• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.4
• /
• pp.669-676
• /
• 2017

Recently, due to the importance of information security, security vulnerability analysis and various information protection technologies and security systems are being introduced as a countermeasure against cyber-attacks in new as well as existing buildings, and information security studies on high-rise buildings are also being conducted. However, security system introduction and research are generally performed from the viewpoint of general IT systems and security policies, so there is little consideration of the infrastructure of the building. In particular, the BAS or building infrastructure, is a closed system, unlike typical IT systems, but has unique structural features that accommodate open functions. Insufficient understanding of these system structures and functions when establishing a building security policy makes the information security policies for the BAS vulnerable and increases the likelihood that all of the components of the building will be exposed to malicious cyber-attacks via the BAS. In this paper, we propose an architecture reference model that integrates three different levels of BAS structure (from?) different vendors. The architectures derived from this study and the security characteristics and vulnerabilities at each level will contribute to the establishment of security policies that reflect the characteristics of the BAS and the improvement of the safety management of buildings.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.1019-1034
• /
• 2022

Malware attacks become more prevalent in the hyper-connected society of the 4th industrial revolution. To respond to such malware, automation of malware detection using artificial intelligence technology is attracting attention as a new alternative. However, using artificial intelligence without collateral for its reliability poses greater risks and side effects. The EU and the United States are seeking ways to secure the reliability of artificial intelligence, and the government announced a reliable strategy for realizing artificial intelligence in 2021. The government's AI reliability has five attributes: Safety, Explainability, Transparency, Robustness and Fairness. We develop four elements of safety, explainable, transparent, and fairness, excluding robustness in the malware detection model. In particular, we demonstrated stable generalization performance, which is model accuracy, through the verification of external agencies, and developed focusing on explainability including transparency. The artificial intelligence model, of which learning is determined by changing data, requires life cycle management. As a result, demand for the MLops framework is increasing, which integrates data, model development, and service operations. EXE-executable malware and documented malware response services become data collector as well as service operation at the same time, and connect with data pipelines which obtain information for labeling and purification through external APIs. We have facilitated other security service associations or infrastructure scaling using cloud SaaS and standard APIs.

• Journal of Climate Change Research
• /
• v.2 no.4
• /
• pp.297-307
• /
• 2011

This study investigates relation of food safety incidents with climate. Therefore food safety incidents and climate data during 1999 to 2009 have been analyzed. In situ observations of monthly mean temperature, maximum temperature, minimum temperature, precipitation, and relative humidity in 60 observation stations of Korean Meteorological Administration (KMA) have been used in this study. Food safety incidents data have been constructed by searching media reports following Park's method (2009) during the same period. According to the Park's method, 729 events were collected. To analyze its relations, food safety incidents data have been classified into chemical, biological, and physical hazards. Pearson product-moment correlation coefficients have been applied to analyze the relations. The correlation of food safety incidents has negative one with precipitation (-0.48), and positive one with minimum temperature(0.45). Precipitation has been correlated with biological and physical hazards more than chemical hazard. Temperatures (mean temperature, maximum temperature, and minimum temperature) have been correlated closely with chemical hazard than others. Food safety incidents data has been interblended with human behavior factor through decision-making processes in food manufacturing, processing, and consumption phases of "farm-totable" food processing. Act in the preventing damage will be obvious if the hazard were apparent. Therefore abnormal condition could be more dangerous than that of apparent extreme events because apparent events or extreme events become one of alarm over hazards. Therefore, human behavior should be considered as one of the important factors for analysis of food safety incidents. The result of this study can be used as a better case study for food safety researches related to climate change.

• Journal of the Korean Institute of Landscape Architecture
• /
• v.35 no.2 s.121
• /
• pp.1-12
• /
• 2007

근래 한국에서도 대표적 공공공간인 공원의 조성 및 관리와 관련하여 파트너십에 대한 관심이 일고 있다. 주민들이 만들어가는 공원, 다양한 힘의 역학구조 속에서 공공성 유지, 지속 가능한 사회 구현에 도움이 될 것이라는 전망 때문이다. 이에 본 연구에서는 추후 한국에서의 실천과 제도정비에 도움이 될 수 있도록, 영국에서는 어떻게 정책적으로 파트너쉽을 유도하는지 그리고 커뮤니티는 이를 어떻게 수용하여 자신들의 사례를 만들어 가는가를 살펴보았다. 사례연구에 있어서는 질적 연구방법을 택했으며, 분석보다는 사례가 갖는 내러티브(narratives)를 다층적으로 서술하는데 초점을 두었다. 이것은 거대 내러티브가 사라지고 있는 현대 사회에서 일반적 원칙보다는 개별 사례의 구체성을 밝히는 것이 보다 중요하다는 일부 사회학 연구자들의 견해를 수용한 것이다. 더욱이, 주민참여 관련 사례는 지역특성과 주민의 영향을 많이 받기 때문에 이러한 연구방법이 유용할 것이다. 더불어, 이러한 방식은 자못 추상적 이해에 그칠 외국 사례를 보다 구체적으로 이해하는데 적합할 것이다. 연구결과에 있어, 먼저 영국에서는 지방의제21(LA21)이 지방정부의 서비스에 대한 근본적 태도와 체계를 바꾸는데 기여했다는 것을 알 수 있었다. 일례로, 뉴캐슬(Newcastle upon Tyne)시는 직접 서비스를 제공하기 보다는 주민들의 참여를 촉진하고 도와주는 방향으로 역할을 전환하고 있었다. 그리고 다양한 자금지원체계는 직접적으로 파트너십을 독려하고 있었다. 영국 뉴캐슬(Newcastle upon Tyne) 웨이브리 파크(Waverley Park) 사례를 살펴본 바에 따르면, 파트너십에 대한 지방정부의 태도가 성공적 파트너십에 있어 중요한 요소임을 확인할 수 있었다. 이 사례에서는 프렌즈그룹 이외, 커뮤니티 외부의 비영리 단체가 참여하지 않았는데, 이는 지방정부가 적극적으로 주민들의 참여를 촉구하고 도왔기 때문이다. 이외, 커뮤니티의 구성원과 공무원들의 개인적 역할도 중요하다는 것을 알 수 있었다. 중앙정부는 단지 자금뿐만이 아니라 다양한 사례에서 축적한 정보를 커뮤니티에 지원하고 전 과정을 모니터링 하고 있었는데, 간접적 참여라고 할 수 있다. 앞에서 언급했듯이, 본 연구는 영국에서의 파트너십과 관련된 제도, 그리고 제도가 구체적 현실에서 작동되면서 나타나는 특수성을 살펴보는 데 주력했다. 그런데 사례 연구에서 발견한 특수성을 한국에서의 시사점으로 명시하는 것은 한계가 있을 수 있다. 그래서 시사점은, 제도적 차원에서 한국과 영국을 비교하여 간략하게 제시했다. 첫째, 지방의제 21의 수용 방식이다. 한국의 지방정부 또한 지방의제 21을 실천하기 위해 협의회 등을 설치하였지만 행정 시스템을 전반적으로 변화시키고 있는 영국과는 차이점이 있다. 둘째, 공원과 녹지에 대한 지원금이 제공될 때, 지역주민의 동의를 요구하는 것은 커뮤니티의 참여를 독려하고 주인의식을 갖도록 하는데 효과적이라는 것도 시사점이 될 수 있다. 한국에서도 녹색복권 등 세원 이외의 자금이 공원 및 녹지 공간에 투입되고 있으나 주민들이 직접 이를 이용하도록 되어 있지는 않다. 즉, 커뮤니티의 참여와 관련되어 쓰이고 있지는 않다. 세 번째는, 커뮤니티와 공원과의 관계로 공원 설계와 관리에 있어서 영국에서는 커뮤니티가 직접 고객(client)으로서 역할을 하고 있었다. 한국에서도 계획 및 설계 과정에 주민을 참여시키는 경우가 있으나 의견청취 정도에 머물고 있고, 몇몇 시민단체를 중심으로 시민들이 직접 공원 관리에 참여하는 경우도 있으나 운동(movement)차원에 머물고 있을 뿐 이를 위한 제도적, 법적 토대가 구축되어 있지는 않다.

• Information Systems Review
• /
• v.7 no.2
• /
• pp.101-115
• /
• 2005

IT companies make a lot of effort to share and utilize the experiences of their members and transform them into organizational knowledge as a competitive core. However they face a dilemma in that they have to spend time and financial resources to perform activities around knowledge management for the long-term gains, while carrying at field-work for making short-term profits. As an initial attempt to tackle this managerial problem, this paper tries to investigate the mechanism of knowledge management in a small IT company in Korea with a synthetic view-point using system dynamics simulation model. It depicts the dynamic behaviors of knowledge management and presents some findings of political leverage. Although this model has to be further replenished, the scheme for the dynamism of knowledge management and the findings presented in the paper could be useful for the decision makers, especially of knowledge-intensive organizations.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2009.05a
• /
• pp.880-884
• /
• 2009

여름철 강우시 저수지로 유입하는 고탁도의 하천수는 저수지 주변 수체에 비해 낮은 수온과 높은 부유물질 농도(SS)로 인해 상대적으로 높은 밀도를 가지며, 저수지 내에서 동일 밀도층을 따라 분포하며 밀도류를 형성하게 된다. 탁수는 대부분 장기간 저수지에 체류하며 수질과 수생태계에 큰 영향을 주게 된다. 따라서 저수지로 유입한 탁수의 밀도류 거동특성을 파악하는 것은 저수지 운영, 수질관리 및 수생태계 보호를 위한 관리대책 수립에 있어서 중요한 요소이다. 본 연구의 목적은 횡방향 평균 2차원 수치모델을 이용하여 초기수위별 다양한 유량규모에서 소양호로 유입하는 밀도류의 거동특성(유입경계지점 수심($h_0$), 침강점 수심($d_p$)과 거리($X_p$), 분리점 수심($d_s$), 중층류 관입두께($h_i$), 댐 축 도달시간($t_a$), 희석율(${\beta}$))을 분석하여 저수지 수질관리를 위한 의사결정지원 기초정보를 제공하는데 있다. 밀도류의 거동분석을 위해 사용된 유량조건은 그동안 소양호에서 발생한 홍수크기를 바탕으로 7개의 등급으로 나누었으며, 각각의 유량조건별 수문곡선은 2007년 수문사상 중 7월 30일부터 8월 30일까지의 수문사상을 바탕으로 수정가우시안 공식을 사용하여 산정하였다. 탁수 거동 특성의 모의는 서로 다른 초기 수위 및 유량조건하에서의 탁수거동을 나타냈고, SS농도 25 mg/L 이상을 기준으로 하여 탁수층의 $d_p$, $X_p$, $d_s$, $h_i$, $t_a$, ${\beta}$를 산정하였다. 일반적으로 유량규모가 커질수록 $d_p$와 $d_s$는 증가하였고, $X_p$는 댐 축으로부터 가까워짐이 확인되었으나, 동일 유량규모에 대해 초기 수위가 증가함에 따라 $X_p$는 대체로 댐으로부터 멀어졌다. $h_i$는 유량규모가 증가함에 따라 완만하게 증가하는 경향을 보였고, $t_a$는 초기수위가 EL. 165 m일 때 유량이 2,000 CMS 미만인 경우 댐 앞까지 도달하지 못하는 것으로 나타났으며, 나머지 수위조건에서는 유량이 3,000 CMS 미만인 경우 댐 앞까지 도달하지 못하는 것으로 나타났다. 유량 규모에 따라 $X_p$가 0 km인 지점과 19 km인 지점에서의 ${\beta}$ 값을 산정한 결과 일반적으로 유량규모가 커질수록 유입수의 희석효과는 작아지며 초기수위가 커질수록 증가하는 경향을 나타냈다. 연구 결과는 탁수 발생 초기 저수지 운영 실무자들이 유량규모 및 초기 수위조건에 따른 밀도류의 거동특성을 신속히 예측하는 목적으로 사용될 수 있다.

• Journal of Environmental Policy
• /
• v.13 no.4
• /
• pp.135-159
• /
• 2014

Industrial insect is defined as the insect utilized in industries that creates added value. Most of the industrial insects used in Korea are exotic species that are introduced through artificial means. Despite the rapid expansion of market for industrial insects, the system for risk assessment of industrial insects is not being adequately conducted. Although Korea carries out a risk assessment for the species designated as disease and insect pest by Animal and Plant Quarantine Agency, far too little consideration is being given to overall ecosystem, as the control system is covered in the Plant Quarantine Law. To solve this problem, we analyzed the Korean risk assessment system and looked at systems in other countries. The results show that it is essential for stakeholders to reach an agreement to set up fundamental directions for the system. Unless the integration system of taxonomical and ecological information is prepared, the ecological risk assessment should be conservative to protect ecosystems and should also follow the precautionary principle. It also requires cooperation among the ministries. In addition, the results indicated that a differentiation between risk assessment and screening is urgent. Several solutions such as setting up clear objectives in both assessment and screening stages, target species, steering organization and assessment criteria assessment systems from were proposed as practical institutional strategies. Among many foreign countries the assessment system from Ireland equally considers various factors such as economical, ecological safety and management aspects, It is also based on precautionary principle to fulfil its original purpose. It was suggested that the Ireland system would be the best reference that can be modified and applied into the Korean system by considering distinct characteristics of the industrial insects.

• Information Systems Review
• /
• v.17 no.1
• /
• pp.117-140
• /
• 2015

Cloud Computing has drawn attention as one of 10 IT strategic technology trends and has various advantages such as cost reduction and enhancing business flexibility. However, corporations hesitate to adopt the service because of unexpected risks. Especially compared to large firm, medium and small ones use public cloud that security risk is high. Meanwhile, real option strategy has drawn attention as the method to hedge uncertainty in IT projects. Therefore, in this study causal relationships among technical, security, relational, and economic risks of cloud service will be investigated. Eventually, this study investigates how those risks influence the intention to choose the real option about the cloud service. For this study, five hypotheses is drawn, and a survey is conducted about the medium and small firms which are currently using cloud service to examine hypotheses. Since the study is at organizational level, 287 questionnaire replies are recalculated to 120 firms. For statistical analysis, Smart PLS and SPSS Statistics18 are used. As a result, technical risk of cloud service has significantly positive influence on security risk. Second, security risk and relational risk of cloud service has significantly positive influence on economic risk. Third, economic risk of cloud service has significantly positive influence on the intention to purchase the delay option or abandon option. Based on this result, this research discussed practical and academic implications and the limitations.

• Journal of Convergence for Information Technology
• /
• v.11 no.10
• /
• pp.144-150
• /
• 2021

The purpose of this paper is to review the direction of the slicing security policy, which is a major consideration in the context of standardization in 5G communication network security, to derive security vulnerability diagnosis items, and to present about analyzing and presenting the issues of discussion for 5G communication network virtualization. As for the research method, the direction of virtualization security policy of 5G communication network of ENISA (European Union Agency for Cybersecurity), a European core security research institute, and research contents such as virtualization security policy and vulnerability analysis of 5G communication network from related journals were used for analysis. In the research result of this paper, the security structure in virtualization security of 5G communication network is arranged, and security threats and risk management factors are derived. In addition, vulnerability diagnosis items were derived for each security service in the risk management area. The contribution of this study is to summarize the security threat items in 5G communication network virtualization security that is still being discussed, to be able to gain insights of the direction of European 5G communication network cybersecurity, and to derive vulnerabilities diagnosis items to be considered for virtualization security of 5G communication network. In addition, the results of this study can be used as basic data to develop vulnerability diagnosis items for virtualization security of domestic 5G communication networks. In the future, it is necessary to study the detailed diagnosis process for the vulnerability diagnosis items of 5G communication network virtualization security.

• KSCE Journal of Civil and Environmental Engineering Research
• /
• v.28 no.3B
• /
• pp.283-296
• /
• 2008

The Urban Stream Assessment Technique (USAT) was suggested to give information about present urban stream condition. Domestic and foreign stream evaluation methods were analyzed and some streams were previously investigated to decide evaluation factors that could evaluate stream condition and have concern with characteristics and flood control of urban stream. The USAT consisted of three steps. High step has three characteristics concerned with functions of stream such as flood risk, stream, and ecology. In middle step, three characteristics were subdivided by ten features to describe changes and degradations of urban stream. Low step consisted of fifty three factors that explain the present condition of ten features. A survey of river experts was conducted to reflect weight among characteristics and features. The weights were calculated by analytic hierarchy process(AHP). The USAT was carried out to check over application of that in Suwon, Anyang, and Joongrang stream. The results of stream evaluation were expressed by factor index, feature index, characteristic index, total index, and evaluation grade. The results of the USAT were useful to realize changed and degraded areas. It is expected that the USAT can be used as base investigation for restoring and managing urban streams.