• 정보보호학회논문지
• /
• 제27권1호
• /
• pp.79-90
• /
• 2017

기업의 내부 정보 유출 감사 및 침해사고 사건에서 파일 처리 이력을 확보할 수 있다면 사용자의 행위를 좀 더 명확하게 추적하여 사건을 입증하는데 많은 도움이 될 수 있다. 윈도우에서는 파일 접근 이력을 확보할 수 있는 아티팩트들이 여럿 존재하나 부분적인 정보만 존재하거나 아티팩트의 특성상 오래 보존되어 있지 않아 사건 입증이 어려운 경우들이 많이 발생한다. 본 논문에서는 윈도우에서 제공하는 파일 감사 기능인 SACL(System Access Control List)을 활용하는 방법을 제안하고자 한다. 외부 솔루션을 도입할 수 없는 소규모 조직이라 하더라도 윈도우 설정을 강화하여 사고 발생 시 사건을 좀 더 명확히 입증할 수 있는 환경을 만들 수 있을 것이다.

• 해양환경안전학회지
• /
• 제20권2호
• /
• pp.165-171
• /
• 2014

본 연구에서는 선박항행이 허용되어 선박이 다니는 공유수면의 일정부분을 바다골재채취구역으로 하는 골재채취업에 대한 법적근거, 해상교통안전진단제도와 해역이용 협의 및 평가제도의 평가에 대한 중복성 및 양 제도간 적용 우선순위 등의 문제점으로 사업자에게 시간적 경제적 부담을 가중시키고 있으므로, 문제점 해결을 위한 개선방안을 제시하였다. 해양수산부에서 해사안전법과 해양환경관리법을 담당하고 있으므로 업무 협조체계를 유지하여 각각의 제도 평가위원회에 상호 전문가를 포함하는 방안과, 법률을 개정하여 근본적으로 해결하는 방안이 있다. 이를 통하여 해양에서 발생하는 사고의 개연성을 감소시키고 해양환경을 보호하는 방법이 될 것이다.

• 인터넷정보학회논문지
• /
• 제7권5호
• /
• pp.81-93
• /
• 2006

오늘날 정보기술은 모든 산업분야에서 경영의 근간을 이루고 있다. 특히 공공기관들은 민감한 데이터를 다루기 때문에 공정하고 효율적인 정보보호 체계를 갖추어야 한다. 현재 공공기관 대부분이 정보보호 소프트웨어 및 하드웨어를 보유하고 일상적인 감사를 받으며 운영 하고 있지만 관리 정책에 대한 감사체계가 마련되어 있지 않거나 형식에 그치고 있다. 본 논문은 BS7799에 근거한 감사체계를 이용하여 현재 공공기관의 업무환경에 적합한 감사시스템의 설계와 구현을 제시한다. 특히 광역시, 도, 시군구 공공기관에 있어 객관적이고 수치화된 정보보호 업무를 할 수 있는 정보보호 관리체계의 통제에 목적을 두었다. 업무감사시 주관적인 감사자의 이해관계를 통제하고 감사기관의 여건에 맞는 맞춤식 감사 도구를 설계하고 구현할 수 있는 기반을 제공한다.

• 생물치료정신의학
• /
• 제24권3호
• /
• pp.194-201
• /
• 2018

Objectives : Some studies have reported that chronotypes, among several factors, could contribute to problematic drinking. However, there is little evidence confirming this relationship between chronotype and problematic drinking based on gender differences in mood disorder. This study is to investigate the difference of the relationship between chronotype and problematic drinking according to gender differences in mood disorder. Methods : Two hundred fifteen patients with mood disorder were recruited. Problematic drinking and chronotypes were assessed by the Alcohol Use Disorder Identification Test in Korea(AUDIT) and the Korean translation of composite scale of morningness(KtCS). We analyzed the correlation between KtCS and AUDIT using Pearson's correlation, and compared AUDIT scores according to chronotypes classified by KtCS between male and female patients using analysis of variance(ANOVA). Results : There was no significant difference in AUDIT scores between the male and female patients(t=0.91, p=0.183). In female patients, eveningness had significantly higher AUDIT scores than other chronotypes(F=0.199, p=0.033). Meanwhile, in male patients, there was no significant difference in AUDIT score among chronotypes(F=0.008, p=0.933). Conclusion : This study suggests that eveningness might be associated with problematic drinking in female patients who suffer from mood disorder. It also suggests that chronotherapeutical treatment might be able to help improve the course in female patients with mood disorder. In the future, a large-scale prospective study is needed to confirm these results.

• 통합자연과학논문집
• /
• 제14권4호
• /
• pp.189-196
• /
• 2021

Recently, as a countermeasure for cyber breach attacks and confidential leak incidents on PC hard disk memory storage data of the metaverse industry, it is required when reviewing and developing a remote-based regular/real-time monitoring and analysis security system. The reason for this is that more than 90% of information security leaks occur on edge-end PCs, and tangible and intangible damage, such as an average of 1.20 billion won per metaverse industrial security secret leak (the most important facts and numerical statistics related to 2018 security, 10.2018. the same time as responding to the root of the occurrence of IT WORLD on the 16th, as it becomes the target of malicious code attacks that occur in areas such as the network system web due to interworking integration when building IT infrastructure, Deep-Access-based regular/real-time remote. The concept of memory analysis and audit system is key.

• 한국정보전자통신기술학회논문지
• /
• 제3권4호
• /
• pp.35-42
• /
• 2010

본 논문은 기존 SELinux를 포함한 리눅스 보안 운영체제와 보안 모듈에 관한 선행 연구 분석을 통해 사용자 식별 인증, 주체 객체의 보안 권한 상속, 참조 모니터와 MAC 등급 처리, DB를 이용한 실시간 감사 추적이 적용된 리눅스 접근제어 보안 모듈을 다음과 같이 제안하였다. 첫째, 사용자 인증 시 접속 허용 IP를 판별하고 보안등급과 범주를 입력하게 하여 불법 침입자가 superuser(root) 권한을 획득하였다 하더라도 시스템 파괴가 불가능 하도록 설계 하였다. 둘째, 주체 및 객체의 보안 속성 상속을 통하여 주체가 보안이 설정된 객체에 접근할 때, 설정되어 있는 주체의 보안 정보와 객체에 설정되어 있는 보안 정보를 비교함으로써 접근 제어가 이루어지도록 하였다. 셋째, 커널상에서 현재 발생하는 모든 사건에 대해 참조모니터의 감사를 진행하며, 악의적인 목적으로 여러 객체에 접근하는 것을 사전에 차단하도록 하였다. 넷째, DB를 이용한 실시간 보안 감사 추적 시스템을 통해 각 행위와 관련된 보안 감사 자료는 보안 관리자에게 실시간으로 제공되기 때문에 긴급 상황이나 문제 발생 시 즉각 대처할 수 있도록 설계하였다.

• 한국항해항만학회지
• /
• 제34권9호
• /
• pp.699-704
• /
• 2010

Recently, the navigation risk is increasing significantly with growing of vessels' volume and propelling marine facilities, water bridges and port development etc. As a result, Ministry of Land, Transport and Maritime Affairs enacted a new law called MSA(Maritime Safety Audit) as a comprehensive maritime traffic safety management scheme in order to ensure safety improvements from the early planning stage to post managing of the development which affect the maritime traffic environment. MSA as a tool for improving maritime traffic safety is a formal safety diagnosis assessment in the existing or future ship's fairway by an independent audit institute. It examines the potential hazards of maritime traffic safety about the port development, if necessary, and is to ensure the implementation of appropriate safety measures. The primary purpose of MSA is to identify potential risk elements affecting safe navigation. This paper is aimed to introduce the backgrounds, the necessity and efficiency of MSA and also to describe some technical standards and diagnostic procedures.

• 산경연구논집
• /
• 제6권2호
• /
• pp.13-16
• /
• 2015

Purpose - Benford's Law is a simple and effective auditor tool that detects fraud. This paper's purpose is to audit the efficiency of Benford's law, which uses a set of strange observations, certain numbers repeated over other numbers in the data set. Research design, data, and methodology - Benford's law was applied in numerical analysis. We can say that in addition to reducing the duration of the audit, the capacities of the audit were more robust. Results - Sample auditse valuated the ability of auditors to prove fraud and expand the use of analytical procedures in planning the audit. Additionally, the use of the analyses as part of the computer's internal controls helped to further improve the effectiveness of internal controls and reinforce them. Conclusions - Benford analysis should be carried out as appropriate. In subsequent studies, it can also be examined as a tool to reveal doubtful accounts. Numerical analysis of the data and a computer are necessary. Programs for data analysis in various applications such as auditing (SAS) and (ACL) and (Case Ware) and (IDEA) are available.

• The Journal of Asian Finance, Economics and Business
• /
• 제7권11호
• /
• pp.169-176
• /
• 2020

Business going concern is an important issue to be addressed since it determines how companies will survive. One indicator of the going concern problem is going concern opinion. The going concern opinion is a result of evaluation of auditors on going concern assumption of financial reporting. This research aims to examine the effect of opinion shopping, prior opinion, audit quality, and financial condition on going concern opinion. Research sample consists of 80 listed manufacturing companies on the Indonesian Stock Exchange surveyed between 2013 and 2017. Analysis data uses logistic regression. Based on the result, prior opinion affects going concern opinion, while opinion shopping, audit quality, and financial condition have no effect on going concern opinion. The significant effect of prior opinion on going concern opinion indicates that auditors consider the evaluation of the previous condition of companies' concern problematic since going concern is hard to be solved in a short-term period. This research provides recommendations for companies to increase their business ability so going concern problem can be avoided. This research also suggests to auditors to consider prior opinion to issue current opinion since previous companies' condition can be used as a general picture to initiate the auditing process.

• 대한의생명과학회지
• /
• 제22권3호
• /
• pp.65-74
• /
• 2016

The critical aspects of biosafety and bio-containment have been increasingly important in recent years. Biological agents involved in biological research projects at the Nanyang Technological University (NTU) Singapore are usually those with low risks. Biosafety level 2 or BSL 2 laboratories are widely used. However, biosafety measures which refer to the implementation of laboratory practices and procedures, specific construction features of laboratory facilities and safety equipment must be in place to reduce the exposure of laboratory personnel, the public or the environment to potentially infectious agents or other biological hazards. It is also required to pay more attention to laboratory-acquired infections (LAIs) which may occur in research laboratories, clinical laboratories or animal facilities. BSL 2 audit and certification program is implemented as an internal exercise covering laboratories in the university where biological agents are handled or biological research works are carried out. We have put some efforts to raise biosafety standards university-wide in both laboratory infrastructure and laboratory practices to a higher level. Common audit findings are briefly discussed in this presentation.