• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.9
• /
• pp.1166-1175
• /
• 2021

We investigate the current situation and development trend of domestic smart city and emergency vehicle priority signal control system analyzing the existing effectiveness of 1) emergency vehicle priority signal control system and 2) control emergency vehicle priority signal, based on domestic and foreign prior research for signal control system security. The effectiveness of time reduction was analyzed through actual application and test operation to emergency vehicles after establishing the system. In addition, for security management and stable service of real-time signal system control we propose improvement for the technical control items of the ISMS-P certification system to secure golden time to protect citizens' precious lives and property in case of emergency by classifying and mapping the existing ISMS-P certification system and the Korea Internet & Security Agency's cyber security guide according to the items of security threats.

• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.133-140
• /
• 2024

The spread of Direct-to-Consumer (DTC) genetic testing, where users request tests directly, has been increasing. With growing demand, certification systems have been implemented to grant testing qualifications to non-medical institutions, and the scope of tests has been expanded. However, unlike cases in less regulated foreign countries, disease-related tests are still excluded from the domestic regulations. The existing de-identification method does not adequately ensure the uniqueness and familial sharing of genomic information, limiting its practical utility. Therefore, this study proposes the application of fully homomorphic encryption in the analysis process to guarantee the usefulness of genomic information while minimizing the risk of leakage. Additionally, to safeguard the individual's right to self-determination, a privacy preservation model based on Opt-out is suggested. This aims to balance genomic information protection with maintainability of usability, ensuring the availability of information in line with the user's preferences.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.10
• /
• pp.445-460
• /
• 2013

Mobile applications today are being offered as various services depending on the mobile device and mobile environment of users. This increase in mobile applications has shifted the spotlight to their vulnerability. As an effective method of security verification, this paper proposes "phase-wise security verification for the implementation of mobile applications". This method allows additional security verification by covering specific items across a wider range compared to existing methods. Based on the identified weaknesses, it detects the cause of vulnerability and monitors the related settings.

• Convergence Security Journal
• /
• v.19 no.1
• /
• pp.111-120
• /
• 2019

As cyber-attacks become more intelligent and sophisticated, the importance of Security Operations Center(SOC) has increased and the number of SOC has been increasing. In order to cope with cyber threats, institutions and organizations use a variety of cyber security standards to create business procedures. However, SOC often need to be improved in accordance with the SOC environment because they collaborate with managed security service specialists rather than their own personnel. The NIST cyber security framework, information security management system, and managed security service companies were compared and analyzed. As a result, it was found that the NIST CSF is a framework that is easy to apply to managed security service, The content was judged to be insufficient. Therefore, in this study, NIST CSF was used as a reference model to derive the management items required for SOC environment, and the necessity, importance and ease of each item were confirmed through an Delphi technique and an improved cyber security framework was proposed.

• The Journal of Society for e-Business Studies
• /
• v.24 no.2
• /
• pp.113-124
• /
• 2019

Today many companies are offering IoT-enabled products and place emphasis on security from the planning stage to protect their products and user information from external threats. The present security levels, however, remain low because the time and resources invested in developing security requirements for each device are far from enough to meet the needs of a wide range of IoT products. Nevertheless, vulnerabilities of IoT devices have been reported continuously, which calls for more detailed security requirements for home IoT devices. In this context, this research identified threats of home IoT systems by using Microsoft Threat Modeling Tool. It then suggested measures to enhance the security of home IoT devices by developing security assessment items through comparative analysis of the identified threats, domestic and global vulnerability assessment standards and related research. It also verified the effectiveness of the developed security requirements by testing them against the existing ones, and the results revealed the security requirements developed in this research proved to be more effective in identifying vulnerabilities.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.2 no.2 s.3
• /
• pp.31-42
• /
• 2003

Prepaid plastic card issued by Korea Highway Company had a lot of problems in end-user usage and management. HipassPLUS Card, which is a smart card used for a prepaid electronic payment, overcomes the problems of Prepaid Plastic card. HipassPLUS Card is also designed be compatible to other cards such as public transportation card. Thus, for the safety of using the card in such environment, the functionality and the security of HipassPLUS card should be faultless. This paper developed a test module including the test method, the test checklist, and the test procedure to examine the functionality and security of the payment mechanism of HipassPLUS card. The test module contains the method and the procedure to test the standard items according to the test checklist of HipassPLUS card. The test items and the test checklist of HirassPLUS card was selected under the provision of the specification of Korea Highway Company and ISO standard. The results of evaluation on HipassPLUS card using the proposed test module indicates that 4he HipassPLUS card satisfied the criteria under the characteristics of the functionality, security, and compatibility.

• Proceedings of the Korea Database Society Conference
• /
• 1999.06a
• /
• pp.435-444
• /
• 1999

현재까지 연구되고 있던 정보보호관련분야의 계량화방법을 좀 더 다른 방법으로 접근하여, 정보시스템 환경 하에서 보안 및 관리 운영 평가 지수에 계량화하여 1차 집단과 2차 집단간의 차이를 연구하였다. 정보화 관련항목에 대하여 빈도 분석을 적용함으로서 군별, 항목별 분류를 통한 항목 비례 가중치법을 산출하였다. 또한, 선지정 가중치법을 이용하여, 보호지수와 관리운용지수에 따른 상관관계를 조사하여 안전관리 지수를 계량화하였다.

• Proceedings of the Korea Inteligent Information System Society Conference
• /
• 1999.03a
• /
• pp.435-444
• /
• 1999

현재까지 연구되고 있던 정보보호관련분야의 계량화방법을 좀 더 다른 방법으로 접근하여, 정보시스템 환경 하에서 보안 및 관리 운영 평가 지수에 계량화하여 1차 집단과 2차 집단간의 차이를 연구하였다. 정보화 관련항목에 대하여 빈도 분석을 적용함으로서 군별, 항목별 분류를 통한 항목 비례 가중치법을 산출하였다. 또한, 선지정 가중치법을 이용하여, 보호지수와 관리운용지수에 따른 상관관계를 조사하여 안전관리 지수를 계량화 하였다.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.4
• /
• pp.1449-1457
• /
• 2010

The intrusion prevention system solution is receiving the spotlight as the next generation security system. It is anticipated that the system will form a very active security market both domestically and overseas. Moreover, quality evaluation proving successful inspection of merchandises is required of domestic businesses seeking to operate in the international market, and general users also prefer those that have successfully passed inspection. This study has constructed a security quality evaluation model for intrusion prevention system by deriving and analyzing security quality evaluation items required by an intrusion prevention system solution and by classifying them in detail. The derived quality evaluation model will play an important role of assessing and improving the quality of intrusion prevention system.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.04a
• /
• pp.930-933
• /
• 2010

침입방지시스템 솔루션은 차세대에 각광받는 보안시스템으로 국내 외 시장에서 매우 활발한 보안 분야 시장을 형성할 것으로 전망된다. 아울러 국제 시장에 진출하고자 하는 국내 업체들은 검증된 제품임을 증명하는 품질 평가가 요구되고 일반 사용자들은 검증된 제품을 선호하는 추세가 일반적이다. 본 연구에서는 침입방지시스템의 기술개요, 특징 및 침입방지시스템의 품질 평가기준을 소프트웨어 품질평가를 위해 사용되는 국제표준 ISO/IEC 9126과 ISO/IEC 14598의 참조하여 평가항목을 도출하였으며, 도출된 평가항목을 가지고 평가방법 메트릭을 개발하였다.