• Korean Security Journal
• /
• no.18
• /
• pp.169-190
• /
• 2009

Today, the rapid advance of scientific technologies has brought about fundamental changes to the types and levels of terrorism while the war against the world more than one thousand small and big terrorists and crime organizations has already begun. A method highly likely to be employed by terrorist groups that are using 21st Century state of the art technology is cyber terrorism. In many instances, things that you could only imagine in reality could be made possible in the cyber space. An easy example would be to randomly alter a letter in the blood type of a terrorism subject in the health care data system, which could inflict harm to subjects and impact the overturning of the opponent's system or regime. The CIH Virus Crisis which occurred on April 26, 1999 had significant implications in various aspects. A virus program made of just a few lines by Taiwanese college students without any specific objective ended up spreading widely throughout the Internet, causing damage to 30,000 PCs in Korea and over 2 billion won in monetary damages in repairs and data recovery. Despite of such risks of cyber terrorism, a great number of Korean sites are employing loose security measures. In fact, there are many cases where a company with millions of subscribers has very slackened security systems. A nationwide preparation for cyber terrorism is called for. In this context, this research will analyze the current status of Korea's cyber security systems and its laws from a policy perspective, and move on to propose improvement strategies. This research suggests the following solutions. First, the National Cyber Security Management Act should be passed to have its effectiveness as the national cyber security management regulation. With the Act's establishment, a more efficient and proactive response to cyber security management will be made possible within a nationwide cyber security framework, and define its relationship with other related laws. The newly passed National Cyber Security Management Act will eliminate inefficiencies that are caused by functional redundancies dispersed across individual sectors in current legislation. Second, to ensure efficient nationwide cyber security management, national cyber security standards and models should be proposed; while at the same time a national cyber security management organizational structure should be established to implement national cyber security policies at each government-agencies and social-components. The National Cyber Security Center must serve as the comprehensive collection, analysis and processing point for national cyber crisis related information, oversee each government agency, and build collaborative relations with the private sector. Also, national and comprehensive response system in which both the private and public sectors participate should be set up, for advance detection and prevention of cyber crisis risks and for a consolidated and timely response using national resources in times of crisis.

• Journal of Appropriate Technology
• /
• v.7 no.2
• /
• pp.248-256
• /
• 2021

After the COVID-19 pandemic, hand hygiene has become more important to prevent and reduce infection. To manage and provide water to ensure safe handwashing, water governance and the role of public servants are also getting critical. Many organizations have given their priority to capacity building of public servants. In the Strategic Plan for the ninth phase of the Intergovernmental Hydrological Programme (2022-2029), 'Water education in the Fourth Industrial Revolution' is included as a priority. In Korea, ODA in the field of water and sanitation is emphasized in Korea's 3rd Mid-term Strategy for Development Cooperation (2021-2025). Also, KOICA and various water-related organizations have been organizing water education programs for developing countries. This study presents the direction for water education for public servants in developing countries in the post COVID-19 through the education program cases of the International Centre for Water Security and Sustainable Management established by the agreement between the Korean government and UNESCO in 2017. The study suggests that water-related organizations should cooperate with each other to prevent duplication of water education contents. It also suggests that blended learning should be actively utilized for the improvement of education program effectiveness. Lastly, the study emphasizes that education demand for the water technologies related to the fourth industrial revolution and smart water management is increasing, which should be considered when water-related organizations create online content or design education programs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.2
• /
• pp.295-310
• /
• 2014

DCS (Distributed Control System), the main control system of power plants, is an automated system for enhancing operational efficiency by monitoring, tuning and real-time operation. DCS is becoming more intelligent and open systems as Information technology are evolving. In addition, there are a large amount of investment to enable proactive facility management, maintenance and risk management through the predictive diagnostics. However, new upcoming weaponized malware, such as Stuxnet designed for disrupting industrial control system(ICS), become new threat to the main control system of the power plant. Even though these systems are not connected with any other outside network. The main control systems used in the power plant usually have been used for more than 10 years. Also, this system requires the extremely high availability (rapid recovery and low failure frequency). Therefore, installing updates including security patches is not easy. Even more, in some cases, installing security updates can break the warranty by the vendor's policy. If DCS is exposed a potential vulnerability, serious concerns are to be expected. In this paper, we conduct the penetration test by using NESSUS, a general-purpose vulnerability scanner under the simulated environment configured with the Ovation version 1.5. From this result, we suggest a log analysis method to detect the security infringement and react the incident effectively.

• Journal of Platform Technology
• /
• v.12 no.3
• /
• pp.55-61
• /
• 2024

As the digital environment becomes more complex and cyber attacks become more sophisticated, the importance of data protection is emerging. As various security threats such as data leakage, system intrusion, and authentication bypass increase, secure key management is emerging. Key Management System (KMS) manages the entire encryption key life cycle procedure and is used in various industries. There is a need for a key management system that considers requirements suitable for the environment of various industries including public and finance. The purpose of this paper is to derive the characteristics of the key management system for each industry by comparing and analyzing key management systems used in representative industries. As for the research method, information was collected through literature and technical document analysis and case analysis, and comparative analysis was conducted by industry sector. The results of this paper will be able to provide a practical guide when introducing or developing a key management system suitable for the industrial environment. The limitations are that the analyzed industrial field was insufficient and experimental verification was insufficient. Therefore, in future studies, we intend to conduct specific performance tests through experiments, including key management systems in various fields.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1583-1593
• /
• 2015

This study applied the BSC performance consulting experience and diverse variable factors and whether there any differences in terms of satisfaction and the relationship between the support for the government consulting firm specializing in human resources by the resident of the innovation cluster area was investigated through empirical research. According to the study, a new high in recent local government support Consulting Consulting satisfaction by professionals residing in the area that applies to industrial clusters leads to practical consultancy, which was being evaluated as a significant boon to real performance of the company.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.1
• /
• pp.35-41
• /
• 2016

Internet of Things (IoT) services are widely used in appliances of daily life and industries. IoT services also provide various conveniences to users and are expected to affect value added of all industries and national competitiveness. However, a variety of security threats are increased in IoT environments and lowers reliability of IoT devices and services that make some obstacles for commercialization. The attacks arising in IoT environments are making industrial and normal life accidents unlike existing information leak and monetary damages, and can expand damage scale of leakage of personal information and privacy more than existing them. To solve these problems, we design a session key based access control scheme for secure communications in IoT environments. The proposed scheme reinforces message security by generating session key between device and access control network system. We analyzed the stability of the proposed access scheme in terms of data forgery and corruption, unauthorized access, information disclosure, privacy violations, and denial of service attacks. And we also evaluated the proposed scheme in terms of permission settings, privacy indemnity, data confidentiality and integrity, authentication, and access control.

• 한국IT서비스학회:학술대회논문집
• /
• 2009.11a
• /
• pp.544-548
• /
• 2009

The underlying success of logistics depends on the flow of data and information for effective management. Over the last 30 years, we have seen the power of microprocessors double about every 18months. This continuing trend means that computers will become considerably smaller, cheaper, and more abundant; indeed, they are becoming ubiquitous and are even finding their way into everyday objects, resulting in the creation of smart things. In the long term, ubiquitous technologies will take on great economic significance. Industrial products will become smart because of their integrated information processing capacity, or take on an electronic identity that can be queried remotely, or be equipped with sensors for detecting their environment, enabling the development of innovative products and totally new services. The global marketplace runs on logistics, security, speed, agility and flexibility..In this paper we report that pairing these traditional logistics functions with RFID technology can be a huge value-driver for companies. This winning combination yields increased logistics management effectiveness and more efficient visibility into the supply chain management.

• Journal of the Korea Safety Management & Science
• /
• v.13 no.2
• /
• pp.147-155
• /
• 2011

For an effective energy management in intelligent buildings it is necessary to gather information about position/absence of people and the level of population. In this paper the smart occupancy detection system based on the active RFID is developed to satisfy such a demand. The performance of the developed system is tested and verified through various experiments. Furthermore the feasibility test of the active RFID tag is performed to verify whether it can be used as a location-based occupancy sensor. The developed core technology can be also applied to other fields such as security, healthcare, smart home, etc.

• Journal of the Korea Safety Management & Science
• /
• v.14 no.4
• /
• pp.117-123
• /
• 2012

For an effective energy management in intelligent buildings it is necessary to gather information about position/absence of people and the level of population. In this paper the smart occupancy detection system using the active RFID is developed to satisfy such a demand based on the results of previous research. First of all the design considerations and functions of the system are introduced. In sequence the functions of the system is presented, and then the performance of the developed system is tested and verified through various field tests. The developed core technology can be also applied to other fields such as security, healthcare, smart home, etc.

• Journal of the Korea Safety Management & Science
• /
• v.22 no.2
• /
• pp.15-21
• /
• 2020

Industrial facilities need design to predict and reduce noise from design to prevent and reduce noise. The purpose of this study is to predict worker's environment and evaluate safety by analyzing noise inside underground blower room and air compressor room with fluid machinery in waste facility. This waste incineration facility was analyzed based on the ground floor, ground floor blower chamber, and air compressor chamber. The results of SPL(Sound Pressure Level) analysis at 1.5m away, which are frequently used to measure the SPL as a noise source, are as follows. SPL of basement level: 46.80[dB], SPL of ground layer: 48.57[dB]. As a result, it was expected that the noise level would be considerably lower than the 8 hours 50[dB] noise exposure per day.