• Journal of the Korea Fashion and Costume Design Association
• /
• v.7 no.2
• /
• pp.1-10
• /
• 2005

This study intends to examine extensively on the current situation where the full capacity of 3D CG is not being highlighted because of the lack of the information and the awareness and to look at how the virtual reality technology is being applied ranging from the design of the clothes to the marketing. A set of processes ranging from the development of the clothing design to the marketing will be performed on the web. Designers will design with 3D CG and make the patterns and will hand this over to the producer together with the virtual swatch. But there are important problems to work out. First, it is the problem of the virtual fitting room. Second, it is the absence of the 3D CG, which is easy and convenient for the clothing design. Third, it is to perfect the visual reconstruction. Fourth, it is the security of the distribution system. Fifth, it also calls for the strengthened internet network that can smooth the flow of the tremendous data. Consumer will be able to produce according to their needs and will become designer and producer at the same time, resulting in the achievement of the consumer-oriented marketing in real sense.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.9 no.1
• /
• pp.137-142
• /
• 2014

Industrial control system (ICS) is a computer based system which are typically used in nation-wide critical infra-structure facilities such as electrical, gas, water, wastewater, oil and transportation. In addition, ICS is essentially used in industrial application domain to effectively monitor and control the remotely scattered systems. The highly developed information technology (IT) and related network techniques are continually adapted into domains of industrial control system. However, industrial control system is confronted significant side-effects, which ICS is exposed to prevalent cyber threats typically found in IT environments. Therefore, cyber security vulnerabilities and possibilities of cyber incidents are dramatically increased in industrial control system. The vulnerabilities that may be found in typical ICS are grouped into Policy and Procedure, Platform, and Network categories to assist in determining optimal mitigation strategies. The order of these vulnerabilities does not necessarily reflect any priority in terms of likelihood of occurrence or severity of impact. Firstly, corporate security policy can reduce vulnerabilities by mandating conduct such as password usage and maintenance or requirements for connecting modems to ICS. Secondly, platfom vulnerabilities can be mitigated through various security controls, such as OS and application patching, physical access control, and security software. Thirdly, network vulnerabilities can be eliminated or mitigated through various security controls, such as defense-in-depth network design, encrypting network communication, restricting network traffic flows, and providing physical access control for network components.

• Korean Security Journal
• /
• no.50
• /
• pp.61-87
• /
• 2017

National Assembly is a constitutional institution that is required to first consult the will of the people and it should do its effort continuously so that security of citizens using parking lot would be enhanced at the same time while improving parking service in order to increase customer satisfaction of the people. Under this recognition, in this study, Doonchi parking lot of National Assembly under consigned management was first reviewed in a perspective of criminal prevention through environmental design(CPTED) and particularly, fence installation and reinforcement work for securing 'territoriality' and operation of all round shooting camera and installation of No-trespassing warning board at entrance were suggested. Second, it was recommended to change independent control system in which CCTV security system of National Assembly Doonchi parking lot is operated separately from National Assembly safety situation room and integrate it with National Assembly safety situation room(revised to double safety system) and performance of CCTV camera was made to be increased to over 2m. In addition, video recording mode was converted to NVR mode for application to IP camera in the future and in order to avoid dead zone of security monitoring area and based on site inspection result, addition 3 places of newly installing CCTV were indicated. Third, it was recommended to introduce parking fare billing and management system through unmanned equipment in parking lot management and operation.(specialized management of professional parking service provider was reviewed). By doing so, risk of cash handling by charging personnel was removed by reducing current 7 working personnel to 3 and particularly, by converting parking lot management mode being operated temporarily from 9 A.M. to 9 P.M. at present to 24 hours operation mode and providing more specialized parking service, citizens visiting National Assembly were provided with convenience and image of National Assembly was also enhanced. This study was carried out in parallel with various literature and case studies, including data from the Office of the Defense Protection in the National Assembly.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.11
• /
• pp.537-544
• /
• 2016

National Competency Standards (NCS) need to be introduced to train newly hired staff and to gradually improve employees' work performance in the information security industry. In particular, the introduction of a new NCS curriculum for new hires is important in order to retain and efficiently manage professionals in the information security field. However, the legacy NCS is not clearly designed for the information security field. So a formal curriculum has been suggested for institutions training the information security workforce. Therefore, this study establishes a competency unit based on the types of personnel, their duties, and required knowledge. To select the competency unit, this study reviewed prior research to understand the required skills and work knowledge, and reviewed recruitment-based NCS that public agencies and public and private companies have carried out, including them in the study. The selected competency unit was classified into a required competency unit and an elective competency unit based on the importance of the duties and the demands of training. Through a verification process for the new, licensed career path model in the NCS information and communications field, this study suggests updated NCS competency units and required courses to provide an appropriate NCS curriculum for newly hired employees in the information security industry.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.12
• /
• pp.285-296
• /
• 2011

UN, OECD, ITU and other international organizations regularly announce ISI (Information Society Index) to utilize in establishing and evaluating information policies. ISI is utilized as important data for countries to evaluate their information policy performance and select future projects. As the advancement of information systems, the importance of information security has been emerged. Accordingly, NISI (National Information Security Index) has been required. NISI number is the most clearly figure to express the characteristics of a particular group's information security. It can be utilized in determining information security policies. Currently, questionnaire method has been used to calculate NISI number. But there is an absolute lack of statistical data, and the reliability of surveyed statistical data is problematic. The objective of this paper is to show how to collect precise micro data of each company's information security index numbers, and to develop an OLAP database system which calculating NISI numbers by using those micro data. In this process of the survey, we presented the technique to collect the data more systematically, and to analyze the data without using questionnaire method. OLAP architecture performs only well on the facts that are summarizable along each dimension, where all hierarchy schemas are distributive. Therefore we transformed the non-distributive hierarchy schema into the distributive hierarchy schema to implement OLAP database system. It is thought that this approach will be useful one from an implementation and schema design point of view.

• The Journal of the Korea Contents Association
• /
• v.21 no.9
• /
• pp.234-244
• /
• 2021

The purpose of this study is to investigate the effect of the retirement pension system on workers' retirement income security and job commitment, and to verify the mediating effect of corporate welfare satisfaction in the relationship between the retirement pension system's retirement income security and job commitment. Employees of domestic K-company, which have been implementing the retirement pension system since 2011, were surveyed, and 403 copies of the final data were analyzed using SPSS 22.0. The analysis results are as follows. First, as the sub-factors of the retirement income security, the guarantee of the retirement benefits right and the income replacement rate had a significant positive(+) effect on job commitment. Second, as sub-factors of the retirement income security, the income replacement rate and customized retirement design had a significant positive(+) effect on corporate welfare satisfaction. Third, corporate welfare satisfaction had a significant positive(+) effect on job commitment. Fourth, it was found that the relationship between the income replacement rate and job commitment, which are sub-factors of retirement income security, is mediated by diversity and the level of benefits, sub-factors of corporate welfare satisfaction. Based on the results of this study, it was confirmed that the implementation of the retirement pension system enhances the employee's job commitment and corporate welfare satisfaction, and is also important for corporate management.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.83-93
• /
• 2009

In recent years, cyber crimes were intended to get financial benefits through malicious attempts such as DDoS attacks, stealing financial information and spamming. Botnets, a network composed of large pool of infected hosts, lead such malicious attacks. The botnets have adopted several evasion techniques and variations. Therefore, it is difficult to detect and eliminate them. Current botnet solutions use a signature based detection mechanism. Furthermore, the solutions cannot cover broad areas enough to detect world-wide botnets. In this study, we suggest an architecture to detect and regulate botnets using cooperative design which includes modules of gathering network traffics and sharing botnet information between ISPs or nations. Proposed architecture is effective to reveal evasive and world-wide botnets, because it does not depend on specific systems or hardwares, and has broadband cooperative framework.

• Convergence Security Journal
• /
• v.22 no.5
• /
• pp.49-59
• /
• 2022

Cyber security in the automobile sector is a key factor in the life cycle of automobiles, and cyber security evaluation standards are being strengthened worldwide. In addition, not only manufacturers who design and produce automobiles, but also due to the nature of automobiles consisting of complex components and various parts, the safety of cybersecurity can be secured only when the implementation level of the cybersecurity management system of companies participating in the entire supply chain is evaluated and managed. In this study, I analyzed the requirements of ISO/SAE 21434 and TISAX, which are representative standards for evaluating automotive cybersecurity. Through a survey conducted on domestic/overseas company security officers and related experts, suitability and feasibility were reviewed according to priorities and industries, so 6 areas and 45 evaluation criteria were derived and presented as final evaluation items. This study is meaningful as a study in that it presented a model that allows companies participating in the automotive supply chain to evaluate the current cybersecurity management level of the company by first applying ISO/SAE 21434 and TISAX overall control processes before uniformly introducing them.

• Journal of Platform Technology
• /
• v.12 no.1
• /
• pp.91-105
• /
• 2024

As the number of cases of applying IT systems to the existing isolated ICS (Industrial Control System) network environment continues to increase, security threats in the ICS environment have rapidly increased. Security threat scenarios help to design security strategies in cybersecurity training, including analysis, prediction, and response to cyberattacks. For successful cybersecurity training, research is needed to develop valid and reliable security threat scenarios for meaningful training. Therefore, this paper proposes a case-based security threat scenario development methodology for cybersecurity training in the ICS environment. To this end, we develop a methodology consisting of five steps based on analyzing actual cybersecurity incident cases targeting ICS. Threat techniques are standardized in the same form using objective data based on the MITER ATT&CK framework, and then a list of CVEs and CWEs corresponding to the threat technique is identified. Additionally, it analyzes and identifies vulnerable functions in programming used in CWE and ICS assets. Based on the data generated up to the previous stage, develop security threat scenarios for cybersecurity training for new ICS. As a result of verification through a comparative analysis between the proposed methodology and existing research confirmed that the proposed method was more effective than the existing method regarding scenario validity, appropriateness of evidence, and development of various scenarios.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.25 no.4B
• /
• pp.700-707
• /
• 2000

In this paper, we address vulnerabilities of legacy VOD system and implement secure-VOD system to protect security holes of it. Our secure-VOD system provide user authentication using one-time password, message authentication and encryption/decryption for video server information. To improve security of existing fixed password system, our secure-VOD system use one-time password. Also, our secure-VOD system provides integrity for video server information by generating and verifying message authentication code using HMAC-HAS 160 algorithm. Finally, our secure-VOD system uses RC5 encryption algorithm to guarantee confidentiality for video server information.