• Journal of Information Technology and Architecture
• /
• v.11 no.4
• /
• pp.427-439
• /
• 2014

Introduction of new information systems due to continuous progress of ICT has made the enterprise IT environment into a mixed pot of various IT resources. Rapidly changing business situation has emphasized the integration of organizational IT resources as one of key competitive advantages. Those distributed IT resources are now demanding to solve the problems not only on their own effective management but also on security and control issues against unauthorized infiltration and information leakages. Under the situation that the number of IT resources is constantly increasing, it is needed to study a management model and its implementation that integrally solves above all problems. In this paper, it is revealed that a directory service can be used to integrally manage distributed IT resources and a directory service based system model for distributed IT resource management is suggested. By implementing an HR solution over active directory service, it is demonstrated that our integrated management model for distributed resources is applicable to real business cases. It is expected that for small and medium sized enterprises with limited IT investments, directory service based IT resource management system can be a cost-effective solution for increasing security threats and lack of governance.

• Korean Security Journal
• /
• no.13
• /
• pp.113-144
• /
• 2007

The entire world has lived in terror threatened by new-terrorism since the 9.11 terror. Having appeared since 9.11, new-terrorism is new kind of terror targeting victims at random. Bioterrorism is one good example. Since bioterrorism happens secretly, it's hard to identify. The case becomes even harder to detect if it takes the form of a new epidemic. This study set out to apply the four phases of crisis management regarding outbreak and measures of SARS, the latest new epidemic, and to prepare against bioterrorism taking the form of a new epidemic, It also shows the efforts to study what to prepare and what kind of actions to take in case of bioterrorism by applying the four phases. There results demonstrate that the preventive measures against bioterrorism include arranging terror-related laws and identifying and monitoring expected pathogenic organs. In the preparation phases, they should integrate the related agencies, prepare for the standard operating procedures(SOP), execute integrated training sessions among the related agencies, and secure the necessary resources such as vaccine, cures, and exploration devices. In the response phases, they need to set up a rapid diagnosis system, quarantine and then cure the patients, and pursue cooperation from the media and promotions and further an international cooperation system to take appropriate measures. And the final recovery phases should involve offering emergency support by checking the situations and engaging in activities to prevent another terror attack by providing counseling, exchanging information, and analyzing and evaluating the causes.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.2
• /
• pp.246-250
• /
• 2008

This paper presents the design of network vulnerability analysis system which can integrate various vulnerability assessment tools to improve the preciseness of the vulnerability scan result. Manual checking method performed by a security expert is the most precise and safe way. But this is not appropriate for the large-scale network which has a lot of systems and network devices. Therefore automatic scanning tool is recommended for fast and convenient use. The scanning targets may be different according to the kind of vulnerability scanners, or otherwise even for the same scanning target, the scanning items and the scanning results may be different by each vulnerability scanner, Accordingly, there are the cases in which various scanners, instead of a single scanner, are simultaneously utilized with the purpose of complementing each other. However, in the case of simultaneously utilizing various scanners on the large-scale network, the integrative analysis and relevance analysis on vulnerability information by a security manager becomes time-consumable or impossible. The network vulnerability analysis system suggested in this paper provides interface which allows various vulnerability assessment tools to easily be integrated, common policy which can be applied for various tools at the same time, and automated integrative process.

• Strategy21
• /
• s.41
• /
• pp.232-260
• /
• 2017

The purpose of this paper is to open a debate about what kind of deterrent strategy the ROK military should pursue in the era of NK's weapons of mass destruction and missile threats. I argue that the ROK military needs a comprehensive deterrent strategy that reflects the international security situations and trends and that builds on clear understanding of the basic concepts and how deterrence operates. The paper starts with surveying the basic knowledge of deterrence from the perspectives of both theory and practice. Then, it provides explanations on why deterrence against NK can be particularly difficult given the security environment in and around the Korean peninsula. For example, South Korea and North Korea hardly share 'common knowledge' that serves as a basic element for the operation of deterrence. Deterrence against North Korea involves complex situations in that both deterrence and compellence strategies may be relevant particularly to North Korea's WMD and missile threats. It also involves both immediate and general deterrence. Based on the discussion, I suggest several ideas that may serve as guidelines for establishing a deterrent strategy against NK. First, our threats for deterrence should be the ones that can be realized, particularly in terms of the international norms. In other words, they must be considered appropriate among other nations in the international community. Second, there should be separate plans for the different kinds of threats: one is conventional, local provocations and the other is WMD/missile related provocations. Third, we should pursue much closer cooperative relations with the U.S. military to enhance the effectiveness of immediate deterrence in the Korean peninsula. Fourth, the ROK military should aim to accomplish 'smart deterrence' maximizing the benefits of technological superiority. Fifth, the ROK military readiness and structure should be able to deny emerging North Korean military threats such as the submarine-launched ballistic missiles and intercontinental ballistic missiles. Lastly, in executing threats, we should consider that the current action influences credibility and reputation of the ROK, which in turn affect the decisions for future provocations. North Korea's WMD/missile threats may soon become critical strategic-level threats to South Korea. In retrospect, the first debate on building a missile defense system in South Korea dates back to the 1980s. Mostly the debate has centered on whether or not South Korea's system should be integrated into the U.S. missile defense system. In the meantime, North Korea has become a small nuclear power that can threaten the United States with the ballistic missiles capability. If North Korea completes the SLBM program and loads the missiles on a submarine with improved underwater operation capability, then, South Korea may have to face the reality of power politics demonstrated by Thucydides through the Athenians: "The strong do what they have the power to do, the weak accept what they have to accept."

• Journal of the Korean Society of Surveying, Geodesy, Photogrammetry and Cartography
• /
• v.36 no.4
• /
• pp.213-221
• /
• 2018

South Korea has been reluctant to open its geospatial information overseas to ensure security as a divided country. However, this cannot continue as the domestic and international environments related to geospatial information and the industrial ecosystem of information and communication technologies have been changing dramatically. Within this context, this study aims to analyze the causal relations among relevant variables and how they change and interact with time using a systems thinking process. First, causal maps were created for the domains of national security, map-based convergence service, and corporate competition. Then, the causal maps for each domain were integrated, based on which the points for policy intervention and dominant feedback loops were identified. The analysis results showed that securing the self-sufficiency of domestic geospatial businesses is a key element to determine the whole causal map, and the variable that changes the dominant feedback loop from a vicious circle to a virtuous one is the decision to open geospatial information overseas. In this study, I found the policy leverage that is a policy intervention point that can produce a great effect with little input by building a causal map of the interactions between major variables. This study is significant in that it identified and analyzed the dominant feedback loop as to which causal structure would dominate the system in the long term. The results of this study can be used to discuss not only the impacts of map data overseas opening on the national security and geospatial information industry, but also the interactions in the future when Google or other global companies request to release the geospatial information.

• Economic and Environmental Geology
• /
• v.49 no.3
• /
• pp.201-212
• /
• 2016

Due to growing problems securing stable mineral and energy resources with international political and economic changes, China has dedicated itself to strategies and policies to enhance its stable mineral and energy resources security. China has established a rare earth elements(REE) industry policy after the abolition of the REE exports quota system. China's six large REE companies have also been integrated into REE mining, smelting and refining companies. Efforts have been increased to enhance China's energy security through unconventional oil and gas exploration and development investment, as well as effort in R&D. The country will focus on technology development and exploration to promote commercial production of unconventional oil and gas based on countries with shale gas. China is making long-term contracts and joint ventures to ensure the acquisition of reliable mineral and energy resources from abroad. Government of China has proposed a range of initiatives, such as the integration of resources development strategies and environmental development strategies, internationalization of resource management, supply diversification and advancement, strengthening industry linking strategy, grouping and diversification strategy.

• Korean Security Journal
• /
• no.33
• /
• pp.103-135
• /
• 2012

The object is that this research searches the relationship of the office given condition actual condition of the country important facility private security guard and job satisfaction degree. In order to grasp and analyze the real state of the country important facility private security guards directly, the questionnaire, that is the general measurement tool, was utilized and the guard whom it works in the airport, the port region and general work place, that is the national important facility of Busan and Ulsan area, was aimed at. The enough survey object was illustrated to the facility and person in charge in the security company and the item was previewed and the total 400 sheets was distributed and 331 sheets (82.8%) except the doubleness subject intention and incongruent questionnaire was utilized for the analysis. The statistic processing of collected data utilized the SPSS version 15.0 the statistical package program through data coding and cleaning process and performed the frequency analysis, reliability analysis, t-test, one way analysis of variance, Pearson analysis, and regression analysis. The relationship of the office given condition actual condition of the guard about the national important facility and job satisfaction degree was classified into the interpersonal relationship, task characteristic, office environment, and complement factor and the difference of the job satisfaction degree according to the general characteristic was verified. If the conclusion obtained through the method of study described in the above looked at, for as to general tendency, the low wages and poor field environment was continued. In the general characteristic, the man was higher than the excitation about the job satisfaction level. As there was lots of the age and the scholarship was low, the age was high. And as there was lots of the career and income, the police of a petition or search and guide staff was high and the job satisfaction degree in which relatively the employee and the other job group is high so that the case of being the former student incidence can be the poorest was shown rather than the facility security agent. As the interrelation analysis result job satisfaction was high, the change of occupation pseudo was low and the organizational commitment degrees was increased. The regression analysis result job satisfaction degree was exposed to reach the meaningful effect on the change of occupation pseudo and organizational commitment. It had an effect on the change of occupation pseudo as the task characteristic and office ambient level was low. It had an effect on the organizational commitment as the extend of satisfaction about the task characteristic and interpersonal relationship, complement, and office ambient level were high. If the research result of this time is integrated, the support of the political system including the interpersonal relationship thesis between top and bottom of the organized I and substantial complement actualization is urgently needed between the office given condition improvement effort in the country important facility defense manpower field and police of a petition and special guard.

• The KIPS Transactions:PartC
• /
• v.10C no.3
• /
• pp.281-286
• /
• 2003

Nowadays, a patient's private medical data which is exposed to the outside world has a severe effect on not only the patient's private life but also his/her social activities and environment. So, it is important to securely protect the patient's private medical data from the illegal manipulation. This paper studies the method to store the electronic prescription information in an IC card. For that, an access control for users, such as a doctor, a nurse, a medical institute member, a pharmacy, a pharmacist, or a patient, is proposed to access the data stored in an IC card. The certificate is issued using the Crypto API of a certificate management model supported by Windows 2000. The public/private key is created by the Cryptographic Service Provider program, and the electronic prescription is signed using the digital signature. The proposed system, therefore, can improve the quality of medical services by securing the safety and integrity of the electronic prescription, stored in an IC card.

• Journal of Korea Multimedia Society
• /
• v.13 no.4
• /
• pp.582-593
• /
• 2010

Recently the commercial value of GIS(geographic information system) has been increased with growing application demands of spatial information in life space. Also, GIS has been expanded to the integrated information system that provides the ease access to map information by public users and also the combined service of GIS map data and various multimedia contents. But several security problems of GIS map data have brought up at GIS industries, such as the illegal copy and distribution of GIS map data. Furthermore, the copyright protection of GIS map data has not been researched yet compared with image and video contents. This paper presents a polyline based watermarking scheme for the copyright protection of GIS vector map. The proposed scheme analyzes the structure of vector map and embeds adaptively the watermark by using the distance distribution of polyline components. From experimental results, we verified that the proposed scheme satisfies the invisibility and the robustness of geometrical attacks.

• Journal of Advanced Navigation Technology
• /
• v.15 no.3
• /
• pp.462-470
• /
• 2011

Since, Davis(1991) has proposed the TAM(Technology Acceptance Model) through a literature review of informatization promotion, which insists that a user conveniency is judged by the degree of effectiveness caused by IT, the advancement of IT such as the Internet, e-mail, electronic data exchange, and groupware have brought into various changes in ordinary corporations and public institutions. However, with the right function, the advancement of IT has provided various benefits including additional reverse functions. Based on an integrated environment of business process, unauthorized user could access to information and a management of information becomes more difficult than before due to informatization of critical information. Furthermore, external hacking or information leakage by insider becomes easier owing to advancement in communication technology. This study has tried to develop a specified management procedure and implementation method for confidential documents.