period. Factors were used to provide the managerial contribution for implementing the SLA. To analyse the case samples, in-depth interview method was conducted for each sampled company. As a result, if SLA can be used as an immanence managerial tool and can be actively implemented, it will be an strategic tool for various decision making in IT management practice with long term relationship, better shared partnership, and continuous service improvement.

• The Transactions of the Korea Information Processing Society
• /
• v.3 no.7
• /
• pp.1822-1833
• /
• 1996

As the size and complexity of networks increase, it is difficult to manage the whole network using single network manager, thus it is more resonable to manage the network using several network managers distributed on the network. Security interoperability should be supported among network management systems (NMSs)that use different management policies. In this paper, an algorithm that makes it posible to take a role into a role lattices is suggested to provide security interoperability among NMSs that have their own role lattices. In addition, security constraints are proposed to maintain the confidentiality and integrity of information by dynamically modifying the access rights of roles as the state of a system changes. Also, the security constraints are expressed using ECA rules in this paper.

• Korean Journal of Computational Design and Engineering
• /
• v.13 no.1
• /
• pp.45-57
• /
• 2008

A submarine good military weapon because of its confidentiality and intimidating power. Therefore, training warfighters how to maneuver submarine is very important. Because submarine is very expensive and has regional and temporal limitations, M&S(Modeling and Simulation) can be a good alternative. However, as the existing M&S systems of submarine generally use expensive commercial software and dedicated hardware, which cause the warfighters to take troubles to visit the secured places, and then to train themselves during limited time slots. Also, many M&S systems have only one-channel display system which reduces the sense of immersiveness. Another problem is that many heterogeneous simulators can hardly be used as an integrated system. To solve these problems, X3D, a platform-independent and open standard graphic file format, is used with the general-purpose PCs. To increase immersiveness, multi-channel display system and a motion chair are used. Finally, HLA/RTI is used to integrate individual components of the simulator. All of these are verified through experiments.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.5
• /
• pp.2415-2421
• /
• 2013

Widespread personal data utilization has led personal data protection to its importance at core, and serious data spill has increased constantly as a result. Though various types of protection systems for data spill have been suggested, all these met failures in detection of personal data when printed out or preventing fatal data exposure without any protections when data spill happens. I propose API-Hook method which detects and controls personal data within printouts, and prevents data leakage through masking on the printed-out data. Also, it is verified if security is guaranteed on the documents containing personal data when implementing. In order to obtain security, it is essential to put more weights on the balance with availability than confidentiality.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.155-164
• /
• 2015

Information dispersal algorithm guarantees high availability and confidentiality for data and is one of the useful solutions for faulty and untrusted dispersed storage systems such as cloud storages. As the amount of data stored in storage systems increases, data deduplication which allows to save IT resources is now being considered as the most promising technology. Hence, it is necessary to study on an information dispersal algorithm that supports data deduplication. In this paper, we propose an information dispersal algorithm and proof of ownership for client-side data deduplication in the dispersed storage systems. The proposed solutions allow to save the network bandwidth as well as the storage space while giving robust security guarantee against untrusted storage servers and malicious clients.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.3 no.2
• /
• pp.411-420
• /
• 1999

The topic of electronic commerce is a hot issue in computer technology. There are many kinds of risks associated with electronic commerce which performs financial transactions by exchanging electronic information over public networks. Therefore, security factors such as confidentiality, integrity, authentication and non-repudiation should be required to construct secure electronic commerce systems. In this paper, the credit card-based payment protocol applying dual signature is presented. It provides payment information to the bank a cardholder pays to, but conceals ordering information. It also offers ordering information to a merchant, but hides payment information including the card number. Thus, cardholder's private information can be protected. In order to accomplish this, dual signature is performed employing both symmetric method utilizing cardholder's secret number as an encryption key and asymmetric method.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.76
• /
• pp.1-20
• /
• 2017

The industrial technology (including trade secrets), which is commonly understood as systematic and applied technical knowledge, can be transferred to third parties by contracting for the transfer of technology or by granting of a licence. The activity of industrial espionage, due to the gradual increase of the economic interests of intellectual property, is displaying intensively in order to gain advanced technology information. With our outstanding high technology, but compared to the level of the advanced countries, the technical protection systems, the legal protection measures and the systematic management thereof may still be insufficient. Our industrial technology outflow abroad, due to the vulnerability to the security control system in our country, has been increasing since the 2000. Computer software and SNS, such as smart devices, appear as a rapid change in the technical information environment. In order to minimize the dead zone of a new industrial security, the country's organic activity is being conducted. In 2006, Industrial Technology Outflow Prevention and Protection Law was enacted, which emphasized the responsibilities of the country. In this paper for the economic entity's efforts to prevent technology leakage oversea, I have looked to how the industrial technology can be protected in terms of national security and economic benefits of our enterprises. To solve the above-mentioned problems hereof, Korean government should willingly establish a reliable legal system for supporting to enterprise's operations, and Korean companies should autonomously introduce a synthetic technology protection system and incorporate the confidentiality clauses in an international transfer of technology agreement with third parties.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.11
• /
• pp.5692-5716
• /
• 2019

One of the best means to safeguard the confidentiality, security, and privacy of an image within the IoT-Cloud is through encryption. However, looking through encrypted data is a difficult process. Several techniques for searching encrypted data have been devised, but certain security solutions may not be used in IoT-Cloud because such solutions are not lightweight. We propose a lightweight scheme that can perform a content-based search of encrypted images, namely EEIRI. In this scheme, the images are represented using local features. We develop and validate a secure scheme for measuring the Euclidean distance between two descriptor sets. To improve the search efficiency, we employ the k-means clustering technique to construct a searchable tree-based index. Our index construction process ensures the privacy of the stored data and search requests. When compared with more familiar techniques of searching images over plaintexts, EEIRI is considered to be more efficient, demonstrating a higher search cost of 7% and a decrease in search accuracy of 1.7%. Numerous empirical investigations are carried out in relation to real image collections so as to evidence our work.

• Journal of the Korea Computer Industry Society
• /
• v.4 no.4
• /
• pp.625-632
• /
• 2003

We are view of the information on VPN(Virtual private Network) into each difference layer protocol. network on mutuality exchanged of information is importance of the confidentiality and Integrity. But it is presented problems about compatability and availability between variable equipment as several protocol. hence, it was achieved of the transmission through encryption and authentication of information, although there is secured an intended attack from the third intruder. so tunneling VPN system on achieving, each layer position transmit of mutuality exchanged. This study will investigate the codification and certified security status when layer2 and layer 3 informations are each transmitted using protocol with integrity Public Key. In addition, we will using protocol and the performance analysis difference between layers and layers.

• Journal of the Korea Computer Industry Society
• /
• v.4 no.4
• /
• pp.491-500
• /
• 2003

The need for network security is being increasing due to the development of information communication and internet technology, In this paper, firewall models, operating system models and other network component models are constructed. Each model Is defined by basic or compound model using MODSIM III. In this simulation environment with representative attacks, the following attacks are generated, SYN flooding and Smurf attack as an attack type of denial of service. The simulation is performed with the models that exploited various security policies against these attacks. In addition, the results of the simulation show that the analysis of security performance according to various security policies, and the analysis of correlation between availability and confidentiality according to security empowerment.