• Journal of the Korea Society of Computer and Information
• /
• v.23 no.11
• /
• pp.75-84
• /
• 2018

Social engineering attack means to get information of Social engineering attack means to get information of opponent without technical attack or to induce opponent to provide information directly. In particular, social engineering does not approach opponents through technical attacks, so it is difficult to prevent all attacks with high-tech security equipment. Each company plans employee education and social training as a countermeasure to prevent social engineering. However, it is difficult for a security officer to obtain a practical education(training) effect, and it is also difficult to measure it visually. Therefore, to measure the social engineering threat, we use the results of social engineering training result to calculate the risk by system asset and propose a attack graph based probability. The security officer uses the results of social engineering training to analyze the security threats by asset and suggests a framework for quick security response. Through the framework presented in this paper, we measure the qualitative social engineering threats, collect system asset information, and calculate the asset risk to generate probability based attack graphs. As a result, the security officer can graphically monitor the degree of vulnerability of the asset's authority system, asset information and preferences along with social engineering training results. It aims to make it practical for companies to utilize as a key indicator for establishing a systematic security strategy in the enterprise.

• Journal of Information Processing Systems
• /
• v.2 no.2
• /
• pp.95-100
• /
• 2006

While conventional business administration-based information technology management methods are applied to the risk analysis of information systems, no security risk analysis techniques have been used in relation to information protection. In particular, given the rapid diffusion of information systems and the demand for information protection, it is vital to develop security risk analysis techniques. Therefore, this paper will suggest an ideal risk analysis process for information systems. To prove the usefulness of this security risk analysis process, this paper will show the results of managed, physical and technical security risk analysis that are derived from investigating and analyzing the conventional information protection items of an information system.

• Proceedings of the Korean Geotechical Society Conference
• /
• 2010.03a
• /
• pp.279-290
• /
• 2010

Technical countermeasures against debris flow should be established upon the risk level of the target location. Risk of debris flow should consider the hazard imposed by debris flow and vulnerability of the facilities to debris flow. In this research, we have defined the target location for risk evaluation and suggested scoring method of hazard of debris flow and vulnerability of road to debris flow. By defining risk rank into 6 categories in terms of possibility of damage during rainfall and using the risk scores of 46 debris flow cases, we have suggested risk ranking matrix. The method can be used in ranking the drainage basin adjacent to road by simply determining the hazard with vulnerability score and can be used for planning the debris flow countermeasures.

• Biomedical Science Letters
• /
• v.23 no.3
• /
• pp.155-160
• /
• 2017

Biomedical laboratory is full of risks. Risk could be biological, chemical, radioactive, mechanical, physical, fire and electrical. All possible risks need to be identified, evaluated and controlled. A risk management system must be in place to prevent accident or loss of lives and to improve overall workplace safety and productivity. Safety in laboratory is a combination of appropriate risk management system, engineering controls and technical facilities, administrative controls and safety procedures and practices. Laboratory safety culture must be developed so that exposure to hazards for laboratory personnel, community and environment will be minimized or eliminated. In this review, importance of safety in a biomedical laboratory and risk management will be discussed.

• Asia pacific journal of information systems
• /
• v.17 no.1
• /
• pp.77-93
• /
• 2007

Risk has been considered as one of very important topics in traditional consumer behavior theoretically and practically since its tendency of minimizing errors rather than maximizing utilization in addition to its intuitive appealing with very high explaining power. In addition to a traditional view of risk, importance of risk in online transactions such as Internet banking is due to technical instability in security of the Internet as well as temporal and spatial separation of transaction partners. Therefore, risk in online transactions should be analyzed by a very comprehensive way since it is very inherent in the Internet. The objective of this study is to suggest a research model for explaining the use of online transactions in some risk related variables including risk results, security result, perceived security, and social influence and show its validity by applying it to Internet banking users. In result, hypotheses suggested by our research model are shown to be valid ones.

• Journal of the Korea Safety Management & Science
• /
• v.10 no.3
• /
• pp.43-53
• /
• 2008

This study is carried out for the fire safety of the factory building, the fire risk reduction measure in compliance with an example approached in fire risk reduction systematically, contribute to reduce the fire risk. The analytical fire risk process of discovering, identifying, estimating and evaluating risk and control measure as risk reduction measures are core concept, applies loss prevention with loss control techniques. The painting process in the workplace where the fire hazard and death accident accompanies coexists. Loss prevention problem of creation prevention of dangerous atmosphere at workplace is health and human services problem of normal circumstances, must be inspected with problem of combustible gases at the time of fire explosion. Static electricity measure accomplished the risk control process thoroughly as the fire risk reduction process model with the ignition sources measure which is presented. Fire risk from within organizing will be able to classify with each field by detailedly but risk treatment process will be able to apply basically all the same concept. Consequently about risk management example from before, this study is proposed risk management techniques that standardized rightly in the actual condition of organization with one plan, with discovery of fire risk, the feedback process in compliance with a fire risk reduction and the review which control the result is joint responsibility of engineer, technical expert and manager as part of safety management to practice with the fact must be supervised.

• Proceedings of the Korean Nuclear Society Conference
• /
• 2001.05a
• /
• pp.213-213
• /
• 2001

• Journal of Korea Society of Industrial Information Systems
• /
• v.22 no.1
• /
• pp.105-116
• /
• 2017

In this Paper, We Empirically Investigated what kind of Risks Exist that Drive high Failure rate of cloud Services, and whether Perception of such risks leads to the Adoption of the Abandonment Option of cloud Services. Such risk Perception is the Individual-level Factor, and we Empirically Tested whether Organizational Contexts such as CEO's Innovativeness and Dandwagon Effect can Moderate the Positive Effects of such Individual-level Risk Perception on the Adoption of Abandonment option. We Collected Survey data from IT Professionals Working for the Small and Medium-sized Companies near Seoul and found that the Perceived Technical Risk and Economic Risk Influence the Adoption of Abandonment Option. Out of two Organizational Contexts, only CEO's Innovativeness Moderates the Positive Influence of Technical Risk on the Adoption of Abandonment Option. Organizational Factors Demonstrated very Limited Moderation Effect on the Influence of Individual-level Perception of Cloud Service Risk on the Adoption of Abandonment Option.

• Pediatric Gastroenterology, Hepatology & Nutrition
• /
• v.25 no.5
• /
• pp.422-431
• /
• 2022

Purpose: At the beginning of the Coronavirus disease (COVID-19) epidemic, physicians paid close attention to children with chronic diseases to prevent transmission or a severe course of infection. We aimed to measure the severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2) antibody levels in children with chronic gastrointestinal and liver diseases to analyze the risk factors for infection and its interaction with their primary disease. Methods: This cross-sectional study analyzed SARS-CoV-2 antibody levels in patients with gastrointestinal and liver diseases (n=141) and in healthy children (n=48) between January and February 2021. Results: During the pandemic, 10 patients (7%) and 1 child (2%) had confirmed COVID-19 infection (p=0.2). The SARS-CoV-2 antibody test was positive in 36 patients (25.5%) and 11 children (22.9%) (p=0.7). SARS-CoV-2 antibody positivity was found in 20.4%, 26.6%, 33.3%, and 33.3% of patients with chronic liver diseases, chronic gastrointestinal tract diseases, cystic fibrosis, and liver transplantation recipients, respectively (p>0.05, patients vs. healthy children). Risk factors for SARS-CoV-2 antibody positivity were COVID-19-related symptoms (47.2% vs. 14.2%, p=0.00004) and close contact with SARS-CoV-2 polymerase chain reaction-positive patients (69.4% vs. 9%, p<0.00001). The use, number, and type of immunosuppressants and primary diagnosis were not associated with SARS-CoV-2 antibody positivity. The frequency of disease activation/flare was not significant in patients with (8.3%) or without (14.2%) antibody positivity (p=0.35). Conclusion: SARS-CoV-2 antibodies in children with chronic gastrointestinal and liver diseases are similar to that in healthy children. Close follow-up is important to understand the long-term effects of past COVID-19 infection in these children.

• Journal of the Korean Society of Systems Engineering
• /
• v.10 no.2
• /
• pp.71-79
• /
• 2014

To enhance success probability of a system development project, its overall risk level should be minimized through systematically managing schedules, costs, and technical performances. However, Attempts to manage technical performance compared to numerous efforts to control costs and schedules in such projects are deficient. Particularly, a space launch vehicle, a large complex system, development project is much less likely to meet its technical performance objectives due to its technological difficulty, along with schedule delay and cost overrun. The technical performance management (TPM) is a method for tracking and managing technical progress in order to achieve technical performance targets within schedule and budget. In this paper, we investigate applications of the TPM in several space launch vehicle development projects. Then we propose and validate the TPM process to achieve a successful mission in such projects.