• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.8 no.1
• /
• pp.23-37
• /
• 1998

This paper considers the design and management of security MIB for EDI system. EDI system has to establish various securety wervices and mechanisms to protect against security threats. Hence, the EDIsystem requires appropriate security management to monitor and control the security obhects for its security services and mechanisms. In this paper, I identify security objects for management of secueity services defined in the EDIsystem, and propose the design of a security MIB and describe the use of SNMPnetwork management protocol in its management.

• Journal of Information Technology Services
• /
• v.8 no.3
• /
• pp.83-100
• /
• 2009

Even though the success of the information system (IS) protect becomes a critical issue to an enterprise and there has been a lot of research about finding critical success factors of IS projects, the scope management for the success of IS protect has received little attention in the literature. The purpose of this research is to investigate the effects of the project scope management activities defined by PMI (Project Management Institute) on the performance of the information system project. The focus of this paper is on the project supplier's point of view. This study shows the priority of the scope management activities during the IS Project. The results show the different results depending on the types of the project clients and the project scale. This research reveals that the scope verification is important for the project supplier from the project process view, and that the scope planning/definition is important for the protect client from the project result view. It also shows different results comparing to the conventional recognition about project success. The research results show that the positive relationships between the project scale and the importance of scope management activities, and between the familiarity of suppliers and clients and the importance of the scope management activities. Through this research, we expect that the importance of the scope management in a project will be considered as an important issue, and that this research will lead to various detailed research about this issue.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.1
• /
• pp.89-96
• /
• 2007

Radio Frequency Identification system based on EPC(Electronic Product Code) Network Environment can read or write information of tagged objects, using Rf signals without direct contact. This advantage which is to provide storage ability and contactless property is better than Bar-code system. Mobile RFID system which integrates Mobile system with RFID system will provide new additional service to users. However, an advantage for obtaining information of objects using RF signal causes personal privacy problem. In this paper, we propose techniques that can protect personal privacy based on mobile. Our scheme provides privacy protection of users and is more efficiently than another application service.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2004.05b
• /
• pp.225-228
• /
• 2004

Digital contents is used already in near place with us. Contents of MPEG-4 standard is used to process multimedia data in field of communication, computer, broadcasting mobile etc. However, absence of copyright management and protection system and interoperability problem of right system between each corporation happened. Because MPEG establish IPMP(Intellectual Property Management and Protection) system standard in agreement with MPEG-4 system standard, proposed cooperation method to manage and protect copyright. Accordingly, in this paper, put in copyright of authorized contents management and protection extension system implementation adding MPEG-4 IPMP system like plug-in into existing MPEG-4 authorizing tool. Therefore, author edits IPMP information to protect contents or object, and process the information in system and authorize MPEG-4 digital contents that have management and protection sign according to IPMP standard. This system designed and implemented to divided into IPMP information save processor, IPMP information creation processor, media IPPM processor, XMT-A to MP4 converter IPMP extension.

• Journal of Korea Multimedia Society
• /
• v.20 no.2
• /
• pp.279-288
• /
• 2017

Nowadays, nations cyber security capabilities play an important role in a nation's defense. Security-critical infrastructures such as national defenses, public services, and financial services are now exposed to Advanced Persistent Threats (APT) and their resistance to such attacks effects the nations stability. Currently Cyber Threat Intelligence (CTI) is widely used by organizations to mitigate and deter APT for its ability to proactively protect their assets by using evidence-based knowledge. The evidence-based knowledge information can be exchanged among organizations and used by the receiving party to strengthen their cyber security management. This paper will discuss on the business process reengineering of the CTI information exchange management for a nationwide scaled control and governance by the government to better protect their national information security assets.

• International Commerce and Information Review
• /
• v.10 no.2
• /
• pp.265-282
• /
• 2008

This article is a study on the A Study on the Export and Import Public Notification System for Efficiency of Trade Item Management. The purpose of this article shall be studies to the trade control regulation in korea foreign law. this article are two most important elements in strategic item and rule of origin. that is, economic profit and nation industries protect have been obtain trade control system. The trade public notification system achieve efficiency of trade item control and nation industry development and domestic customer protect and trade order for trade system and control scheme. Therefor, The Result of the article is review to protection of domestic.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.2
• /
• pp.51-57
• /
• 2017

The first thing to be prioritized is to set the scope of the management system when establishing an information security management system for systematic and effective information security management. It is important to set the scope for an organization's information security goals due to the scope affects the organization's overall information security activities. If the scope is set incorrectly, it might become impossible to protect important services and therefore, the scope of the management system should be determined in consideration of the core business services of the organization. We propose a core service selection model based on the organization's mission-critical service and high risk service in order to determine the effective information security management system scope in this paper. Core service selection criteria include the type of service, contribution to sales, socio-economic impact, and linkage with other services.

• Journal of National Security and Military Science
• /
• s.8
• /
• pp.421-465
• /
• 2010

Passwords are used in many ways to protect data, systems, and networks. Passwords are also used to protect files and other stored information. In addition, passwords are often used in less visible ways for authentication. In this article, We provides recommendations for password management, which is the process of defining, implementing, and maintaining password policies throughout an enterprise. Effective password management reduces the risk of compromise of password-based authentication systems. Organizations need to protect the confidentiality, integrity, and availability of passwords so that all authorized users - and no unauthorized users - can use passwords successfully as needed. Integrity and availability should be ensured by typical data security controls, such as using access control lists to prevent attackers from overwriting passwords and having secured backups of password files. Ensuring the confidentiality of passwords is considerably more challenging and involves a number of security controls along with decisions involving the characteristics of the passwords themselves.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.3
• /
• pp.91-101
• /
• 2010

By using the U-Healthcare environment, it is possible to receive the health care services anywhere anytime. However, since the user's personal information can be easily exposed in the U-Healthcare environment, it is necessary to strengthen the security system. This thesis proposes the technique which can be used to protect the personal medical records at hospital safely, in order to avoid the exposure of the user's personal information which can occur due to the frequent usage of the electronic chart according to the computerization process of medical records. In the proposed system, the following two strategies are used: i) In order to reduce the amount of the system load, it is necessary to apply the partial encryption process for electronic charts. ii) Regarding the user's authentication process for each patient, the authentication number for each electronic chart, which is in the encrypted form, is transmitted through the patient's mobile device by the National Health Insurance Corporation, when the patient register his or her application at hospital. Regarding the modern health care services, it is important to protect the user's personal information. The proposed technique will be an important method of protecting the user's information.

• Journal of Information Technology Applications and Management
• /
• v.14 no.4
• /
• pp.31-41
• /
• 2007

In order to keep global competitiveness, most of small and medium size manufacturing companies require to equip a product information management system which collects and analyzes the data generated at the manufacturing lines and then provides information for manager or worker to make a decision. However, these companies have a cost problem for adopting the enterprise resource planning system mostly used in large companies. To overcome this problem, we suggest an IOCP-based server for the product information management system suitable for small and medium size manufacturing companies. The basic concept of suggested server is that it is possible to process concurrently the connection requests coming from data collector and client by using the facility of asynchronous notification of OS and protect a server against overload by using the thread pool.