• Proceedings of the Korean Institute of IIIuminating and Electrical Installation Engineers Conference
• /
• 2005.05a
• /
• pp.298-302
• /
• 2005

This paper presents the protection effect of SPDs according to installation conditions. To develop the effective protection countermeasures of information and communication equipments against lightning surges, actual-sized experiments in relation to the protection effects on the installation positions of surge protective devices(SPDs), the length of branch circuit the materials and long of conduit were conducted. The best method for protecting the electronic equipments from surges is to install the SPD at the front point of the devices to be protected. The installation method of the metal conduit bonded with common ground conductor were more effective than that of the PVC conduit.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.39-48
• /
• 2015

As a growing number of people are concerned about the protection of personal information, the use of encryption solution has been increased. In addition, with the end of support for Windows XP and the improvement of operating system, the use of the Full Disk Encryption solution like Bitlocker will be increased. Therefore, it is necessary to consider countermeasures against Full Disk Encryption for the future digital forensic investigation. This paper provides the digital evidence acquisition procedure that responds to the Full Disk Encryption environment and introduces the countermeasures and detection tool against Full Disk Encryption solutions that are widely used.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.3 no.5
• /
• pp.548-574
• /
• 2009

Personal information (hereinafter referred to as "PI") infringement has recently emerged as a serious social problem in Korea. PI infringement in the public and private sector is common. There were 182,666 cases of PI in 2,624 public organizations during the last three years. Online infringement cases have increased. PI leakage causes moral and economic damage and is an impediment to public confidence in public organizations seeking to manage e-government and maintain open and aboveboard administration. Thus, it is an important matter. Most cases of PI leakage result from unsatisfactory management of security, errors in home page design and insufficient system protection management. Protection management, such as encryption or management of access logs should be reinforced urgently. However, it is difficult to comprehend the scope of practical technology management satisfied legislation and regulations. Substantial protective countermeasures, such as access control, certification, log management and encryption need to be established. It is hard to deal with the massive leakage of PI and its security management. Therefore, in this study, we analyzed the conditions for the technical protection measures during the processing phase of PI. In addition, we classified the standard control items of protective measures suited to public circumstances. Therefore, this study provides a standard and checklist by which staff in public organizations can protect PI via technical management activities appropriate to laws and ordinances. In addition, this can lead to more detailed and clearer instructions on how to carry out technical protection measures and to evaluate the current status.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.841-852
• /
• 2021

Biometric recognition refers to a technology that identifies or verifies an individual after registering each individual's physical, physiological, and behavioral characteristics with an automated device. However, the biometric data used here corresponds to personal information since it can identify an individual. Therefore, when it is compromised or misused, it negatively affects the privacy of the data subject. In this paper, we review the current status of domestic laws related to biometric information and the status of infringements related to this. And then, some biometric application models are derived and vulnerabilities and countermeasures for each model are discussed. Finally, for the developer and service provider of the biometric system, protection guidance is presented.

• Journal of Digital Convergence
• /
• v.12 no.5
• /
• pp.263-269
• /
• 2014

Mobile Cloud Service will provide cloud services through mobile devices. Because storage space constraints and computing process performance limitations of mobile devices, this service will process in the cloud environment after moving works and data that have to process in mobile terminal. The obstacles of mobile cloud service activity will have concerned high about the reliability service, data security, and the confidentiality security. In particular, in convergence of mobile services and cloud services, each threats are expected to be generated complicatedly. In this paper, we define the type of mobile cloud services as well as security threats that can occur in mobile cloud. Also we suggest security countermeasures in mobile app. and enterprises countermeasures. We suggest verification of mobile applications for user information protection about security countermeasures in mobile app. Also we describe the cloud providers responsibility and user responsibility about enterprises countermeasures.

• Journal of Digital Convergence
• /
• v.17 no.11
• /
• pp.195-200
• /
• 2019

The role of the Internet of Things in the Fourth Industrial Revolution is in the era of collecting data at the end and analyzing big data through technology to analyze the future or behavior. Therefore, due to the nature of the IoT, it is vulnerable to security and requires a lightweight security protocol. The spread of things Internet technology is changing our lives a lot. IT companies all over the world are already focusing on products and services based on things Internet, and they are going to the era of all things internet that can communicate not only with electronic devices but also with common objects. People, people, people and objects, things and things interact without limitation of time and space, collecting, analyzing and applying information. Life becomes more and more smart, but on the other hand, the possibility of leakage of personal information becomes greater. Therefore, this study proposed security threats that threaten the protection of personal information and countermeasures, and suggested countermeasures for building a secure IoT environment suitable for the Fourth Industrial Revolution.

• Journal of Industrial Convergence
• /
• v.16 no.4
• /
• pp.47-52
• /
• 2018

WebShell is a web script file created by a hacker to remotely commands to a web server. The hacker can bypass the security system using the web shell, access the system, control the system such as file modification, copying and deletion, install malicious code in the web source code, attack the user's PC, And so on. There are many types of WebShell attack, but we study about attacks on PHP and JSP based web server which are used as representative ones. And we propose the method of web page management, method of development, and several other methods. By using these countermeasures, it is possible to effectively prevent damage caused by WebShell attacks.

• Journal of the Korea Convergence Society
• /
• v.9 no.10
• /
• pp.55-59
• /
• 2018

Big-data, a revolutionary technology in the era of the 4th Industrial Revolution, provides services in various fields such as health, public sector, distribution, marketing, manufacturing, etc. It is very useful technology for marketing analysis and future design through accurate and quick data analysis. It is very likely to develop further. However, the biggest problem when using Big-data is privacy and privacy. When various data are analyzed using Big-data, the tendency of each user can be analyzed, and this information may be sensitive information of an individual and may invade privacy of an individual. Therefore, in this paper, we investigate the necessary measures for Personal private information infringement that may occur when using Personal private information in Big-data environment, and propose necessary Personal private information protection technologies to contribute to protection of Personal private information and privacy.

• Journal of the Korean Institute of Illuminating and Electrical Installation Engineers
• /
• v.21 no.1
• /
• pp.35-41
• /
• 2007

Recently, there are increasing social needs for stable supply of electric power and securing high quality of information and communication services. In this work, to propose the effective protection countermeasures of information-oriented equipments against lightning surges, the protection effects of surge protective devices(SPDs) were experimentally investigated using actual-sized test circuits in various installation conditions. As a result, it was found that the protection effect of SPDs is quite different depending on the factors, such as the grounding system of power source, numbers of branch circuits, wiring method of grounding leads, and etc. In case of installing SPDs for information-oriented equipments, including all electric power lines and communication lines, the common grounding should be the most effective. Wiring method containing grounding leads with power lines in metal conduit is suitable to improve the surge cutoff performance of SPDs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.3
• /
• pp.89-95
• /
• 2008

This paper analyzes the intrinsic vulnerability problems of the authentication system for Internet commerce based on the ID and password strings gathered from the computer keyboard. Through the found vulnerability, it is easy to sniff user passwords as well as any other keyboard inputs even when each of the existing keyboard protection softwares is running. We propose several countermeasures against the possible attacks to the vulnerability at both points of the hardware and the software concerns. The more secure environment for Internet commerce is highly required by implementing the proposed countermeasures.