• International journal of advanced smart convergence
• /
• v.13 no.2
• /
• pp.69-79
• /
• 2024

AI technology is a central focus of the 4th Industrial Revolution. However, compared to some existing non-artificial intelligence technologies, new AI adversarial attacks have become possible in learning data management, input data management, and other areas. These attacks, which exploit weaknesses in AI encryption technology, are not only emerging as social issues but are also expected to have a significant negative impact on existing IT and convergence industries. This paper examines various cases of AI adversarial attacks developed recently, categorizes them into five groups, and provides a foundational document for developing security guidelines to verify their safety. The findings of this study confirm AI adversarial attacks that can be applied to various types of cryptographic modules (such as hardware cryptographic modules, software cryptographic modules, firmware cryptographic modules, hybrid software cryptographic modules, hybrid firmware cryptographic modules, etc.) incorporating AI technology. The aim is to offer a foundational document for the development of standardized protocols, believed to play a crucial role in rejuvenating the information security industry in the future.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.9
• /
• pp.3495-3501
• /
• 2010

Because the application simultaneously to transmit large amounts of data (Video conferencing, Internet broadcasting, Online games etc.) to multiple users increases, the importance and utilization of group communication was greater. So the security was recognized as a important issue. To provide security in multicast environment, A study of single group management server using protocol based on Key Tree Scheme was proposed. But the paper proposes secure group key management scheme to be a relatively low-overhead. Therefore proposed paper is demonstrated to be excellent by comparing the effectiveness of existing and proposed group key management scheme.

• International Journal of Computer Science & Network Security
• /
• v.21 no.3
• /
• pp.141-144
• /
• 2021

Modern concepts of management of construction production systems require solving the problems of harmonization of the distribution of structural elements on the way to overcoming global destabilization processes. An effective ratio of functional subsystems of production in an environment of mutual influence create sustainable opportunities for production management and contribute to the logical development of the system as a whole in achieving the main goal of harmonious management. The purpose of the study is to develop the concept of effective management of production systems in construction with the harmonious formation of organizational structures. The results of the study allowed to reveal the harmonization approach in improving the interaction of structural elements of production and accelerating their functional sensitivity to changes in the environment. Harmonious production system more effectively adapts to the diversity of interests, goals and actions at all levels of management of different subsystems in any environment.

• Journal of Industrial Convergence
• /
• v.13 no.2
• /
• pp.45-54
• /
• 2015

This Study aims to analyze the factors for the success of commercialization of the facial extraction and recognition image security information system of the domestic companies in Korea. As the results of the analysis, the internal factors for the success of commercialization of the facial extraction and recognition image security information system of the company were found to include (1) Holding of technology for close range facial recognition, (2) Holding of several facial recognition related patents, (3) Preference for the facial recognition security system over the fingerprint recognition and (4) strong volition of the CEO of the corresponding company. On the other hand, the external environmental factors for the success were found to include (1) Extensiveness of the market, (2) Rapid growth of the global facial recognition market, (3) Increased demand for the image security system, (4) Competition in securing of the engine for facial extraction and recognition and (5) Selection by the government as one of the 100 major strategic products.

• Journal of Applied Reliability
• /
• v.14 no.2
• /
• pp.108-113
• /
• 2014

The demand against the risk analysis and information security of system from the companies or the agencies which operate an information system is increasing. ISO/IEC 27001 was established by ISO (International Organization for Standardization) and IEC (International Electrotechnical Commission). Also this standard is international and authoritative standard of ISMS (Information Security Management System). This paper is to review how the ISO 27001 ISMS Requirement has been established and improved, and to communicate the significant changes from ISO27001 : 2005 to ISO 27001 : 2013 focusing on reasons for revisions. Additionally, This paper shows case study for understanding ISO 27001 : 2013 implementation.

• Proceedings of the Korea Technology Innovation Society Conference
• /
• 2015.05a
• /
• pp.545-570
• /
• 2015

Korea is among the ten countries with the largest R&D budget and the highest R&D investment-to-GDP ratio, yet the subject of security and protection of R&D results remains relatively unexplored in the country. Countries have implemented in their legal systems measures to properly protect cutting-edge industrial technologies that would adversely affect national security and economy if leaked to other countries. While Korea has a generally stable legal framework as provided in the Regulation on the National R&D Program Management (the "Regulation") and the Act on Industrial Technology Protection, many difficulties follow in practice when determining details on security management and obligations and setting standards in carrying out national R&D projects. This paper proposes to modify and improve security level classification standards in the Regulation. The Regulation provides a dual security level decision-making system for R&D projects: the security level can be determined either by researcher or by the central agency in charge of the project. Unification of such a dual system can avoid unnecessary confusions. To prevent a leakage, it is crucial that research projects be carried out in compliance with their assigned security levels and standards and results be effectively managed. The paper examines from a practitioner's perspective relevant legal provisions on leakage of confidential R&D projects, infringement, injunction, punishment, attempt and conspiracy, dual liability, duty of report to the National Intelligence Service (the "NIS") of security management process and other security issues arising from national R&D projects, and manual drafting in case of a breach. The paper recommends to train security and technological experts such as industrial security experts to properly amend laws on security level classification standards and relevant technological contents. A quarterly policy development committee must also be set up by the NIS in cooperation with relevant organizations. The committee shall provide a project management manual that provides step-by-step guidance for organizations that carry out national R&D projects as a preventive measure against possible leakage. In the short term, the NIS National Industrial Security Center's duties should be expanded to incorporate national R&D projects' security. In the long term, a security task force must be set up to protect, support and manage the projects whose responsibilities should include research, policy development, PR and training of security-related issues. Through these means, a social consensus must be reached on the need for protecting national R&D projects. The most efficient way to implement these measures is to facilitate security training programs and meetings that provide opportunities for communication among industrial security experts and researchers. Furthermore, the Regulation's security provisions must be examined and improved.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.38 no.4
• /
• pp.193-201
• /
• 2015

Corporation's valuable intelligent asset is being threatened from the skills of threatening subject that has been evolved along with the growth of the information system and the amount of the information asset. Domestically, attempts of various private information attacks, important information extortion, and information damage have been detected, and some of them have abused the vulnerability of security of information system, and have become a severe social problem that generates security incident. When accessing to the security, most of companies used to establish a strategy with a consistent manner and a solution plan. However, this is not a proper way. The order of priorities vary depending on the types of business. Also, the scale of damage varies significantly depending on the types of security incidents. And method of reaction and critical control point vary depending on the types of business and security incidents. In this study, I will define the security incidents by their types and preponderantly examine how one should react to those security incidents. In this study, analyzed many types of security accidents that can occur within a corporation and an organization considering various factors. Through this analysis, thought about factors that has to be considered by corporations and organizations when they intend to access to the information security. This study focuses on the response methodology based on the analysis of the case analysis of the leakage of industrial secret and private secret other than the conceptual response methodology that examines the way to prevent the leakage of the industry security systems and the industry information activities. And based on these factors, want to be of help for corporations to apply a reasonable approach when they establish a strategy to information security.

• Journal of Digital Convergence
• /
• v.11 no.10
• /
• pp.1-16
• /
• 2013

This study analyzed on local governmental role for strengthening of industry security in small and medium-sized businesses, Focused on case of Gyeonggido. In particular, Gyunggi-do evaluates various businesses (construction for cyber security businesses and revitalization of the private security control centers) which are promoted to strengthen industrial security in the region, by targeting SME representatives in various aspects. We focused on finding what role Gyeonggido can take to meet this demand has been explored. Based on the above research result, discuss ways to maximize promotion effects about industry security's activites, and more realistic business management. Futhermore, The need for further follow-up studies are presented.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.6
• /
• pp.1-8
• /
• 2019

Medical information is an important personal information for patients, and it must be protected. In particular, when medical personnel approach electronic medical records, authentication for enhanced security is essential. However, the existing public certificate-based certification model did not reflect the security characteristics of the electronic medical record(EMR) due to problems such as personal key management and authority delegation. In this study, we propose a fingerprint recognition-based authentication model with enhanced security to solve problems in the approach of the existing electronic medical record system. The proposed authentication model is an EMR system based on fingerprint recognition using PEMS (Private-key Escrow Management Server), which is applied with the private key commission protocol and the private key withdrawal protocol, enabling the problem of personal key management and authority delegation to be resolved at source. The performance experiment of the proposed certification model confirmed that the performance time was improved compared to the existing public certificate-based authentication, and the user's convenience was increased by recognizing fingerprints by replacing the electronic signature password.

• Journal of the Ergonomics Society of Korea
• /
• v.29 no.6
• /
• pp.843-851
• /
• 2010

This study aims to systematically develop a usability evaluation model using the Structural Equation Model (SEM) from experiment of usability on using vehicle. Vehicle developers have been adding many functions for enhance the user satisfaction. But it will be made the trade-off problem of usability and design elements of vehicle interior from attempt to make best usability satisfaction in a restricted space. To solve the trade-off problem, we set a new solution criterion from usability evaluation model. The usability experiment is based on major activity pool from derived user's acts pattern in vehicle for make more accurate usability evaluation model. And this model was built with twenty-nine measurement variables for the evaluation of usability of vehicle user. As a result, the proposed SEM model showed statistical significance as well as a high level of R Square (0.7144). This model shows the relationships of detailed usability and design elements. According to the result, this study introduces the criterion to secure the best satisfaction of usability and design elements.