• 인터넷정보학회논문지
• /
• 제15권3호
• /
• pp.91-100
• /
• 2014

IT 보안의 중요성으로 인해 IT 보안 솔루션의 성능 및 기업의 보안에 대한 투자는 꾸준히 증가하고 있지만, 보안 사고 발생으로 인한 기업의 금전적 손실 감소는 여전히 기대에 미치지 못하고 있는 상황이다. 보안 솔루션을 운영하고 있는 기업을 상대로 한 조사 결과에 따르면, 기업의 보안 솔루션에 대한 이해 부족과 잘못된 투자 전략이 기업의 투자 대비 보안 효율성 향상을 기대에 미치지 못하게 하는 주요한 원인으로 분석되었다. 본 논문에서는 기업의 보안 솔루션에 대한 잘못된 투자로 인한 투자 대비 보안 효율성 저하 문제를 해결하기 위한 보안 투자 결정 모델을 제안한다. 구체적으로는, IT 자산의 취약성 이용 공격으로 인한 조직의 피해 발생 이전에 보안 사고 예방이 가능한 사전 보안 솔루션(Proactive Security Solutions, PSSs)과 조직의 피해 발생 이후에 보안 사고를 조사 및 분석할 수 있는 사후 보안 솔루션 (Reactive Security Solutions, PSSs)에 대한 기업의 투자 방법론을 결정하기 위한 포괄적인 수학적 모델을 제안한다. 또한, 제안된 분석 모델을 사용하여 보안 솔루션의 다양한 매개 변수 영향력 아래에서 조직의 IT 보안 투자 예상 순 이익(expected net benefit)을 극대화하기 위한 최적의 방안을 모색한다.

• International Journal of Computer Science & Network Security
• /
• 제23권2호
• /
• pp.210-226
• /
• 2023

It is difficult to transform a blockchain initiative from the feasibility stage to the fully commercialized the technology's products or services, especially considering the significant investment required and the lack of studies on the benefits and barriers from deployment perspective. Whereas some organizations have come up with their own solutions to moving beyond the feasibility stage, commercial applications do not yet exist and few organizations are willing to invest beyond the prototype phase and fill in the gap between the expected and actual business value of these types of projects. This study aims to develop a blockchain model using a survey to gather qualitative data on experts' opinions on the deployment of blockchain technology. Our model will measure how business professionals could take advantage of blockchain's disruptive technology to develop business opportunities. This study's contribution is to show blockchain technology's potential strategic business value. The findings from this exploration include the prospective for delivering comprehensions to businesses for different creating investment choices on the embracing of the blockchain technology.

• 디지털산업정보학회논문지
• /
• 제8권3호
• /
• pp.33-39
• /
• 2012

Since the passing of the Personal Information Act in March 2011 and its initial introduction in September, over the one year to date diverse security devices and solutions have been flowing into the market to enable observance of the relevant laws. Beginning with security consulting, corporations and institutions have focused on technology-based business in order to enable observance of those laws competitively in accordance with 6-step key procedures including proposal, materialization, introduction, construction, implementation, and execution. However there has not been any investment in human resources in the field of education such as technology education and policy education relative to the most important human resources field nor investment in professionals in the organization for the protection of personal information or in human resources for operating and managing IT infrastructure for actual entire personal information such as special sub-organizations. In this situation, as one process of attracting change from the nature of the technology-based security market toward a professional human resource-based security infrastructure market, it is necessary to conduct research into standardization modeling concerning special organizational composition and a management system for the protection of personal information.

• 융합보안논문지
• /
• 제17권5호
• /
• pp.19-25
• /
• 2017

공공기관에서는 보안위협에 대응하기 위해 매년 정보보안 솔루션에 투자하고 있다. 하지만 도입된 솔루션이 실제 공공기관의 정보보안 수준 향상에 영향을 미치는지에 대한 연구가 미비한 상태이며, 이로 인해 공공기관에 도입된 솔루션의 투자효과에 대한 측정의 어려움 등이 발생하고 있다. 이에 따라 본 논문은 정보보안 솔루션의 도입 시 실제 정보보안 수준 향상에 미치는 영향에 대한 실증을 위해 전체 공공기관에 도입되어 있는 '내PC지키미' 솔루션을 중심으로 연구를 수행하였다. 분석 결과 내PC지키미 솔루션은 공공기관 사용자의 정보보안 인식향상에 긍정적인 영향을 미쳤고, 이로 인해 조직의 정보보안 수준이 높아진 것을 실증하였다. 또한, 솔루션 운영 시 보안 정책의 강제화 유무에 따른 보안성 향상에 대하여 확인하였다. 본 연구의 결과를 바탕으로 향후 공공기관의 사용자 및 관리자들이 정보보안 솔루션 도입 시 내부 보안정책 수립과 같은 운영 프로세스 개선 방안에 활용할 수 있다.

• International Journal of Computer Science & Network Security
• /
• 제23권11호
• /
• pp.128-132
• /
• 2023

Investment authorities are broad financial institutions that carefully manage investments on behalf of the national government using a long-term value development approach. To provide a stronger structure or framework for In-vestment Authorities to govern the distribution of funds to public and private markets, we've started research to create a blockchain-based prototype for managing and tracking numerous finances of such authorities. We have taken the case study of Oman Investment Authority (OIA) of Sultanate of Oman. Oman's wealth is held in OIA. It is an organization that oversees and utilizes the additional capital generated by oil and gas profits in public and private markets. Unlike other Omani funds, this one focus primarily on assets outside the Sultanate. The operation of the OIA entails a huge number of transactions, necessitating a high level of transparency and administration among the parties involved. Currently, OIA relies on various manuals to achieve its goals, such as the Authorities and Responsibilities manual, the In-vestment Manual, and the Code of Business Conduct, among others. In this paper, we propose a Blockchain based framework to manage the operations of OIA. Blockchain is a part of the Fourth Industrial Revolution, and it is re-shaping every industry. The main components of every blockchain are assets and participants. The funds are the major assets in the proposed study, and the participants are the various fund shareholders/recipients. The block-chain's transactions are all safe, secure, and immutable, and it's part of a trustless network. The transactions are simple to follow and verify. By replacing intermediary firms with smart contracts, blockchain-based solutions eliminate any middlemen in the fund allocation process.

• 한국컴퓨터정보학회논문지
• /
• 제21권6호
• /
• pp.89-96
• /
• 2016

Damage and attack size of cyber terror is growing to the national size. Not only targeting at a certain companies or individuals but number of cyber terror targeting government bodies or unspecific people is increasing. This is because compared to traditional weapon, input cost is very cheap but ripple effect and shock are much stronger, affecting not only certain groups but also each individuals. 'Anti-terror measurement for protection of nation and public safety' passed last month is one of the renowned measurement passed regardless of objection from opposition party. The opposition party went against this through filibuster for 192 hours but this finally passed National Congress due to lack of oppositions. Korean government is taking post actions after passage of anti-terror measurement. Legislation of enforcement ordinance and regulations is due by 6th of next month. This regulation will be executed from June 4th after legislation. Whenever there is any security issues such as hacking of Korea Hydro and Nuclear Power and National Intelligence Service happens, lot of attention is made to those hackers. However, social recognition or management of those hackers need lot more improvement. Especially, as market of internet of things is increasing, there is an increased anxiety on information security. But as we only rely on security solutions, this problems are keep happening. Therefore, active investment on nurturing hackers who play the role of 'spear and shield' shall be made. Government should put more efforts to allow white hackers to show their abilities. We should have a policy for supporting high-quality programs such as BoB. To make information protection industry into future growth engine, it is necessary to nurture professionals for information protection and white hackers through special programs. Politicians should make related regulations as soon as possible to remove factors that prevent swift management of cyber attack due to lack of legislation. Government should pay lot more financial investment to nurturing professional manpower than now. Protecting life and asset of nation is responsibility and duty of our government. We all should recognize that controlling cyber attack is a part of national defense.

• International Journal of Computer Science & Network Security
• /
• 제23권2호
• /
• pp.173-182
• /
• 2023

The UAE government has set its sights on creating a smart, electronic-based government system that utilizes AI. The country's collaboration with India aims to bring substantial returns through AI innovation, with a target of over $20 billion in the coming years. To achieve this goal, the UAE launched its AI strategy in 2017, focused on improving performance in key sectors and becoming a leader in AI investment. To ensure public safety as the role of AI in government grows, the country is working on developing integrated cyber security solutions for SCADA systems. A questionnaire-based study was conducted, using the AI IQ Threat Scale to measure the variables in the research model. The sample consisted of 200 individuals from the UAE government, private sector, and academia, and data was collected through online surveys and analyzed using descriptive statistics and structural equation modeling. The results indicate that the AI IQ Threat Scale was effective in measuring the four main attacks and defense applications of AI. Additionally, the study reveals that AI governance and cyber defense have a positive impact on the resilience of AI systems. This study makes a valuable contribution to the UAE government's efforts to remain at the forefront of AI and technology exploitation. The results emphasize the need for appropriate evaluation models to ensure a resilient economy and improved public safety in the face of automation. The findings can inform future AI governance and cyber defense strategies for the UAE and other countries.

• 유통과학연구
• /
• 제10권7호
• /
• pp.33-41
• /
• 2012

The purpose of this study is to analyse the state of the energy industry and to determine the efficiency of its functioning on the basis of energy conservation principle and application of innovative technologies aimed at improving the ecological modernisation of agricultural sectors of Kazakhstan. The research methodology is based on an integrated approach of financial and economic evaluation of the effectiveness of the investment project, based on calculation of elasticity, total costs and profitability, as well as on comparative, graphical and system analysis. The current stage is characterised by widely spread restructuring processes of electric power industry in many countries through introduction of new technical installations of energy facilities and increased government regulation in order to enhance the competitive advantage of electricity market. Electric power industry features a considerable value of creating areas. For example, by providing scientific and technical progress, it crucially affects not only the development but also the territorial organisation of productive forces, first of all the industry. In modern life, more than 90% of electricity and heat is obtained by Kazakhstan's economy by consuming non-renewable energy resources: different types of coal, oil shale, oil, natural gas and peat. Therefore, it is significant to ensure energy security, as the country faces a rapid fall back to mono-gas structure of fuel and energy balance. However, energy resources in Kazakhstan are spread very unevenly. Its main supplies are concentrated in northern and central parts of the republic, and the majority of consumers of electrical power live in the southern and western areas of the country. However, energy plays an important role in the economy of industrial production and to a large extent determines the level of competitive advantage, which is a promising condition for implementation of energy-saving and environmentally friendly technologies. In these circumstances, issues of modernisation and reforms of this sector in Kazakhstan gain more and more importance, which can be seen in the example of economically sustainable solutions of a large local monopoly company, significant savings in capital investment and efficiency of implementation of an investment project. A major disadvantage of development of electricity distribution companies is the prevalence of very high moral and physical amortisation of equipment, reaching almost 70-80%, which significantly increases the operating costs. For example, while an investment of 12 billion tenge was planned in 2009 in this branch, in 2012 it is planned to invest more than 17 billion. Obviously, despite the absolute increase, the rate of investment is still quite low, as the total demand in this area is at least more than 250 billion tenge. In addition, industrial infrastructure, including the objects of Kazakhstan electric power industry, have a tangible adverse impact on the environment. Thus, since there is a large number of various power projects that are sources of electromagnetic radiation, the environment is deteriorated. Hence, there is a need to optimise the efficiency of the organisation and management of production activities of energy companies, to create and implement new technologies, to ensure safe production and provide solutions to various environmental aspects. These are key strategic factors to ensure success of the modern energy sector of Kazakhstan. The contribution of authors in developing the scope of this subject is explained by the fact that there was not enough research in the energy sector, especially in the view of ecological modernisation. This work differs from similar works in Kazakhstan in the way that the proposed method of investment project calculation takes into account the time factor, which compares the current and future value of profit from the implementation of innovative equipment that helps to bring it to actual practise. The feasibility of writing this article lies in the need of forming a public policy in the industrial sector, including optimising the structure of energy disbursing rate, which complies with the terms of future modernised development of the domestic energy sector.

• 한국재난관리표준학회지
• /
• 제1권1호
• /
• pp.45-51
• /
• 2008

본 연구에서는 예산지원이 원활치 못한 자연재해위험지구에 대한 정비사업을 효율적으로 추진하고, 재해예방사업을 조속히 이행하며 재정지원을 안정적으로 확보할 수 있는 몇 가지 방안을 제안하고자 한다. 이를 위해서 자연재해위험지구 지정절차 및 법적등 제도적 장치 에 대한 분석을 수행하고, 경기도에서 수행된 정비사업을 지역, 피해이력, 연간투자계획, 재정기금 등의 측면에서 조사 분석 하였다. 추가적으로 재난관리기금을 보존하거나 사용하는 여부를 결정하는 기준을 조사하였으며, 기금출처 및 지출, 기금사용의 법적 문제점을 분석하고 그 해결책을 제시하였다. 결과적으로 본 연구에서는 재난관리기금이 재난위험을 초기에 감소시키기 위해서 자연재해위험지구 정비사업에 투자될 수 있도록 법적제도를 완화하여야 하며, 적립금 상한제를 두어 초과분은 재해예방사업에 안정적으로 투자 할 수 있는 재원으로 활용해야함을 제안하고자 한다.

• 유통과학연구
• /
• 제13권11호
• /
• pp.123-130
• /
• 2015

Purpose - Due to highly elevated levels of competition, many companies today have to face the problem of decreasing profits even when their actual sales volume is increasing. This is a common phenomenon that is seen occurring among companies that focus heavily on quantitative growth rather than qualitative growth. These two aspects of growth should be well balanced for a company to create a sustainable business model. For supply chain management (SCM) planners, the optimized, quantified flow of resources used to be of major interest for decades. However, this trend is rapidly changing so that managers can put the appropriate balance between sales volume and sales quality, which can be evaluated from the profit margin. Profit optimization is a methodology for companies to use to achieve solutions focused more on profitability than sales volume. In this study, we attempt to provide executional insight for companies considering implementation of the profit optimization system to enhance their business profitability. Research design, data, and methodology - In this study, we present a comprehensive explanation of the subject of profit optimization, including the fundamental concepts, the most common profit optimization logic algorithm -linear programming -the business functional scope of the profit optimization system, major key success factors for implementing the profit optimization system at a business organization, and weekly level detailed business processes to actively manage effective system performance in achieving the goals of the system. Additionally, for the purpose of providing more realistic and practical information, we carefully investigate a profit optimization system implementation case study project fulfilled for company S. The project duration was about eight months, with four full-time system development consultants deployed for the period. To guarantee the project's success, the organization adopted a proven system implementation methodology, supply chain management (SCM) six-sigma. SCM six-sigma was originally developed by a group of talented consultants within Samsung SDS through focused efforts and investment in synthesizing SCM and six-sigma to improve and innovate their SCM operations across the entire Samsung Organization. Results - Profit optimization can enable a company to create sales and production plans focused on more profitable products and customers, resulting in sustainable growth. In this study, we explain the concept of profit optimization and prerequisites for successful implementation of the system. Furthermore, the efficient way of system security administration, one of the hottest topics today, is also addressed. Conclusion - This case study can benefit numerous companies that are eagerly searching for ways to break-through current profitability levels. We cannot guarantee that the decision to deploy the profit optimization system will bring success, but we can guarantee that with the help of our study, companies trying to implement profit optimization systems can minimize various possible risks across various system implementation phases. The actual system implementation case of the profit optimization project at company S introduced here can provide valuable lessons for both business organizations and research communities.