• The Journal of the Korea institute of electronic communication sciences
• /
• v.6 no.6
• /
• pp.951-956
• /
• 2011

CAN communication developed for communication between electric control devices in vehicle, was recently applied to automatic breaking devices, and can also be applied to field bus for production automation. Recently, field bus is introduced in engine control etc., for large ship. In this paper, cabin access control system is implemented, based on CAN communication. The cabin access control system based on CAN communication consists of access control server, embedded system based on ARM9, and micro-controller built-in CAN controller. The access control server can be able to manage overall access control system by accessing with manager. And embedded system adopted ARM9 processor transmits access information of RFID reader controller connected with CAN networks to server, also performs access control. The embedded system carry CAN frames to server, so it is used as gateway.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.259-273
• /
• 2016

After realizing through the three large-scale data leakage incidents that intentional or accidental insider jobs are more serious than external intrusions, financial companies in Korea have been taking measures to prevent data leakage from occuring again. But, the IT system architecture reflecting the domestic financial environment is highly complicated and thereby difficult to grasp. It is obvious that despite administrative, physical, and technical controls, insider threats are likely to cause personal data leakage. In this paper, we present a process that based on metadata defines and manages personally identifiable attribute data, and that through inter-table integration identifies personal information broadly and controls access. This process is to decrease the likelihood of violating compliance outlined by the financial supervisory authority, and to reinforce internal controls. We derive and verify a decision-making model that reflects the proposed process.

• Korean Security Journal
• /
• no.20
• /
• pp.291-311
• /
• 2009

Amid intensified global competition, securing high technologies is becoming a prerequisite towards achieving developed nation status. Korea has made tremendous efforts into developing technologies for decades and it has now obtained a leading position in many fields. As a result, however, Korea has become a major target of industrial espionage and not a few Korean businesses have already suffered from it. In order to effectively counter industrial espionage, this research explores the use of polygraph security screening as an internal control method through literature review, and discusses matters which need to be considered before the introduction of it into Korea, focusing on the accuracy of security screening. Since polygraph security screening generates deterrent effect by increasing certainty and celerity of punishment, it makes a valuable contribution to the control of industrial espionage. However, the most important problem with the use of the polygraph in security screening is errors of the examination. Thus, polygraph security screening should be used as a part of comprehensive security management program to reduce the possibility of errors. In addition, because factors such as countermeasures and examiner's experience are known to influence the accuracy of the examination, the issues surrounding them should also be addressed.

• Proceedings of the KIEE Conference
• /
• 2001.11c
• /
• pp.456-458
• /
• 2001

본 논문은 가정 내나 소호용의 멀티미디어 게이트웨이 서버 시스템에 관한 것이다. 가정 내 컴퓨터 시스템의 보급률이 높아지고 그 활용에 대한 관심이 많아지고 있다. 현재는 가정 내까지 ADSL망이 들어와 있고 가정 내에나 소호에 컴퓨터 유사 시스템들이 사용되므로 이들을 연결하는 망의 구성이 필요하다 본 논문의 장비는 이러한 망의 구성과 내부에서 외부의 망으로 접근을 하는 방법을 제공할 뿐아니라 외부망에서 내부망을 접근하여 내부기기를 통제하는 서어비스에 관해서도 논한다. 또한 DVD나 DTV 등의 멀티미디어 서어비스에 관한 것도 논하기로 한다. 가정이나 소호에 관련한 장비로는 무선랜, 블루투스, HomePNA, IEEE1394, DVD, Ethernet 등으로 구성되며 PLC에 관해서도 간략하게 논하도록 한다. 이러한 멀티미디어 게이트웨이 서버는 인터넷 게이트웨이로서 뿐만아니라 서어비스 게이트웨이로서의 역할을 하게된다.

• Journal of the Speleological Society of Korea
• /
• no.88
• /
• pp.51-62
• /
• 2008

동굴내부의 지형변형은 동굴내의 외인적인 요인과 내인적인 요인에 의하여 발달된다. 외인적인 요인으로서 기후변동에 의한 기온의 변화와 침출수의 증감 및 외부 이입물질 등을 들 수 있으며, 내인적인 요인으로서는 암석의 공극율, 지질환경, 단층 및 습곡면의 형상, 절리 및 균열면의 유무, 동굴지천의 구배 및 유속, 층리간의 이종의 암석게재 여부 등을 들 수 있다. 동굴 시스템은 수문 물리화학적 요소에 의해 형성되며 외부 기준면 통제에 의해서 암석학, 구조학, 기후학, 생물학, 토양학 등과 밀접한 상태에서 의존적인 발달 과정을 가진다. 동혈 내부의 침식은 유수의 입력 경우 유출과정에서 형성되며, 또한 유수의 비 입력 경우유출 및 액체용액의 분출에 의해서 형성된다. 다수의 동굴학자들은 동굴은 계절마다 침수되거나 빨리 흐르는 홍수에 의한 폭우에 의해 epiphreatic 상태에서 간헐적으로 포화되는 과정을 거치며 선택적으로 발달한다고 주장하고 있다. 혼합지대 동굴의 가장 좋은 예는 현재의 카르스트 지역에서 나타나는 것이 아니라 과거 제4기의 200만년전 동안보다 해수면이 더 안정적이었던 때에 이루어진 고 카르스트(Paleo Karst)에서 발견되고 있다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1355-1362
• /
• 2012

As the utilization of cloud computing service rapidly increases to meet demands for various forms of service recently, the virtualization technology has made a rapid rise, further leading to some issues related to security, such as safety and reliability. As a system to provide environments what multiple virtual operating systems can be loaded, hypervisors may be a target of various attacks, such as control loss and authority seizure, since all the agents fcan be damaged by a malicious access to the virtualization layer. Therefore, this paper was conducted to investigate the access control for agents and suggest a plan to control malicious accesses to the cloud virtualization internal environment. The suggested technique was verified not to have effect on the performance of the system and environment through an analysis of its performance.

• Journal of Korea Technology Innovation Society
• /
• v.16 no.3
• /
• pp.605-629
• /
• 2013

The aim of this study is analyzing the factors and performance related to the entry control mode when a SME advances into the global market. For this, the strategic factor of the SME was divided into the enterprise capabilities consisting of technology commercial capability, internal capability, and global capability of enterprise and information capabilities that are the capabilities on the global market and on the advanced technology. In the empirical study, a total of 27 variables that include the control variables and the financial and non-financial variables as a performance variable was used. The hypothesis was also established for analyzing the effect of the entry strategies on the entry control mode and the effect of the mode on performance. Logistic regression was conducted for verifying the hypothesis, and Multiple regression analysis and T-test were carried out on the additional analysis related to the performance.

• Journal of Information Management
• /
• v.32 no.1
• /
• pp.23-49
• /
• 2001

The purpose of this study is to examine how corporate names are treated in the OPACs in Korea, and to find out how well the authority control is implemented. A corporate body often has different names and different forms of names which should be properly linked in the OPACs. Without the help of either references or internal links among such names and forms of names in the OPACs, users are likely to fail in getting the right results, In this study, the OPACs from the five major libraries, the National Assembly Library, KISTI, Yonsei University, the National Central Library, and the KERIS were examined. Major common findings include (1) the lack of consistency in applying cataloging rules, (2) the lack of proper authority control in treating corporate names, and (3) the lack of references or links among names and variant forms of names. Because of the small scale of this study, more comprehensive and thorough study seems to be needed. However, the overall improvement of cataloging practices and application of authority control is strongly suggested, based upon the findings.

• Journal of Intelligence and Information Systems
• /
• v.17 no.1
• /
• pp.71-90
• /
• 2011

This study was designed to empirically analyze the effect of control activities(physical, managerial and technical securities) of information protection on organizational effectiveness and the mediating effects of information application. The result was summarized as follows. First, the effect of control activities(physical, technical and managerial securities) of information protection on organizational effectiveness showed that the physical, technical and managerial security factors have a significant positive effect on the organizational effectiveness(p < .01). Second, the effect of control activities(physical, technical and managerial securities) of information protection on information application showed that the technical and managerial security factors have a significant positive effect on the information application(p < .01). Third, the explanatory power of models, which additionally put the information protection control activities(physical, technical and managerial securities) and the interaction variables of information application to verify how the information protection control activities( physical, technical and managerial security controls) affecting the organizational effectiveness are mediated by the information application, was 50.6%~4.1% additional increase. And the interaction factor(${\beta}$ = .148, p < .01) of physical security and information application, and interaction factor(${\beta}$ = .196, p < .01) of physical security and information application among additionally-put interaction variables, were statistically significant(p < .01), indicating the information application has mediated the relationship between physical security and managerial security factors of control activities, and organizational effectiveness. As for results stated above, it was proven that physical, technical and managerial factors as internal control activities for information protection are main mechanisms affecting the organizational effectiveness very significantly by information application. In information protection control activities, the more all physical, technical and managerial security factors were efficiently well performed, the higher information application, and the more information application was efficiently controlled and mediated, which it was proven that all these three factors are variables for useful information application. It suggested that they have acted as promotion mechanisms showing a very significant result on the internal customer satisfaction of employees, the efficiency of information management and the reduction of risk in the organizational effectiveness for information protection by the mediating or difficulty of proved information application.

• Journal of KIISE:Computer Systems and Theory
• /
• v.32 no.10
• /
• pp.512-519
• /
• 2005

E-BLP security model considers the reliability of the processes that are real subjects in systems. This paper deals with the implementation of the E-BLP model for secure embedded systems. Implemented EBSM(E-BLP Based Security Module) consists of three components: identification and authentication, access control and BRC(Dynamic Reliability Check) that checks the process behavior dynamically. Access Control of EBSM ensures unreliable processes not to access the sensitive objects and the DRC detects the buffer overflow attack by normal user. Besides, the performance overhead of the embedded system applying the EBSM is introduced.