• Journal of Information Processing Systems
• /
• 제16권1호
• /
• pp.61-82
• /
• 2020

The security risk management used by some service providers is not appropriate for effective security enhancement. The reason is that the security risk management methods did not take into account the opinions of security experts, types of service, and security vulnerability-based risk assessment. Moreover, the security risk assessment method, which has a great influence on the risk treatment method in an information security risk assessment model, should be security risk assessment for fine-grained risk assessment, considering security vulnerability rather than security threat. Therefore, we proposed an improved information security risk management model and methods that consider vulnerability-based risk assessment and mitigation to enhance security controls considering limited security budget. Moreover, we can evaluate the security cost allocation strategies based on security vulnerability measurement that consider the security weight.

• 디지털산업정보학회논문지
• /
• 제14권3호
• /
• pp.11-20
• /
• 2018

Smart devices refer to various devices and control equipment such as health care devices, imaging devices, motor devices and wearable devices that use wireless network communication (e.g., Wi-fi, Bluetooth, LTE). Commercial services using such devices are found in a wide range of fields, including home networks, health care and medical services, entertainment and toys. Studies on smart devices have also been actively undertaken by academia and industry alike, as the penetration rate of smartphones grew and the technological progress made with the fourth industrial revolution bring about great convenience for users. While services offered through smart devices come with convenience, there is also various security threats that can lead to financial loss or even a loss of life in the case of terrorist attacks. As attacks that are committed through smart devices tend to pick up where attacks based on wireless internet left off, more research is needed on related security topics. As such, this paper seeks to design an access control method for reinforced security for smart devices. After registering and authenticating the smart device from the user's smart phone and service provider, a safe communication protocol is designed. Then to secure the integrity and confidentiality of the communication data, a management process such as for device renewal or cancellation is designed. Safety and security of the existing systems against attacks are also evaluated. In doing so, an improved efficiency by approximately 44% compared to the encryption processing speed of the existing system was verified.

• 대한전기학회:학술대회논문집
• /
• 대한전기학회 2008년도 제39회 하계학술대회
• /
• pp.203-204
• /
• 2008

Power IT is very important infrastructure in the country. In general, Power IT is disclosed to cyber attacks. To enhance cyber security in Power IT area, first of all, vulnerability in the area should be defined. In this paper, we consider the cyber security vulnerability in Power IT and introduce the vulnerability. Also, we suggest the research areas for enhancing cyber security in Power IT.

• 해양환경안전학회지
• /
• 제19권1호
• /
• pp.45-51
• /
• 2013

해상 및 해안에서 공경비를 보조하고 민간경비수요에 부응하는 고품질 경비서비스를 제공할 수 있는 민간경비제도 도입을 위한 기초연구로 육상 민간경비업의 현황과 경비지도사 제도를 분석하였다. 또한 해양민간경비 대상영역 탐색과 해양경비 현황분석을 통하여 해양영역에 민간경비서비스 제도의 도입 필요성 및 해양경비의 특수성과 전문성을 도출하였다. 이를 바탕으로 해양경비 현장에서 중추적인 역할과 업무를 담당할 해양경비사 제도를 제안하고 효과적인 해양경비업무 수행에 필요한 해양경비사 자격 조건과 선발시험 과목을 구성하였으며, 경비현장의 실무능력 향상을 위한 교육 프로그램을 설계하였다. 해양경비법에 해양경비업 조항 신설을 제안하여 해양경찰이 해양민간경비를 감독하고 관리함으로써 공경비와 사경비의 시너지 효과 창출은 물론 해양경비산업의 건전한 발전과 국제경쟁력을 갖출 수 있는 기반을 마련하였다.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2012년도 춘계학술대회
• /
• pp.456-460
• /
• 2012

개인정보보호법이 2012년 3월 30일 시행을 하였다. 일반적으로 개인정보를 관리하는 DB서버는 보안을 강화하기 위한 보안시스템을 갖추고 있으나, PC에서는 개인정보보호를 위한 취약점 분석과 보안성 자가진단에 대한 연구가 필요하다. 본 논문에서는 PC에서 개인정보보호 관련 정보를 검색하고, 암호화하여 보안성을 강화하고 삭제대상 파일은 복구 불가능하게 삭제한다. PC에서 검색된 취약성 분석은 사용자계정점검, 공유폴더점검, 서비스 방화벽 점검, 화면보호기, 자동패치업데이트를 점검한다. 점검 후에 취약점에 관한 정량화 분석과 표현을 통해, 보안성 강화를 위한 점검리스트을 작성해서 보여주고, PC보안 관리를 반자동화하여 서버에서 관리하여 작동시킨다. 본 논문을 통해 PC개인정보보호와 PC보안강화로 국민의 경제적 피해와 고충을 줄이는데 기여할 것이다.

• 한국항공운항학회지
• /
• 제26권3호
• /
• pp.55-65
• /
• 2018

The SBD systems have made it possible that all boarding procedures are completed by passengers. With the SBD, air tickets can be issued and baggage can be consigned without the help of airline officers. This way, the SBD can improve the passenger circulation speed as well as decrease the time for passengers to wait for check-in, which is connected to the reduction of airlines' operaitonal costs. However, given that the SBD is a new technology, it has potentials to be used as a tool for air terrorism. This study purposes to determine methods to enhance the security and operation of SBD systems. With the aim, this paper investigated the existing literature on SBDs, self-check-in, airport security, air terrorism, risk management, aviation accidents, and information security. In order to compile real-time information about the SBD operations, twelve airports in North America, Europe, and Asia were analyzed based on existing studies on international SBD trends.

• International Journal of Computer Science & Network Security
• /
• 제21권3호
• /
• pp.275-286
• /
• 2021

As a result of the vast amount of data that is geographically found in different locations. Distributed data mining (DDM) has taken a center stage in data mining. The use of mobile agents to enhance efficiency in DDM has gained the attention of industries, commerce and academia because it offers serious suggestions on how to solve inherent problems associated with DDM. In this paper, a novel DDM model has been proposed by using a mobile agent to enhance efficiency. The main idea behind the model is to use the Naive Bayes algorithm to give the mobile agent the ability to learn, compare, get and store the results on it from each server which has different datasets and we found that the accuracy increased roughly by 0.9% which is our main target.

• International Journal of Computer Science & Network Security
• /
• 제21권9호
• /
• pp.41-50
• /
• 2021

Cloud computing is one of the most expanding technologies nowadays; it offers many benefits that make it more cost-effective and more reliable in the business. This paper highlights the various benefits of cloud computing and discusses different cryptography algorithms being used to secure communications in cloud computing environments. Moreover, this thesis aims to propose some improvements to enhance the security and safety of cloud computing technologies.

• 한국항해항만학회지
• /
• 제29권7호
• /
• pp.619-625
• /
• 2005

The security vulnerabilities in Korea maritime domain were mentioned and analysed with the static data of crimes relating to maritime security. The counterterrorism and initiatives to reduce the security risk and to minimize the damage are introduced and evaluated. The maritime security strategy and the near term initiatives to enhance the non-military security at Korean sea and ports are proposed in order to response maritime security threats economically, efficiently and safely.

• ETRI Journal
• /
• 제37권2호
• /
• pp.428-437
• /
• 2015

This study was conducted to analyze the effect of information security activities on organizational performance. With this in mind and with the aim of resolving transaction stability in the securities industry, using an organization's security activities as a tool for carrying out information security activities, the effect of security activities on organizational performance was analyzed. Under the assumption that the effectiveness of information security activities can be bolstered to enhance organizational performance, such effects were analyzed based on Herzberg's motivation theory, which is one of the motivation theories that may influence information protection activities. To measure the actual attributes of the theoretical model, an empirical survey of the securities industry was conducted. In this explorative study, the proposed model was verified using partial least squares as a structural equation model consisting of IT service, information security, information sharing, transaction stability, and organizational performance.