• The Korean Journal of Air & Space Law and Policy
• /
• v.19 no.1
• /
• pp.165-182
• /
• 2004

According to the Annex 17 to the Convention on International Civil Aviation, an appropriate authority of each contracting state has to define and allocate tasks and coordinate activities between the departments, agencies and other organizations of the State, airport and aircraft operators and other entities concerned with or responsible for the implementation of various aspects of the national civil aviation security programme. It is generally recognized that the three major parties responsible for the aviation security at an airport are appropriate government departments, airport operator and airlines. The airlines are the beneficiaries of security activities as well as the provider of security activities. So, their responsibilities have been critical in protecting civil aviation from unlawful interferences. The airport has to take leading role in implementing security tasks at airport area because the airport operator is the provider of airport facilities and services to its customer and the security activities belong to its services. The government has the responsibilities not only for establishing regulatory system but also for oversighting the implementation of aviation security activities. The paper is to review the revision of aviation security regulation and the changes of aviation security responsibilities, and costs and task assignment in Republic of Korea after September 11 event. The responsibilities, tasks and costs assigned to airlines, airport operators and government are introduced and evaluated in terms of economic fairness, effectiveness and efficiency of aviation security activities. The drawbacks of new legal system are pointed out and the suggestions to remedy them are proposed as conclusions.

• Journal of Electrical Engineering and Technology
• /
• v.4 no.3
• /
• pp.353-359
• /
• 2009

This paper proposes a novel technique for calculating the security costs that properly includes ramping constraints in the operation of a deregulated power system. The ramping process is modeled by a piecewise linear function with certain assumptions. During this process, a ramping cost is incurred if the permissible limits are exceeded. The optimal production costs of the power producers are calculated with the ramping cost included, considering a time horizon with N-1 contingency cases using contingency constrained optimal power flow (CCOPF), which is solved by the primal-dual interior point method (PDIPM). A contingency analysis is also performed taking into account the severity index of transmission line outages and its sensitivity analysis. The results from an illustrative case study based on the IEEE 30-bus system are analyzed. One attractive feature of the proposed approach is that an optimal solution is more realistic than the conventional approach because it satisfies physical constraints, such as the ramping constraint.

• Journal of Information Technology Services
• /
• v.19 no.6
• /
• pp.83-95
• /
• 2020

"I think security is only trying to make it uncomfortable." "10% of my work is entering IDs and passwords, such as boot passwords, mobile phone authentication numbers, etc." As reflected in the complaint above, stress caused by information security among organizations' members is increasing. In order to strengthen information security, practical solutions to reduce stress are needed because the motivation of the members is needed in order for organizations to function properly. Therefore, this study attempts to suggest key factors that can enhance security while reducing information security stress among members of organizations. To this end, based on the theory of protection motivation, trust and security stress from information security policies are set as mediating factors to explain changes in security reinforcement behavior. Furthermore, risk, efficacy, and reaction costs of cyberattacks are considered as prerequisites. Our study suggests a solution to the security reinforcement problem by analyzing the factors that influence the behavior of members of organizations. In turn, this can raise protection motivation among members.

• Journal of Korean Society of Disaster and Security
• /
• v.5 no.1
• /
• pp.1-6
• /
• 2012

This study analyzed the direct costs of fall accidents, which have the highest accident rate, for domestic construction industry workers. Firstly, the average insurance payment per person due to fall accidents in the construction industry is around 19 million won (18,971,000 won). Given that the average number of workers suffering fall accidents over ten years is 5,863, the total cost of losses from fall accidents is about 1.1 trillion won (111,360,000,000 won). Secondly, a cost-based economic feasibility analysis was done to develop nonstructural preventive measures for fall accidents. Since there was no data expressing the costs and effects of preventive measures in terms of monetary value, the economic feasibility analysis was attempted with a focus on how much the newly introduced preventive measures can reduce the accident loss costs due to fall accidents. Thirdly, if the accident loss size is grasped and the preventive measures for the causes of fall accidents are developed and strictly implemented, the insurance fee that can reduce the accident loss costs can be determined. Further study is needed to estimate the benefit of the accident loss cost reduction seen from the cost-based approach method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.1
• /
• pp.97-104
• /
• 2006

For successfully deploying many multicast service in the mobile environment, security infrastructures must be developed that manage the keys needed to provide access control to content. In this paper, we propose two methods for designing the key management scheme for the mobile multicast environment. The proposed schemes match the key management tree to the mobile multicast environment for localizing the delivery of he rekeying messages, reducing the communication costs, and solving the handoff problem in wireless region.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.20 no.1
• /
• pp.109-118
• /
• 2024

Recently, a social issue has arisen involving RDDoS attacks following the sending of threatening emails to security administrators of companies and institutions. According to a report published by the Korea Internet & Security Agency and the Ministry of Science and ICT, survey results indicate that DDoS attacks are increasing. However, the top response in the survey highlighted the difficulty in countering DDoS attacks due to issues related to security personnel and costs. In responding to DDoS attacks, administrators typically detect anomalies through traffic monitoring, utilizing security equipment and programs to identify and block attacks. They also respond by employing DDoS mitigation solutions offered by external security firms. However, a challenge arises from the initial failure in early response to DDoS attacks, leading to frequent use of detection and mitigation measures. This issue, compounded by increased costs, poses a problem in effectively countering DDoS attacks. In this paper, we propose a system that creates detection rules, periodically collects traffic using mail detection and IDS, notifies administrators when rules match, and Based on predefined threshold, we use IPS to block traffic or DDoS mitigation. In the absence of DDoS mitigation, the system sends urgent notifications to administrators and suggests that you apply for and use of a cyber shelter or DDoS mitigation. Based on this, the implementation showed that network traffic was reduced from 400 Mbps to 100 Mbps, enabling DDoS response. Additionally, due to the time and expense involved in modifying detection and blocking rules, it is anticipated that future research could address cost-saving through reduced usage of DDoS mitigation by utilizing artificial intelligence for rule creation and modification, or by generating rules in new ways.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.4
• /
• pp.1223-1247
• /
• 2012

The need for securing Wireless Sensor Networks (WSNs) is essential especially in mission critical fields such as military and medical applications. Security techniques that are used to secure any network depend on the security requirements that should be achieved to protect the network from different types of attacks. Furthermore, the characteristics of wireless networks should be taken into consideration when applying security techniques to these networks. In this paper, energy efficient Security Model for Tree-based Routing protocols (SMTR) is proposed. In SMTR, different attacks that could face any tree-based routing protocol in WSNs are studied to design a security reference model that achieves authentication and data integrity using either Message Authentication Code (MAC) or Digital Signature (DS) techniques. The SMTR communication and processing costs are mathematically analyzed. Moreover, SMTR evaluation is performed by firstly, evaluating several MAC and DS techniques by applying them to tree-based routing protocol and assess their efficiency in terms of their power requirements. Secondly, the results of this assessment are utilized to evaluate SMTR phases in terms of energy saving, packet delivery success ratio and network life time.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.6
• /
• pp.3280-3298
• /
• 2019

Vehicular ad-hoc networks (VANETs) have become increasingly significant in intelligent transportation systems, they play a great role in improving traffic safety and efficiency. In the deployment of intelligent VANETs, intelligent vehicles can efficiently exchange important or urgent traffic information and make driving decisions. Meanwhile, secure data communication and vehicle's identity privacy have been highlighted. To cope with these security issues, in this paper, we construct an efficient anonymous authentication scheme with secure communication in intelligent VANETs. Combing the ElGamal encryption technique with a modified Schnorr signature technique, the proposed scheme provides secure anonymous authentication process for encrypted message in the vehicle-to-infrastructure communication model, and achieves identity privacy, forward security, and reply attack resistance simultaneously. Moreover, except the trusted authority (TA), any outside entity cannot trace the real identity of an intelligent vehicle. The proposed scheme is designed on an identity-based system, which can remove the costs of establishing public key infrastructure (PKI) and certificates management. Compared with existing authentication schemes, the proposed scheme is much more practical in intelligent VANETs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.491-500
• /
• 2013

With the advent of big data and increased costs of SSD(HDD), domestic and foreign Internet cafes and organizations have adopted NDS(No Disk System) solution recently. NDS is a storage virtualization solution based on a kind of cloud computing. It manages Operating System and applications in the central server, which were originally managed by individual computers. This research will illustrate the way to analyze user's behaviors under NDS circumstance.

• Journal of Information Technology and Architecture
• /
• v.11 no.2
• /
• pp.143-155
• /
• 2014

In recent years, domestic electronics, banking, electricity, services, manufacturing, pharmaceutical, corporate type and malicious hackers is corporate security through the accident occurred and the resulting loss of corporate information and the damage each year is steadily increasing. Many companies have responded to domestic business activities and to protect critical information related to laptops, smart phones, tablets, and introduced a variety of Endpoint security solutions within. However, being introduced to senselessly Endpoint security solution across the over-budget, with the same features and performance, such as conflicts and problems arise, resulting in additional maintenance costs, in an effort to resolve the conflict in the operational security of the IT department's new difficulty in becoming. Here is the introduction and operation of these Endpoint security solutions in order to solve the problem on employees's PC into the center of the information security governance based on Endpoint security solution to provide the process for determining the solutions presented.