• Journal of Internet Computing and Services
• /
• v.14 no.3
• /
• pp.23-33
• /
• 2013

Recently in the field of IT, cloud computing technology has been deployed rapidly in the current society because of its flexibility, efficiency and cost savings features. However, cloud computing system has a big problem of vulnerability in security. In order to solve the vulnerability of cloud computing systems security in this study, impact types of virtual machine about the vulnerability were determined and the priorities were determined according to the risk evaluation of virtual machine's vulnerability. For analyzing the vulnerability, risk measurement standards about the vulnerability were defined based on CVSS2.0, which is an open frame work; and the risk measurement was systematized by scoring for relevant vulnerabilities. Vulnerability risk standards are considered to suggest fundamental characteristics of vulnerability and to provide the degree of risks and consequently to be applicable to technical guides to minimize the vulnerability. Additionally, suggested risk standard of vulnerability is meaningful as the study content itself and could be used in technology policy project which is to be conducted in the future.

• KEPCO Journal on Electric Power and Energy
• /
• v.4 no.1
• /
• pp.1-7
• /
• 2018

Objective signs are everywhere that the stationary energy storage market is growing up quickly. The use of distributed resources such as solar photovoltaics and electric vehicles are expanding at a rapid pace, creating technical challenges for the distribution system that will require energy storage and a new generation of software to address. This paper is intended for distribution utility managers and executives and makes the following points: ${\bullet}$ Utility-integrated (as opposed to merely grid-connected) energy storage projects represent a distinct, new wave of industry growth that is just getting underway and is required to manage distributed energy resources moving forward. ${\bullet}$ Utilities and the energy storage industry have important roles to lower risk in adopting this technology - thereby enabling this wave of growth. ${\circ}$ The industry must focus on engineering energy storage for adoption at scale - including the creation and support of software open standards -both to drive down costs and to limit technology and supplier risk for utilities. ${\circ}$ Utilities need to take a program-based, rather than a project- based, approach to this resource to best balance cost and risk as they procure and implement energy storage. By working together to drive down costs and manage risk, utilities and their suppliers can lay the energy storage foundation for a new, more digital distributed electricity system.

• Nuclear Engineering and Technology
• /
• v.53 no.10
• /
• pp.3319-3326
• /
• 2021

As a form of industrial control systems (ICS), nuclear instrumentation and control (I&C) systems have been digitalized increasingly. This has raised in turn cyber security concerns. Cyber security for ICS is important because cyber-attacks against ICS can cause not only equipment damage and loss of production but also personal and public safety hazards unlike in general IT environments. Numerous risk analyses have been carried out to enhance the safety of ICS and recently, many studies related to the cyber security of ICS are being conducted. Many existing risk analyses and cyber security studies have considered safety and cyber security separately. However, both safety and cyber security perspectives should be considered when analyzing risks for complex and critical ICS facilities such as nuclear power plants (NPPs). In this paper, the STPA-SafeSec methodology is selected to consider both safety and security perspectives when performing a risk analysis for NPPs in order to assess impacts on the safety by cyber-attacks against the digital I&C systems. The STPA-SafeSec methodology was applied to a test-bed system that simulates a condensate water (CD) system in an NPP. The process of the application up to the development of mitigation strategies is described in detail.

• Archives of Plastic Surgery
• /
• v.48 no.3
• /
• pp.295-304
• /
• 2021

Clinical photography is an essential component of patient care in plastic surgery. The use of unsecured smartphone cameras, digital cameras, social media, instant messaging, and commercially available cloud-based storage devices threatens patients' data safety. This paper Identifies potential risks of clinical photography and heightens awareness of safe clinical photography. Specifically, we evaluated existing risk-mitigation strategies globally, comparing them to industry standards in similar settings, and formulated a framework for developing a risk-mitigation plan for avoiding data breaches by identifying the safest methods of picture taking, transfer to storage, retrieval, and use, both within and outside the organization. Since threats evolve constantly, the framework must evolve too. Based on a literature search of both PubMed and the web (via Google) with key phrases and child terms (for PubMed), the risks and consequences of data breaches in individual processes in clinical photography are identified. Current clinical-photography practices are described. Lastly, we evaluate current risk mitigation strategies for clinical photography by examining guidelines from professional organizations, governmental agencies, and non-healthcare industries. Combining lessons learned from the steps above into a comprehensive framework that could contribute to national/international guidelines on safe clinical photography, we provide recommendations for best practice guidelines. It is imperative that best practice guidelines for the simple, safe, and secure capture, transfer, storage, and retrieval of clinical photographs be co-developed through cooperative efforts between providers, hospital administrators, clinical informaticians, IT governance structures, and national professional organizations. This would significantly safeguard patient data security and provide the privacy that patients deserve and expect.

• Journal of Multimedia Information System
• /
• v.8 no.4
• /
• pp.259-266
• /
• 2021

Security vulnerabilities have been reported in major design software systems such as Adobe Photoshop and Illustrator, which are recognized as de facto standard design tools in most of the design industries. Companies need to evaluate and manage their risk levels posed by those vulnerabilities, so that they could mitigate the potential security bridges in advance. In general, security vulnerabilities are discovered throughout their life cycles repeatedly if software systems are continually used. Hence, in this study, we empirically analyze risk levels for the three major graphical design software systems, namely Photoshop, Illustrator and GIMP with respect to a software vulnerability discovery model. The analysis reveals that the Alhazmi-Malaiya Logistic model tends to describe the vulnerability discovery patterns significantly. This indicates that the vulnerability discovery model makes it possible to predict vulnerability discovery in advance for the software systems. Also, we found that none of the examined vulnerabilities requires even a single authentication step for successful attacks, which suggests that adding an authentication process in software systems dramatically reduce the probability of exploitations. The analysis also discloses that, for all the three software systems, the predictions with evenly distributed and daily based datasets perform better than the estimations with the datasets of vulnerability reporting dates only. The observed outcome from the analysis allows software development managers to prepare proactively for a hostile environment by deploying necessary resources before the expected time of vulnerability discovery. In addition, it can periodically remind designers who use the software systems to be aware of security risk, related to their digital work environments.

• Journal of Smart Tourism
• /
• v.4 no.1
• /
• pp.31-38
• /
• 2024

This study investigates the adoption of technology in smart tourist destinations, with a focus on the Baby Boomer generation. The objective is to analyze the perceived utility, intention to use, and risk perception of this generation regarding Information and Communication Technologies (ICT) in the context of smart tourist destinations. Data were collected through questionnaires administered to elderly groups belonging to the Baby Boomer generation in two Brazilian cities. Data analysis was conducted using statistical tools such as SPSS and Microsoft Excel, with an emphasis on regression analysis with moderation. The results indicate that when Baby Boomer tourists feel insecure about technology, they tend to not perceive its utility, impacting its acceptance. On the other hand, lower risk perceptions lead to an increase in perceived utility and, consequently, a greater intention to use technology in travel planning. The moderating role of risk perception in the relationship between perceived utility and intention to use is emphasized. The findings highlight the need for managers of smart destinations to consider the risks perceived by tourists, focus on diverse age groups, and implement strategies that address digital exclusion.

• Journal of the Korean Society of Safety
• /
• v.37 no.4
• /
• pp.120-128
• /
• 2022

Printed circuit boards (PCBs) are a basic component in the electronics industry and are widely used in nearly all electronic products, such as mobile phones, tablet computers, and digital cameras, as well as in electric equipment. PCB manufacturing involves the use of many chemicals and chemical processes and therefore has more risks than other manufacturing sectors. This study aims to identify the causes of possible accidents during PCB manufacturing through risk assessment, develop and implement safety measures, and evaluate the effectiveness of these measures. Note that the safety measures developed to mitigate the risks of a certain process were also implemented for other similar processes. The risk assessments conducted over seven years, from 2015 to 2021, at a PCB manufacturing company identified 361 hazardous processes. Between 2016 and 2019, 41-56 hazardous processes were identified per year; such processes decreased to fewer than 20 per year after 2020. Application of the risk assessment results to the improvement of the hazardous processes with the similar characteristics seems to be effective in decreasing the risks. Equipment-related factors such as lack of appropriate maintenance, low work standards, and defective protection devices were responsible for 59.8% of all possible accidents. Because PCB manufacturing involves many chemicals, skin contact with hazardous substances, electric shock, fire, and explosion were the most common types of possible accidents (81.7%). In total, 505 safety measures were implemented, including 157 related to purchase and improvement of equipment and devices for safety (31.1%), 147 related to the installation/modification of fire prevention facilities (29.1%), and 69 related to the use of standard electrical appliances (13.7%). Risk assessment conducted after implementing the safety measures showed that these measures significantly decreased risk; 247 processes (68.4%) had a risk level of 3, corresponding to "very low," and 114 processes (31.6%) showed a risk level of 4, corresponding to "low." In particular, risk assessment of 104 processes with risk scores of 12 and 10 other processes with risk score of 16 showed that the risk decreased to 4 after implementing the safety measures. Thus, implementing these measures in similar manufacturing sectors that involve chemical processes can mitigate risk.

• Journal of Digital Convergence
• /
• v.14 no.5
• /
• pp.485-491
• /
• 2016

The purpose of this study was to compare of the fall risk factors for elderly in the city. 62 people aged 65 years or older were classified as fallers and nonfallers based on experience of their falls in the previous year. By comparing the difference between the groups via evaluations of general characteristics, health related behavior and chronic disease, balance-related psychological (K-ABC) and physical measurement (BBS), depression (SGDS), and the correlations between the significant differences in variables were identified. According to the results, K-ABC, BBS, and SGDS are statistically significant differences between fallers and nonfallers (P<0.05). Also it has positive correlations between BBS and K-ABC (r=0.499) whereas negative correlation between K-ABC and SGDS(r=-0.472).

• Journal of Digital Convergence
• /
• v.10 no.8
• /
• pp.149-157
• /
• 2012

Recently, many corporations and public institutions are busy preparing and providing measures in dealing with new privacy information law. This study reviews privacy impact assessments in order to perform preventing and diagnosis against potential threats focus on the K-hospital case. The quality of protection in K-hospital shows that the corporations itself is 79.0, the system is 97.0, the life cycle of the privacy is 67.4 and CCTV is 90.0. The lowest levels are saving and keeping 50.0, usage and offer 64.1 and destruction 66.7 among the life cycle of the privacy. The result of risk analysis shows that the highest levels are controlling for privacy 11.0, saving and keeping 12.5 and destruction 13.0. From the result, dangerous duplications are saving and keeping and destructions.

• Journal of Digital Convergence
• /
• v.10 no.5
• /
• pp.89-103
• /
• 2012

This paper analyzed the effect of learning motivation and conation(endurance, effort) on the consultant' entrepreneurship(innovativeness, proactiveness, risk- taking) and competencies(ability, knowledge, attitude), and the mediating effect of the entrepreneurship on the consultant's competencies. The result shows that the learning motivation and conation have a positive impact on the partial factors of the consultant's entrepreneurship(innovativeness, proactiveness) and competencies(ability, knowledge), but not impact on the risk- taking and the attitude. Innovativeness and proactiveness have an positive impact on the consultant's competencies, but not the risk-taking. Innovation and proactiveness fully mediated the effect of learning motivation on the ability, and partially mediated on the knowledge. The effect of learning conation on the ability and knowledge was partially mediated by the innovation, not by the proactiveness. This study shows that the management of the learning motivation and conation, the education of entrepreneurship(innovativeness, proactiveness) are very important for the cultivating the consultant' competencies.