• Proceedings of the Korean Society of Disaster Information Conference
• /
• 2023.11a
• /
• pp.41-42
• /
• 2023

항공편과 승객의 흐름을 효율적으로 처리하기 위한 디지털 시스템에 대한 의존도 증가와 승객용 기내 와이파이 서비스 등으로 인해 민간항공의 사이버 보안 취약성은 매년 증가하고 있는데 비해 공항에 대한 무장 공격, 항공기에 폭발물 설치 및 납치와 같은 전통적인 테러에 맞춰 마련된 항공보안 관련 국제협약은 사이버 위협에 직접적으로 적용하기 어렵다는 문제를 갖고 있다. 본 연구는 민간항공에 대한 사이버 공격의 예방 및 기소와 관련된 국제협약의 적정성을 검토한 후, 사이버 위협 대응을 위한 기존 국제협약 체계, 잠재적 차이 해석 등을 중점적으로 분석하여 민간항공의 안전을 위협하는 불법방해행위로부터 중요정보 및 시스템을 보호하는 항공 사이버 보안 국제표준 마련 및 이행 촉진을 강조하고자 한다.

• Annual Conference of KIPS
• /
• 2024.05a
• /
• pp.902-904
• /
• 2024

엣지-클라우드 통신네트워크에서의 지속 가능한 사이버 보안 솔루션을 개발하기 위한 연구는 중요성을 갖는다. 최근의 기술 발전으로 인해 엣지 디바이스와 클라우드 서비스 간의 통신이 활발해지면서 보안 위협이 증가하고 있다. 이에 따라 연합 강화 학습과 같은 첨단 기술을 활용하여 보안 취약점을 탐지하고 대응하는 것이 중요하다. 본 논문에서는 엣지-클라우드 환경에서의 보안 취약점을 식별하고 대응하기 위해 연합 강화 학습을 기반으로 한 솔루션을 제안한다. 이를 통해 네트워크의 안전성을 보장하고 사이버 공격에 대응할 수 있는 기술을 개발하기 위해, 엣지-클라우드 환경에서의 보안 취약점을 식별하고 대응하기 위해 연합 강화 학습 기반으로 한 솔루션을 소개한다.

• Journal of Digital Convergence
• /
• v.12 no.9
• /
• pp.387-406
• /
• 2014

The purpose of study is desirable and effective conflict management plan and professionally, to promote sustainable job skills beyond. Therefore, the public agency information security professionals to find the causes of conflict and the level of suffering, the relationship, says the help of a job withdrawal intention and job satisfaction relationship further. The results indicated that there are differences in the factors of job withdrawal intention, conflict levels, job satisfaction, according to socio-demographic characteristics. Awareness of conflict factor increases the higher level of conflict. Job satisfaction, negative impact on the job withdrawal intention. We expect to contribute to the field of information security training key personnel in the future as a result, leaving the job to conflict prevention and mitigation, and minimized by applying the improved policies and institutions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.913-921
• /
• 2017

Mobile electronic commerce is rapidly growing up on the strength of popularization of smart devices such as smart phone followed by internet user increase. Concurrently with this, the anxiety on information security and personal information leakage of the user of mobile electronic commerce significantly built up in recent. In this respect, the information security and personal information protection should be become aware of their importance for the sustainable expansion and development of mobile commerce. Based on the demands as mentioned, this study analyzed the effects of the awareness of personal information security on recognized risk, recognized confidence and intent to use. The result of this study indicates that information security and personal information protection contribute to improvement in confidence by decreasing anxiety and uncertainty related to mobile commerce. Reduction of anxiety and uncertainty implies a crucial point that affects psychological mechanism making intent to use higher.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.9 no.7
• /
• pp.779-789
• /
• 2014

Utilizing smart phones based on android applications in the field of FA(Factory Automation) or PA(Production Automation) is being deployed actively. In general, MDM(Mobile Device Management) is a crucial infra-structure to build such a FA or PA environment. In this paper, we suggest an open mobile device management platform and implement its prototype. The developed prototype consists of three modules such as DMS(Device Management Server), FUMO(Firmware Update Management Object) and SCOMO(Software Component Management Object). In addition, we suggest a security module based on the concept of the EAP (Extensible Authentication Protocol) and the AES (Advanced Encryption Standard). The suggested security module's prototype is applied to guarantee the data integrity in the process of communicating among DMS, FUMO and SCOMO for the purpose of utilizing smart phones based on android applications in a FA field. We also evaluate the performance of the implemented security prototype. According to our simulation results, the implemented prototype has a good performance in a FA environment and can be utilized in the other FA, PA or OA(Office Automation) environment with guaranteeing the security.

• Convergence Security Journal
• /
• v.17 no.3
• /
• pp.115-124
• /
• 2017

The purpose of this study is to provide measures for National Assembly safety and control safety issues arise from increased National Assembly public tour services. First, the study provided the definition of National Assembly public tour and types of tour services, tour procedures, and visitor guidelines. Next, risk factors for National Assembly were discussed and environmental security of national major facilities were compared. Furthermore, four measures for strengthening safety for National Assembly were discussed. First, it is important to utilize special security guards in National Assembly since they can use special weapons unlike general security guards. Second, special guards can be flexibly utilized compared to general security guards. Third, based on the Private Security Law, there is no legal issues for utilizing special security guards since National Assembly is categorized as national major facilities. Fourth, educational programs for security guards are focused on National Assembly safety, brief education, martial arts, customer satisfaction, more specialized educational program for public tour programs should be provided.

• The KIPS Transactions:PartC
• /
• v.12C no.7 s.103
• /
• pp.965-972
• /
• 2005

Digital documents have become the mainstay of the paperless office. This is due to the increased usage of computer networks and the widespread digital culture. Along with the increased usage of digital documents comes the problem of securing them. The documents nay have very important information such as confidential business policies and intellectual Property statements. Generally, most of users protect them by using a password or secured flash memory or security software, but it has several weaknesses. Accordingly, we propose a new architecture for securing digital documents. The proposed architecture bases on RFID and several encrypting techniques. It makes up for the weakness of traditional securing architectures, and supports various Policies for digital documents of users.

• The Journal of the Korea Contents Association
• /
• v.11 no.2
• /
• pp.61-68
• /
• 2011

Due to the rapid development of the Internet, many companies in a variety of applications to users open an unspecified number of the current business environment, security of personal information about recent issues are often mentioned in terms of its importance may be the company's top priority. The government recently on personal information strengthening measures on information communications network law enacted into law which is applicable to various industries. Companies to protect the personal information of various measures to comply with these regulations, and arrange your personal information for internal management to enhance security fast security solution has been introduced. The number of used data is stored in the DBMS in terms of compliance with these regulations at the same time effectively to ensure data security and encryption measures, access control, audit, each separated by an implementation of the solution and how it compares with the best Database security plan allows you to explore as a this paper's security checklist.

• Journal of Digital Convergence
• /
• v.19 no.10
• /
• pp.287-293
• /
• 2021

Recently, public certificates issued by nationally-recognized certification bodies have been abolished, and internet companies have issued their own common certificates as certification authority. The Electronic Signature Act was amended in a way to assign responsibility to Internet companies. As the use of a joint certificate issued by Internet companies as a certification authority is allowed, it is expected that the fraud damage caused by the theft of public key certificates will increase. We propose an authentication model that can be used in a security gateway that combines PKI with a blockchain with integrity and security. and to evaluate its practicality, we evaluated the security of the authentication model using Sugeno's hierarchical fuzzy integral, an evaluation method that excludes human subjectivity and importance degree using Delphi method by expert group. The blockchain-based joint certificate is expected to be used as a base technology for services that prevent reckless issuance and misuse of public certificates, and secure security and convenience.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.4
• /
• pp.699-707
• /
• 2023

DevSecOps is a concept that adds security procedures to the operational procedures of DevOps to respond to the short development and operation cycle. Multi-step vulnerability scanning process should be considered to provide reliable security while supporting rapid development and deployment cycle in DevSecOps. Many open-source vulnerability scanning tools available can be used for each stage of scanning, but there are difficulties in evaluating the security level and identifying the importance of information in integrated operation due to the various functions supported by the tools and different security results. This paper proposes an integrated security metric design plan for scurity results and the combination of open-source scanning tools that can be used in security stage when building the open-source based DevSecOps system.