• 한국지리정보학회지
• /
• 제26권4호
• /
• pp.67-79
• /
• 2023

노트북, 스마트 기기 및 다양한 IoT 장비를 통한 서비스 환경은 매우 빠르게 발달하고 있다. 이러한 인터넷 환경에서 최근의 보안 대책은 주로 네트워크 응용 수준의 보안 대책인 방화벽(침입 차단 시스템-Firewall)과 IDS(침입 탐지 시스템-Intrusion Detection System)으로 이루어지고 있다. 또한, 최근에는 다양한 보안 데이터의 현장 활용이 이루어지고 있고 이런 보안 데이터의 관리와 파기에 대한 이슈 소요가 제기되고 있다. 이러한 보안 데이터의 관리를 위해 문서보안(DRM:Digital Rights Management)이나 데이터 손실 방지 솔루션(DLP:Data Loss Prevention)과 같은 제품이 사용되고 있다. 그러나 이런 보안 대책에도 사용성 문제로 인해 현장에서 사용하기 위해 반출된 데이터 보안 대책은 대부분 환경에서 해당 데이터를 암호화하여 전달하고 저장하는 정도로 운영되고 있으며, 암호키 관리나 데이터의 파기에 관한 대책이 미흡한 것이 현실이다. 이러한 문제점을 기반하여 OS 기반의 보안 모듈을 제공함으로써 사용자는 동일한 인터페이스로 보안 데이터를 관리 운영할 수 있는 SecureOS Module을 제시하고자 한다.

• 한국IT서비스학회지
• /
• 제19권1호
• /
• pp.173-185
• /
• 2020

It is very important to evaluate training because it can systematically grasp the current status of training. Evaluation includes getting ongoing feedback from the learner, trainer and learner's supervisor, to improve the quality of the training and identify if the learner achieved the goals of the training. It also provides a justification for the implementation of training. Nonetheless, there is a lack of studies that attempt to evaluate information security training programs. In this study, we utilize the Philips model to evaluate the public training programs for the people who are in charge of the information security duties in the public sector and propose the training improvement plans. Research result has shown that it is necessary to evaluate the level of the trainees in advance and conduct training programs according to the information security skill level. In addition, it needs to conduct training according to duties such as information security management, information security operate and maintain. The limitation of this study is that each education program was not assessed individually because this study had developed an evaluation tool that could be used comprehensively.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제17권10호
• /
• pp.2862-2882
• /
• 2023

With the development of networking technology, it has become common to use various types of network services to replace physical ones. Among all such services, electronic voting is one example that tends to be popularized in many countries. However, due to certain concerns regarding information security, traditional paper voting mechanisms are still widely adopted in large-scale elections. This study utilizes blockchain technology to design a novel electronic voting mechanism. Relying on the transparency, decentralization, and verifiability of the blockchain, it becomes possible to remove the reliance on trusted third parties and also to enhance the level of trust of voters in the mechanism. Besides, the mechanism of blind signature with its complexity as difficult as solving an elliptic curve discrete logarithmic problem is adopted to strengthen the features related to the security of electronic voting. Last but not least, the mechanism of self-certification is incorporated to substitute the centralized certificate authority. Therefore, the voters can generate the public/private keys by themselves to mitigate the possible risks of impersonation by the certificate authority (i.e., a trusted third party). The BAN logic analysis and the investigation for several key security features are conducted to verify that such a design is sufficiently secure. Since it is expected to raise the level of trust of voters in electronic voting, extra costs for re-verifying the results due to distrust will therefore be reduced.

• 대한산업공학회지
• /
• 제39권2호
• /
• pp.129-134
• /
• 2013

The airport processes are restricted by some limits of performance objects as size of airport, ability of human resources, capacity of facilities and operational rules. These limitations make passenger handling difficult when passenger numbers increase. In order to solve this problem, we modeled the airport process and analyzed departure passenger arrival, scheduled security manpower under specific customer service level maintenance with mixed integer programming and validate the efficiency with simulation with adapting smart airport framework. We concluded that the airport management with information techniques can reduce waiting time within security and immigration process.

• 한국정보처리학회논문지
• /
• 제6권11S호
• /
• pp.3278-3288
• /
• 1999

This paper proposes a security platform, called SCAP(Security platform for CORBA based APplication), to cope with potential threats in a distributed object system. SCAP supports CORBA security specification announced by OMG. SCAP is comprised of four functional blocks, which co-work with ORB to provide security services: Authentication Block, Association Block, Access Control Block, and Security Information Management Block. It is designed to support Common Secure Interoperability Functionality Level 2, which is useful for large-scale intra-, or inter-network based applications. Actual security services, which are dependent on supporting security technology, will be provided as external security service for replace ability. Implementation issues such as how to simulate an interceptor mechanism using a commercial ORB product without source code, and how to extend Current object required for security services are also described. At the end of the paper, the SCAP applied to the web environment is described to show its practical utilization.

• 디지털산업정보학회논문지
• /
• 제12권4호
• /
• pp.59-69
• /
• 2016

We proposed a specialized model of performance measurement to measure the training performance of the trainees in cyber practical training. Cyber security professionals are cultivating their expertise, skills, and competencies through cyber practical training in specialized education and training institutions. The our proposed process of trainee evaluation is consisted of an evaluation component discovery, evaluation item selection, evaluation index catalog, ratings and criteria decision, and calculation formula. The trainee evaluation is consisted of a formative evaluation during the training and an overall evaluation after finished training. Formative evaluation includes progress evaluation and participation evaluation, and overall evaluation includes practice evaluation and learning evaluation. The evaluation is weighted according to the importance of evaluation type. Because it is evaluated actual skills and abilities, competencies are assigned a high weight, while knowledge and attitudes are assigned a low weight. If cyber security trainees are evaluated by the proposed evaluation model, cyber security professionals can be cultivated by each skill and knowledge level and can be deployed by importance of security task.

• 한국통신학회논문지
• /
• 제29권12C호
• /
• pp.1707-1721
• /
• 2004

본 논문에서는 네트워크 차원의 종합적인 보안관리가 가능한 침입탐지시스템의 분산 통신모델을 제안하고 보안노드와 분산 시스템 레벨에서 각각 모델링하고 시뮬레이터를 설계하고 구현한다. 노드 레벨에서는 하드웨어기반 침입탐지를 수행하는 기가비트 보안 노드의 구조분석을 기반으로 경보 메시지의 전달 성능을 평가한다. 분산 시스템 레벨에서는 보안정책을 기반으로 네트워크 수준에서 분산 침입방지시스템의 컴포넌트 사이에 전달되는 탐지 및 경보 정보의 전달 성능을 모의실험을 통하여 성능평가를 수행한다. 제안된 모델에서 통신 메커니즘의 결정요인들을 적용하여 성능 평가를 수행하고 시스템의 정량적인 이해를 하기 위하여 결과를 제시한다.

• International Journal of Computer Science & Network Security
• /
• 제22권1호
• /
• pp.312-318
• /
• 2022

The article notes that one of the reasons for the crisis in education was the sharp discrepancy between the emerging new forms and content and the model of macro-management that has developed over the decades. The level of management of the educational system did not emerge as a specific activity characterized by its own mechanisms and processes, just as qualified carriers of this activity - professionals - managers - did not appear. At the same time, there is practically no theoretical and methodological model of the macrolevel of education management, that is, management of the educational system as an integral structure.

• 한국농촌생활과학회지
• /
• 제9권1호
• /
• pp.43-54
• /
• 1998

This study attempted to investigate the factors affecting financial status of the rural middle-aged and old-aged household. The results shelved that the significant variables which influenced on the probability of financial security measured by consumption to income ratio were sex and education level of the household head, family size, total income, total expenditure and total assets. The most influential variables on the probability of financial security measured by liquidity ratio was liquid assets, and total assets. Education level of the household head. liquid assets, total assets, and total debt had significant effects on the probability of financial security estimated by debt burden ratio. Among the economic variables, only liquid asset had significant negative effects on the probability of financial security assessed by the capital stock ratio.

• 한국재난정보학회 논문집
• /
• 제11권4호
• /
• pp.615-621
• /
• 2015

인적 재난은 체계적인 예방과 지속적인 점검을 통해 피해를 대폭 줄일 수 있는 재난이므로 시설을 이용하는 시민의 안전의식도 중요하지만 시설안전을 관리하는 경비원의 안전의식이 더욱 중요하게 고려된다. 즉, 경비원의 안전의식과 전문성 함양은 인적 재난을 포함한 사회적 재난의 피해규모를 축소시키고 효과적 안전관리를 가능하게 한다는 것이다. 따라서 본 연구에서는 시설경비원의 재난안전의식을 향상시키기 위한 영향요인으로 교육훈련 및 조직 안전분위기를 변수로 선정하여 분석을 실시한 후 다음과 같은 연구결과를 확인하였다. 첫째, 교육훈련 중 교육내용과 교육환경은 재난안전의식에 유의한 영향을 미친다. 둘째, 조직 안전분위기는 재난안전의식에 유의한 영향을 미친다. 즉, 교육훈련의 개선과 조직적 차원에서의 안전문화형성은 재난안전의식에 긍정적인 영향을 미쳐 효과적인 안전관리를 가능하게 할 것이다.