• Journal of the Institute of Electronics and Information Engineers
• /
• v.53 no.8
• /
• pp.107-112
• /
• 2016

Safety Critical Instrumentation and Control Systems perform those functions to maintain nuclear power plants' parameters within acceptable limits established for a design basis events and anticipated operating occurrence to ensure safety function. Those digitalized systems shall protect inadvertent and non-malicious behavior to ensure the reliable operation of systems, known as a Secure Development and Operational Environment(SDOE). SDOE would be established through managerial and technical controls. The objective of this paper is to evaluate the effectiveness of Cyclic Redundancy Checksum diagnostic, which is one of technical controls for SDOE, that can confirm the integrity of software of I&C systems to establish the secure environment. The results of this assessment would be the practical implementation of design and safety review of nuclear I&C systems.

• Journal of Advanced Navigation Technology
• /
• v.28 no.1
• /
• pp.27-36
• /
• 2024

In this paper, we analyze the unified requirements of international association of classification societies - cyber resilience of ships, ahead of implementation of the agreement on July 1, 2024, and respond to ship cyber security and resilience programs based on 5 requirements, 17 details, and documents that must be submitted or maintained according to the ship's cyber resilience,. Measures include document management such as classification certification documents and design documents, configuration of a network with enhanced security, establishment of processes for accident response, configuration management using software tools, integrated network management, malware protection, and detection of ship network security threats with security management solutions. proposed a technology capable of real-time response.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.11a
• /
• pp.702-705
• /
• 2017

최근 들어 개인정보 보호의 중요성에 대한 인식이 높아지고 있다. 개인정보 위협 요소 증가 및 유출 사고 증가 등으로 개인정보 보호 필요성이 높아지고 있으며, 개인정보보호법 발효 및 시행에 따른 기술적 보호 마련을 위하여 외국계 카드 발행사에서 지속적으로 PCI DSS(Payment Card Industry Data Security Standard)의 준수를 요청하고 있다. 카드 소유자의 데이터를 전송, 처리, 저장하는 환경에 대한 인증으로 적격업체 선정의 자격을 주기도 한다. 이러한 보안성 심의 기준이 강화되고 있으나 DB 암호화 제품인 TDE(Transparent Data Encryption) 방식의 암호화 방법은 암호화 기능 이외에 접근제어, 키 기밀성 보장을 위한 옵션의 추가 도입 검토가 필요하며, 서비스를 위해서 DB 전용 메모리 영역(SGA)의 Buffer Cache에 평문(Plain Text)으로 복호화한 후 로드하여 사용하므로 예상치 못한 또 다른 심각한 데이터 유출의 위험이 있다. 본 논문에서는 개인정보 암호화 방법을 연구하고 구현과정에서 발생한 문제에 대한 해결 과정을 설명하였다.

• Spatial Information Research
• /
• v.17 no.4
• /
• pp.463-468
• /
• 2009

Geospatial interoperability has been pursued by propagating international standards and OGC standards. The NGIC, GeoConnection and other catalogue services are reviewed with aspect to metadata and search functions. Detailed metadata could be driven to users after finding what they want to have. Criteria for search were not fully overlapped with metadata, as simple and typical searches are prevailing. OGC catalogue service standards were made but catalogue services in Korea have been implemented in their own ways, not fully compliance-tested. Different domain technologies have been developed regardless of geospatial service, the relationship and integration methods between catalogue services and other core technologies are reviewed in the form of a pair table. Other issues in geospatial service were discussed in the level of raising issues.

• Journal of Digital Convergence
• /
• v.8 no.2
• /
• pp.189-202
• /
• 2010

Although e-Finance has become more and more prevalent in everyday life, with the development of information technology, further development of e-Finance and commercial transactions has been limited. Therefore it is important for financial institutions to be aware of the significance of e-Finance risk and take appropriate actions. And an effective risk management function relies on a well-defined organization structure to eliminate gaps and minimize overlaps in risk management duties, responsibilities, and authorities. It defines and assigns risk management responsibilities, authorities, and accountabilities to appropriate personnel. The adequate organization of the risk management function is very important in the success of risk management.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.10a
• /
• pp.160-163
• /
• 2019

4차 산업혁명의 시대가 도래함에 따라 자율주행자동차 및 인공지능(Artificial Intelligent; AI) 로봇의 법적 지위와 민·형사법적 문제 해결을 위한 법제도 도입의 필요성이 제기되고 있다. 본 연구는 법제도 마련과 함께 준비되어야 할 기술적 패러다임으로서 AI 법인 및 블록체인 기반 AI 법인 시스템을 제안한다. 이 시스템에서는 특정 업무를 수행하는 AI 로봇 (하드웨어 또는 소프트웨어)이 정부의 엄격한 검증 및 테스트 기준에 따라 심사 및 인증을 받고, 그것의 정보, 인증 내용 및 알고리즘 코드가 임의로 조작될 수 없도록 암호화되어 블록체인에 기록된다. AI 로봇의 하드웨어 및 소프트웨어가 AI 법인으로서 정부의 인증을 받기 위해서는, 주요 업무 수행 및 네트워크 접근이 블록체인에 기록되고, 법인 시스템의 승인 없이는 작동될 수 없도록 하드웨어 또는 소프트웨어가 프로그래밍 되어 있어야 한다. 블록체인은 불변성과 보안성이 우수한 세계적으로 공유된 분산 데이터베이스이므로, 블록체인 기반 AI 법인 시스템을 국가적 정보시스템으로 도입하면 자율주행자동차 및 각종 AI 로봇의 상용화가 가져올 국내외적 문제와 혼란들을 대비하는데 큰 도움이 될 것이다.

• The Journal of Society for e-Business Studies
• /
• v.19 no.4
• /
• pp.135-150
• /
• 2014

As the collection and use of personal information increases, the accidents that abuse and leak personal information are continuously increasing. The nation has established new laws and strengthened related laws for the prevention of the mass leakage of personal information and the secondary damage due to the leaked personal information. The nation also established the guidelines that need to be implemented by the institutions handling personal information for the safety of the personal information. For the efficient implementation of guidelines under the limited time and resources, it is necessary to establish the priorities between guidelines. This paper compares the relative importance of the guidelines by AHP (Analytic Hierarchy Process) technique. We performed the analysis on two expert groups, the group of consultants working in information security consulting company and the group of information security staffs handling personal information directly in the company. We compared the differences between groups and recommended the relative importances of the guidelines.

• Convergence Security Journal
• /
• v.13 no.5
• /
• pp.97-105
• /
• 2013

It is very important the government project should be supported by enough budget for proceeding. The insufficient budget by poor budget estimating uesd to bring about discontinuing for the project. This is originally caused by inaccuracy for cost estimating about system and evaluating for system requirements on the projet initial phase. The system requirements is technical requirements that converted the user needs and is needs for communicating between stakeholder and developer and manufacturer. Also the system requirements is the primary factor to make the project cost. The cost estimating is not easy due to complication of cost factors and an aberration between cost estimating and actual cost. Specially, on the project initial phase, shortage of detail information for project make more difficult to do cost estimating. This study proposes the architecture for validating proper system requirements by using cost estimations methodology on the project initial phase and shows the computer tool for simulating the proposed architecture.

• Convergence Security Journal
• /
• v.18 no.1
• /
• pp.85-91
• /
• 2018

In this study, we design a marine environmental information service system with satellite images based on satellite images to reduce the damage caused by changes in the marine environment. The system provides satellite oceanographic information such as water temperature, chlorophyll, float, etc. as hierarchical texts, which is implemented as a unit module Web service so that it can be expanded in OpenAPI environment. And stability of system plug-in portability, service hours, data extraction precision and speed are used as a basis for diagnosing service stability. By securing the function and performance of the service system implemented in this study, it can be expanded to a complex technology that can customize the users by group by adding not only general services of existing systems operated by location but also information about a specific interested areas. Especially, various other items of interest including marine environment information are developed in modules, so we expect to be able to expand and service the system by plugging into the system and to spread it in technical linkage with the related institution information system.

• The Journal of Bigdata
• /
• v.8 no.1
• /
• pp.111-129
• /
• 2023

With the diffusion of digital innovation, the adoption of innovative medical technologies based on artificial intelligence is increasing in the medical field. This is driving the launch and adoption of AI-based SaMD(Software as a Medical Device), but there is a lack of research on the factors that influence the adoption of SaMD by medical institutions. The purpose of this study is to identify key factors that influence medical institutions' decisions to adopt AI-based SaMDs, and to analyze the weights and priorities of these factors. For this purpose, we conducted Delphi surveys based on the results of literature studies on technology acceptance models in healthcare industry, medical AI and SaMD, and developed a research model by combining HOTE(Human, Organization, Technology and Environment) framework and HABIO(Holistic Approach {Business, Information, Organizational}) framework. Based on the research model with 5 main criteria and 22 sub-criteria, we conducted an AHP(Analytical Hierarchy Process) analysis among the experts from domestic medical institutions and SaMD providers to empirically analyze SaMD adoption factors. The results of this study showed that the priority of the main criteria for determining the adoption of AI-based SaMD was in the order of technical factors, economic factors, human factors, organizational factors, and environmental factors. The priority of sub-criteria was in the order of reliability, cost reduction, medical staff's acceptance, safety, top management's support, security, and licensing & regulatory levels. Specifically, technical factors such as reliability, safety, and security were found to be the most important factors for SaMD adoption. In addition, the comparisons and analyses of the weights and priorities of each group showed that the weights and priorities of SaMD adoption factors varied by type of institution, type of medical institution, and type of job in the medical institution.