• 한국IT서비스학회지
• /
• 제5권3호
• /
• pp.173-186
• /
• 2006

The local public organizations, to secure the Confidentiality, Integrity, Authentication and Non-Repudiation of cyber administrative environment is giving it a try to consolidate the official documents among them by standardizing all the documents into XML formats together with the establishment of the GPKI(Government Public Key Infrastructure). The Authentication System based on the PKI(Public Key Infrastructure) used by the GPKI, however, provides only the simple User Authentication and thus it results in the difficulty in managing the position, task, role information of various users required under the applied task environment of public organizations. It also has a limitation of not supporting the detailed access control with respect to the XML-based public documents.In order to solve these issues, this study has analyzed the security problems of Authentication and access control system used by the public organizations and has drawn the means of troubleshoot based on the analysis results through the scenario and most importantly it suggests the access control model applied with PMI and SAML and XACML to solve the located problem.

• 보건행정학회지
• /
• 제25권3호
• /
• pp.174-184
• /
• 2015

This paper reviewed structure and current status of laws related to patient safety using patient safety law matrix to promote systematic approach in legal system of patient safety. Laws related to patient safety can be divided into three areas: laws for preventing; laws for knowing about; and laws for responding. In the case of Korea, gaps are especially prominent in the areas of laws for knowing about and responding. Patient safety law which will be enacted in July 2016 will fill the gap in the area of laws for knowing about. This law will be comprehensive law, covering the full spectrum of laws related to patient safety. However, after reviewing current patient safety law in Korea, the following drawbacks were identified: absence of code for grasping the current patient safety level; absence of code for mandatory reporting in patient safety reporting system; and absence of code for privilege about patient safety work product. Furthermore we need wider discussions about covering issues of open disclosure, apology law, coroners system, and complaint management system in patient safety law.

• 패션비즈니스
• /
• 제9권6호
• /
• pp.56-70
• /
• 2005

This study investigates historically difference by age of wig banishments that symbolize social-economic status from West Egypt era baroque age as qualitative study that use secondary bibliographic data, there is purpose. Conclusion of this study is as following. Because wig putting on that symbolize among several usages of wig putting on, socio-economic status until 17th century baroque age from ancient Egypt is been in fashion through privilege class lower classes as well as upper class wig putting on attain. Ancient wig putting on became measure that divide class because differ material of wig or one dimension, shape (style) and length became linear measure that it can aim wealth's emblem that putting on of long wave wig and whole wig that differ lust has many wig though was in fashion though whole wig and were in fashion arriving to Renaissance. That it becomes France clean fingernails' necessaries as Louis the 14th that ready crux of absolute authority establishment of France Court put wig from depilation to count 17 was clear socio-economic status etc. symbol measure inclination. Go without question status or position, wealth and churchman puts wig so that can know special sex of weapon of where the soldiers are belonged as well as put wig and wig putting on was parted according to job and lower classes participated in fashion of wig putting on. Wig putting on that become measure that symbolize job or status in this baroque age, position, wealth etc. gave absolute influence in wig fashion in 18th century.

• 비교문화연구
• /
• 제35권
• /
• pp.215-235
• /
• 2014

The purpose of this paper look at the basis of the cultural differences of Korean and Japan by comparing the craftsmanship. Korean craftsmanship and master craftsman making traditional handcrafts and artwork would die out at a critical moment. The craftsmanship and system could not be established because of discrimination in the traditional four classes of society( scholars, farmers, artisans and tradesmen), invasions of other countries and discontinuity of tradition from modernization. On the contrast, in Japan, it was possible to establish traditional handcrafts and artworks, technique and craftsmanship with apprentice system and various social privilege and treatment even in the same traditional four classes of society ( scholars, farmers, artisans and tradesmen). It was common to pass down the family business for a hundreds of years with self respect between Japanese master craftsmen and lots of people succeed the family business will now. Japanese craftsmanship is originated from 'worship to god' Medieval Japanese believed that the thing changes human mind, artistic talent, masterpieces and faith were connected to sacred power. Therefore, master craftsmen and their works were also made by the power of god. In this context, craftsmen were protected and treated in socially and nationally. It is that the social treatments and supports in national level and their own pride and continuous training of techniques and abilities as the main driving force to maintain the craftsmanship in Japan. Korea has the sale level of competitive tradition and technique in comparison any other countries. Japanese craftsmanship study will be a critical data in the protection and maintenance of Korean traditional and technique.

• 산업융합연구
• /
• 제1권2호
• /
• pp.141-172
• /
• 2003

To enhance Social Welfare and Public Interests, government has been enforcing the policies that induce private Sector to participate in the Public Service. In general, these policies consist of the direct or indirect supporting systems, including the advantages of taxation applicable to Private Sector that takes part in Public Service. Of the various supporting systems taken by government, the privilege from the taxes is known to the most important supporting system. The representative exemple is the tax beduction of amounts donated to the not-for-profit organizations. That is to say that donations can be deductible from taxable amounts on assessing inheritance tax and gift tax. Generally much higher cumulative tax rates are applied to the laws of inheritance tax and gift tax than the other taxes in order to redistribute the social wealth and to restrain the concentration of the wealth. On the other hand, the special exemption from the taxes can be applied to not-for-profit organization according to the standards of the relevant lows and regulations, because not-for-profit organization usually performs the partial role of government in Public Service. The perpose of this study is to find the systematical support that the not-for-profit organizations can practice Public service more efficiently than government. This study approaches the subject by means of examining current taxation systems of inheritance tax law and gift tax law and developing systematic alternatives that can make inefficient parts in taxation systems more reasonable.

• 한국컴퓨터정보학회논문지
• /
• 제23권12호
• /
• pp.49-55
• /
• 2018

In this paper, we propose schemes of blockchain utilization in tactical communication environment. The military tactical communication environment has similar characteristics with blockchain network such as distributed architecture, decentralization, and the need for data integrity. A communication node constituting a tactical communication network is constituted by a system capable of configuring and connecting a network for each node. When a communication node, having such capabilities, is configured as a node of blockchain network, various functions could be performed. In this paper, we propose utilization schemes of authentication, integrity, record management, and privilege control based blockchain technology. Functions for authentication, integrity verification, and record management need to ensure the stored data and could track history. The requirement of function's characteristics are matched to blockchain which is storing data sequentially and difficult to hack data, so that it could perform functionally and sufficiently well. Functions for authority control should be able to assign different privileges according to the state of the requestor. Smart contract will function when certain conditions are satisfied and it will be able to perform its functions by using it. In this paper, we will look over functions and utilization schemes of blockchain technology which could reliably share and synchronize data in a tactical communication environment composed of distributed network environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권12호
• /
• pp.6139-6160
• /
• 2018

For ease of use and access, web browsers are now being used to access and modify sensitive data and systems including critical control systems. Due to their computational capabilities and network connectivity, browsers are vulnerable to several types of attacks, even when fully updated. Browsers are also the main target of phishing attacks. Many browser attacks, including phishing, could be prevented or mitigated by using site-, user-, and device-specific security configurations. However, we discovered that all major browsers expose disparate security configuration procedures, option names, values, and semantics. This results in an extremely hard to secure web browsing ecosystem. We analyzed more than a 1000 browser security configuration options in three major browsers and found that only 13 configuration options had syntactic and semantic similarity, while 4 configuration options had semantic similarity, but not syntactic similarity. We: a) describe the results of our in-depth analysis of browser security configuration options; b) demonstrate the complexity of policy-based configuration of web browsers; c) describe a knowledge-based solution that would enable organizations to implement highly-granular and policy-level secure configurations for their information and operational technology browsing infrastructures at the enterprise scale; and d) argue for necessity of developing a common language and semantics for web browser configurations.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권11호
• /
• pp.5588-5613
• /
• 2018

Virtualization technology has been widely applied in the area of computer security research that provides a new method for system protection. It has been a hotspot in system security research at present. Virtualization technology brings new risk as well as progress to computer operating system (OS). A multi-level perception security model using virtualization is proposed to deal with the problems of over-simplification of risk models, unreliable assumption of secure virtual machine monitor (VMM) and insufficient integration with virtualization technology in security design. Adopting the enhanced isolation mechanism of address space, the security perception units can be protected from risk environment. Based on parallel perceiving by the secure domain possessing with the same privilege level as VMM, a mechanism is established to ensure the security of VMM. In addition, a special pathway is set up to strengthen the ability of information interaction in the light of making reverse use of the method of covert channel. The evaluation results show that the proposed model is able to obtain the valuable risk information of system while ensuring the integrity of security perception units, and it can effectively identify the abnormal state of target system without significantly increasing the extra overhead.

• 한국정보통신학회:학술대회논문집
• /
• 한국해양정보통신학회 2009년도 춘계학술대회
• /
• pp.781-784
• /
• 2009

현재 통신 방송 융합 서비스로 크게 대두되고 있는 서비스는 IPTV 서비스이다. IPTV 서비스는 대량의 방송 채널 선택, VoD서비스, 각종 양방향 응용 서비스 등과 같은 고품질의 다양한 방송 통신 융합 서비스 제공한다. IPTV에 대한 관련 기술이 빠르게 발전되면서 그에 대한 불법시청, 불법 복제, 접근권한 오남용 등 IPTV 콘텐츠 보안취약점에 대한 우려가 증가되고 있는 추세이다. 본 논문에서는 공개키 기반구조(PKI)의 공개키 인증서와 권한인증기반구조(PMI)의 속성인증서를 이용하여, 콘텐츠 서버 접근통제방안을 제안하였다.

• 정보보호학회논문지
• /
• 제14권6호
• /
• pp.15-24
• /
• 2004

인터넷과 정보통신의 발달과 더불어, 공개키 기반구조를 이용한 전자상거래가 광범위하게 사용하고 있으며, 또한 웹 응용 및 DB 시스템에 대한 접근제어에 관한 연구가 활발히 진행되고 있다. 공개키 인증서에 대한 검증방법으로는 CRL, OCSP, SCVP 등의 방법이 있으나, PKI 기반구조에서 사용되고 있는 인증서 검증방법이 권한제어를 필요로 하는 PMI 시스템에서 적용되기 위해서는 두개의 인증서에 대한 검증방법이 서로 연계되어야 한다. 왜냐하면 속성인증서는 권한제어를 위한 사용자의 속성정보를 저장하고 있는 반면에, 서명, 암호화 기능 등에 사용될 수 있는 공개키 정보를 포함하지 않고 있기 때문이다. 본 논문에서는 이와 같은 PKC와 PMI 간의 인증서 사용에서의 문제점을 분석하고 이를 해결하기 위하여 PMI 기반에서의 속성인증서를 중심으로 한 통합인증서 검증모델을 제안한다.