• The Journal of Korean Institute of Information Technology
• /
• v.17 no.5
• /
• pp.105-116
• /
• 2019

Most of the public and private buildings in Korea are installing CCTV for crime prevention and follow-up action, insider security, facility safety, and fire prevention, and the number of installations is increasing each year. In the questionnaire conducted on the increasing CCTV, many reactions were positive in terms of the prevention of crime that could occur due to the installation, rather than negative views such as privacy violation caused by CCTV shooting. However, CCTV poses a lot of privacy risks, and when the image data is collected using the cloud, the personal information of the subject can be leaked. InseCam relayed the CCTV surveillance video of each country in real time, including the front camera of the notebook computer, which caused a big issue. In this paper, we introduce a system to prevent leakage of private information and enhance the security of the cloud system by processing the privacy technique on image information about a subject photographed through CCTV.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.27-34
• /
• 2020

Recently, the fourth industrial revolution technology has not only changed everyday life greatly through technological development, but has also become a major keyword in the establishment of defense policy. In particular, Internet of Things, cloud, big data, mobile and cybersecurity technologies, called ICBMS, were selected as core leading technologies in defense information policy along with artificial intelligence. Amid the growing importance of the fourth industrial revolution technology, research is being carried out to develop the C4I system, which is currently operated separately by the Joint Chiefs of Staff and each military, including the KJCCS, ATCIS, KNCCS and AFCCS, into an integrated system in preparation for future warfare. This is to solve the problem of reduced interoperability for joint operations, such as information exchange, by operating the C4I system for each domain. In addition, systems such as the establishment of an integrated C4I system and the U.S. military's Risk Management Framework (RMF) are essential for efficient control and safe operation of weapons systems as they are being developed into super-connected and super-intelligent systems. Therefore, in this paper, the intelligent cyber threat detection, management of users' access to information, and intelligent management and visualization of cyber threat are presented in the future C4I system based on big data/cloud.

• Archives of Plastic Surgery
• /
• v.48 no.3
• /
• pp.295-304
• /
• 2021

Clinical photography is an essential component of patient care in plastic surgery. The use of unsecured smartphone cameras, digital cameras, social media, instant messaging, and commercially available cloud-based storage devices threatens patients' data safety. This paper Identifies potential risks of clinical photography and heightens awareness of safe clinical photography. Specifically, we evaluated existing risk-mitigation strategies globally, comparing them to industry standards in similar settings, and formulated a framework for developing a risk-mitigation plan for avoiding data breaches by identifying the safest methods of picture taking, transfer to storage, retrieval, and use, both within and outside the organization. Since threats evolve constantly, the framework must evolve too. Based on a literature search of both PubMed and the web (via Google) with key phrases and child terms (for PubMed), the risks and consequences of data breaches in individual processes in clinical photography are identified. Current clinical-photography practices are described. Lastly, we evaluate current risk mitigation strategies for clinical photography by examining guidelines from professional organizations, governmental agencies, and non-healthcare industries. Combining lessons learned from the steps above into a comprehensive framework that could contribute to national/international guidelines on safe clinical photography, we provide recommendations for best practice guidelines. It is imperative that best practice guidelines for the simple, safe, and secure capture, transfer, storage, and retrieval of clinical photographs be co-developed through cooperative efforts between providers, hospital administrators, clinical informaticians, IT governance structures, and national professional organizations. This would significantly safeguard patient data security and provide the privacy that patients deserve and expect.

• Proceedings of the Korean Institute of Industrial Safety Conference
• /
• 1998.11a
• /
• pp.121-124
• /
• 1998

화학공업은 고도의 기술집약적 장치산업이며 가연성 및 반응성이 높은 물질을 고온, 고압하에서 사용ㆍ저장하고 있기 때문에 화재 및 폭발사고의 가능성이 항상 잠재하고 있다. 특히, 화학공장에서 사용하는 대부분의 물질이 BLEVE (Boiling Liquid Expanding Vapor Expansion)와 VCE(Vapor Cloud Explosion)를 유발할 수 있는 가연성 물질이므로 사회적 문제를 야기할 수 있는 중대재해가 발생할 수 있다. (중략)

• Journal of Digital Convergence
• /
• v.15 no.4
• /
• pp.285-293
• /
• 2017

They are rapidly evolving malicious attacks on smart devices, and to timely protect the smart devices from these attacks has become a very important issue. In particular, smishing attack has emerged as one of the most important threats on the smartphone. In this paper, we propose the cloud service that can fundamentally protect the user from the risk of smishing attack. The proposed scheme provides cloud messaging service that can filter text messages including URLs in the user's smart device, view and manage them through a virtual machine provided by a cloud server. The existing techniques for preventing smshing attacks protect only malicious code of a known pattern and there is the possibility of error such as FP(False Positive) or FN(False Negative). However, since the proposed method automatically filters all text messages including URLs, storing, viewing, and managing them in their own storage space on the cloud server, it can completely block the installation of malwares(malicious codes) on the user's smart device through smishing attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.9
• /
• pp.2529-2549
• /
• 2023

For effectively lowering down the risk of cyber threating, the zero-trust architecture (ZTA) has been gradually deployed to the fields of smart city, Internet of Things, and cloud computing. The main concept of ZTA is to maintain a distrustful attitude towards all devices, identities, and communication requests, which only offering the minimum access and validity. Unfortunately, adopting the most secure and complex multifactor authentication has brought enterprise and employee a troublesome and unfriendly burden. Thus, authors aim to incorporate machine learning technology to build an employee behavior analysis ZTA. The new framework is characterized by the ability of adjusting the difficulty of identity verification through the user behavioral patterns and the risk degree of the resource. In particular, three key factors, including one-time password, face feature, and authorization code, have been applied to design the adaptive multifactor continuous authentication system. Simulations have demonstrated that the new work can eliminate the necessity of maintaining a heavy authentication and ensure an employee-friendly experience.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.10
• /
• pp.339-346
• /
• 2016

1 person media is becoming the leading trend among several media in the Internet era exploiting the individual desire of showing off. But, the vast accessibility of Internet produces the worry about privacy risk, which concludes in the increasement of closed SNS. In this paper, we propose a system based on PWW (Person Wide Web) where a person is producing a media and share it with other persons. PWW is an information system which consists of a smart-phone, mobile anchors, a standard web document, and his own cloud storage. An information consumer gets the link using his smart-phone from the mobile anchors attached on the objects in the field. The web browser in the smart-phone obtains the web documents designated by the link and presents it. We also explains the 1 person media system based on PWW and presents the example utilized in the field. We compared and analyzed the security factor of the system based on between WWW and PWW, and concluded that PWW is better than WWW in the aspect of security.

• Journal of Energy Engineering
• /
• v.23 no.4
• /
• pp.223-229
• /
• 2014

This study investigated the explosion characteristics of HCNG fuel using a simulation tool. The damage caused by the storage container explosion and vapor cloud explosion in a gas station was predicted. In case of an vapor cloud explosion in the HCNG station, 50~200kPa explosion pressure was predicted inside the station. When the cylinder explosion was occurred, in case of hydrogen, the measured influential distance of overpressure was 59m and radiant heat was 75m. In case of CNG, influential distance of overpressure was 89m and radiant heat was 144m would be estimated. In case of 30% HCNG that was blended with hydrogen and CNG, influential distance of overpressure was 81m and radiant heat was 130m were measured. The damage distance that explosive overpressure and radiant heat influenced CNG was seen as the highest. HCNG that was placed between CNG and hydrogen tended to be seen as more similar with CNG.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.557-559
• /
• 2022

The use of open source has the advantage that the development environment is convenient and maintenance is easier, but there is a limitation in that it is easy to be exposed to vulnerabilities from a security point of view. In this regard, the LOG4J vulnerability, which is an open source logging library widely used in Apache, was recently discovered. Currently, the risk of this vulnerability is at the 'highest' level, and developers are using it in many systems without being aware of such a problem, so there is a risk that hacking accidents due to the LOG4J vulnerability will continue to occur in the future. In this paper, we analyze the LOG4J vulnerability in detail and propose a SNORT detection policy technology that can detect vulnerabilities more quickly and accurately in the security control system. Through this, it is expected that in the future, security-related beginners, security officers, and companies will be able to efficiently monitor and respond quickly and proactively in preparation for the LOG4J vulnerability.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.2
• /
• pp.63-70
• /
• 2018

Safety management agent manages the risk behavior of the worker with the naked eye, but there is a real difficulty for one the agent to manage all the workers. In this paper, IoT device is attached to a harness safety belt that a worker wears to solve this problem, and behavior data is upload to the cloud in real time. We analyze the upload data through the deep learning and analyze the risk behavior of the worker. When the analysis result is judged to be dangerous behavior, we designed and implemented a system that informs the manager through monitoring application. In order to confirm that the risk behavior analysis through the deep learning is normally performed, the data values of 4 behaviors (walking, running, standing and sitting) were collected from IMU sensor for 60 minutes and learned through Tensorflow, Inception model. In order to verify the accuracy of the proposed system, we conducted inference experiments five times for each of the four behaviors, and confirmed the accuracy of the inference result to be 96.0%.