• 한국방재안전학회논문집
• /
• 제13권1호
• /
• pp.41-50
• /
• 2020

전문건설 업체의 안전보건경영시스템 도입·구축·운용은 안전시스템 도입과 운영 과정에 소요되는 비용이 발생하는 문제가 있다. 그리고 건설 안전 분야 기술 인력을 보유하지 못한 열악한 환경에서 안전시스템 구축 및 인증 취득 및 정착으로의 선순환 체계 구축이 쉽지 않은 실정이다. 이 논문의 목적은 건설업 안전보건경영시스템 관련 문헌을 조사·검토하고 실태 등 다양한 연구 동향을 분석하는 데 있다. 이를 통하여 건설업 안전보건경영시스템 구축 및 인증을 취득하고자 하는 전문건설 업체와 인증 취득 후 사후심사 및 연장심사를 이행 중인 전문건설업체의 안전보건경영시스템 수준 향상을 위한 방안을 모색하는데 있다.

• 대한전자공학회:학술대회논문집
• /
• 대한전자공학회 2000년도 ITC-CSCC -2
• /
• pp.735-738
• /
• 2000

The most important issue in database security is correct concurrency control under the restrictive security policy. The goal of secure transaction management is to keep security and provide many concurrent users with the high availability of database. In this paper, we consider the security environment of multidatabase system with replicated data. The read-from relationship in the existed serializability is improper in security environment. So, we define new read-from relationship and propose new secure 1-copy quasi-seriailzability by utilizing this relationship and display some examples. This security environment requires both the existed local autonomy and the security autonomy as newly defined restriction. To solve covert channel problem is the most difficult issue in developing secure scheduling scheme. The proposed secure 1-copy quasi-serializability is very proper for global transactions in that this serializability not violates security autonomy and prevents covert channel between global transactions.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2012년도 춘계학술대회
• /
• pp.439-441
• /
• 2012

The use of a mobile agent in hospital environment offers an opportunity to deliver better services for patients and staffs. Furthermore, medical errors will be reduced because M-health system helps to verify the medical process. Optimized security protocols and mechanisms are employed for the high performance and security. Finally, a challenge in the near future will be converge the integration of Ubiquitous Sensor Network (USN) with security protocols for applying the hospital environment. We proposed secure authentication and protocol with Mobile Agent for ubiquitous sensor network under healthcare system surroundings.

• 디지털융복합연구
• /
• 제12권7호
• /
• pp.133-145
• /
• 2014

최근 병원정보시스템은 병원 경영을 위한 다양한 서비스, 진료 활성화와 진료의 질 향상을 위하여 대용량의 데이터베이스를 보유하게 되었다. 하지만, 병원정보시스템에 대한 정보보호대책은 미흡한 편이다. 따라서, 병원정보시스템 구축할 때, 정보보호에 대한 대책을 적절하게 마련하여 정보보호 감리를 수행하여야 하며, 위험관리를 통한 정보보호 수준을 유지할 수 있도록 정보보호 관리체계(ISMS)를 수립하고 관리해야 한다. 본 논문에서는 병원정보시스템, 정보보호관리체계, 병원정보 보호 요구사항 및 위협요소를 근거로 병원정보시스템에 적합한 정보보호 감리모형을 제안하였다. 감리모형에서는 의료기관의 특성이 잘 반영되어 있는 ISO27799와 비교하여 점검항목들을 도출하였다. 보안영역은 물리적, 기술적, 관리적 영역으로 분류하고 각각에 세부적으로 정보보호 항목들을 도출하였다. 또한 ISO27799의 위험관리 절차에 따라 점검항목을 매핑함으로써 보안성과 효율성을 동시에 향상시킬 수 있도록 설계하였다. 제안한 감리모형은 IT 전문가들의 5점 척도 설문 조사 결과 평균 4.91점으로 나타나 적합하다는 결론이 도출되었다.

• Journal of Information Processing Systems
• /
• 제15권2호
• /
• pp.239-250
• /
• 2019

An individual's health data is very sensitive and private. Such data are usually stored on a private or community owned cloud, where access is not restricted to the owners of that cloud. Anyone within the cloud can access this data. This data may not be read only and multiple parties can make to it. Thus, any unauthorized modification of health-related data will lead to incorrect diagnosis and mistreatment. However, we cannot restrict semipublic access to this data. Existing security mechanisms in e-health systems are competent in dealing with the issues associated with these systems but only up to a certain extent. The indigenous technologies need to be complemented with current and future technologies. We have put forward a method to complement such technologies by incorporating the concept of blockchain to ensure the integrity of data as well as its provenance.

• 디지털산업정보학회논문지
• /
• 제14권3호
• /
• pp.11-20
• /
• 2018

Smart devices refer to various devices and control equipment such as health care devices, imaging devices, motor devices and wearable devices that use wireless network communication (e.g., Wi-fi, Bluetooth, LTE). Commercial services using such devices are found in a wide range of fields, including home networks, health care and medical services, entertainment and toys. Studies on smart devices have also been actively undertaken by academia and industry alike, as the penetration rate of smartphones grew and the technological progress made with the fourth industrial revolution bring about great convenience for users. While services offered through smart devices come with convenience, there is also various security threats that can lead to financial loss or even a loss of life in the case of terrorist attacks. As attacks that are committed through smart devices tend to pick up where attacks based on wireless internet left off, more research is needed on related security topics. As such, this paper seeks to design an access control method for reinforced security for smart devices. After registering and authenticating the smart device from the user's smart phone and service provider, a safe communication protocol is designed. Then to secure the integrity and confidentiality of the communication data, a management process such as for device renewal or cancellation is designed. Safety and security of the existing systems against attacks are also evaluated. In doing so, an improved efficiency by approximately 44% compared to the encryption processing speed of the existing system was verified.

• 한국직업건강간호학회지
• /
• 제18권1호
• /
• pp.106-115
• /
• 2009

Purpose: Occupational stress is a determinant risk factor for cardiovascular disease and work disability. This study aims to describe occupational stress and identify its related factors among aged security guards. Methods: A random sample of 76 aged security guards were interviewed by three research assistants. The criteria of the subjects were as follows : 50 or older male with 40 or more working hours a week working with colleagues ranged from 3 to 50. The data were collected in September, 2007 and analyzed by multiple regression using SAS Version 9.1. Results: The mean score of occupational stress among aged security guards was 47.2. The mean scores of its sub-scales were 31.3(physical environment), 33.8(occupational demand), 80.8occupational control), 44.6(interpersonal conflict), 51.3 (occupational insecurity), 53.6(occupational system), 57.5(lack of reward), and 30.3(work environment). The scores of occupational control, interpersonal conflict, and occupational insecurity were higher than the scores of Korean average occupational stress sub-scales. Significant variables affecting occupational stress and its sub-scales were work place, work type, and employment type. Conclusion: In order to reduce occupational stress among security guards, sufficient occupational control and interpersonal conflict control, appropriate reward, and employment stability should be considered. Also long working hours and work shift should be improved.

• 융합보안논문지
• /
• 제23권1호
• /
• pp.79-87
• /
• 2023

개인 건강정보, 유전자정보, 임상정보 등을 활용한 정밀의료(Precision Medicine)는 차세대 의료산업으로 성장하고 있다. 국내에는 의료기관과 정보통신 기업이 협력하여 지난 5년간 약 90여개 1차 의료기관을 대상으로 클라우드 기반 정밀의료 병원정보시스템(P-HIS)을 보급하였으며, 향후 4년간 1·2차 의료기관을 중심으로 보급 및 확산을 진행하고 있다. 정밀의료는 사람의 건강과 생명에 직결되기 때문에 정보보호 및 보건의료정보 보호 문제가 매우 중요하다. 이에 따라, 본 논문에서는 클라우드 기반의 정밀의료 병원정보시스템에서 활용 가능한 정보보호 모델의 선행연구 분석을 통하여 최종적으로 정밀의료 병원정보시스템(P-HIS)의 정보보호 개선 방안을 연구 제안한다.

• 융합보안논문지
• /
• 제16권7호
• /
• pp.51-59
• /
• 2016

기업의 정보시스템에 대한 내 외부의 위협이 증가되고 있으며 이를 감소시키기 위해 많은 돈과 인력을 투자하고 있다. 하지만 이러한 투자에도 불구하고 보안위협과 사고는 지속적으로 발생하고 있다. 본 연구는 기업의 사고 방지를 위한 다양한 정보보호 활동을 예방 지향적과 억제 지향적으로 구분하고 건강신념모델을 이용하여 기업의 정보보안 활동이 구성원들에게 어떤 영향을 미치고 정보보안 정책을 준수하도록 하는지 연구하였다. 연구결과 예방 지향적 활동은 심각성에, 억제 지향적 활동은 유익성에 유의미한 영향을 주고, 심각성과 유익성은 각각 준수의도에 영향을 주었다. 이러한 결과로 미루어보아, 기업에서 교육, 홍보, 모니터링 등 사전적인 활동을 시행할 경우 미 준수로 발생할 수 있는 부정적인 결과에 대해 강조하여야 하며, 감사, 처벌 등 사후적인 활동을 통해 보안을 유지하고자 할 경우 기업의 의지를 보임으로써 보안 정책을 준수하는 것이 유익할 것이라는 판단을 구성원 스스로 하도록 하는 것이 더욱 효과적인 정보보안 활동이 될 것이다.

• 인터넷정보학회논문지
• /
• 제18권6호
• /
• pp.75-84
• /
• 2017

As there has been growing interests in PHR-based personalized health management project, various institutions recently explore safe methods of recording personal medical and health information. In particular, innovative medical solution can be realized when medical researchers and medical service institutes can generally get access to patient data. As EMR data is extremely sensitive, there has been no progress in clinical information exchange. Moreover, patients cannot get access to their own health data and exchange it with researchers or service institutions. It can be operated in terms of technology, yet policy environment are affected by state laws as well as Privacy and Security Policy. Blockchain technology-independent, in transaction, and under test-is introduced in the medical industry in order to settle these problems. In other words, medical organizations can grant preliminary approval on patient information exchange by using the safely encrypted and distributed Blockchain ledger and can be managed independently and completely by individuals. More apparently, medical researchers can gain access to information, thereby contributing to the scientific advance in rare diseases or minor groups in the world. In this paper, we focused on how to manage personal medical information and its protective use and proposes medical treatment exchange system for patients based on a permissioned Blockchain network for the safe PHR operation. Trusted Model for Sharing Medical Data (TMSMD), that is proposed model, is based on exchanging information as patients rely on hospitals as well as among hospitals. And introduce medical treatment exchange system for patients based on a permissioned Blockchain network. This system is a model that encrypts and records patients' medical information by using this permissioned Blockchain and further enhances the security due to its restricted counterfeit. This provides service to share medical information uploaded on the permissioned Blockchain to approved users through role-based access control. In addition, this paper presents methods with smart contracts if medical institutions request patient information complying with domestic laws by using the distributed Blockchain ledger and eventually granting preliminary approval for sharing information. This service will provide an independent information transaction and the Blockchain technology under test will be adopted in the medical industry.