• Strategy21
• /
• 통권42호
• /
• pp.258-292
• /
• 2017

This paper is designed to make a national strategic concept for the ROK's maritime security and to explore cooperation directions for the ROK Navy and Coast Guard in order to implement the newly-made maritime security strategic concept. As strategy is composed of three main categories(goals, ways, means), the goal of the ROK's maritime security strategy is 'Safe and Affluent Sea' and the way to realize the goal is the principle of cooperative leverage, and the means as tasks to implement the strategic concept are maritime safety, maritime security, and maritime stewardship. The concept of national fleet as used in the US is applied to promoting the cooperation between the ROK Navy and Coast Guard. Thus, under the newly-established maritime security strategic concept along with the national fleet model, followings are suggested as policy proposals for facilitating mutual cooperation between the ROK Navy and Coast Guard in dealing with not only traditional threats but also non-traditional treats at sea and from the sea as well. First, the ROK Navy and Coast Guard has been making efforts to enhance interoperability between the two sea services. However, the mutual cooperations have been focused mainly on areas on operational level rather than policy level. Therefore, the two sea services are recommended to enlarge exchanges and cooperation in policy areas. Second, there are still demands for further cooperation areas between the two sea services in command and communications. The interoperability in C2 between the two needs to be upgraded even to the areas of anti-terrorist activities ar sea, ASUW, ASW, maritime interdiction, etc. Third, mutual comparability between the two needs to be reflected in the maritime forces development to ensure the comparability in UNREP and other logistics areas. Fourth, the standardization of logistical materials and equipments is needed as a way of sustaining operational capability and logistical capacity for the ROK Navy and Coast Guard as well. Fifth, the ROK Navy and Coast Guard are recommended to participate more actively in international maritime cooperation activities such as PASSEX. Sixth, Complementary laws and regulations need further to be revised and to be newly made for collectively managing swiftly maritime accidents and natural disasters at sea.

• 정보보호학회논문지
• /
• 제30권6호
• /
• pp.1189-1206
• /
• 2020

최근 ICT 기업은 제품과 서비스들을 직접 설계, 개발, 생산, 운용, 유지 보수, 폐기 등을 직접 수행하지 않고 이를 외부에 위탁하거나, 외주업체가 담당하는 경우가 많아지고 있다. 위탁과 재위탁되는 과정에서 제품 및 서비스에 대한 취약점 관리 어려움 등으로 이로 인해 발생하는 공격 또한 증가하는 추세이다. 이에 대응하기 위해 해외에서는 ICT 공급망 보안 위험관리를 위한 기준과 제도를 만들어 운영 중이며, 다양한 사례 연구를 진행하고 있다. 또한, SBOM(Software Bill of Materials)등 기술적으로 공급망 보안 문제를 해결하려는 연구도 진행하고 있다. ISO 등 국제표준화기구에서도 ICT 공급망 보안을 위한 기준과 프레임워크도 만들어졌다. 본 논문에서는 미국, EU 등 주요 국가와 국제표준으로 개발된 ICT 공급망 보안기준과 제도를 비교 분석하여 국내 실정에 적합한 ICT 공급망 보안 관리 항목을 제시하고 ICT 공급망 보안제도 수립을 위한 사이버 보안 프레임워크의 필요성을 설명한다.

• 정보화정책
• /
• 제25권1호
• /
• pp.99-114
• /
• 2018

조직의 정보보안은 물리적, 기술적, 관리적 영역에서 균형적으로 이뤄져야 한다. 그러나 과거 기업의 정보보안 대책은 주로 물리적, 기술적 영역에 집중되는 경향이 있었다. 최근 조직구성원에 의한 보안사고가 늘어남에 따라 기업에서도 인적 보안 관리나 정보보안 교육에 관심이 점차 높아지는 추세이다. 본 연구는 현장실험을 통해 보안교육이나 보안서비스 제공이 조직구성원의 보안정책 준수 행동에 어떤 영향을 미치는지 알아보았다. 연구 1에서 국내 대기업 임직원을 대상으로 스팸 이메일 대응교육을 실시한 후 교육 효과를 알아보기 위해 스팸 이메일 열람 여부를 측정했고, 3개월이 지난 후에도 효과가 지속되는지 알아보았다. 연구 2에서는 보안서비스의 효과를 알아보기 위해 보안경고 알림 메시지를 제공한 후 그 효과를 측정하였다. 실험 결과, 보안교육은 보안정책 준수 행동에 긍정적인 영향을 미치는 것으로 나타났다. 보안교육 직후 교육 이수집단이 미이수집단에 비해 스팸 이메일 열람률이 낮았다. 그러나 3개월 후 이러한 집단 간 차이는 사라졌다. 또한 보안위험 경고 알림 메시지는 스팸 이메일을 열람률을 낮추는 데 효과가 큰 것으로 나타나 보안정책 준수 행동에 긍정적인 영향을 미쳤다. 이 결과는 조직의 인적보안관리를 위해서는 지속적인 보안교육이 필요하고, 보완적으로 보안서비스를 활용할 필요가 있음을 시사한다.

• International journal of advanced smart convergence
• /
• 제12권3호
• /
• pp.40-50
• /
• 2023

Blockchain is a technology designed to prevent tampering with digital documents or information, safeguarding transaction data and managing it in a structured manner. This proves beneficial in addressing issues of trust and data protection in B2B, B2C, and C2B transactions. Blockchain finds utility not only in financial transactions but also across diverse industrial sectors. This study outlines significant cases and responses that jeopardize the security of blockchain networks and cryptocurrency technology. Additionally, it analyzes safety and risk factors related to blockchain and proposes effective testing methods to preemptively counter these challenges. Furthermore, this study presents key security evaluation metrics for blockchain to ensure a balanced assessment. Additionally, it provides evaluation methods and various test case models for validating the security of blockchain and cryptocurrency transaction services, making them easily applicable to the testing process.

• 융합보안논문지
• /
• 제8권2호
• /
• pp.79-85
• /
• 2008

본 논문은 다중 세션 지원 방법에 관한 것으로, 이동 단말기가 멀티미디어 서비스를 위한 SDP(Session Data Protocol) 설정 시 각 프로토콜 계층을 구분하기 위한 식별자를 세션에 따라 다르도록 설정하고, 계층별 식별자를 연계하여 복수의 세션을 구분한다. 다중 세션을 처리하기 위하여 주 처리 태스크와 부 태스크를 둔다. 이 태스크는 QoS 속성을 사용하여 무선 인터페이스상에서 세션 단위로 트래픽 관리를 수행한다. 이를 기반으로 큐잉, 수락 제어, 부하 제어, 자원 할당 그리고 스케쥴링이 세션의 우선순위를 기반으로 처리된다. 이를 통하여 하나의 MT에 동시에 여러 종류의 서비스를 제공할 수 있게 함으로써 음성, 영상, 데이터 서비스 등 자원 할당 요구사항이 서로 다른 서비스들이 공존 가능하게 된다.

• International Journal of Computer Science & Network Security
• /
• 제21권8호
• /
• pp.297-307
• /
• 2021

In the vibrant environment, documentation and managing systems are maintained autonomously through education foundations, book materials and libraries at the same time as information are not voluntarily accessible in a centralized location. At the moment Libraries are providing online resources and services for education activities. Moreover, libraries are applying outlets of social media such as Facebook as well as Instagrams to preview their services and procedures. Librarians with the assistance of promising tools and technology like analytics software are capable to accumulate more online information, analyse them for incorporating worth to their services. Thus Libraries can employ big data to construct enhanced decisions concerning collection developments, updating public spaces and tracking the purpose of library book materials. Big data is being produced due to library digitations and this has forced restrictions to academicians, researchers and policy creator's efforts in enhancing the quality and effectiveness. Accordingly, helping the library clients with research articles and book materials that are in line with the users interest is a big challenge and dispute based on Taibah university in Saudi Arabia. The issues of this domain brings the numerous sources of data from various institutions and sources into single place in real time which can be time consuming. The most important aim is to reduce the time that lapses among the authentic book reading and searching the specific study material.

• 한국IT서비스학회지
• /
• 제23권1호
• /
• pp.1-10
• /
• 2024

The IT environment is changing due to the acceleration of digital transformation in enterprises and organizations. This expansion of the digital space makes centralized cybersecurity controls more difficult. For this reason, cyberattacks are increasing in frequency and severity and are becoming more sophisticated, such as ransomware and digital supply chain attacks. Even in large organizations with numerous security personnel and systems, security incidents continue to occur due to unmanaged and unknown threats and vulnerabilities to IT assets. It's time to move beyond the current focus on detecting and responding to security threats to managing the full range of cyber risks. This requires the implementation of asset Inventory for comprehensive management by collecting and integrating all IT assets of the enterprise and organization in a wide range. IT Asset Management(ITAM) systems exist to identify and manage various assets from a financial and administrative perspective. However, the asset information managed in this way is not complete, and there are problems with duplication of data. Also, it is insufficient to update of data-set, including Network Infrastructure, Active Directory, Virtualization Management, and Cloud Platforms. In this study, we, the researcher group propose a new framework for automated 'Comprehensive IT Asset Management(CITAM)' required for security operations by designing a process to automatically collect asset data-set. Such as the Hostname, IP, MAC address, Serial, OS, installed software information, last seen time, those are already distributed and stored in operating IT security systems. CITAM framwork could classify them into unique device units through analysis processes in term of aggregation, normalization, deduplication, validation, and integration.

• 한국컴퓨터정보학회논문지
• /
• 제5권4호
• /
• pp.161-165
• /
• 2000

기존의 금고업무는 텍스트 방식의 환경하에서 자료관리 성격의 소프트웨어들로 이루어진 패키지로 구성되어 있었다. 주로 자료는 한 장소에서만 집중적으로 관리되었다. 다양한 업무를 효과적으로 처리할 수 있고, 체계적인 섭외 활동을 지원할 수 있는 효과적인 담보물건관리가 중요한 과제가 되었다. 따라서 클라이언트/서버 환경에서 GIS를 이용하여 효과적인 고객관리와 담보물건관리를 하여 경쟁력을 확보할 수 있는 시스템을 개발하였다.

• International Journal of Computer Science & Network Security
• /
• 제22권7호
• /
• pp.371-382
• /
• 2022

The trend of Bring Your Own Device (BYOD) is gaining popularity all over the world with its innumerable benefits such as financial gain, greater employee satisfaction, better job efficiency, boosted morale, and improved flexibility. However, this unstoppable and inevitable trend also brings its own challenges and risks while managing and controlling corporate data and networks. BYOD is vulnerable to attacks by viruses, malware, or spyware that can reach sensitive data and disclose information, modify access policies, disrupt services, create financial issues, minimise productivity, and entail some legal implications. The key focus of this research is how Saudi Arabia has approached BYOD with the help of their 5-step solution model and quantitative research methodology. The result of this study is a statement about what users know about this trend, their opinions about it, and suggestion to increase the employee awareness.

• International Journal of Computer Science & Network Security
• /
• 제21권12spc호
• /
• pp.383-390
• /
• 2021

The main purpose of the study is to determine the features of the functioning of the university as a part of the state structure in the context of marketing management n the context of storing information technologies. Students were obtained due to the following theoretical methods: systems of analysis and synthesis, induction and deduction, comparison, classification, generalization and systematization, idealization and abstraction. It is advisable to study the essence and nature of educational services, as well as the role of education in economic development, relying on the methodology of institutional theory, the theory of stakeholders, which makes it possible to assess the contribution of education to the harmonization of public and individual interests, the formation of appropriate structures and subjects of development, ensuring the building of intellectual potential and quality of life. The specificity of the functioning of the university as a part of the state structure in terms of managing marketing activities was characterized.