• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.633-636
• /
• 2002

현대는 정보의 홍수라고 할 만큼 많은 정보들이 존재하는 정보화 사회로서 정보 경쟁력이 중요시되는 시대이다. 이에 발맞춰 이러한 정보를 운영하는 정보시스템의 안전성이 많은 조직에서 이슈가 되고, 자신의 조직의 정보 자산을 보호하기 위한 방법을 모색한다. 이러한 방법 중 가장 광범위하게 적용되는 방법이 조직의 자산에 대한 위험분석이다. 위험 분석은 조직에 내재되어 있는 위협, 취약성을 식별하고, 식별된 위협 및 취약성에 대하여 보호대책을 강구함으로써 안전한 정보시스템 운영을 가능케 한다. 그러나 아직까지 외국의 위험분석 방법론에도 데이터 자산의 위험분석 방법을 구체적으로 기술이 되어 있지 않기 때문에, 실제로 데이터 자산의 위험 분석은 굉장히 힘들다. 그러므로 본 논문은 업무 중심의 위험분석 방법론과 이 방법론의 프로세스를 따라 데이터 자산의 위험분석 수행방법을 제안한다.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.6 no.6
• /
• pp.839-847
• /
• 2011

Instrumentation & Control(I&C) System in NPP(Nuclear Power Plant) plays a important role as the brain of human being, it performs protecting, controling and monitoring safety operation of NPP. Recently, the I&C system is digitalized as digital technology such as PLC, DSP, FPGA. The different aspect of digital system which use digital communication to analog system is that it has potential vulnerability to cyber threat in nature. Possibility that digital I&C system is defected by cyber attack is increasing day by day. The result of cyber attack can be adverse effect to safety function in NPP. Therefore, I&C system required cyber security counter-measures that protect themselves from cyber threat efficiently and also cyber security design should be taken into consideration at concept stage in I&C system development process. In this study, we proposed the digital asset analysis method for cyber security assessment of I&C system design in NPP and we performed digital asset analysis of I&C system by using the proposed method.

• The KIPS Transactions:PartC
• /
• v.10C no.4
• /
• pp.423-432
• /
• 2003

It is essential suity management and standardized asset analysis for telecommunication networks, however existing risk analysis methods and tools are not enough to give shape of the method to evaluate value and asset. they only support asset classification schemes. Moreover, since the existing asset classification schemes are to evaluate comprehensive general risk, they are not appropriate for being applied telecommunication networks and they can´t offer any solutions to an evaluator´s subjectivity problem. In this paper, to solve these problems, we introduce the standardized definition of asset evaluation model new asset classification scheme, two-dimensional asset process classification scheme to consider business process and asset, various evaluation standards for quantitative value and qualitative evaluation. To settle an valuator´s subjectivity problem, we proposed $\beta$-distribution Delphi method.

• Journal of the Korean Data and Information Science Society
• /
• v.22 no.2
• /
• pp.207-215
• /
• 2011

This Risk analysis on information related assets is conducted primarily according to the standards the Korea Information and Telecommunications Technology Association (TTA) or the International Organization for Standardization (ISO). The process is made of asset analysis, threat analysis, vulnerability analysis, and response plan analysis. The risk for information related assets belongs to the operational risks suggested by BIS (Bank for International Settlements) and the information related losses can be estimated in terms of BIS' suggestion. In this paper it is proposed that how to apply the method proposed by BIS to estimate the loss of information assets.

• The KIPS Transactions:PartC
• /
• v.13C no.7 s.110
• /
• pp.851-858
• /
• 2006

The risk analysis's aim is analyze the risk for the asset of organization with asset assessment, vulnerability assessment, threat assessment. existing TTA risk analysis methodology model propose to overall flow, but can not propose to detail behavior or each level. That is, step of risk analysis is insufficient in classification of threat and detail proposal of considered the risk with classified threat. So this paper propose that analysis and evaluate the vulnerability and threat assessment with determinated quantity. this paper consider current national information system and threat of environment and technology. So can estimate the risk with determinated quantity. Finally, analyze the asset risk of organization.

• Korean Journal of Construction Engineering and Management
• /
• v.14 no.3
• /
• pp.22-32
• /
• 2013

Generally, asset management procedure consists of exact information collection, decision of service level, analysis of aspiration level, analysis of financial condition and available budget, preparation of asset management plan, and value of modified asset. In this study, for the risk-based asset management, condition assessment and performance measuring, assessment of failure modes and risks, evaluation/selection of treatment options, and implementation of optimum solution are additionally included. For this, bridge inventory and performance measure considering risks are classified and method of quantitative/qualitative performance measure is suggested. Also, evaluation method of risk analysis for bridge asset management is suggested and basic research is carried out for applicable method of risk-based asset management. Using suggested risk procedure and method of risk-based bridge service level evaluation, it is possible to perform resonable asset management. Moreover, it is concluded that the proposed applicable method of risk-based asset management will provide a solution to contribute the development of systematical asset management for optimal decision making and prototype asset management system.

• Journal of KIISE:Software and Applications
• /
• v.33 no.6
• /
• pp.550-563
• /
• 2006

Software product line engineering is a method that prepares for the future reuse and supports to seamless reuse in application development process. Commonality and variability play central roles in all product line development processes. Reusable assets will become core assets by explicitly representing C&V. Indeed, the variabilities that art identified at each phase of core assets development have different levels of abstraction. In the past, these variabilities have been handled in an implicit manner and without distinguishing the characteristics of each core assets. In addition, previous approaches have depended on the experience and intuition of a domain expert to recognize commonality and variability. In this paper, we suggest a 2-dimensional analyzing method that analyzes the variabilities of core assets in software product line. In horizontal analysis process, the variation types are analyzed in requirements, architecture, and component that are produced at each phase of development process. In vertical analysis process, variations are analyzed in different abstract levels, in which the region of commonality is identified and the variation points are refined. By this method, the traceability of variations between core assets will be possible and core assets can be reused seamlessly.

• Proceedings of the Korea Contents Association Conference
• /
• 2003.05a
• /
• pp.327-332
• /
• 2003

This paper is to outline a methodology for establishing the fair market value of knowledge assets that may be associated with a going-concern business enterprise and identify the elements of knowledge assets and provide the basic concepts for valuing thorn Within this contort we will identify the nature of some of the more common or well-know forms of knowledge assets, discuss the normal relationship of these forms of knowledge assets to the monetary and tangible assets of a business enterprise from an investor's perspective.

• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 2008.10a
• /
• pp.314-318
• /
• 2008

퇴직연금에서 DB(defined benefit, 확정급여형) 플랜 가입자는 은퇴 이후의 급여가 확정되는 반면, DC(defined contribution, 확정기여형) 플랜 가입자는 납입금액만 확정될 뿐미래의 급여는 보장되지 않는다. 따라서 DC 플랜 가입자는 가입기간 동안 적절한 투자전략을 통하여 연금자산이 최대로 성장할 수 있도록 노력해야 한다. 그러나 자산가격은 시장 위험에 노출되어 있기 때문에 자산배분은 퇴직시점에 접근할수록 안전자산 위주로 전환되어야 한다. 라이프사이클 자산배분모형과 라이프사이클포트폴리오는 최신의 운용기법으로 그 유용성을 인정받고 있지만, 기계적이고 직관적인 방법으로 인하여 이론적인 근거에 취약성을 가지고 있다. 본 연구에서는 DC 플랜 가입자의 안정적인 자산관리를 위한 라이프사이클을 고려한 자산배분모형을 제시하고자 한다. 시뮬레이션 최적화 방법을 활용한 자산배분의 경우, 채권의 비중은 주식의 누적수익률 열세와 변동성으로 인하여 비조건부 자산배분과 주식에 대한 최저 투자비중을 고려한 조건부 자산배분에서 우세하게 나타나고 있다. 그러나 두 자산배분모형의 성과는 장기적으로 차이를 보이다가 기간이 축소되면서 차이가 크게 줄어드는 것으로 분석되었다.

• The KIPS Transactions:PartD
• /
• v.13D no.4 s.107
• /
• pp.565-572
• /
• 2006

Product Line Engineering (PLE) is an effective reuse methodology where common features among members are captured into core assets and applications are developed by reusing the core assets, reducing development cost while increasing productivity. To maximize benefits in developing systems, business case analysis for PLE is essential. If the scope for core assets is excessively broad, it will result in high cost of asset development while lowering reusability. On the other hand, if the scope is too narrow, it will result in a limited applicability which only support a small number of members in the domain. In this paper, we propose a process for business case analysis for PLE and for deciding economical analysis of core asset scope. Then, we define guidelines for each activity of the process. Since variability often occurs in PLE, we significantly treat the variability of features among members in detailed level. By applying our framework for business case analysis, one can develop core assets of which scope provide the most economical value with applying PLE.