• The KIPS Transactions:PartC
• /
• v.17C no.1
• /
• pp.15-26
• /
• 2010

Social Networks such as 'Facebook' and 'Myspace' are regarded as useful tools for people to share interests and maintain or expand relationships with other people. However, they pose the risk that personal information can be exposed to other people without explicit permission from the information owner. Therefore, we need a solution for this problem. Although existing social network sites allow users to specify the exposing range or users who can access their personal information, this cannot be a practical solution because the information can still be revealed to third parties through the permitted users albeit unintentionally. Usually, people allow the access of unknown person to personal data in online social networks and this implies the possibility of information leakage. We could use an access control method based on trust value, but this has the limitation that it cannot reflect the quantitative risk of information leakage. As a solution to this problem, this paper proposes an access control method based on a synthesized metric from trust and risk factors. Our various experiments show that the risk of information leakage can play an important role in the access control of online social networks.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1997.11a
• /
• pp.53-67
• /
• 1997

본 고에서는 인터넷 방화벽 보안정책을 일반 정보 보안정책 수립 절차와 단계에 입각하여 분석하고, 위험처리 등급은 3 단계(낮음, 중간, 높음)로 구분하며, 보안정책 대상은 사용자, 관리자, 기술요원으로 나누어 각각의 방화벽 보안정책을 제시한다. 또한 네트워크 서비스를 방화벽에서 처리할 때 허용여부와 허용 시에 사용되어야 할 인증 등의 보안정책을 제시한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.04a
• /
• pp.844-846
• /
• 2002

기존에 보안을 위해 개발되어온 취약점 검색도구는 최근 들어 불법침입을 위한 도구로 이용되고 있으며 이제는 웹사이트에서도 쉽게 취약점 검색도구와 악의적인 프로그램들을 구할 수 있게 되었다. 이에 대한 방안으로 현재 침입차단 기능을 가지는 방화벽과 침입탐지 기능을 가지는 침입탐지시스템이 개발되어 왔다. 방화벽은 외부 네트워크와 내부 네트워크 사이에 위치하여 인증된 트래픽만을 허용함으로써 보안을 유지할 수 있으나 사전에 미리 IP 주소나 포트 등을 등록하여 해당 IP 주소와 포트로부터의 접근을 허용하거나 막는 정적인 방법이었다. 또한 침입탐지시스템은 침입탐지에 대한 룰을 내장하여 칩입행동을 실시간으로 탐지하는 기능을 가지지만 그에 대한 대응이 실시간 차단이 아니라 공격자와 관리자에게 경고메일을 보내는 수준이므로 침입탐지 이후에 생기는 불법행동에 대한 커다란 위험이 따른다 본 논문에서는 그에 대한 해절 방안으로 방화벽의 침입차단 기능과 침입탐지시스템의 실시간 침입탐지 기능을 갖춘 실시간 침입탐지 및 차단을 위한 시스템을 제안한다.

• Proceedings of the Korean Reliability Society Conference
• /
• 2000.04a
• /
• pp.161-168
• /
• 2000

고리 3,4호기 및 영광 1,2호기의 원자로보호계통 및 공학적안전설비작동계통의 정기점검주기와 허용정지시간에 대하여 계통의 신뢰도와 노신손상빈도를 평가하여 안전성이 저해되지 않는 범위에서 합리적인 정기점검주기와 허용정지시간을 도출하였다. 이를 위하여 원자로보호계통의 17개 원자로정지신호와, ESFAS계통의 11개의 안전설비작동신호에 대해서 고장수목을 작성하였고, 정기점검주기 변화에 따른 신뢰도를 평가하였다. 또한 계통의 신뢰도가 발전소의 안전성에 어떤 영향을 미치는가를 파악하기 위하여 노심손상빈도를 분석하였다. 분석 결과 현행 1개월의 점검주기를 3개월로 연장한다 하더라도 신뢰도는 20%미만 노심손상빈도는 2%정도 저하되는 것으로 나타났다. 이런 정도의 신뢰도와 위험도가 변화는 원자력발전소의 안전성에 거의 영향을 주지 못하기 때문에 점검주기를 연장하는 안이 타당한 것으로 나타났다.

• Journal of Navigation and Port Research
• /
• v.35 no.1
• /
• pp.23-30
• /
• 2011

This study was carried out in order to verity the usefulness of FSA(Formal Safety Assessment) methods as a tool to conduct a safety assessment of general cargo ships flying the Korean flag, and to provide useful information on 'the Safety of General Cargo Ships' for IMO committee's discussion on the matter at a future session. In the previous paper, "A Study on High-level FSA for Korean-flagged General Cargo Ships(1)", the concepts of the FSA methodology and its five steps were described and the results of Hazard Identification(Step 1) and Risk Analysis(Step 2) from the FSA study for the Korean-flagged general cargo ships were discussed. Subsequent to the Steps 1 & 2, the identification of Risk Control Options(RCOs-Step 3) for eliminating or reducing either the frequency or the severity of the risks identified and their Cost-Benefit Assessment(CBA-Step 4) were undertaken. In this paper, the results of the Steps 3 & 4 are discussed, and some recommendations are made.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.779-791
• /
• 2021

Common web services have been continuously targeted by hackers due to an access control policy that must be allowed to an unspecified number of people. In order to cope with this situation, companies regularly check web vulnerabilities and take measures according to the risk of discovered vulnerabilities. The risk of these web vulnerabilities is calculated through preliminary statistics and self-evaluation of domestic and foreign related organizations. However, unlike static diagnosis such as security setting and source code, web vulnerability check is performed through dynamic diagnosis. Even with the same vulnerability item, various attack results can be derived, and the degree of risk may vary depending on the subject of diagnosis and the environment. In this respect, the predefined risk level may be different from that of the actual vulnerability. In this paper, to improve this point, we present a web vulnerability risk assessment model based on the attack result centering on the cyber kill chain.

• Journal of Advanced Marine Engineering and Technology
• /
• v.40 no.3
• /
• pp.228-234
• /
• 2016

As a college dormitory has the features of high dwelling density and a floating population that becomes crowded during particular times, when a disaster such as a fire occurs, it has the risk of causing much loss of life. In this study, the fire simulation program Fire Dynamics Simulator (FDS), is used to predict the risk when a fire occurs, to analyze the problem, and to suggest an improvement plan for a new cadet dormitory at an university in Korea. The research results are as follows. When a fire occurred in the ironing room inside the cadet dormitory, a smoke detector operated after 65 seconds. Thirteen seconds later, a sprinkler started to operate. The temperature and carbon monoxide density reached the limit value at 241 and 248 seconds, respectively. Because the limit visibility value was reached within 66 seconds after the occurrence of a fire, it is predicted that preparation must be finished and evacuation should begin within 1 minute after the fire occurs, in order to have no casualties. Synthesizing this dormitory fire risk prediction result, the visibility value is considered to be the most dangerous factor for personal safety. Because of this, installing a smoke extraction system is suggested to secure visibility. After the installation of a smoke extraction system, the problem of smoke diffusion in the corridors improved.

• Spatial Information Research
• /
• v.21 no.6
• /
• pp.43-55
• /
• 2013

Recently, the research to visualize and to reproduce evacuation situations such as terrorism, the disaster and fire indoor space has been come into the spotlight and designing a model for interior space and reliable analysis through safety evaluation of the life is required. Therefore, this paper aims to develop simulation model which is able to suggest evacuation route guidance and safety analysis by considering the major risk factor of fire in actual building. First of all, we designed 3D-based fire and evacuation model at a subway station building in Incheon and performed fire risk analysis through thermal parameters on the basis of interior materials supplied by Incheon Transit Corporation. In order to evaluate safety of a life, ASET (Available Safe Egress Time), which is the time for occupants to endure without damage, and RSET (Required Safe Egress Time) are calculated through evacuation simulation by Fire Dynamics Simulator. Finally, we can come to the conclusion that a more realistic safety assessment is carried out through indoor space model based on 3-dimension building information and simulation analysis applied by safety guideline for measurement of fire and evacuation risk.

• Journal of Digital Convergence
• /
• v.19 no.7
• /
• pp.217-226
• /
• 2021

The use of personal mobility(PM) is increasing because of preading shared mobility, but, it causes risk of accidents and fear to pedestrians because of lack of sound. The purpose of this study is to find out the effects of the alert sound in PM and driving direction on risk perception of pedestrians, awareness on PM driver, and allowance for driving on each road. The 8 videos were produced from a pedestrian perspective, depending on the alert sound type(silent, vess, bell, voice) and direction of driving(front, back). After watching each video, participants completed surveys. There was a non-effect on the driving direction. Regardless of the alert sound type, all of the sounds reduced the risk perception. Also, the awareness of PM drivers and allowance for driving on each road were positive. This study found that PM needed an alert sound for pedestrian safety. We expect the results of the study to help improve awareness of PM and make policies and regulations.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.29 no.2
• /
• pp.106-117
• /
• 2023

The social impact of hazardous and noxious substances from marine industrial facilities was evaluated, and implications for the application of social impact assessment items and methods required in the process of setting technology-based effluent limitations were derived. The scope of the study was based on marine industrial facilities in Incheon Metropolitan City. The analysis results are as follows. First, the impact on companies and industries was evaluated as "great," but large companies had little impact on operating profit losses, bankruptcy possibilities, and employment losses, while small and medium-sized companies had a large impact. Second, the impact on the community and economy was evaluated as "less," but it is judged that careful policy intervention is needed because the impact of fishing producers, local tourism workers, and the region can be concentrated and large. Third, it is judged that items and methods for calculating social loss costs and social benefits can be usefully applied in the method of setting technology-based effluent limitations.