• Journal of Digital Contents Society
• /
• v.5 no.2
• /
• pp.95-100
• /
• 2004

For improve level of information security, the necessity of evaluation and certification of Information Security System(ISS) in increasing. Evalustion and Certification Institute have evaluated ISS for risk prevention of information dysfunction in an advanced countries. But, the problem of the time and cost occurred when it is caused by with application of unlike evaluation criteria each other. The result of effort to solution, Common Criteria(CC) and Common Evaluation Methodology(CEM) is using for evaluation of ISS and mutual recognition. Evaluation participant is needed flexible and active interpretation of CC and CEM for an efficient evaluation preparation and performance.

• The Journal of Society for e-Business Studies
• /
• v.10 no.3
• /
• pp.67-83
• /
• 2005

Common Criteria(CC) was announced in June, 1999 in order to solve a problem which be happened by applying a different evaluation criteria among nations. Currently, a official version is v2.2 and v3.0 is a draft version. Because an evaluation demand is increased in the inside and outside of the country, an evaluation market growth is expected. Also, It needs methodology and work automation and project management for evaluation. In this paper, we propose A CC based Security Evaluation Management System(CC-SEMS) that is managing evaluation resources(deliverables , evaluation criteria, evaluators) and is useful in evaluation environment efficiently. CC-SEMS is to have integrated project management, workflow management, process management and is composed of deliverables, Evaluation Activity Program(EAP), Management Object(MO), Evaluation Database(EDB), Evaluation Workflow Engine(EWE).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.5
• /
• pp.57-67
• /
• 2003

Security Policy Model is a structured representation using informal, semiformal or formal method of security policy to be enforced by TOE. It provides TOE to get an assurance to mitigate security flaws resulted from inconsistency between security functional requirements and functional specifications. Therefore, Security Policy Model has been required under an hish evaluation assurance level on an evaluation criteria such as ISO/IEC 15408(Common Criteria, CC). In this paper, we present an evaluation method for security policy model based on assurance requirements for security policy model in Common Criteria through an analysis of concepts, related researches and assurance requirements for security policy model.

• Proceedings of the KSR Conference
• /
• 2004.10a
• /
• pp.1731-1736
• /
• 2004

The purpose of this article is to introduce a useful methodology of effective goal-setting for the team-level units. As a way to overcome some common symptoms in terms of Strategic Performance Evaluation System such as lack of knowledge on goal-setting, disconnection of process, problem of judging the degree of difficulty about objectives, limits of staff departments evaluation, fairness and authority of evaluators, weakness in coaching technique, and quantity or figure-oriented evaluation, to name a few, and to seek a more plausible goal-setting methodology, the author suggests a persuasive goal-setting concept: VAR(Value-Added Results). VAR, as the end-results, is the team contributions that add value to the organization, and it results from the team's activities. In addition to these goal-setting technique based on the concept of value-added results, several aspects should be improved for Strategic Performance Evaluation System to be implemented more effectively. They are: 1) shift from MBO to MP & D(Managing Performance & Development), 2) impartial exercise of evaluation authority as a organizational public assets, 3) reinforcement of maternal leadership and servantship instead of paternal leadership, 4) utilization of IT-based evaluation system.

• Journal of Nuclear Fuel Cycle and Waste Technology
• /
• v.1 no.1
• /
• pp.83-92
• /
• 2013

A novel methodology to evaluate remote dismantling equipment for a reactor pressure vessel (RPV) in a decommissioning project is presented in this paper. The remote dismantling equipment, mainly composed of cutting tools and positioning equipment, is absolutely required to cut and handle highly radioactive and large components in nuclear power plants (NPPs); this equipment has a great effect on the overall success of the decommissioning project. Conventional evaluation methods have only focused on cutting technologies or positioning equipment, although remote dismantling equipment cannot achieve its goal without organic interaction between the cutting tools and the positioning equipment. In this paper, the cutting tools and the positioning equipment are evaluated by performance parameters according to their original characteristics, the relationship between the two systems, and common factors. Finally, the remote dismantling equipment used in recent decommissioning projects has been evaluated based on the proposed methodology. The results of this paper are expected to be useful for future decommissioning projects.

• Convergence Security Journal
• /
• v.8 no.3
• /
• pp.19-24
• /
• 2008

Common Criteria is a standard to estimate safety of information protection product such as network-level firewall system and intrusion detection system. Recently, CC version is changed from CC v.2.3 to CC v.3.1. CC v.3.1 estimation methodology requires a secured dictionary accomodation preparation for information protection product. In this research, progressed CC v3 base composition product test and research about vulnerability analysis method. Further, this paper presents specific plan sorting composition style information protection product examination methodology to existing principle and detailed methodology.

• Annals of Clinical Neurophysiology
• /
• v.22 no.1
• /
• pp.1-7
• /
• 2020

Neuromuscular ultrasonography has emerged over the last decade as a useful tool for diagnosing peripheral nerve disorders. It has been studied extensively with a particular focus on the assessment of compression neuropathies. Neuromuscular ultrasonography complements electrodiagnostic studies well by visualizing both the nerve anatomy and surrounding structures, providing useful data that cannot be obtained using the latter methodology only. This review article summarizes and synthesizes the literature focusing on the diagnostic role of neuromuscular ultrasonography in common compression neuropathies of the upper limb.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.6
• /
• pp.2354-2376
• /
• 2020

SmartThings is one of the most popular open platforms for home automation IoT solutions that allows users to create their own applications called SmartApps for personal use or for public distribution. The nature of openness demands high standards on the quality of SmartApps, but there have been few studies that have evaluated this thoroughly yet. As part of software quality practice, code reviews are responsible for detecting violations of coding standards and ensuring that best practices are followed. The purpose of this research is to propose systematically designed quality metrics under the well-known Goal/Question/Metric methodology and to evaluate the quality of SmartApps through automatic code reviews using a static analysis. We first organize our static analysis rules by following the GQM methodology, and then we apply the rules to real-world SmartApps to analyze and evaluate them. A study of 105 officially published and 74 community-created real-world SmartApps found a high ratio of violations in both types of SmartApps, and of all violations, security violations were most common. Our static analysis tool can effectively inspect reliability, maintainability, and security violations. The results of the automatic code review indicate the common violations among SmartApps.

• Advances in Computational Design
• /
• v.2 no.1
• /
• pp.15-28
• /
• 2017

One of the major developments in seismic design over the past few decades is the increased emphasis for limit states design now generally termed as Performance Based Engineering. Performance Based Seismic Design (PBSD) uses Displacement Based Design (DBD) methodology wherein structures are designed for a target level of displacement rather than Force Based Design (FBD) methodology where force or strength aspect is being used. Indian codes still follow FBD methodology compared to other modern codes like CalTrans, which follow DBD methodology. Hence in the present study, a detailed review of the two most common design methodologies i.e., FBD and DBD is presented. A critical evaluation of both these methodologies by comparing the seismic performance of bridge models designed using them highlight the importance of adopting DBD techniques in Indian Standards also. The inherent discrepancy associated with FBD in achieving 'seismic regularity' is highlighted by assessing the seismic performance of bridges with varied relative height ratios. The study also encompasses a brief comparison of the seismic design and detailing provisions of IRC 112 (2011), IRC 21 (2000), AASHTO LRFD (2012) and CalTrans (2013) to evaluate the discrepancies on the same in the Indian Standards. Based on the seismic performance evaluation and literature review a need for increasing the minimum longitudinal reinforcement percentage stipulated by IRC 112 (2011) for bridge columns is found necessary.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.11c
• /
• pp.2087-2090
• /
• 2002

최근 보안성 평가기준의 국제 표준인 공통평가기준(Common Criteria, ISO/IEC 15408)의 국내 도입이 활발하게 진행되고 있다. 따라서 개발자들은 개발초기부터 공통평가기준에 대비하여 보안 제품을 개발하는 것이 필요하다. 본 논문에서는 공통평가기준과 공통평가방법론(Common Evaluation Methodology, CEM)을 참고하여 개발자들이 공통평가기준에 대비하여 보안 제품을 개발할 수 있도록 하기 위한 개발 지침을 제시한다.