• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.26 no.6A
• /
• pp.989-997
• /
• 2001

인터넷 시장규모 확대 및 이용환경의 급속한 변화로 인하여 인터넷 이용자에 관한 통계와 인터넷 환경에 관한 통계정보 요구는 증대되고 있다. 그러나 인터넷 환경에 관한 통계 정보 중에서 국내 호스트개수, 홈페이지 개수, 국제도메인의 국내 보유 개수 산출 등은 인터넷에 연결하는 이용기관의 보안 강화의 문제점과 전문 지능형 로봇에이전트 시스템의 부재 및 국제도메인 등록기관의 통계 비공개 등으로 국내에서 주기적으로 산출하는데 문제점이 부각되고 있다. 본 논문에서는 인터넷 관련 주요 통계정보의 정확한 산출·제시로 민간의 인터넷 산업에 대한 효과적인 투자 유도를 가능케 하기 위해서 인터넷 주요 통계 산출이 가능한 로봇에이전트 설계 기법을 제안하고 구현한다. 모듈은 로봇에이전트 프로세스 모듈, 통계산출 모듈, 관리 모듈 등으로 구성되었으며, 국내의 호스트 개수, 홈페이지 개수, .com 등 국제도메인의 국내 보유 개수 등을 정기적으로 산출되기 위한 알고리즘과 그 구현결과를 제시한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.2
• /
• pp.1049-1052
• /
• 2005

DRM은 디지털콘텐츠의 지적재산권이 디지털 방식에 의해서 안전하게 보호. 유지되도록 하여 디지털콘텐츠의 창작에서부터 소비에까지 이르는 모든 유통 시점에서 거래규칙과 사용규칙이 지속적이고 적법하게 성취되도록 하는 기술이다. DRM은 디지털 형태로 유통되는 문서, 음악, 비디오, 게임, 소프트웨어, 이미지 등의 각종 디지털 콘텐츠를 불법 복제로부터 안전하게 보호하고, 콘텐츠 서비스의 유료화를 가능케 하는 기술 및 서비스를 말한다. 또한, 콘텐츠 자체와 보안과 저작권 보호뿐만 아니라 콘텐츠의 생성${\cdot}$유통${\cdot}$사용${\cdot}$관리에 필요한 모든 프로세스를 제어할 수 있게 해준다. 본 논문에서 구현된 기술은 암호알고리즘을 사용하여 함수의 위치 및 내용에 쉽게 접근할 수 없고 소프트웨어의 불법적인 분석 시도를 어렵게 하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.705-706
• /
• 2009

본 논문은 향후 임베디드 단말 기기에 탑재되어 실행되는 응용 애플리케이션들이 제 3 자에 의해 개발되어 앱스토어를 통해 배포될 경우, 신뢰성 및 보안 문제 해결을 위해 제 3 자 개발자에 의해 개발된 애드온 애플리케이션들의 접근통제 메커니즘에 대해 연구하였다. 본 논문에서는 태스크-플로우 기반 메쏘드 접근제어 모델을 제시하고, X.509 기반의 권한 관리 구조를 통해 임베디드 단말에서 애드온 프로세스의 접근 통제를 위한 구조를 디자인하였다

• Archives of design research
• /
• v.11 no.1
• /
• pp.291-302
• /
• 1998

This paper covers the development process of multimedia evaluation system, especially focused on customer satisfactory factors while customers navigating net-based Interactive multimedia system. Customers usually experience new level of interaction cased by newly developed web-based technology In ordinary multimedia system. However, if it gives customers satisfactory experience is a matter of question. To find out the relationship between customer satisfaction and interactivity factors exposed by multimedia system, a model has been developed which describes the structure of web-based multimedia system and its relation to customer satisfactory factors. Five different experiments, including 'semantic differential', 'focus group interview', and 'expert review', has been conducted and four customer satisfactory factors were identified. Those are 'customery value', 'structural perfectness', 'visual perfectness', and 'contemporaneity'. With these factors and newly delveoped evaluation system, 7 different web-site has been evaluated and analyzed at the end of this report.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.3
• /
• pp.591-603
• /
• 2018

Windows Event Log is a format that records system log in Windows operating system and methodically manages information about system operation. An event can be caused by system itself or by user's specific actions, and some event logs can be used for corporate security audits, malware detection and so on. In this paper, we choose actions related to corporate security audit and malware detection (External storage connection, Application install, Shared folder usage, Printer usage, Remote connection/disconnection, File/Registry manipulation, Process creation, DNS query, Windows service, PC startup/shutdown, Log on/off, Power saving mode, Network connection/disconnection, Event log deletion and System time change), which can be detected through event log analysis and classify event IDs that occur in each situation. Also, the existing event log tools only include functions related to the EVTX file parse and it is difficult to track user's behavior when used in a forensic investigation. So we implemented new analysis tool in this study which parses EVTX files and user behaviors.

• Journal of Digital Convergence
• /
• v.16 no.12
• /
• pp.1-10
• /
• 2018

For local festivals to be successful, it is important to cooperate with various entities and effectively utilize festival-related resources. Recently, many efforts have been made to improve the operation and management performance of local festivals in Korea, but systematic management and IT support have been insufficient. In this study, the factors affecting the IT governance of local festivals were derived through a literature review and the relationship to the festival performance was analyzed empirically. A survey was conducted with local festival organizers and stake holders, and the research model was verified using the regression analysis with total 109 samples. According to the results of the analysis, it was confirmed that marketing, processes and service management have a significant effect on festival performance within IT governance. The effect of festival performance on resource management was not statistically significant. This study demonstrates that the systematic operation and management of local festivals using IT governance is necessary for local festivals. It will be more meaningful if further study discuss the IT utilization guidelines and success cases through the innovative use of IT for local festivals.

• Journal of Internet Computing and Services
• /
• v.2 no.5
• /
• pp.41-47
• /
• 2001

This paper deals with an EJB-based database agent(component) used to define workflow processes, which is a core function of the e-Chautauqua workflow management system that is an on-going research product. We describe about how to design and implement the EJB-based DB agent that is deployed on EJB server as a component. The agent is located between the build-time clients and the database system, and manages database accesses, such as retrieves and stores, from the workflow definition components. Through the EJB technology, we are able to accomplish a stable database agent that can be characterized by the distributed object management, reliable recovery mechanism from system failovers, reliable large-scale transaction management, and the security functions.

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.29-35
• /
• 2015

The network security encryption type is divided into two, one is point-to-point, second method is link type. The level of security quality attributes are a system security quality requirements in a networked environment. Quality attributes can be observed and should be able to be measured. If the quality requirements can be presented as exact figures, quality requirements are defined specifically setting quality objectives. Functional requirements in the quality attribute is a requirement for a service function which can be obtained through the encryption. Non-functional requirements are requirements of the service quality that can be obtained through the encryption. Encryption quality evaluation system proposed in this study is to derive functional requirements and non-functional requirements 2 groups. Of the calculating measure of the evaluation index in the same category, the associated indication of the quality measure of each surface should be created. The quality matrix uses 2-factor analysis of the evaluation for the associated surface quality measurements. The quality requirements are calculated based on two different functional requirements and non-functional requirements. The results are calculated by analyzing the trend of the average value assessment. When used this way, it is possible to configure the network security encryption based on quality management.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.909-928
• /
• 2020

From the early 1970s, the US government began to recognize that penetration testing could not assure the security quality of products. Results of penetration testing such as identified vulnerabilities and faults can be varied depending on the capabilities of the team. In other words none of penetration team can assure that "vulnerabilities are not found" is not equal to "product does not have any vulnerabilities". So the U.S. government realized that in order to improve the security quality of products, the development process itself should be managed systematically and strictly. Therefore, the US government began to publish various standards related to the development methodology and evaluation procurement system embedding "security-by-design" concept from the 1980s. Security-by-design means reducing product's complexity by considering security from the initial phase of development lifecycle such as the product requirements analysis and design phase to achieve trustworthiness of product ultimately. Since then, the security-by-design concept has been spread to the private sector since 2002 in the name of Secure SDLC by Microsoft and IBM, and is currently being used in various fields such as automotive and advanced weapon systems. However, the problem is that it is not easy to implement in the actual field because the standard or guidelines related to Secure SDLC contain only abstract and declarative contents. Therefore, in this paper, we present the new framework in order to specify the level of Secure SDLC desired by enterprises. Our proposed CIA (functional Correctness, safety Integrity, security Assurance)-level-based security-by-design framework combines the evidence-based security approach with the existing Secure SDLC. Using our methodology, first we can quantitatively show gap of Secure SDLC process level between competitor and the company. Second, it is very useful when you want to build Secure SDLC in the actual field because you can easily derive detailed activities and documents to build the desired level of Secure SDLC.

• Management & Information Systems Review
• /
• v.39 no.2
• /
• pp.39-60
• /
• 2020

Block chain technology is one of the core elements for realizing the 4^th industrial revolution, and many efforts have been made by government and companies to provide services based on block chain technology. In this study we analyzed the benefits of block chain technology for EVMS and designed EVMS block chain platform with increased data security and work efficiency for project management data, which are important assets in monitoring progress, foreseeing future events, and managing post-completion. We did the case studies on the benefits of block chain technology and then conducted the survey study on security, reliability, and efficiency of block chain technology, targeting 18 block chain experts and project developers. And then, we interviewed EVMS system operator on the compatibility between block chain technology and EVM Systems. The result of the case studies showed that block chain technology can be applied to financial, logistic, medical, and public services to simplify the insurance claim process and to improve reliability by distributing transaction data storage and applying security·encryption features. Also, our research on the characteristics and necessity of block chain technology in EVMS revealed the improvability of security, reliability, and efficiency of management and distribution of EVMS data. Finally, we designed a network model, a block structure, and a consensus algorithm model and combined them to construct a conceptual block chain model for EVM system. This study has the following contribution. First, we reviewed that the block chain technology is suitable for application in the defense sector and proposed a conceptual model. Second, the effect that can be obtained by applying block chain technology to EVMS was derived, and the possibility of improving the existing business process was derived.