• Journal of Information Technology Services
• /
• v.22 no.3
• /
• pp.49-63
• /
• 2023

The inclusion of software and wireless communication devices in vehicles has raised concerns regarding automobile security. In its response, UNECE WP.29 implemented the first-ever international standard for automotive cyber security in June 2020. Yet, the existing disparity between national standards for automotive certification systems and 「UN Regulation No. 155」 has caused confusion among auto makers. This discrepancy not only jeopardizes the security of domestic vehicles but also poses challenges to the seamless import and export of automobiles. Hence, there is a need to enhance the automotive cyber security certification system; however, there is a dearth of scholarly discourse on this topic. Consequently, this study presents a proposal for enhancing the domestic automotive cyber security certification system. In view of this, existing legal frameworks such as the 「Motor Vehicle Management Act」 and the 「Self-Driving Vehicle Act」 were reviewed, along with domestic and international automotive certification systems. The recommendations for improvement, derived from the findings, encompass institutional, legal, and operational aspects. This study is highly significant as it examines both domestic and international automotive certification systems in an area where there is a lack of academic discussion.

• Journal of Korean Society for Quality Management
• /
• v.51 no.4
• /
• pp.677-689
• /
• 2023

Purpose: The purpose of this study is to design a x-ray screening rating system to improve X-ray screening ability, which is a core job competency of security screener at Incheon International Airport, and to verify its effectiveness through empirical analysis to suggest ways to improve the level management system. Methods: In this study, the effectiveness of the research model was analyzed using T-test tests for effect analysis based on the empirical analysis results derived through the competency evaluation model, the screening rating system. Results: The results of this study are as follows. The average score for regular education before the implementation of the x-ray screening rating system was 94.1 points, but after the implementation of the x-ray screening rating system, the average score for regular education was 95.5 points, an average of 1.4 points increased. In addition, the proportion of those with 95 or more points classified as high scorers also increased significantly from 51.1% to 69.3%. Conclusion: The X-ray screening rating system of security inspectors will systematically manage the level of screening ability, which is a key job competency, and play a strong role in improving competency, while preventing security accidents through early identification and intensive training of level-lowers.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.76
• /
• pp.1-20
• /
• 2017

The industrial technology (including trade secrets), which is commonly understood as systematic and applied technical knowledge, can be transferred to third parties by contracting for the transfer of technology or by granting of a licence. The activity of industrial espionage, due to the gradual increase of the economic interests of intellectual property, is displaying intensively in order to gain advanced technology information. With our outstanding high technology, but compared to the level of the advanced countries, the technical protection systems, the legal protection measures and the systematic management thereof may still be insufficient. Our industrial technology outflow abroad, due to the vulnerability to the security control system in our country, has been increasing since the 2000. Computer software and SNS, such as smart devices, appear as a rapid change in the technical information environment. In order to minimize the dead zone of a new industrial security, the country's organic activity is being conducted. In 2006, Industrial Technology Outflow Prevention and Protection Law was enacted, which emphasized the responsibilities of the country. In this paper for the economic entity's efforts to prevent technology leakage oversea, I have looked to how the industrial technology can be protected in terms of national security and economic benefits of our enterprises. To solve the above-mentioned problems hereof, Korean government should willingly establish a reliable legal system for supporting to enterprise's operations, and Korean companies should autonomously introduce a synthetic technology protection system and incorporate the confidentiality clauses in an international transfer of technology agreement with third parties.

• Journal of Arbitration Studies
• /
• v.29 no.4
• /
• pp.77-100
• /
• 2019

Third-party funding in international and domestic disputes is a fast-growing trend and it is increasingly used by large, solvent companies that simply wish to share risk in their finance. On January 10, 2017, the Civil Law Amendment Bill was passed in Singapore and on June 2017 an "Arbitration and Mediation Legislation (Third Party Funding) Bill" in Hong-Kong had a third-party funding to finance the international arbitration and other dispute resolutions expressly approved. This arbitral tribunal's expanding discretion over critical interim measure of security cost was in issue. In Essar v. Norscot (2016), the arbitrator found that the additional third-party funding costs were recoverable as "other costs of the parties." In here, the decision showed the issue of a tribunal's power over cost measures could spread out to be reviewed and broadened through the legislative process. A recent investor-state arbitration case of ICSID, RSM Production Corporation v. Saint Lucia, covered the express awarding of security for costs where a claimant was funded by a third-party funder. It seems inevitable that the volume of third-party funding industry will grow more as time goes on. The next step would be to formulate guidelines on how to determine criteria against which an application for security for costs is measured.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.8
• /
• pp.1811-1817
• /
• 2015

This paper analyzes domestic research trend on information security, compares its results with international trends, and studies future directions we should have on national level. This research is a successor of the work for analysis of global research trend on information security. Therefore we select the same analysis method to compare domestic and international research trends exactly. To do this, we use domestic papers presented or published from 2001 to 2014, measure temporal relationship between technologies related to information security, analyze domestic research trends, and compare the results. Finally we will suggest our future direction through considering international future markets of technologies.

• Journal of Information Technology Services
• /
• v.15 no.4
• /
• pp.63-72
• /
• 2016

Critical infrastructure has been operating in a closed environment with a completely separate information system and in the private area. However, with the current ICT environment changes due to convergence and open platforms it has increased the threats and risks to critical infrastructure. The importance of cyber security is increasing in the infrastructure control system, such as the outbreak of Ukraine blackout in 2015 by a malicious code called 'black energy'. This thesis aims to recognize the importance and necessity of protecting the critical infrastructure service, designing a security framework reflecting environmental and characteristic changes, and analyzing the management system suitable for a security framework. We also propose a theoretical basis for constructing a new security framework by comparing and analyzing seven international security management system standards, such as NIST 800-82 and IEC 62443-2-1, which are used in the control system. As a result, the environment surrounding critical infrastructure changes with the characteristics of connectivity, openness, and finality was studied, and as a response to this, many scholars and institutions present critical infrastructure security frameworks as cycle enhancement type structures, risk management structures, and management domain expansion structures. In response, the security framework encompassing these structures, CISF (Critical Infrastructure Security Framework), was designed. Additionally, through the security related international standard and criterion analysis, as a newly designed security standard suitable for CISF, IEC 62443-2-1 is reviewed and suggestions are made.

• International Journal of Computer Science & Network Security
• /
• v.22 no.8
• /
• pp.269-274
• /
• 2022

Economy of Ukraine is characterized by the rapidly increased level of financial failures at a corporate level. Conditions of doing business in Ukraine become tighter year after year and it should motivate the business owners not only to watch more accurately the state in which their business is but also to introduce new, more precise, more tight systems of crisis management and economic security. The experience shows that in order to stay afloat and not to suffer losses companies should pay more attention to different areas of economic security, such as production potential, financial indicators, logistics, staff, etc. For this purpose companies should use a system of valuation of the most important for their activity indicators and transform their values in an integral one in order to use this assessment in making managerial decisions. Such a valuation is one of the components which the article presents. The article also reveals the key points which characterize crisis management as an integral part of enterprise development and economic security. There are specified the essence and problems of crisis management and proposed the ways of raising the level of economic security of a company based on the example of an industrial and commercial enterprise. The key focus of the enterprise's economic security management is defined as constructive responses to threats from the external environment and, as a result, ensuring stable functioning and effective realization of untapped potential in the future. The current assumption is to explain the scheme of strategic management of an industrial and commercial enterprise and to calculate the methodology of an express assessment of the level of enterprise economic security, taking into account the components of crisis management. To assess the level of economic security of the enterprise, it is proposed to use the method of point assessment, which is based on a multi-level system of indicators, which covers the main areas of the enterprise's activity.

• International Commerce and Information Review
• /
• v.9 no.4
• /
• pp.241-261
• /
• 2007

9.11 terrors which happen in 2001 in the U.S. recognize importance about national security and Department of Commerce, country safety department, Federal Communication Commission(FCC) etc. are establishing RFID sticking plan in harbor exit and entrance container for this, and it is real condition that is preparing preparation of law and system that establishes harbor peace law(Safe Port Act) on October, 2006 and acts on for U.S. about container load cargo Europe and Asia each countries. These law and system is logistics security that strengthen search for import and export freight and security to main contents. To meet in these circumstance subsequent, this paper is to examine the following three themes. First, examined necessity of logistics security and logistics security strengthening tendency, and second, examined in achievement of logistics business and RFID, and third, presented logistics security process that utilize change of realization about logistics security and RFID's role for logistics security. Through upper investigation, this paper suggested the realization about logistics security raising, logistics security connection system construction by export step, real-time freight chase that use RFID, construction necessity of executive system and development of logistics security equipment required.

• International Journal of Computer Science & Network Security
• /
• v.21 no.11
• /
• pp.257-265
• /
• 2021

Home networking and its security issues are directly related. Previous studies have shown that home-network and understanding the security of it is a problem for non-technical users. The existing network management tools or ISP adapter tools are far too technical and difficult to be understood by ordinary home-network users. Its interface is not non-technical user-directed and does not address the home user's needs in securing their network. This paper presents an interactive security monitoring tool, which emphasizes support features for home-network users. The tool combines an interactive visual appearance with a persuasive approach that supports sustainability. It is not only an easy-to-use tool for all categories of home-network users but also acts as a monitoring feature for the user to secure their home-network.

• International Journal of Computer Science & Network Security
• /
• v.24 no.6
• /
• pp.99-108
• /
• 2024

The Internet of Things (IoT) is a novel concept that allows a large number of objects to be connected to the Internet while also allowing them to be controlled remotely. The Internet of Things is extensive and has become an almost inseparable part of our daily lives. Users' personal data is frequently obtained by these linked gadgets and stored online. In recent years, the security of acquired data has become a major concern. As devices grow more linked, privacy and security concerns grow more pressing, and they must be addressed as soon as possible. IoT implementations and devices are particularly vulnerable to attacks that might adversely affect customer security and privacy, which might have an impact on their practical utility. The goal of this study is to bring attention to the security and privacy concerns that exist in IoT systems. To that purpose, the paper examines security challenges at each level of the IoT protocol stack, identifies underlying impediments and critical security requirements, and provides a rapid overview of available security solutions for securing IoT in a layered environment.