• 디지털산업정보학회논문지
• /
• 제12권3호
• /
• pp.33-54
• /
• 2016

In the modern society based on information and communication, which is exposed to the risks of a lot of information security breaches, corporate information assets may be an economical scale in a country. Most of damages derived from corporate technological information leak often occur in small and medium corporations. Although many information security managers in corporations have focused on certification systems such as information security management system, small and medium corporations are poorly aware of the information security, and their environments surrounding it should be also improved. In addition, it is difficult to expect spontaneous participations in it, since the sustainable information security management systems are often not forced to be certified. Thus, the purpose of this study is to examine plans to improve small and medium corporations' technological protections by using some component of the information security management system. On the basis of this examination, it also attempts to discuss some methods for effective and efficient information security in the small and medium corporations' technological protections.

• 디지털산업정보학회논문지
• /
• 제11권3호
• /
• pp.53-62
• /
• 2015

Recently, number of tablet or Smartphone users increased significantly in domestic and around the world. But violation of personal information such as leakage, misuse and abuse are constantly occurring by using mobile devices which is very useful in our society. Therefore, in this paper it will talk about the problems in the network environment of the mobile environment such as tablet and Smartphone, Mobile Malware, hacking of the public key certificate, which could be potential threat to mobile environment. This thesis will research for people to use their mobile devices more reliable and safer in mobile environment from invasion and leakage of personal information. In order to use Smartphone safely, users have to use Wi-Fi and Bluetooth carefully in the public area. This paper will research how to use App safely and characteristic of risk of worm and Malware spreading. Because of security vulnerabilities of the public key certificate, it will suggest new type of security certification. In order to prevent from the information leakage and infect from Malware in mobile environment without knowing, this thesis will analyze the improved way to manage and use the mobile device.

• 디지털산업정보학회논문지
• /
• 제6권3호
• /
• pp.121-129
• /
• 2010

For the development of software industry, offers an expanded software authentication scheme caused by the unauthorized copying of software is to reduce the damage to software developers, retail sales and to promote the development of the software industry was studied. Serial Number of the current software registration is conducted in such a simple verification procedure if the Serial Number only illegal and can be installed on multiple computers, such as program code to allow third parties to enter the Serial Number, or the extract can be used without is a reality. The proposed extension to the software authentication system when you install the software, my phone authentication and MAC Address Authentication Service introduced to distinguish normal user, the user of the MAC Address of the server and software development company that was sent to the registered MAC Address of the computer to be run only by the use of genuine software and to make unauthorized copies of software generated by the software developer can reduce the damage of the proposed plan.

• 디지털산업정보학회논문지
• /
• 제16권2호
• /
• pp.95-104
• /
• 2020

Bribery is one of the world's most destructive and challenging issues. Yet despite efforts on national and international levels to tackle bribery, it remains a significant issue. Recognizing this, ISO has developed a new standard to help organizations fight bribery and promote an ethical business culture, which is "ISO 37001 - Anti-bribery Management Systems" in 2016. ISO 37001 can provide the tools and systems to greatly reduce the risk and help organizations deal with it effectively if it does arise. It is a flexible tool, which can be adapted according to the size and nature of the organization and the bribery risk it faces. After enforcing the Improper Solicitation and Graft Act, Korean government standardized ISO 37001, one of the Business Ethics of Global Standard, harmonizing International Standards into Korean Industrial Standards (KS) in 2017. It is meaningful in that Korean companies have localized regulation which applies to global standard anti-bribery management systems. Only about 100 organizations, however, have adopted ISO 37001 so far. The primary purpose of this paper is to examine the expectation and awareness of ISO 37001. Results show that still many organizations lack of awareness of ISO 37001 and it is implicated that much promotion and education will be necessary. This study has originality and value in that it can provide the guidelines for activation of ISO 37001.

• 한국디지털건축인테리어학회논문집
• /
• 제9권2호
• /
• pp.25-33
• /
• 2009

So far we have investigate and analyzed the actual conditions of building maintenance in Korea and compared the building maintenance laws and systems between Korea and other countries. Now, based on the results from such comparison and analysis, this study proposes the following ideas for improvement: 1) As we can learn from domestic and foreign case studies, in the existing built-up areas becoming obsolete, many building owners remodel their buildings illegally in reaction to current economic and social changes. Therefore, for efficient maintenance of buildings, it is required to improve building maintenance systems by formulating information about inspection items, inspectors, supervisors, inspection costs and intervals of reporting results, depending on how large the buildings are and what they are used for. 2) In addition, to ensure the success of a building maintenance system, it is necessary to keep and manage a history of building maintenance thoroughly and introduce a certification program which gives an appropriate grade to maintenance performance and commits the government to expand their public roles and supporting policies, as widely used in some foreign countries. Further, in keep the building maintenance system secure, there should be a nationwide consensus as well as a favorable evaluation from building owners and manager, and all related people.

• 디지털산업정보학회논문지
• /
• 제11권1호
• /
• pp.69-78
• /
• 2015

Internet of Things(IoT) is electronic devices and household appliances use wireless sensor network in environment of high speed wireless network and LTE mobile service. The combination of the development of Internet and wireless network led to development of new forms of service such as electronic devices and household appliances can connect to the Internet through various sensors and online servers such as a Home Network. Even though Internet of Things is useful, there are problems in Internet of Things. In environment of Internet of Things, information leakage could happens by illegal eavesdropping and spoofing. Also illegal devices of wireless communication interference can cause interfere in Internet of things service, physical damage and denial of service by modulation of data and sensor. In this thesis, it will analyze security threats and security vulnerability in environment of mobile services and smart household appliances, then it will suggest plan. To solve security issues, it is important that IT and RFID sensor related companies realize importance of security environment rather than focus on making profit. It is important to develop the standardized security model that applies to the Internet of Things by security-related packages, standard certification system and strong encrypted authentication.

• 디지털융복합연구
• /
• 제13권2호
• /
• pp.141-151
• /
• 2015

스마트폰 보급률이 높아지면서 모바일 결재 서비스가 더욱 확대되고 있다. 따라서 모바일 커머스 시장도 급격히 증가하고 있다. 그리고 모바일 커머스 서비스가 확대됨에 따라 고품질과 높은 신뢰성의 요구가 증가하고 있는 추세이다. 모바일 결재서비스 확대 배경으로는 시간, 공간적인 면에서 소비자에게 편리함을 제공하는 동시에 정보기술의 발전으로 제공 비용의 감소가 크게 작용하고 있다. 본 논문에서는 모바일 커머스 소프트웨어 기반 기술을 조사하고 모바일 커머스 소프트웨어의 품질시험 평가를 위해 특성을 분석하여 국제표준 규격인 ISO/IEC 12119와 ISO/IEC 9126을 기반으로 모바일 커머스 소프트웨어 품질 평가모델과 체계를 제안하였다.

• 디지털산업정보학회논문지
• /
• 제6권2호
• /
• pp.71-80
• /
• 2010

This thesis is purposed on developing security product co-evaluation statistics administrate program which is can administrate or analysis CC accreditation product using by DEVS modeling via portal site of member of CCRA. Via developing security product evaluation statistics administrate program, it can analysis the trend of all countries of the world in many ways, and noticed the ways of evaluation and accreditation of most countries via scheme analysis. Except this, it can analysis the situation of accreditation trend of any countries via data analysis of ICCC 2009. Also, For trend analysis to evaluation technique of CCRA member, it analyzed up to date technology and policy of the evaluation organization and the Certification Authority of most countries. And it peformed analysis the most trend of information security of evaluation authorization in CCRA member countries. In this program, It provide the function of trend statistics analysis which can statically analyzed the evaluation accreditation trends of most countries and automatical statistics by categorization ( by Product, Class and statistics in national) and report creation functions which can easily extraction and use the needed data. It has been updated the related informations until latest accredited product using by CC(Common Criteria) portal home page's data.

• 디지털콘텐츠학회 논문지
• /
• 제14권2호
• /
• pp.179-189
• /
• 2013

21세기가 되면서 컴퓨터 및 인터넷 등을 포함한 정보통신기술의 발전으로 다양한 기기에서 네트워크를 이용한 컴퓨팅 환경이 제공되어 지고 있다. 사이버 공간에서 사용자 인증방식은 텍스트 기반의 패스워드 인증방식을 사용하고 있다. 정보시스템의 비인가된 접근과 노출은 사용자, 공급자 모두에게 큰 피해를 입힐 수 있다. 이러한 인증방식은 기술적인 문제뿐만 아니라 사람들의 행동학적인 문제를 가지고 있다. 연구결과에 따르면 사용자들 대부분이 다양한 사이트를 이용하지만 사용하는 비밀번호개수는 그보다 훨씬 적었다. 또한 오랜 기간 한 가지 비밀번호를 사용하는 사용자가 많았으며 변경 시에도 기존의 비밀번호를 이용하여 최소한의 변경을 원하였다. 이에 정보보안의 차원에서 사람들의 전반적인 비밀번호 선택과 사용에 있어서 영향을 미치는 요인을 통계분석을 통해 알아보고자 한다.

• 한국통신학회논문지
• /
• 제37C권12호
• /
• pp.1256-1262
• /
• 2012

이동 애드혹 네트워크는 고정된 기반 망의 도움 없이 이동 단말만으로 구성된 자율적이고 독립적인 네트워크이다. 최근 애드혹 네트워크의 보안성과 효율성을 높이는 방법으로 클러스터 기반 애드혹 네트워크가 대두되고 있다. 또한 이에 적합한 라우팅 프로토콜 역시 활발히 연구되고 있다. 하지만 클러스터 기반 ad-hoc 네트워크에서 보안을 고려한 라우팅 프로토콜에 대한 연구는 미흡한 실정이다. 본 논문에서는 클러스터 기반 애드혹 네트워크에서 공격에 안전한 보안 라우팅 프로토콜을 제안한다. 제안하는 보안 라우팅 프로토콜은 Diffie-Hellman 키 교환, HMAC, 디지털 서명 등을 사용하여 라우팅 메시지에 대한 무결성을 보장하여 안전한 경로 설정을 수행하였다.