• 디지털산업정보학회논문지
• /
• 제11권1호
• /
• pp.59-67
• /
• 2015

A novel authentication mechanism is biometric authentication where users are identified by their measurable human characteristics, such as fingerprint, voiceprint, and iris scan. The technology of biometrics is becoming a popular method for engineers to design a more secure user authentication scheme. In terms of physiological and behavioral human characteristics, biometrics is used as a form of identity access management and access control, and it services to identity individuals in groups that are under surveillance. In this article, we review the biometric-based authentication protocol by Althobati et al. and provide a security analysis on the scheme. Our analysis shows that Althobati et al.'s scheme does not guarantee server-to-user authentication. The contribution of the current work is to demonstrate this by mounting threat of data integrity and bypassing the gateway node on Althobati et al.'s scheme. In addition, we analysis the security vulnerabilities of Althobati et al.'s protocol.

• Industrial Engineering and Management Systems
• /
• 제10권3호
• /
• pp.179-184
• /
• 2011

Recently, the fast development of communication technologies has brought a great convince for human beings' life. Lots of commercial services and transactions can be done by using mobile communication equipments such as smart phones. Consequently, smart phones have attracted lots of companies to invest them for their potential growth of market. Compared with basic feature phone, a smart phone can offer more advanced computing ability and connectivity. However, based on the responses of customers, there still are many defectives such as not friendly and smooth operation, short standby time of batteries, threat of virus infected and so on needed to be improved. Therefore, this study will propose a product innovative function development procedure into TRIZ (theory of inventive problem solving) to transform voice of customers into product design and to create novel functions, respectively. A case study of smart phones will be provided to illustrate the effectiveness of the proposed method.

• 한국컴퓨터산업학회논문지
• /
• 제3권7호
• /
• pp.953-956
• /
• 2002

인터넷 사용 증가로 인한 통신망에 대한 위협은 갈수록 증대되고 있다. 이에 대한 방안으로 많은 보안장비들이 개발되어 설치되고 있으며, 침입차단시스템에 이어 근래에는 침입탐지시스템에 대한 연구와 개발이 활성화되고 있다. 그러나, 네트워크의 규모가 커지고, 관리 대상 시스템의 수가 방대해짐에 따라 현재의 단일 네트워크 단위의 관리로는 해결이 어렵다. 본 논문에서는 IETF에서 진행되고 있는 PBNM(Policy-Based Network Management) 기술을 도입하여 대규모의 네트워크의 보안을 관리하기 위한 통합 침입탐지시스템(Integrated Intrusion Detection System:IIDS)을 설계한다. 통합 침입탐지시스템은 다수의 침입탐지 에이전트로 구성되어 있으며, 시스템의 요구사항과 기능별 요소들에 대하여 기술하고 있다.

• Journal of information and communication convergence engineering
• /
• 제8권6호
• /
• pp.618-622
• /
• 2010

The damages from DDoS attacks are increasing as DDoS attacks are taking various forms. This has resulted not only in decreased reliability of organizations and corporations but also in the threat of national security. Organizations and corporations are making significant efforts in developing a system through which they can appropriately correspond to DDoS attacks. However, the studies on objective index for evaluating the performance of DDoS correspondence are lacking. The majority of the existing studies have been on the information protection & management system on a large scale. Accordingly, the scope of this thesis will be limited to DDoS correspondence to propose correspondence index for quantitatively measuring and managing them. The statistical techniques such as SMART technique and factor analysis will be utilized accordingly.

• 한국항공운항학회지
• /
• 제16권2호
• /
• pp.43-50
• /
• 2008

ICAO(International Civil Aviation Organization) Doc 9803의 국제규정에 의거하여 SMS(Safety Management System-안전관리시스템)의 대표적인 비행안전 모니터링 프로그램으로 인정된 신개념의 운항감사제도인 LOSA(Line Operations Safety Audit-항공운항 안전감사)를 항공사에서 실시하여 정상 운항시의 운항승무원을 관찰하여 실제의 안전취약 및 위협요소, Error를 포착하여 텍사스대학 인적요인 연구소에서 작성한 최종보고서의 분석을 통해 제도와 방안을 개선한다. 본 논문에서는 LOSA실행을 통한 승무원들의 위협 및 error의 유형과 발생율, 관리율 및 관리여부를 분석하여 설명하고 항공사내 개선인 SCP(Safety Change Process)를 소개하는데 있다.

• Journal of Information Processing Systems
• /
• 제16권1호
• /
• pp.61-82
• /
• 2020

The security risk management used by some service providers is not appropriate for effective security enhancement. The reason is that the security risk management methods did not take into account the opinions of security experts, types of service, and security vulnerability-based risk assessment. Moreover, the security risk assessment method, which has a great influence on the risk treatment method in an information security risk assessment model, should be security risk assessment for fine-grained risk assessment, considering security vulnerability rather than security threat. Therefore, we proposed an improved information security risk management model and methods that consider vulnerability-based risk assessment and mitigation to enhance security controls considering limited security budget. Moreover, we can evaluate the security cost allocation strategies based on security vulnerability measurement that consider the security weight.

• 한국디지털정책학회:학술대회논문집
• /
• 한국디지털정책학회 2005년도 추계학술대회
• /
• pp.323-335
• /
• 2005

Globalization of economy brings both opportunities and threats especially for companies in developing countries such as Korea. Globalization is an opportunity because it may expand the size of market for the company where globalization brings a threat for developing global competitiveness. If the company has already built competitive advantage in its business domain, the company can easily transfer market growth to profit improvement. However, if the company has not developed competitive advantage, globalization of economy will give a serious threat for the survivor of the company. The company might lose its own domestic market share. For the less famous brand of product or company name, international expansion is a challenging strategy. The study evaluated organizational performance of companies that try international expansion by utilizing Miles and Snow's strategy typology. We clustered organizations based on their strategy typology (prospector, analyzer, defender, and reactor) in view of the level of product diversification, new product development instances, level of localization, and autonomy of foreign subsidiary. With the strategy typology, we evaluated international strategy in view of product competitiveness, marketing strategy, human resource strategy, and organizational strategy. The regression result demonstrates that the performance of the company is significantly higher when the company employs prospector strategy. We also found out that product quality and emphasis for developed countries in international expansion are the most important factors for success.

• 동아시아식생활학회지
• /
• 제21권2호
• /
• pp.284-297
• /
• 2011

The purpose of this study was to investigate whether a franchisor's influence strategies could affect a franchisee's relationship satisfaction, which in turn could affect their boundary spanning behaviors. The constructs of influence strategies included promise, recommendation, information exchange, request, threat, and legalistic plea. The boundary spanning behaviors were external representation, internal influence, and service delivery. The sample used for this research consisted of store owners or managers of franchisee restaurants in Korea. A total of 605 questionnaires were analyzed using SPSS/$PC^+$ and LISREL. Empirical research findings were that (1) promise, recommendation, and legalistic plea affected relationship satisfaction, and (2) relationship satisfaction influenced external representation, internal influence and service delivery. However, information exchange, request, and threat did not affect relationship satisfaction. Based on these findings, franchisors were recommended to provide motivations to franchisees if the former wants to receive help from the latter.

• 융합보안논문지
• /
• 제19권3호
• /
• pp.101-107
• /
• 2019

우리 군(軍)의 사이버 공간은 적들로부터 지속적인 위협을 받고 있다. 이러한 사이버 위협은 군(軍)이 보유하고 있는 정보화 자산을 대상으로 한 것으로 조직의 정보화 자산에 대한 안전성 확보는 매우 중요하다. 그러나 정보화 자산은 군(軍) 뿐만 아니라 어떠한 조직도 100% 자급자족할 수는 없기 때문에 공급망에 의한 정보화 자산 획득은 어쩔 수 없는 선택이다. 따라서 군 공급망에 대한 안전을 확보하기 위해 공급망 보호대책 검토 후, 이를 근거로 공급망 업체를 검증된 신뢰모델 기반의 파트너십 인증(引證)을 통해 군 공급망 안전을 확보하기 위한 방안을 제시하였다.

• 시스템엔지니어링학술지
• /
• 제17권2호
• /
• pp.23-36
• /
• 2021

Recently, the rapid development of drones is increasing as a variety of threats to important facilities of the country. In order to build an anti-drone system that responds to drones with high technical characteristics, standardization is required in terms of operation, system, and technology. By applying the defense architecture framework, it contributes to the establishment of the optimal system by proposing a standardization plan for the operational and system perspectives of the anti-drone system by creating outputs equivalent to the stage of prior research on weapons systems. It is a prerequisite for building a drone system the operational concept of the anti-drone system, the definition of the drone threat, the function of each component, the interface, the definition of data flow, the system performance and effect scale, etc. Management, security officers, and equipment manufacturers of important national and public facilities on site expect that it will be used as an objective standard at the government level for the component technology of the equipment to respond to the drone threat and the performance required in the environment.