• 정보보호학회논문지
• /
• 제8권1호
• /
• pp.23-37
• /
• 1998

This paper considers the design and management of security MIB for EDI system. EDI system has to establish various securety wervices and mechanisms to protect against security threats. Hence, the EDIsystem requires appropriate security management to monitor and control the security obhects for its security services and mechanisms. In this paper, I identify security objects for management of secueity services defined in the EDIsystem, and propose the design of a security MIB and describe the use of SNMPnetwork management protocol in its management.

• 한국IT서비스학회지
• /
• 제8권3호
• /
• pp.83-100
• /
• 2009

Even though the success of the information system (IS) protect becomes a critical issue to an enterprise and there has been a lot of research about finding critical success factors of IS projects, the scope management for the success of IS protect has received little attention in the literature. The purpose of this research is to investigate the effects of the project scope management activities defined by PMI (Project Management Institute) on the performance of the information system project. The focus of this paper is on the project supplier's point of view. This study shows the priority of the scope management activities during the IS Project. The results show the different results depending on the types of the project clients and the project scale. This research reveals that the scope verification is important for the project supplier from the project process view, and that the scope planning/definition is important for the protect client from the project result view. It also shows different results comparing to the conventional recognition about project success. The research results show that the positive relationships between the project scale and the importance of scope management activities, and between the familiarity of suppliers and clients and the importance of the scope management activities. Through this research, we expect that the importance of the scope management in a project will be considered as an important issue, and that this research will lead to various detailed research about this issue.

• 정보보호학회논문지
• /
• 제17권1호
• /
• pp.89-96
• /
• 2007

EPC 네트워크(Electronic Product Code Network) 환경 기반의 REID 시스템은 사물에 직접적인 접촉을 하지 않고 RF(Radio Frequency)신호를 이용하여 사물의 정보를 읽어 오거나 기록할 수 있다. 이것은 기존의 바코드 시스템에 비해서 저장능력이 뛰어나며 비접촉식이라는 이점을 갖는다. 이런 RFID 시스템과 모바일 시스템을 접목함으로서 사용자에게 새로운 부가서비스를 제공하는 모바일 REID 시스템이 만들어지게 되었다. 그러나 비접촉식의 RF(Radio Frequency) 통신을 이용하여 사물의 정보를 가져온다는 이점은 개인의 프라이버시 침해라는 문제점을 발생시킨다. 본 논문에서는 모바일 기반의 RFID 시스템에서의 개인 프라이버시를 보호하는 기법을 제안한다. 제안한 기법은 기존에 제안된 기법들 보다 효율적으로 프라이버시 보호기능을 제공한다.

• 한국정보통신학회:학술대회논문집
• /
• 한국해양정보통신학회 2004년도 춘계종합학술대회
• /
• pp.225-228
• /
• 2004

디지털 콘텐츠는 방송, 통신, 컴퓨터, 모바일 등과 같이 우리와 가까운 곳에서 멀티미디어 데이터를 처리하기 위해 MPEG-4 규격을 사용하고 있다. 그러나 디지털 콘텐츠의 저작권 보호 및 관리 시스템의 부재와 기업간 저작권 시스템의 상호운용 문제가 대두되었다. 이를 위해 MPEG에서는 MPEG-4 시스템 표준과 부합되는 IPMP(Intellectual property Management and Protection) 시스템 표준을 제정하여 저작권을 보호하고 관리하는 공동 방법을 제안하였다. 이에 본 논문에서는 기존 MPEG-4 저작도구에 MPEg-4 IPMP 시스템을 플러그인처럼 추가하여 저작된 콘텐츠의 저작권을 보호 및 관리할 수 있는 확장 시스템에 대한 설계 및 구현을 목적으로 두고 있다. 따라서 저작자는 콘텐츠나 객체를 보호하기 위하여 IPMP 정보를 편집하고 시스템에서 정보를 처리하여 IPMP 표준에 따라 보호 및 관리 신호를 갖는 MPEG-4 디지털 콘텐츠를 저작하게 된다. 이를 위해 사용자 인터페이스부, IPMP 정보 생성부, 미디어 IPMP 처리부, XMT-A to MP4 컨버터 IPMP 확장부로 나누어 시스템을 설계 및 구현하였다.

• 한국멀티미디어학회논문지
• /
• 제20권2호
• /
• pp.279-288
• /
• 2017

Nowadays, nations cyber security capabilities play an important role in a nation's defense. Security-critical infrastructures such as national defenses, public services, and financial services are now exposed to Advanced Persistent Threats (APT) and their resistance to such attacks effects the nations stability. Currently Cyber Threat Intelligence (CTI) is widely used by organizations to mitigate and deter APT for its ability to proactively protect their assets by using evidence-based knowledge. The evidence-based knowledge information can be exchanged among organizations and used by the receiving party to strengthen their cyber security management. This paper will discuss on the business process reengineering of the CTI information exchange management for a nationwide scaled control and governance by the government to better protect their national information security assets.

• 통상정보연구
• /
• 제10권2호
• /
• pp.265-282
• /
• 2008

This article is a study on the A Study on the Export and Import Public Notification System for Efficiency of Trade Item Management. The purpose of this article shall be studies to the trade control regulation in korea foreign law. this article are two most important elements in strategic item and rule of origin. that is, economic profit and nation industries protect have been obtain trade control system. The trade public notification system achieve efficiency of trade item control and nation industry development and domestic customer protect and trade order for trade system and control scheme. Therefor, The Result of the article is review to protection of domestic.

• 한국컴퓨터정보학회논문지
• /
• 제22권2호
• /
• pp.51-57
• /
• 2017

The first thing to be prioritized is to set the scope of the management system when establishing an information security management system for systematic and effective information security management. It is important to set the scope for an organization's information security goals due to the scope affects the organization's overall information security activities. If the scope is set incorrectly, it might become impossible to protect important services and therefore, the scope of the management system should be determined in consideration of the core business services of the organization. We propose a core service selection model based on the organization's mission-critical service and high risk service in order to determine the effective information security management system scope in this paper. Core service selection criteria include the type of service, contribution to sales, socio-economic impact, and linkage with other services.

• 안보군사학연구
• /
• 통권8호
• /
• pp.421-465
• /
• 2010

Passwords are used in many ways to protect data, systems, and networks. Passwords are also used to protect files and other stored information. In addition, passwords are often used in less visible ways for authentication. In this article, We provides recommendations for password management, which is the process of defining, implementing, and maintaining password policies throughout an enterprise. Effective password management reduces the risk of compromise of password-based authentication systems. Organizations need to protect the confidentiality, integrity, and availability of passwords so that all authorized users - and no unauthorized users - can use passwords successfully as needed. Integrity and availability should be ensured by typical data security controls, such as using access control lists to prevent attackers from overwriting passwords and having secured backups of password files. Ensuring the confidentiality of passwords is considerably more challenging and involves a number of security controls along with decisions involving the characteristics of the passwords themselves.

• 디지털산업정보학회논문지
• /
• 제6권3호
• /
• pp.91-101
• /
• 2010

By using the U-Healthcare environment, it is possible to receive the health care services anywhere anytime. However, since the user's personal information can be easily exposed in the U-Healthcare environment, it is necessary to strengthen the security system. This thesis proposes the technique which can be used to protect the personal medical records at hospital safely, in order to avoid the exposure of the user's personal information which can occur due to the frequent usage of the electronic chart according to the computerization process of medical records. In the proposed system, the following two strategies are used: i) In order to reduce the amount of the system load, it is necessary to apply the partial encryption process for electronic charts. ii) Regarding the user's authentication process for each patient, the authentication number for each electronic chart, which is in the encrypted form, is transmitted through the patient's mobile device by the National Health Insurance Corporation, when the patient register his or her application at hospital. Regarding the modern health care services, it is important to protect the user's personal information. The proposed technique will be an important method of protecting the user's information.

• Journal of Information Technology Applications and Management
• /
• 제14권4호
• /
• pp.31-41
• /
• 2007

In order to keep global competitiveness, most of small and medium size manufacturing companies require to equip a product information management system which collects and analyzes the data generated at the manufacturing lines and then provides information for manager or worker to make a decision. However, these companies have a cost problem for adopting the enterprise resource planning system mostly used in large companies. To overcome this problem, we suggest an IOCP-based server for the product information management system suitable for small and medium size manufacturing companies. The basic concept of suggested server is that it is possible to process concurrently the connection requests coming from data collector and client by using the facility of asynchronous notification of OS and protect a server against overload by using the thread pool.