• Proceedings of KOSOMES biannual meeting
• /
• 2008.05a
• /
• pp.1-4
• /
• 2008

근년 일본, 캐나다, 호주, 미국, EU(주로 노르웨이, 영국) 등에서 인공위성을 이용한 해양 안전의 확보를 위한 연구개발이 진행되고 있으며, 일부 실해역 적용의 분야도 도출되고 있는 실정이다. 9.11테러 이후, 국제해사기구에서도 해상보안의 문제는 주요 이슈로 대두되어, 해상보안에의 활용 기술 개발이 먼저 시작되었다. 그 외, 밀입국 선박 감시 덴 해양오염 모니터링이 주요 활용분야이다. 간단하게 요약하면 다음과 같다. -노르웨이: Norwegian Defence Hesearch Establishment(NDRE)에서 주도적으로 선박 탐지 실험 및 기술 개발을 실시. 주로, ESA의 위성을 활용. 국가 보안의 목적으로는 적용을 하고 있음. -캐나다: 캐나다에서 소유하고 있는 RADARSAT을 이용하여 가장 많은 실험을 실시함. 영상을 처리하고 결과에 대한 평가를 수행하기 위한 시스템(Ocean Monitoring Workstation, OSM)을 개발하여 보급에 주력. -호주: 주로 캐나다의 위성 및 시스템의 적용을 하고 있음 영해 및 환경 감시의 역할을 수행. Coastwatch조직을 만들어 해상 감시활동을 하고 있음. -영국: 데이터 취득 후, 2.5시간 이내에 선박의 위치를 전송하는 인터페이스를 개발함. 일본의 경우, 다른 선진국에 비해서는 다소 늦게 시작되었다. 2003년 발간된 '재해 등에 대응한 인공위성이용기술에 관한 종합보고서'를 시작으로 정보수집위성 4기 및 지구관측위성을 이용한 해양 감시 활동이 시작되었다. 또한, 제 3기 과학기술기본계획(2006-2012)내에 해양 불법침입 탐지 기술 개발 항목이 반영되어 있다. 유럽의 해상보안서비스(MARISS)의 사용자 워크숍이 ESA ESRIN(이탈리아 프라스카티)에서 2008년 1월 22일 열렸다. 실질적인 내용은, '해상보안을 위한 우주 시스템'에 관한 것으로 인공위성 이용하는데 있어 설계안 및 데이터 이용 컨셉을 제시하는 것이었다. 여기서 중요한 것은 국가간의 협력이 절대적으로 필요하며, 기존의 시스템과의 통합에 있어 신뢰성을 어떻게 확보하는가에 있다고 할 수 있다. 또한, 보안과 환경모니터링의 기능이 분리되어 진행되고 있는 부분에 대한 정보 통합 방향도 제기되었다. 국내에서도 AIS와 SAR정보의 결합에 관한 검토는 이루어졌으며, 이를 바탕으로 EU와 같은 시스템의 구축(조직과 연구개발)을 위한 실질적인 검토가 필요하다.

• Journal of the Korea Society of Computer and Information
• /
• v.7 no.3
• /
• pp.60-67
• /
• 2002

Existing as a reverse function in the information age, the security threats against the information system is increasing day by day and a systematic security management to this is being considered more and more important. The most important thing on security management is a risk analysis to understand the cause of the threat and to set up a countermeasure. Therefore, to increase security the proposed model will advise on the set up of the security policy and for a set up of an economic security countermeasure we have increased the reliability on the risk calculation stage. Especially, on the countermeasure stage we have requested a security level on the asset in order to examine the mutual reliance between assets, and differing from the standard model, we have improved the proposed model so that the materializing of the proposed countermeasure has been made to identify the restricted items for each asset and in order to not materialize superficial countermeasures and to make sure to materialize an economic countermeasure.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1563-1583
• /
• 2018

With the deregulation of electronic finance, FinTech has been revitalized. The discussion on artificial intelligence is active in the financial industry. However, there is a problem of increasing security threats behind new technologies. Security vulnerabilities have increased because we are more connected than before, and the channels and entities of the financial industry have diversified. Although there are technical and policy discussions on security, the essence of all discussions is human. Fundamentals of finance are trust and security, and attention to human factors is important. This study presents the role of human and artificial intelligence for financial security, respectively. Furthermore, this derives a collaborative model in which human and artificial intelligence complement each other's limitations. To support this, it first discusses the development of finance and IT, AI, human factors, and financial security threats. This study suggests that the security threats will intensify in the era of new technology, but it can overcome them by using machinery and technology.

• Convergence Security Journal
• /
• v.19 no.1
• /
• pp.3-10
• /
• 2019

The 5G network is a next-generation converged network that combines various ICT technologies to realize the need for high speed, hyper connection and ultra low delay, and various efforts have been made to address the security vulnerabilities of the previous generation mobile networks. However, the standards released so far still have potential security vulnerabilities, such as USIM deception and replication attack, message re-transmission attack, and race-condition attack. In order to solve these security problems, this paper proposes a new 5G-AKA protocol with PUF technology, which is a physical unclonable function. The proposed PUF-based 5G-AKA improves the security vulnerabilities identified so far using the device-specific response for a specific challenge and hash function. This approach enables a strong white-list policy through the addition of inexpensive PUF circuits when utilizing 5G networks in areas where security is critical. In addition, since additional cryptographic algorithms are not applied to existing protocols, there is relatively little burden on increasing computational costs or increasing authentication parameter storage.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.7 no.3
• /
• pp.79-94
• /
• 1997

OMG (Object Management Group) published a security service specification, called CORBA (Common Object Request Broker Architecture) security reference model because the integration of security and object-oriented techniques was critical for successful deployment of distributed object systems. The CORBA security reference model treats access control as an implementation independent semantic concept but has incomplete semantics of the access control function. Because of such imcompleteness it is difficult for the system administrator and the CORBA security implementor to have the same understanding for the meaning of access control in the CORBA security. We propose a formal model for access control the CORBA security using the formal description language, which is called Z language based on typed set theory. The proposed model provides concrete semantics of the access control function to both the system administrator and the implementor.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.77-87
• /
• 2011

As information services have been widely used in various environments, the knowledge information security sector plays a significant role in development and management of products and services, information privacy management, risk management and safety, etc. Thus, the process of acquiring knowledge information security professionals is getting more attention for promoting the stable and long-term development of the knowledge information security sector. This study identifies and analyzes the promising fields for the KISA Employment-Contract Master Program and suggests promotion strategies for knowledge information security professionals. By surveying participants and would-be participants, and interviewing experts, it is analyzed that 'mobile security' and 'convergence security' are the two most important fields to be included in the program.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.17 no.2
• /
• pp.375-386
• /
• 2022

As information asset protection is recognized as an important management factor for organizations, organizations are increasing their investments in information security(IS) policies and technologies. However, strict application of IS may cause non-compliance behavior through IS stress on employees of the organization. Accordingly, this study suggests a mechanism by which employee stress affects IS compliance intentions through self-determination, and a method to reinforce IS compliance intentions through person-organization fit. We conducted an online survey of employees working at companies that adopted IS policies and tested hypotheses using 475 samples. First, as a result of analyzing the main effects of applying the structural equation model, role stress affected IS compliance intention through self-determination. Second, as a result of analyzing the moderating effect of applying Process 3.1, personal organization fit strengthened the relationship between self-determination and IS compliance intention. The research suggests a direction for achieving internal IS goals by confirming the influence of IS stress and behavioral causes of employees.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.199-201
• /
• 2021

The Internet of Things (IoT) is a technology that can organically connect people and things without time and space constraints by using communication network technology and sensors, and transmit and receive data in real time. The IoT used in all industrial fields has limitations in terms of storage allocation, such as device size, memory capacity, and data transmission performance, so it is important to manage power consumption to effectively utilize the limited battery capacity. In the prior research, there is a problem in that security is deteriorated instead of improving power efficiency by lightening the security algorithm of the encryption module. In this study, we proposes a low-power security architecture that can utilize high-performance security algorithms in the IoT environment. This can provide high security and power efficiency by using relatively complex security modules in low-power environments by executing security modules only when threat detection is required based on inspection results.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.9-19
• /
• 2023

Smart cars, which incorporate information and communication technologies (ICT) to improve driving safety and convenience for drivers, have recently emerged. However, the increasing risk of automotive cybersecurity due to the vulnerability of electronic control units (ECUs) and automotive networks, which are essential for realizing the autonomous driving functions of smart cars, is a major obstacle to the widespread adoption of smart cars. Although there have been only a few real-world cases of smart car hacking, drivers' concerns about the security of smart cars can have a negative impact on their proliferation. Therefore, it is important to understand the risk factors perceived by drivers and the trust in smart cars formed through them in order to promote the future diffusion of smart cars. This study examines the risk factors that affect the formation of trust in smart cars, focusing on security and privacy, and analyzes how these factors affect safety perceptions and trust in smart cars.

• Convergence Security Journal
• /
• v.20 no.2
• /
• pp.91-99
• /
• 2020

The purpose of this study is to present the application of Information and Communication Technology(ICT) during the 4th Industrial Revolution for the efficient implementation of government emergency preparedness policies. Brainstorming by experts categorized the government's emergency preparedness policies into 4 types and 12 detailed tasks. Classification results were used by AHP(Analytic Hierarchy Process) to analyze relative importance and priorities. The AHP survey found that strengthening crisis management responsiveness was the most important detailed task. Artificial Intelligence(AI), Internet of Things(IoT), Unmanned Autonomy System, Virtual Reality(VR), and Augmented Reality(AR) were presented as major information and communication technology(ICT) for the efficient execution of detailed tasks.