• Journal of the Korea Safety Management & Science
• /
• v.14 no.4
• /
• pp.153-168
• /
• 2012

It has been recognized as an important issue to design optimally a firm's logistics network for minimizing logistics cost and maximizing customer service. It is, however, not easy to get an optimal solution by analyzing trade-off of cost factors, dynamic and interdependent characteristics in the logistics network decision making. Although there has been some developments in a system which helps decision making for logistics analysis, it is true that there is no system for enterprise-wise's on-site support and methodical logistics decision. Specially, E-biz process along with information technology has been made dramatic advance in a various industries, there has been much need for practical education closely resembles on-site work. The software developed by this study materializes efficient algorithm suggested by recent studies in key topics of logistics such as location and allocation problem, traveling salesman problem, and vehicle routing problem and transportation and distribution problem. It also supports executing a variety of experimental design and analysis in a way of the most user friendly based on Java. In the near future, we expect that it can be extended to integrated supply chain solution by adding decision making in production in addition to a decision in logistics.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.3
• /
• pp.1702-1721
• /
• 2019

A workflow process (or business process) management system helps to define, execute, monitor and manage workflow models deployed on a workflow-supported enterprise, and the system is compartmentalized into a modeling subsystem and an enacting subsystem, in general. The modeling subsystem's functionality is to discover and analyze workflow models via a theoretical modeling methodology like ICN, to graphically define them via a graphical representation notation like BPMN, and to systematically deploy those graphically defined models onto the enacting subsystem by transforming into their textual models represented by a standardized workflow process definition language like XPDL. Before deploying those defined workflow models, it is very important to inspect its syntactical correctness as well as its structural properness to minimize the loss of effectiveness and the depreciation of efficiency in managing the corresponding workflow models. In this paper, we are particularly interested in verifying very large-scale and massively parallel workflow models, and so we need a sophisticated analyzer to automatically analyze those specialized and complex styles of workflow models. One of the sophisticated analyzers devised in this paper is able to analyze not only the structural complexity but also the data-sequence complexity, especially. The structural complexity is based upon combinational usages of those control-structure constructs such as subprocesses, exclusive-OR, parallel-AND and iterative-LOOP primitives with preserving matched pairing and proper nesting properties, whereas the data-sequence complexity is based upon combinational usages of those relevant data repositories such as data definition sequences and data use sequences. Through the devised and implemented analyzer in this paper, we are able eventually to achieve the systematic verifications of the syntactical correctness as well as the effective validation of the structural properness on those complicate and large-scale styles of workflow models. As an experimental study, we apply the implemented analyzer to an exemplary large-scale and massively parallel workflow process model, the Large Bank Transaction Workflow Process Model, and show the structural complexity analysis results via a series of operational screens captured from the implemented analyzer.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.213-225
• /
• 2022

Containerization, a lightweight virtualization technology, enables agile deployments of enterprise-scale microservices in modern cloud environments. However, containerization also opens a new window for adversaries who aim to disrupt the cloud environments. Since microservices are composed of multiple containers connected through a virtual network, a single compromised container can carry out network-level attacks to hijack its neighboring containers. While existing solutions protect containers against such attacks by using network access controls, they still have severe limitations in terms of performance. More specifically, they significantly degrade network performance when processing packet payloads for L7 access controls (e.g., HTTP). To address this problem, we present BPFast, an eBPF/XDP-based payload inspection system for containers. BPFast inspects headers and payloads of packets at a kernel-level without any user-level components. We evaluate a prototype of BPFast on a Kubernetes environment. Our results show that BPFast outperforms state-of-the-art solutions by up to 7x in network latency and throughput.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.5
• /
• pp.57-66
• /
• 2023

In this paper, a research trend of attack graph studies for Cyber-Physical System (CPS) environments is surveyed, and we analyse the limitations of previous works and prospect the future directions. 35 among around 150 attack graph studies conducted within 5 years target CPS, and we inspect key features of CPS environment in the security aspect. Also, we categorize and analyze target studies in the aspect of modelling physical systems and considering air gaps, which are derived as key features of the security aspects of CPS. Half of 20 research that we surveyed do not reflect those two features, and other studies only consider one of the two features. In this circumstance, we examine challenges that attack graph studies on CPS environment face. Finally, we expect state-led studies or studies targeting open-spec commercial CPS will dominate.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.214-216
• /
• 2021

It proposes a plan to strengthen the limitations of existing corporate security systems based on Zero-Trust. With the advent of the era of the Fourth Industrial Revolution, the paradigm of security is also changing. As remote work becomes more active due to cloud computing and COVID-19, security issues arising from the changed IT environment are raised. At the same time, in the current situation where attack techniques are becoming intelligent and advanced, companies should further strengthen their current security systems by utilizing zero trust security. Zero-trust security increases security by monitoring all data communications based on the concept of doubting and trusting everything, and allowing strict authentication and minimal access to access requestors. Therefore, this paper introduces a zero trust security solution that strengthens the existing security system and presents the direction and validity that companies should introduce.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.83-102
• /
• 2024

Recently, as the use of the cloud increases year by year and remote work within the enterprise has become one of the new types of work, the security of the cloud-based remote work environment has become important. The introduction of zero trust is required due to the limitations of the existing perimeter security model that assumes that everything in the internal network is safe. Accordingly, NIST and DoD published standards related to zero trust architecture, but the security requirements of that standard describe only logical architecture at the abstract level. Therefore, this paper intends to present more detailed security requirements compared to NIST and DoD standards by performing threat modeling for OpenStack clouds. After that, this research team performed a security analysis of commercial cloud services to verify the requirements. As a result of the security analysis, we identified security requirements that each cloud service was not satisfied with. We proposed potential threats and countermeasures for cloud services with zero trust, which aims to help build a secure zero trust-based remote working environment.

• Proceedings of the Korean Institute Of Construction Engineering and Management
• /
• autumn
• /
• pp.164-170
• /
• 2003

This paper is to evaluate the informational direction, current situations and ERP establishment concerning constructing industry, to present the right directions, implemented cases for implementing constructional ERP, also to suggest the effect, influence, problems and shootings in constructional ERP arena. The constructing industries in korea are facing great turning point because of the huge corruptions currently happened and forcing to open the market in 1997. Attempting to establish Computer Integrated construction system (ERP) by breaking down constructing cost, improving quality, operating rapid and effective construction to enhance productivity, it is hard to achieve the goal with only inter-contractor's establishment. Constructing industries are integrated ones, consisted of many organizations for instance ordering agencies, contractors, subcontractors, material vendors, etc. and use various information formats such as texts, graphics, drawings. I dare suggest that implementation of constructional CALS including EDI/EC, GIS is tile only solution to control the information systematically generated in whole stages from planing, designing, constructing through maintenance, and to supply or switch the information.

• Journal of Korea Society of Industrial Information Systems
• /
• v.23 no.3
• /
• pp.35-48
• /
• 2018

Recently, We will analyzed the effects of supply chain management(SCM) execution factors on the competitive advantage, focusing on display industry, which is the most intense sectors in global competition. It is important for global companies to secure corporate agility to actively respond to rapid changes in the market. This study examines whether business agility influences competitive advantage and plays a mediating role between performance and competitive advantage considering market situation.. As a result, it was analyzed that three variables of strategic factors such as strategic partnership, information sharing, and information technology have statistically significant effects on firm agility and competitive advantage. Also, it is proved that corporate agility is mediating effect on SCM execution factor and competitive advantage. This study suggests that SCM in global manufacturing industry is a Business Management System(MIS) that must be operated in enterprise management.

• Journal of Advanced Navigation Technology
• /
• v.15 no.6
• /
• pp.1212-1219
• /
• 2011

As recently Privacy Acts in Korea enforced in domestic companies' personal information management needs of a growing obligation for the safety measures and the right of personal information collection, use, limitations, management, and destroyed specifically for handling personal information. Such this regulations should be required technical and policy supports. Accordingly, for the enterprise incident has occurred, the personal information management system behave correctly operating to verify that the safety measures taken, and be determined by the specific preparation to be done. So the first, preparation phase corresponds to the upcoming digital forensic investigation model. On the other hand, the response team also carried these measures out correctly, it needs to be done to check the compliance of Privacy Act. Thus a digital forensics investigation model is strictly related with the implementation of the Privacy Acts and improve the coping strategies are needed. In this paper, we suggest a digital forensic investigation model corresponding to Privacy Act.

• Journal of Intelligence and Information Systems
• /
• v.17 no.3
• /
• pp.169-185
• /
• 2011

Data redundancy is problematic in that it not only induces heavy storage management cost but also could bring critical degradation of information systems. Unfortunately, to our knowledge, only few enterprises willingly afford time and efforts for the faithful conceptual design to prevent the degree of inappropriate data as much as they could, while most of enterprises pay rare attention to the notion of that sort of data quality. Wondering if there would be any other way to design the enterprise.wide data design without prior knowledge about business works is our major motivation for this study. In this paper, we present our data modeling methodology in which associations among objects in each sentences of a business job descriptions are treated as the focal point in database design. A proposed agent for automated design tool simply takes a business job description written in natural language as an input, and then designs an entity relationship diagram with some smart rules. We introduce the scope of the proposed agent and its detailed logics with several examples. And then, we verify the appropriateness of the resulted associations among objects. Lastly, we perform case studies to evaluate the devised agent's applicability to a business field.