• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.3
• /
• pp.133-142
• /
• 2013

Recently, smart devices for various services have been developed using converged telecommunications, and the markets for near field communication (NFC) mobile services is expected to grow rapidly. In particular, the realization of mobile NFC payment services is expected to go commercial, and it is widely attracting attention both on a domestic and global level. However, this realization would increase privacy infringement, as personal information is extensively used in the NFC technology. One example of such privacy infringement would be the case of the Google wallet service. In this paper, we propose an mutual authentication scheme based on NTRU for secure channel in OTA and an zero-knowledge proof scheme NTRU based on for protecting user information in NFC mobile payment systems without directly using private financial information of the user.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.2
• /
• pp.101-110
• /
• 2011

Recently, an attack to an application incapacitates the intrusion detection rule, the defense policy for a network and database and induces intrusion incidents. Thus, it is necessary to study integration security to ensure the security of an internal network and database from that attack. This article is about building an integration security system to prevent an attack to an application set with intrusion detection rules. It responds to network-based attack through detection, disperses attack with the internal integration security system through virtual clustering and load balancing, and sets up defense policy for attacking destination packets, analyzes and records attack packets, and updates rules through monitoring and analysis. Moreover, this study establishes defense policy according to attacking types to settle access traffic through virtual machine partition policy and suggests an integration security system applied to prevent attack and tests its defense. The result of this study is expected to provide practical data for integration security defense for hacking attack from outside.

• The Journal of Korean Institute of Information Technology
• /
• v.17 no.6
• /
• pp.115-122
• /
• 2019

CCTV(Closed-Circuit Television) is increasingly exposed to CCTV per person as the number of installations increases every year for accident prevention and facility safety. The intelligent video surveillance system technology is attracting attention to the privacy protection of exposed subjects. The intelligent video surveillance system performs a process for the privacy protection so as to perform the action type of the subject and the judgment of the situation in the simple identification of the photographed image data, or to prevent the information, from which the information of the photographed subject is exposed. The proposed technique is applied to the video surveillance system and converts the original image information taken from the video surveillance system into similar image information so that the original image information is not leaked to the outside. In this paper, we propose an image conversion mechanism that inserts a virtual face image that approximates a preset similarity.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.49-58
• /
• 2022

As military service members are fully permitted to use mobile phones for sickness after work, it is time to minimize the direct collection of personal information from telecommunication companies when opening mobile phones to secure the safety of military service personnel's personal information. Prior to introducing the use of mobile phones by soldiers after work, the Ministry of National Defense established a security control system such as blocking the mobile phone shooting function to prevent security accidents and concerns about some adverse functions such as illegal cyber gambling, game addiction, and viewing pornography. come. Mobile telecommunications companies entrust personal information processing tasks, such as opening mobile phones, to telecommunications agencies and carry out management and supervision, such as checking the status of personal information protection measures. When a military service member opens a mobile phone, a personal information management agency is newly established using the right to portability of personal information, and a system for requesting the transmission of personal information from the military service member is proposed.

• Journal of the Korean Institute of Illuminating and Electrical Installation Engineers
• /
• v.22 no.2
• /
• pp.71-79
• /
• 2008

High voltage distribution lines in the electric railway system placed according track with communication lines and signal equipments. Case of the over head lines is occurrence the many fault because lightning, rainstorm, damage from the sea wind and so on. According this fault caused protection device to wrong operation. One line ground fault that occurs most frequently in railway high voltage distribution lines and sort of faults is line short, three line ground breaking of a wire, and so on. For this reason we need precise maintenance for prevent of the faults. The most important is early detection and fast restoration in time of fault for a safety transit. In order to develop an advanced fault location device for 22.9[kV] distribution power network in electric railway system this paper deals with new fault locating algorithm using flow technique which enable to determine the location of the fault accurately. To demonstrate its superiorities, the case studies with the algorithm and the fault analysis using PSCAD/EMTDC (Power System Computer Aided Design/Electro Magnetic Transients DC Analysis Program) were carried out with the models of direct-grounded 22.9[kV] distribution network which is supposed to be the grounding method for electric railway system in Korea.

• Journal of Convergence for Information Technology
• /
• v.12 no.5
• /
• pp.1-14
• /
• 2022

This study tried to suggest crisis management compliance to prevent personal information infringement accidents that may occur in the process because the data including personal information is being processed in the artificial intelligence (AI) service process. To this end, first, the AI service provision process is divided into 3 processes such as service planning/data design and collection process, data pre-processing and purification process, and algorithm development and utilization process. And 3 processes are subdivided into 9 stages following to personal information processing stages to infringe personal information. All processes were investigated with literature and experts' Delphi. Second, the investigated personal information infringement factors were selected through FGI, Delphi, etc. for experts. Third, a survey was conducted with experts on the severity and possibility of each personal information infringement factor, and the validity and adequacy of the 94 responses were verified. Fourth, to present appropriate risk management compliance for personal information infringement factors in AI services, a method for calculating the risk level of personal information infringement is prepared by utilizing the asset value of personal information, personal information infringement factors, and the possibility of infringement accidents. Through this, the countermeasures for personal information infringement incidents were suggested according to the scored risk level.

• Journal of Navigation and Port Research
• /
• v.34 no.3
• /
• pp.213-220
• /
• 2010

Following the application of Formal Safety Assessment(FSA) to bulk carriers, crude oil tankers and large passenger ships, an urgent need to consider the safety of general cargo ships has recently been raised through the International Maritime Organization(IMO)(IMO, 2006a), and related FSA studies are being carried out by International Association of Classification Societies(IACS) as a preparatory work for the discussion on the issue of general cargo ship safety in the IMO committee. FSA is a structured and systematic methodology which is based on the techniques of risk analysis and cost benefit assessment to assist in the decision-making process, and aims at enhancing maritime safety, including protection of life, health, the marine environment and property. FSA can be used as a tool to facilitate the development of regulatory changes equitable to the various parties, with a view to aiding the achievement of consensus, and to help in the evaluation of new regulations and in making a comparison between existing and possibly improved regulations(IMO, 2007). This study aims at verifying the usefulness of FSA methods as a tool to conduct a safety assessment of general cargo ships flying the Korean flag, and providing useful information on 'the safety of general cargo ships' for IMO committee's discussion on the matter at a future session. FSA comprises five steps, however, steps 1(Hazard identification) and 2 (Risk analysis) from the FSA study for the Korean-flagged general cargo ships are discussed in this paper.

• The Korean Journal of Air & Space Law and Policy
• /
• v.23 no.2
• /
• pp.137-172
• /
• 2008

The earliest safety data programs, the FDR and CVR, were electronic reporting systems that generate data "automatically." The FDR program, originally instituted in 1958, had no publicly available restrictions for protections against sanctions by the FAA or an airline, although there are agreements and union contracts forbidding the use of FDR data for FAA enforcement actions. This FDR program still has the least formalized protections. With the advent of the CVR program in 1966, the precursor to the current FAR 91.25 was already in place, having been promulgated in 1964. It stated that the FAA would not use CVR data for enforcement actions. In 1982, Congress began restricting the disclosure of the CVR tape and transcripts. Congress added further clarification of the availability of discovery in civil litigation in 1994. Thus, the CVR data have more definitive protections in place than do FDR data. The ASRS was the first non-automatic reporting system; and built into its original design in 1975 was a promise of limited protection from enforcement sanctions. That promise was further codified in an FAR in 1979. As with the CVR, from its inception, the ASRS had some protections built in for the person who might have had a safety problem. However, the program did not (and to this day does not) explicitly deal with issues of use by airlines, litigants, or the public media, although it appears that airlines will either take a non-punitive stance if an ASRS report is filed, or the airline may ignore the fact that it has been filed at all. The FAA worked with several U.S. airlines in the early 1990s on developing ASAP programs, and the FAA issued an Advisory Circular about the program in 1997. From its inception, the ASAP program contained some FAA enforcement protections and company discipline protections, although some protection against litigation disclosure and public disclosure was not added until 2003, when FAA Order 8000.82 was promulgated, placing the program under the protections of FAR 193, which had been added in 2001. The FOQA program, when it was first instituted through a demonstration program in 1995, did not contain protections against sanctions. Now, however, the FAA cannot take enforcement action based on FOQA safety data, and an airline is limited to "corrective action" under the program. Union contracts can exclude FOQA from the realm of disciplinary action, although airline practice may be for airlines to require retraining if there is no contract in place forbidding it. The data is protected against disclosure for litigation and public media purposes by FAA Order 8000.81, issued in 2003, which placed FOQA under the protections of FAR 193. The figure on the next page shows when each program began, and when each statute, regulation, or order became effective for that program.

• Journal of Korean Society of Transportation
• /
• v.20 no.2
• /
• pp.105-115
• /
• 2002

For many rears, traffic accident statistics are the most direct measure of safety for a signalized intersection. However it takes more than 2 or 3 yearn to collect certain accident data for adequate sample sizes. And the accident data itself is unreliable because of the difference between accident data recorded and accident that is actually occurred. Therefore, it is rather difficult to evaluate safety for a intersection by using accident data. For these reasons, traffic conflict technique(TCT) was developed as a buick and accurate counter-measure of safety for a intersection. However, the collected conflict data is not always reliable because there is absence of clear criteria for conflict. This study developed objective and accurate conflict criteria, which is shown below based on traffic engineering theory. Frist, the rear-end conflict is regarded, when the following vehicle takes evasive maneuver against the first vehicle within a certain distance, according to car-following theory. Second, lane-change conflict is regarded when the following vehicle takes evasive maneuver against first vehicle which is changing its lane within the minimum stopping distance of the following vehicle. Third, cross and opposing-left turn conflicts are regarded when the vehicle which receives green sign takes evasive maneuver against the vehicle which lost its right-of-way crossing a intersection. As a result of correlation analysis between conflict and accident, it is verified that the suggested conflict criteria in this study ave applicable. And it is proven that estimating safety evaluation for a intersection with conflict data is possible, according to the regression analysis preformed between accident and conflict, EPDO accident and conflict. Adopting the conflict criteria suggested in this study would be both quick and accurate method for diagnosing safety and operational deficiencies and for evaluation improvements at intersections. Further research is required to refine the suggested conflict criteria to extend its application. In addition, it is necessary to develope other types of conflict criteria, not included in this study, in later study.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.22 no.6
• /
• pp.599-609
• /
• 2021

A novel grounding system, which is presented in IEC 60364, has been adopted since 2021. A safety evaluation for the human body on the grounding system is required due to the various characteristics of the touch voltage and current passing when the human body experiences an electric shock. The Korea Electrical Safety Corporation (KESCO) and Korea Electric Association (KEA) have been conducting a safety technical education on the grounding system. On the other hand, it is difficult to instruct the electrical safety manager because of a lack of safety evaluations for the test equipment on the grounding system. Therefore, this paper modeled and implemented a test device for a safety evaluation depending on the grounding system of IEC 60364. Namely, this paper presents the modeling of the test device for a safety evaluation using PSCAD/EMTDC S/W, which is composed of an AC grid section, s test device section on the grounding system, and a sub-device section. This paper implemented a test device for safety evaluation, which consisted of an AC grid section, TT grounding system section, TN-S grounding system section, and monitoring section. From the simulation and test results with the safety characteristics of the human body in the TT and TN-S grounding system, when the fault impedances are 0[Ω], 10[Ω], and 100[Ω], the currents passing through the human body in the TT grounding system are 104[mA], 87.4[mA], and 35.5[mA], respectively. The corresponding currents in the TN-S grounding system are 54.9[mA], 4.1[mA], and 0.4[mA], respectively. Based on the results, the protection performance for an electric shock to the human body in the TN-S system is better than the TT system. This can be improved when the existing grounding system is changed from the TT system to the TN-S system.