• Journal of the Korea Society of Computer and Information
• /
• v.12 no.2 s.46
• /
• pp.333-339
• /
• 2007

Risk of damage on information system being grow according to increasing its dependence rate on most of organization. On this work, make planed for a safety assessment system in which information protection management system and threat analyzing method. Also, during threat assesment, we have planned possible an equal-weight applied assesment and considering the characteristics of the organization, an assesment which security factor's weight is variably applied to, and respective organizations to examine its security by itself in order to support the easy findings of the vulnerabilities on the management point of view, and to show the advices to practice.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.06a
• /
• pp.773-777
• /
• 2007

Very various infusion by development of systems that is based on network is spread. Therefore, Evaluation Tool has been an active research area to reduce the risk from intrusion. On this thesis, during threat assesment, we have planned possible an equal-weight applied assesment and considering the characteristics of the organization an assesment which security factor's weight is variably applied to, and respective organizations to examine its security by itself in order to support the easy findings of the vulnerabilities on the management point of view, and to show the advices to practice.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.21 no.2
• /
• pp.217-224
• /
• 2018

The purpose of this study is to evaluate the future potential value of CTE(Critical Technology Element)s that are evaluated to be low in TRA(Technology Readiness Assesment) and to present investment prioritization technologies in defense R&D(Research and Development) based on them. To do this, we used the DEA(Data Envelopment Analysis) method, which is useful in evaluating the efficiency of the organization. Specifically, we suggest a systematic framework to evaluate the future value of CTEs by setting the CTEs derived from the TRA process to DMU(Decision Making Unit)s, the cost and time required to develop each CTE as the input factor of the DEA and the effects of the development of each CTE as the output factor of the DEA respectively. We also conducted an illustrative case study on radar technologies to demonstrate the usefulness of the proposed approach.

• The Transactions of the Korean Institute of Electrical Engineers P
• /
• v.66 no.2
• /
• pp.76-81
• /
• 2017

In this paper, the risk analysis of smart home services was implemented by applying threat modeling. Identified possible threats for safe deployment of smart home services and identified threats through the STRIDE model. Through the creation of the Attack Tree, the attackable risk was analyzed and the risk was measured by applying the DREAD model. The derived results can be used to protect assets and mitigate risk by preventing security vulnerabilities from compromising and identifying threats from adversely affecting services. In addition, the modeled result of the derived threat can be utilized as a basis for performing the security check of the smart home service.

• Journal of Korea Multimedia Society
• /
• v.20 no.12
• /
• pp.1970-1979
• /
• 2017

Computerization of educational administration following educational informatization of government has been steadily improved for the purpose of teachers' offload and job efficiency, finally resulting that NEIS(National Education Information System) has been completed. The NEIS consists of Nationwide service of NEIS, Business portal system of NEIS, Authentication management system and so on. Students, parents and civil petitioners handle civil affairs through Nationwide service of NEIS and teachers and persons of task conduct theirs business by accessing the Business portal system of NEIS. At this time, users have to obtain their certification from Authentication management system. Previous Studies were mainly focused on the evaluation about its performance according to the introduction of NEIS. But from now on there is a growing interest in security assessment and an efficient method for security improvement to check if NEIS works properly. Therefore, in this thesis, we'll propose an analytic framework in which security assessment is carried out after comprehending the fault structures through performing Fault Fishbone Analysis based on the Fault Tree Analysis. As a result of the system applied, the system had the highest rate of improvement to 47.7 percent.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1183-1192
• /
• 2022

Information and Information processing systems must maintain a certain level of security during the total life cycle of Information. To maintain a certain level of security, security management processes are applied to software, automobile development, and the U.S. federal government information system over a life cycle, but theme of no similar security management process in Korea. This paper proposes a Korean-style security risk management framework to maintain a certain level of security in the total life cycle of information and information processing system in the defense sector. By applied to the defense field, we intend to present the direction of defense security work in the future and induce an shift in security paradigm.

• Convergence Security Journal
• /
• v.3 no.1
• /
• pp.85-94
• /
• 2003

The Configuration management process is to establish and maintain the integrity of all the work products of a process or project. This paper discusses the similarities and differences between ISO/IEC 12207 and ISO/IEC 15846. The most widely used models for software process assesment, ISO/IEC 15504, CMM and CMMI can rate maturity of processes. We analyze and compare the practices for measuring Configuration process and propose metric for quantitative measure.

• Korean Journal of Social Welfare
• /
• v.46
• /
• pp.178-209
• /
• 2001

This paper aims to provide a critical assesment of Conservatives's and new Labour's social assistance reforms in the U.K. and their differential impacts on low income groups. During the period of 18 years in power, the Conservative governments enforced benefit recipients being capable of work to be out of benefits and to get into work. They employed not only 'carrots' to encourage beneficiaries being capable of work to have full-time work, but also 'sticks' to discourage them to depend on benefits. The reforms under the Conservative governments were closer to the workfare model. The new Labour government has continued to emphasize work regarding social security reform. It has raised 'from welfare to work' as the main reform objective. However, it has not necessarily focused on 'carrots and sticks' in order to get beneficiaries into work. Instead, the new Labour government has put its priority regarding social assistance reform on human capital development in order to develop the capability of beneficiaries for work. Britain under the new Labour government seems to be moving from workfare to activation model. These differentials between the Conservative governments and the new Labour government regarding social assistance reforms bring about the different policy outcomes. Under the Conservative government, social assistance programmes were prone to strengthen the state's control over benefit recipients and to increase stigma to them. Punitive, demeaning, stigmatising programmes of work and unending job search activities harm the bases of self-respect. On the contrary, the activation programmes under the new Labour government has contributed positively to both socially significant participation and autonomy of beneficiaries.

• The Journal of Korean Association of Computer Education
• /
• v.15 no.2
• /
• pp.75-81
• /
• 2012

As the number of web users is increasing, the leakage of personal information is increasing. If some personal information is leaked, the victim can suffer from material damage or mental damage at the same time. Most of the leakages are result from the people who works for the personal information by accident or design. Hence, the Ministry of Public Administration and Security proposeed the measuring index and enumerates the details. The index is used in a system to check protection of a personal information. However, because this system is used to evaluate after the leakage, it cannot be used to construct some security system or programming a security system. To solve this problem, it needs to express the diversity of items and be able to count what assessors want to count. Thus, a summary sheet which displays the result of the tool will be presented in a radial form graph. Details will be presented as a bar graph. Therefore, it will be proposed that the tool can grasp the weak point and propose the direction of security.

• Journal of the Korean Institute of Gas
• /
• v.25 no.1
• /
• pp.30-39
• /
• 2021

Natural gas is globally emerging as an important energy source for environmental, political and regional reasons. In Korea, natural gas imported from oversea natural gas resources as a LNG, it is increased for an applications as a fuel and feedstock which replace the coal and nuclear energy. Because it is relied on the import market in Korea, it is very important to analyze the security for supply. Therefore, this study suggested a method for reducing supply risk and for providing stable supply and demand through risk analysis of Korea's import structure. In order to reduce the supply risk, the concentration of importing countries should be lowered and it is necessary to lower the proportion of countries with relatively low GSSI and increase the imports from Russia. Finally increasing the number of importing countries or maintaining friendly relations with countries where the supply is stable could give us the positive impact in terms of total GSSI.