• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.7
• /
• pp.1-8
• /
• 2017

As the IT environment becomes more sophisticated, various threats and their associated serious risks are increasing. Threats such as DDoS attacks, malware, worms, and APT attacks can be a very serious risk to enterprises and must be efficiently managed in a timely manner. Therefore, the government has designated the important system as the main information communication infrastructure in consideration of the impact on the national security and the economic society according to the 'Information and Communication Infrastructure Protection Act', which, in particular, protects the main information communication infrastructure from cyber infringement. In addition, it conducts management supervision such as analysis and evaluation of vulnerability, establishment of protection measures, implementation of protection measures, and distribution of technology guides. Even now, security consulting is proceeding on the basis of 'Guidance for Evaluation of Technical Vulnerability Analysis of Major IT Infrastructure Facilities'. There are neglected inspection items in the applied items, and the vulnerability of APT attack, malicious code, and risk are present issues that are neglected. In order to eliminate the actual security risk, the security manager has arranged the inspection and ordered the special company. In other words, it is difficult to check against current hacking or vulnerability through current system vulnerability checking method. In this paper, we propose an efficient method for extracting diagnostic data regarding the necessity of upgrading system vulnerability check, a check item that does not reflect recent trends, a technical check case for latest intrusion technique, a related study on security threats and requirements. Based on this, we investigate the security vulnerability management system and vulnerability list of domestic and foreign countries, propose effective security vulnerability management system, and propose further study to improve overseas vulnerability diagnosis items so that they can be related to domestic vulnerability items.

• Korean Business Review
• /
• v.5
• /
• pp.215-240
• /
• 1992

The major purpose of this study is to find the problems that the statistics of industrial accidents showed and to prevent the preventive countermeasures for effective security management. An industrial accident is a disease resulting from exposure during employment to condition or substance detrimental to health or life. This is caused by the conditions of employment and is not projected by the man. This results generally from the comprehensive factors. The claiments of 1990 are 7,542,752 members and the economic deficit is up to 2,696,757 million won. Because of this severe damage, the preventive of the industrial accident is highly required. The way of preventive countermeasures could be presentation as follows. First, for securing the safety, precaution about the tools, machineries and working condition is needed from the time of installation. Second, a traing system for the managerial class the specialists or engineers should be established. Cultivation of the appropriate personnel and enhancement of technique for safety are prerequists for reduction of the industrial accidents. Third, the health checkup system must be improved. For the prevention of the occupational disease and good health of the workes, experts who knows workers health must be appointed. In conclusion, industrial accident is not unavoidable result of the advance of the industries but the result of the incapability of management that can not meet the requirement necessary for the prevention of industrial accident. Therefore, each corporation should be regard the above mention and make effective safety control that is free from the industrial accident. The implement of organizational safety programs, similar to the application of company health plan, involves shared administrative responsibilities among top executive line personnel, staff specialists, first line supervisors, and organizational employment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.9
• /
• pp.4280-4300
• /
• 2017

The fact that cloud computing services have been proposed in recent years, organizations and individuals face with various challenges and problems such as how to migrate applications and software platforms into cloud or how to ensure security of migrated applications. This study reviews the current challenges and open issues in cloud computing, with the focus on autonomic resource management especially in federated clouds. In addition, this study provides recommendations and research roadmaps for scientific activities, as well as potential improvements in federated cloud computing. This survey study covers results achieved through 190 literatures including books, journal and conference papers, industrial reports, forums, and project reports. A solution is proposed for autonomic resource management in the federated clouds, using machine learning and statistical analysis in order to provide better and efficient resource management.

• Journal of the Semiconductor & Display Technology
• /
• v.20 no.4
• /
• pp.83-88
• /
• 2021

Cloud services have become the core infrastructure of the digital economy as a basis for collecting, storing, and processing large amounts of data to trigger artificial intelligence-based services and industrial innovation. Recently, cloud services have been spotlighted as a means of responding to corporate crises and changes in the work environment in a national disaster caused by COVID-19. While the cloud is attracting attention, the speed of adoption and diffusion of cloud services is not being actively carried out due to the lack of trust among users and uncertainty about security, performance, and cost. This study compares and analyzes the "Cloud Service Quality and Performance Management System" and the "Cloud Service Certification System" and suggests complementary points and improvement measures for the cloud service quality and performance management system.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.34 no.4
• /
• pp.11-16
• /
• 2011

Information of freight tracking and tracing is one of core elements in logistics point of view. We can monitor the vehicle or vessel where freights are loaded and get the in-transit data via GPS. However, security problem exists after the shipments are unloaded. RFID is well utilized for securing the container which products are stuffed into. International standard organization sets relevant specification and e-seal appears to be at issue. The paper investigates current status of corresponding technology and proposes the policy for development of logistics industry.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.11
• /
• pp.1562-1565
• /
• 2020

With the development of digital technology, the industrial structure is becoming digitalize. The government selected big data as the key technology of the 4th industrial revolution. Among them, big data is widely used to create new values and services by utilizing vast amounts of information. In order to cultivate professional manpower for the use of big data, various education programs are provided at universities. We intend to develop a curriculum for systematic training of talented people who can acquire knowledge about the three stages of collection, analysis, and application of big data. To this end, subjects are classified into basic competency, technical competency, analysis competency, and business competency based on the big data competency model proposed by the Korea Internet & Security Agency.

• The Journal of Society for e-Business Studies
• /
• v.26 no.1
• /
• pp.79-91
• /
• 2021

The public records of universities shall be classified according to the Enforcement Decree of the Public Records Act and public records management activities shall be carried out accordingly. Among various kinds of public records of the university, the records of performance management are still managed as paper documents, such as attendance books, answer sheets, and assignments, and the management system and methods of each school are different, making it difficult for the management manager to manage them. In this paper, we propose a service model that can perform blockchain-based records management of records related to performance at universities currently kept in paper documents. The proposed service is expected to reduce resource consumption, such as the cost, time and effort spent on storing and managing paper documents.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.1
• /
• pp.71-87
• /
• 2008

In order to survive in a competitive environment, many companies are taking much interest in building IT infrastructure and are investing in that area. But, despite of all the interest and investments, many companies are unsatisfied and confused because of the lack of guidance and understandings of IT infrastructure. Therefore the purpose of this study is to prove that the level of IT usage is different according to organizational characteristics and industrial categories, and to give a guideline to companies' planning on newly building IT infrastructure. In conclusion, companies newly planning on building IT infrastructure should consider the amount of information technology functional uses according to the organizational characteristics and industrial category and they follow the below guidelines. On building the IT infrastructure the organization having the characteristics of formalization should consider and provide the standardization function first. The companies having the characteristics of decentralization should consider and provider firstly the application and communication function. And the companies having the characteristics of specialization should consider and provider the security function.

• Journal of the Korea Convergence Society
• /
• v.8 no.9
• /
• pp.41-47
• /
• 2017

This study is a preceding research designed to deduct an institutional supplementary measure that minimizes any inevitable side effects from the improvement of artificial intelligence (AI) technology, which is the core element of the Fourth Industrial Revolution. In this specific case in which the Robo-Advisor, the representative type of AI-applied technology, was hacked by a third party and ended up manipulating prices, the study was intended to examine the responsibility relationship of the current legal framework. Although the current legal framework strictly prohibits acts such as hacking and manipulation, it was confirmed that if the Robo-Advisor management firm acts in compliance with protection measures regarding hacking, the firm is free from any legal liabilities and there is insufficient legal protection available for ordinary investors with grand-scale damage from price manipulation Based on this study, further studies are needed to derive more institutional supplementary measures on overcoming these problems.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 1999.12a
• /
• pp.373-377
• /
• 1999

Role Based Access Control(RBAC) reduces the cost of administering access control policies as well as making the process less error-prone. The administration tool is most important component in the concept of RBAC. The administration tool for the RBAC security system is required the consistency of a relationships between user and role in the RBAC Database. In this paper, we propose formal specification in order to manage user-role and role-role relationships. The proposed formal specification leads to the consistency requirements for the RBAC database which are defined as a set of relationship. This paper can easily derive the implementation of the RBAC administration tool by formal specification of operations.